johno/nixos-configs
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: johno:main
Branches Tags
johno:main johno:ash/plasma-bigscreen johno:fix/ci-skip-cached-packages johno:polecat/dust/x-fqaob@mlfbyrhb johno:polecat/fury/x-iyz0w@mlecbczk johno:polecat/nitro/x-xiiep@mlebx809 johno:polecat/shiny/x-qdkuu@mlec8nfv johno:polecat/guzzle/x-xiiep@mlec0has johno:polecat/chrome/x-ymkgu@mlebby8e johno:polecat/rust/x-lnr8g@mlebamik johno:polecat/rust/x-0cf@ml2ye219 johno:polecat/rust/hq-0h1p9m@ml2ugjq1 johno:renovate/lock-file-maintenance johno:polecat/rust/x-nyo@mkoso6ie johno:polecat/chrome/nix-6pi@mkiwlml9 johno:beads-sync johno:bead/nixos-configs-w0v johno:bead/nixos-configs-wgw johno:bead/nixos-configs-apu johno:bead/nixos-configs-g4n johno:bead/nixos-configs-9eq johno:bead/nixos-configs-4ht johno:bead/nixos-configs-cto johno:bead/nixos-configs-2mk johno:bead/nixos-configs-0vf johno:fix/mu4e-email-body-nixos-configs-9l8 johno:bead/nixos-configs-fkt johno:bead/nixos-configs-tcu johno:bead/nixos-configs-u81 johno:bead/nixos-configs-alr johno:bead/nixos-configs-vru johno:bead/nixos-configs-pea johno:bead/nixos-configs-ek5 johno:bead/nixos-configs-bli johno:bead/nixos-configs-tdf johno:bead/nixos-configs-2hq johno:bead/nixos-configs-85h johno:bead/nixos-configs-7hd johno:bead/nixos-configs-is4 johno:bead/nixos-configs-0ov johno:bead/nixos-configs-v2v johno:feat/prebuilt-doom-usb-nixos-configs-1wd johno:feat/starship-prompt-nixos-configs-uji johno:feature/sendspin-cli-package johno:25.11 johno:nix-deck-setup johno:boxy-app-launcher johno:btrfs-role johno:convert-nixbook-to-btrfs johno:add-liveusb johno:shared-steam-library johno:add-steam-streaming-sleep-inhibitor johno:kodi-add-kdeconnect johno:kodi-updates johno:kodi-hdr johno:spotifyd johno:plasma-manager johno:fix-kodi-wayland johno:k3s johno:sway johno:kodi-to-wayland johno:home-manager-as-nixos-module
..
compare: johno:f8490fd32a65a93945d38ddb157f6984edc5fc90
Branches Tags
johno:main johno:ash/plasma-bigscreen johno:fix/ci-skip-cached-packages johno:polecat/dust/x-fqaob@mlfbyrhb johno:polecat/fury/x-iyz0w@mlecbczk johno:polecat/nitro/x-xiiep@mlebx809 johno:polecat/shiny/x-qdkuu@mlec8nfv johno:polecat/guzzle/x-xiiep@mlec0has johno:polecat/chrome/x-ymkgu@mlebby8e johno:polecat/rust/x-lnr8g@mlebamik johno:polecat/rust/x-0cf@ml2ye219 johno:polecat/rust/hq-0h1p9m@ml2ugjq1 johno:renovate/lock-file-maintenance johno:polecat/rust/x-nyo@mkoso6ie johno:polecat/chrome/nix-6pi@mkiwlml9 johno:beads-sync johno:bead/nixos-configs-w0v johno:bead/nixos-configs-wgw johno:bead/nixos-configs-apu johno:bead/nixos-configs-g4n johno:bead/nixos-configs-9eq johno:bead/nixos-configs-4ht johno:bead/nixos-configs-cto johno:bead/nixos-configs-2mk johno:bead/nixos-configs-0vf johno:fix/mu4e-email-body-nixos-configs-9l8 johno:bead/nixos-configs-fkt johno:bead/nixos-configs-tcu johno:bead/nixos-configs-u81 johno:bead/nixos-configs-alr johno:bead/nixos-configs-vru johno:bead/nixos-configs-pea johno:bead/nixos-configs-ek5 johno:bead/nixos-configs-bli johno:bead/nixos-configs-tdf johno:bead/nixos-configs-2hq johno:bead/nixos-configs-85h johno:bead/nixos-configs-7hd johno:bead/nixos-configs-is4 johno:bead/nixos-configs-0ov johno:bead/nixos-configs-v2v johno:feat/prebuilt-doom-usb-nixos-configs-1wd johno:feat/starship-prompt-nixos-configs-uji johno:feature/sendspin-cli-package johno:25.11 johno:nix-deck-setup johno:boxy-app-launcher johno:btrfs-role johno:convert-nixbook-to-btrfs johno:add-liveusb johno:shared-steam-library johno:add-steam-streaming-sleep-inhibitor johno:kodi-add-kdeconnect johno:kodi-updates johno:kodi-hdr johno:spotifyd johno:plasma-manager johno:fix-kodi-wayland johno:k3s johno:sway johno:kodi-to-wayland johno:home-manager-as-nixos-module

2 Commits
main ... f8490fd32a

Author SHA1 Message Date
John Ogle
f8490fd32a feat(skills): Add batch research+plan skill for multiple beads
Some checks failed
CI / check (pull_request) Has been cancelled
Details
2026-01-14 13:53:42 -08:00
John Ogle
352c89756f Remove wixos (WSL) configuration
All checks were successful
CI / check (pull_request) Successful in 2m56s
Details 
WSL is no longer used. This removes:
- machines/wixos/ directory and configuration.nix
- nixos-wsl input from flake.nix
- nixosConfigurations.wixos output
- References to wixos in AGENTS.md and .goosehints

Implements bead: nixos-configs-2mk
 2026-01-13 17:17:38 -08:00
69 changed files with 280 additions and 2704 deletions
Expand all files Collapse all files

5
.beads/.gitignore vendored
View File

@@ -32,11 +32,6 @@ beads.left.meta.json
beads.right.jsonl
beads.right.meta.json
# Sync state (local-only, per-machine)
# These files are machine-specific and should not be shared across clones
.sync.lock
sync_base.jsonl
# NOTE: Do NOT add negation patterns (e.g., !issues.jsonl) here.
# They would override fork protection in .git/info/exclude, allowing
# contributors to accidentally commit upstream issue databases.

6
.beads/config.yaml
View File

@@ -6,7 +6,7 @@
# Issue prefix for this repository (used by bd init)
# If not set, bd init will auto-detect from directory name
# Example: issue-prefix: "myproject" creates issues like "myproject-1", "myproject-2", etc.
issue-prefix: "x"
# issue-prefix: ""
# Use no-db mode: load from JSONL, no SQLite, write back after each command
# When true, bd will use .beads/issues.jsonl as the source of truth
@@ -59,6 +59,4 @@ sync-branch: "beads-sync"
# - linear.url
# - linear.api-key
# - github.org
# - github.repo
routing.mode: "explicit"
# - github.repo

0
.beads/interactions.jsonl Normal file
View File

4
.beads/metadata.json Normal file
View File

@@ -0,0 +1,4 @@
{
"database": "beads.db",
"jsonl_export": "sync_base.jsonl"
}

94
.gitea/workflows/ci.yml
View File

@@ -10,99 +10,9 @@ jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
- uses: https://git.johnogle.info/johno/gitea-actions/nix-setup@v1
- uses: https://git.johnogle.info/johno/gitea-actions/nix-setup@main
- name: Check flake
run: nix flake check
env:
NIX_CONFIG: "access-tokens = git.johnogle.info=${{ secrets.GITEA_ACCESS_TOKEN }}"
build-and-cache:
runs-on: ubuntu-latest
needs: check
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v6
- uses: https://git.johnogle.info/johno/gitea-actions/nix-setup@v1
- name: Setup SSH for cache
run: |
mkdir -p ~/.ssh
echo "${{ secrets.CACHE_SSH_KEY }}" > ~/.ssh/cache_key
chmod 600 ~/.ssh/cache_key
ssh-keyscan -H ${{ secrets.CACHE_HOST }} >> ~/.ssh/known_hosts 2>/dev/null || true
- name: Setup signing key
run: |
echo "${{ secrets.NIX_SIGNING_KEY }}" > /tmp/signing-key
chmod 600 /tmp/signing-key
- name: Build, sign, and cache all packages
run: |
PACKAGES=(
custom-claude-code
custom-app-launcher-server
custom-mcrcon-rbw
custom-tea-rbw
custom-rclone-torbox-setup
custom-beads
custom-gastown
custom-perles
qt-pinned-jellyfin-media-player
qt-pinned-stremio
nix-deck-kernel
)
FAILED=()
SKIPPED=()
for pkg in "${PACKAGES[@]}"; do
echo "::group::Building $pkg"
# Check if package is already cached by evaluating its store path and checking the remote
OUT_PATH=$(nix eval ".#$pkg.outPath" --raw 2>/dev/null)
if [ -n "$OUT_PATH" ] && ssh -i ~/.ssh/cache_key ${{ secrets.CACHE_USER }}@${{ secrets.CACHE_HOST }} \
"nix path-info '$OUT_PATH' >/dev/null 2>&1"; then
echo "⏭ $pkg already cached ($OUT_PATH), skipping"
SKIPPED+=("$pkg")
echo "::endgroup::"
continue
fi
# --cores 2 limits parallel jobs to reduce RAM pressure on john-endesktop
if BUILD_OUTPUT=$(nix build ".#$pkg" --no-link --print-out-paths --cores 2 2>&1); then
OUT_PATH=$(echo "$BUILD_OUTPUT" | grep '^/nix/store/' | tail -1)
echo "$BUILD_OUTPUT"
echo "Store path: $OUT_PATH"
# Sign the closure
nix store sign --key-file /tmp/signing-key -r "$OUT_PATH"
# Push to cache
nix copy --to "ssh-ng://${{ secrets.CACHE_USER }}@${{ secrets.CACHE_HOST }}?ssh-key=$HOME/.ssh/cache_key" "$OUT_PATH"
# Create GC root to prevent garbage collection
OUT_HASH=$(basename "$OUT_PATH" | cut -d'-' -f1)
ssh -i ~/.ssh/cache_key ${{ secrets.CACHE_USER }}@${{ secrets.CACHE_HOST }} \
"mkdir -p /nix/var/nix/gcroots/ci-cache && ln -sfn $OUT_PATH /nix/var/nix/gcroots/ci-cache/${OUT_HASH}"
echo "✓ $pkg cached successfully"
else
echo "✗ $pkg failed to build"
FAILED+=("$pkg")
fi
echo "::endgroup::"
done
if [ ${#SKIPPED[@]} -gt 0 ]; then
echo "Skipped (already cached): ${SKIPPED[*]}"
fi
if [ ${#FAILED[@]} -gt 0 ]; then
echo "::error::Failed packages: ${FAILED[*]}"
exit 1
fi
env:
NIX_CONFIG: "access-tokens = git.johnogle.info=${{ secrets.GITEA_ACCESS_TOKEN }}"

5
.gitignore vendored
View File

@@ -1,8 +1,3 @@
result
thoughts
.beads
# Gas Town (added by gt)
.runtime/
.claude/
.logs/

140
flake.lock generated
View File

@@ -2,16 +2,17 @@
"nodes": {
"beads": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs-unstable"
]
},
"locked": {
"lastModified": 1773070962,
"narHash": "sha256-kHZXx+kygpVholOBsuQocCtksHo5ZWYskP64qK2Kjh0=",
"lastModified": 1767911810,
"narHash": "sha256-0L4ATr01UsmBC0rSW62VIMVVSUihAQu2+ZOoHk9BQnA=",
"owner": "steveyegge",
"repo": "beads",
"rev": "9604d30b7c746f9f04f6dea5f82996f71bb66073",
"rev": "28ff9fe9919a9665a0f00f5b3fcd084b43fb6cc3",
"type": "github"
},
"original": {
@@ -23,11 +24,11 @@
"doomemacs": {
"flake": false,
"locked": {
"lastModified": 1772615218,
"narHash": "sha256-z+3c0AGkrMf1xZ+pq57aVp4Zo4KsqFMIjEVzSZinghc=",
"lastModified": 1767773143,
"narHash": "sha256-QL/t9v2kFNxBDyNJb/s411o3mxujan+QX5IZglTdpTk=",
"owner": "doomemacs",
"repo": "doomemacs",
"rev": "d23bbe87721c61f4d5a605f2914b32780bb89949",
"rev": "3e15fb36d7f94f0a218bda977be4d3f5da983a71",
"type": "github"
},
"original": {
@@ -46,11 +47,11 @@
]
},
"locked": {
"lastModified": 1772706147,
"narHash": "sha256-C0UMYQg3KBU6+L8TLfQ/s60O6/Tiu/JpN8C/WiIH9DU=",
"lastModified": 1768011937,
"narHash": "sha256-SnU2XTo34vwVaijs+4VwcXTNwMWO4nwzzs08N39UagA=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "54af2ae96631311dc4d2686a07e4f472fb36f516",
"rev": "79abf71d9897cf3b5189f7175cda1b1102abc65c",
"type": "github"
},
"original": {
@@ -77,30 +78,6 @@
"type": "github"
}
},
"gastown": {
"inputs": {
"beads": [
"beads"
],
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs-unstable"
]
},
"locked": {
"lastModified": 1773088127,
"narHash": "sha256-gJFayiBYrF0Q99AOQH29uq0Mli8KRfwReYeAh5H5evY=",
"owner": "steveyegge",
"repo": "gastown",
"rev": "8da798be0663af74be7960844b90038e51769203",
"type": "github"
},
"original": {
"owner": "steveyegge",
"repo": "gastown",
"type": "github"
}
},
"google-cookie-retrieval": {
"inputs": {
"nixpkgs": [
@@ -108,11 +85,11 @@
]
},
"locked": {
"lastModified": 1768846578,
"narHash": "sha256-82f/+e8HAwmBukiLlr7I3HYvM/2GCd5SOc+BC+qzsOQ=",
"lastModified": 1761423376,
"narHash": "sha256-pMy3cnUFfue4vz/y0jx71BfcPGxZf+hk/DtnzWvfU0c=",
"ref": "refs/heads/main",
"rev": "c11ff9d3c67372a843a0fa6bf23132e986bd6955",
"revCount": 14,
"rev": "a1f695665771841a988afc965526cbf99160cd77",
"revCount": 11,
"type": "git",
"url": "https://git.johnogle.info/johno/google-cookie-retrieval.git"
},
@@ -128,11 +105,11 @@
]
},
"locked": {
"lastModified": 1772633058,
"narHash": "sha256-SO7JapRy2HPhgmqiLbfnW1kMx5rakPMKZ9z3wtRLQjI=",
"lastModified": 1767514898,
"narHash": "sha256-ONYqnKrPzfKEEPChoJ9qPcfvBqW9ZgieDKD7UezWPg4=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "080657a04188aca25f8a6c70a0fb2ea7e37f1865",
"rev": "7a06e8a2f844e128d3b210a000a62716b6040b7f",
"type": "github"
},
"original": {
@@ -149,11 +126,11 @@
]
},
"locked": {
"lastModified": 1772633327,
"narHash": "sha256-jl+DJB2DUx7EbWLRng+6HNWW/1/VQOnf0NsQB4PlA7I=",
"lastModified": 1767556355,
"narHash": "sha256-RDTUBDQBi9D4eD9iJQWtUDN/13MDLX+KmE+TwwNUp2s=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "5a75730e6f21ee624cbf86f4915c6e7489c74acc",
"rev": "f894bc4ffde179d178d8deb374fcf9855d1a82b7",
"type": "github"
},
"original": {
@@ -171,11 +148,11 @@
]
},
"locked": {
"lastModified": 1772517207,
"narHash": "sha256-qxHfxqbigqBTn//U4leIS5he22Wp1GS0+zmwGV7Pozs=",
"lastModified": 1767082077,
"narHash": "sha256-2tL1mRb9uFJThUNfuDm/ehrnPvImL/QDtCxfn71IEz4=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "7ca1501c2d80900b5967baea4d42581f84b388dd",
"rev": "efd4b22e6fdc6d7fb4e186ae333a4b74e03da440",
"type": "github"
},
"original": {
@@ -191,11 +168,11 @@
]
},
"locked": {
"lastModified": 1772129556,
"narHash": "sha256-Utk0zd8STPsUJPyjabhzPc5BpPodLTXrwkpXBHYnpeg=",
"lastModified": 1765066094,
"narHash": "sha256-0YSU35gfRFJzx/lTGgOt6ubP8K6LeW0vaywzNNqxkl4=",
"owner": "nix-darwin",
"repo": "nix-darwin",
"rev": "ebec37af18215214173c98cf6356d0aca24a2585",
"rev": "688427b1aab9afb478ca07989dc754fa543e03d5",
"type": "github"
},
"original": {
@@ -213,11 +190,11 @@
"systems": "systems_2"
},
"locked": {
"lastModified": 1772716420,
"narHash": "sha256-T3UEKNTGqBl44AQ0+0OIpiWMXeQ8+4QW/akSc4yeL2A=",
"lastModified": 1768034604,
"narHash": "sha256-62pIZMvGHhYJmMiiBsxHqZt/dFyENPcFHlJq5NJF3Sw=",
"owner": "marienz",
"repo": "nix-doom-emacs-unstraightened",
"rev": "be3ecb81a85be302e27d46ff32a1e251e444327d",
"rev": "9b3b8044fe4ccdcbb2d6f733d7dbe4d5feea18bc",
"type": "github"
},
"original": {
@@ -250,27 +227,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1772598333,
"narHash": "sha256-YaHht/C35INEX3DeJQNWjNaTcPjYmBwwjFJ2jdtr+5U=",
"lastModified": 1767480499,
"narHash": "sha256-8IQQUorUGiSmFaPnLSo2+T+rjHtiNWc+OAzeHck7N48=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "fabb8c9deee281e50b1065002c9828f2cf7b2239",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-qt": {
"locked": {
"lastModified": 1772598333,
"narHash": "sha256-YaHht/C35INEX3DeJQNWjNaTcPjYmBwwjFJ2jdtr+5U=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "fabb8c9deee281e50b1065002c9828f2cf7b2239",
"rev": "30a3c519afcf3f99e2c6df3b359aec5692054d92",
"type": "github"
},
"original": {
@@ -282,11 +243,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1772624091,
"narHash": "sha256-QKyJ0QGWBn6r0invrMAK8dmJoBYWoOWy7lN+UHzW1jc=",
"lastModified": 1767379071,
"narHash": "sha256-EgE0pxsrW9jp9YFMkHL9JMXxcqi/OoumPJYwf+Okucw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "80bdc1e5ce51f56b19791b52b2901187931f5353",
"rev": "fb7944c166a3b630f177938e478f0378e64ce108",
"type": "github"
},
"original": {
@@ -296,22 +257,6 @@
"type": "github"
}
},
"perles": {
"flake": false,
"locked": {
"lastModified": 1772661365,
"narHash": "sha256-kMlvIpfGMBkN5D1W0O1fcqUiH3dyobcH0GRRLCX7GGo=",
"owner": "zjrosen",
"repo": "perles",
"rev": "326ff1938dfe073daab7939762ce2f44c2ee74a1",
"type": "github"
},
"original": {
"owner": "zjrosen",
"repo": "perles",
"type": "github"
}
},
"plasma-manager": {
"inputs": {
"home-manager": [
@@ -322,11 +267,11 @@
]
},
"locked": {
"lastModified": 1772361940,
"narHash": "sha256-B1Cz+ydL1iaOnGlwOFld/C8lBECPtzhiy/pP93/CuyY=",
"lastModified": 1763909441,
"narHash": "sha256-56LwV51TX/FhgX+5LCG6akQ5KrOWuKgcJa+eUsRMxsc=",
"owner": "nix-community",
"repo": "plasma-manager",
"rev": "a4b33606111c9c5dcd10009042bb710307174f51",
"rev": "b24ed4b272256dfc1cc2291f89a9821d5f9e14b4",
"type": "github"
},
"original": {
@@ -345,11 +290,11 @@
]
},
"locked": {
"lastModified": 1772361940,
"narHash": "sha256-B1Cz+ydL1iaOnGlwOFld/C8lBECPtzhiy/pP93/CuyY=",
"lastModified": 1763909441,
"narHash": "sha256-56LwV51TX/FhgX+5LCG6akQ5KrOWuKgcJa+eUsRMxsc=",
"owner": "nix-community",
"repo": "plasma-manager",
"rev": "a4b33606111c9c5dcd10009042bb710307174f51",
"rev": "b24ed4b272256dfc1cc2291f89a9821d5f9e14b4",
"type": "github"
},
"original": {
@@ -361,7 +306,6 @@
"root": {
"inputs": {
"beads": "beads",
"gastown": "gastown",
"google-cookie-retrieval": "google-cookie-retrieval",
"home-manager": "home-manager",
"home-manager-unstable": "home-manager-unstable",
@@ -369,9 +313,7 @@
"nix-darwin": "nix-darwin",
"nix-doom-emacs-unstraightened": "nix-doom-emacs-unstraightened",
"nixpkgs": "nixpkgs",
"nixpkgs-qt": "nixpkgs-qt",
"nixpkgs-unstable": "nixpkgs-unstable",
"perles": "perles",
"plasma-manager": "plasma-manager",
"plasma-manager-unstable": "plasma-manager-unstable"
}

120
flake.nix
View File

@@ -4,9 +4,6 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# Separate nixpkgs for qt5webengine-dependent packages (jellyfin-media-player, etc.)
# Updates on separate Renovate schedule to avoid massive qt rebuilds
nixpkgs-qt.url = "github:nixos/nixpkgs/nixos-25.11";
nix-darwin = {
url = "github:nix-darwin/nix-darwin/nix-darwin-25.11";
@@ -50,17 +47,6 @@
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
gastown = {
url = "github:steveyegge/gastown";
inputs.nixpkgs.follows = "nixpkgs-unstable";
inputs.beads.follows = "beads";
};
perles = {
url = "github:zjrosen/perles";
flake = false; # No flake.nix upstream yet
};
nix-doom-emacs-unstraightened = {
url = "github:marienz/nix-doom-emacs-unstraightened";
# Don't follow nixpkgs to avoid rebuild issues with emacs-overlay
@@ -78,14 +64,6 @@
config.allowUnfree = true;
overlays = unstableOverlays;
};
# Separate nixpkgs for qt5webengine-heavy packages to avoid rebuild churn
qt-pinned = import inputs.nixpkgs-qt {
system = prev.stdenv.hostPlatform.system;
config = {
allowUnfree = true;
permittedInsecurePackages = [ "qtwebengine-5.15.19" ];
};
};
custom = prev.callPackage ./packages {};
# Compatibility: bitwarden renamed to bitwarden-desktop in unstable
bitwarden-desktop = prev.bitwarden-desktop or prev.bitwarden;
@@ -106,33 +84,11 @@
};
# Shared unstable overlays for custom package builds
customUnstableOverlays = [
# Override claude-code in unstable to use our custom GCS-based build
# (needed for corporate networks that block npm registry)
(ufinal: uprev: {
claude-code = uprev.callPackage ./packages/claude-code {};
})
# Pin dolt to v1.82.4 (gastown requires >= 1.82.4)
(ufinal: uprev: {
dolt = uprev.dolt.overrideAttrs (old: rec {
version = "1.82.4";
src = uprev.fetchFromGitHub {
owner = "dolthub";
repo = "dolt";
tag = "v${version}";
hash = "sha256-mavL3y+Kv25hzFlDFXk7W/jeKVKlCBjlc67GkL3Jcwk=";
};
vendorHash = "sha256-K1KzsqptZxO5OraWKIXeqKuVSzb6E/Mjy3c5PQ7Rs9k=";
});
})
];
nixosModules = [
./roles
inputs.home-manager.nixosModules.home-manager
{
nixpkgs.overlays = [ (mkBaseOverlay { unstableOverlays = customUnstableOverlays; }) ];
nixpkgs.overlays = [ (mkBaseOverlay {}) ];
}
(mkHomeManagerConfig {
sharedModules = [ inputs.plasma-manager.homeModules.plasma-manager ];
@@ -145,7 +101,7 @@
inputs.home-manager-unstable.nixosModules.home-manager
inputs.jovian.nixosModules.jovian
{
nixpkgs.overlays = [ (mkBaseOverlay { unstableOverlays = customUnstableOverlays; }) ];
nixpkgs.overlays = [ (mkBaseOverlay {}) ];
}
(mkHomeManagerConfig {
sharedModules = [ inputs.plasma-manager-unstable.homeModules.plasma-manager ];
@@ -156,7 +112,17 @@
./roles/darwin.nix
inputs.home-manager.darwinModules.home-manager
{
nixpkgs.overlays = [ (mkBaseOverlay { unstableOverlays = customUnstableOverlays; }) ];
nixpkgs.overlays = [
(mkBaseOverlay {
# Override claude-code in unstable to use our custom GCS-based build
# (needed for corporate networks that block npm registry)
unstableOverlays = [
(ufinal: uprev: {
claude-code = uprev.callPackage ./packages/claude-code {};
})
];
})
];
}
(mkHomeManagerConfig { sharedModules = []; })
];
@@ -196,16 +162,7 @@
modules = nixosModules ++ [
./machines/zix790prors/configuration.nix
{
home-manager.users.johno = {
imports = [ ./home/home-desktop.nix ];
home.roles.i3_sway.extraSwayConfig = {
output = {
"DP-1" = {
mode = "3440x1440@164.900Hz";
};
};
};
};
home-manager.users.johno = import ./home/home-desktop.nix;
home-manager.extraSpecialArgs = { inherit system; };
}
];
@@ -249,7 +206,7 @@
};
# Darwin/macOS configurations
darwinConfigurations."BLKFV4YF49KT7" = inputs.nix-darwin.lib.darwinSystem rec {
darwinConfigurations."blkfv4yf49kt7" = inputs.nix-darwin.lib.darwinSystem rec {
system = "aarch64-darwin";
modules = darwinModules ++ [
./machines/johno-macbookpro/configuration.nix
@@ -260,53 +217,6 @@
];
};
# Packages for CI caching (custom packages, flake inputs, and qt-pinned)
packages = nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system:
let
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [ (mkBaseOverlay {}) ];
};
pkgsQt = import inputs.nixpkgs-qt {
inherit system;
config = {
allowUnfree = true;
permittedInsecurePackages = [ "qtwebengine-5.15.19" ];
};
};
# Version strings for flake input packages
beadsRev = builtins.substring 0 8 (inputs.beads.rev or "unknown");
gastownRev = builtins.substring 0 8 (inputs.gastown.rev or "unknown");
in {
"custom-claude-code" = pkgs.custom.claude-code;
"custom-app-launcher-server" = pkgs.custom.app-launcher-server;
"custom-mcrcon-rbw" = pkgs.custom.mcrcon-rbw;
"custom-tea-rbw" = pkgs.custom.tea-rbw;
"custom-rclone-torbox-setup" = pkgs.custom.rclone-torbox-setup;
"qt-pinned-jellyfin-media-player" = pkgsQt.jellyfin-media-player;
"qt-pinned-stremio" = pkgsQt.stremio;
# Flake input packages (beads, gastown) - these get version from input rev
"custom-beads" = pkgs.callPackage ./packages/beads {
inherit (pkgs.unstable) buildGoModule;
src = inputs.beads;
version = "0.52.0-${beadsRev}";
};
"custom-gastown" = pkgs.callPackage ./packages/gastown {
src = inputs.gastown;
version = "unstable-${gastownRev}";
};
"custom-perles" = pkgs.callPackage ./packages/perles {
inherit (pkgs.unstable) buildGoModule;
src = inputs.perles;
version = "unstable-${builtins.substring 0 8 (inputs.perles.rev or "unknown")}";
};
} // (if system == "x86_64-linux" then {
# nix-deck kernel from Jovian-NixOS (Steam Deck) - expensive to build
"nix-deck-kernel" = self.nixosConfigurations.nix-deck.config.boot.kernelPackages.kernel;
} else {})
);
# Flake apps
apps = nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" ] (system:
let

2
home/home-darwin-work.nix
View File

@@ -107,7 +107,7 @@
aerospace = {
enable = true;
leader = "cmd";
ctrlShortcuts.enable = false;
ctrlShortcuts.enable = true;
sketchybar.enable = true;
# Optional: Add per-machine userSettings overrides
# userSettings = {

1
home/home-desktop.nix
View File

@@ -10,7 +10,6 @@
home.roles = {
"3d-printing".enable = true;
base.enable = true;
gaming.enable = true;
desktop.enable = true;
emacs.enable = true;
email.enable = true;

1
home/home-kodi.nix
View File

@@ -12,7 +12,6 @@
home.roles = {
base.enable = true;
plasma-manager-kodi.enable = true;
kdeconnect.enable = true;
};
home.packages = with pkgs; [

1
home/home-laptop-compact.nix
View File

@@ -12,7 +12,6 @@
home.roles = {
base.enable = true;
desktop.enable = true;
gaming.enable = true;
development.enable = true;
communication.enable = true;
email.enable = true;

1
home/home-media-center.nix
View File

@@ -12,7 +12,6 @@
home.roles = {
base.enable = true;
desktop.enable = true;
gaming.enable = true;
media.enable = true;
communication.enable = true;
kdeconnect.enable = true;

4
home/roles/aerospace/default.nix
View File

@@ -632,9 +632,7 @@ in
text = ''
#!/bin/bash
# Monitor /System/Volumes/Data which contains user data on APFS
# The root / is a read-only snapshot with minimal usage
DISK_USAGE=$(df -H /System/Volumes/Data | grep -v Filesystem | awk '{print $5}')
DISK_USAGE=$(df -H / | grep -v Filesystem | awk '{print $5}')
${pkgs.sketchybar}/bin/sketchybar --set $NAME label="$DISK_USAGE"
'';

1
home/roles/base/default.nix
View File

@@ -22,7 +22,6 @@ in
shellcheck
tmux
tree
watch
];
# Automatic garbage collection for user profile (home-manager generations).

9
home/roles/communication/default.nix
View File

@@ -4,7 +4,6 @@ with lib;
let
cfg = config.home.roles.communication;
isLinux = pkgs.stdenv.isLinux;
in
{
options.home.roles.communication = {
@@ -13,14 +12,14 @@ in
config = mkIf cfg.enable {
home.packages = [
# For logging back into google chat (cross-platform)
globalInputs.google-cookie-retrieval.packages.${system}.default
] ++ optionals isLinux [
# Linux-only communication apps (Electron apps don't build on Darwin)
# Communication apps
pkgs.element-desktop
# Re-enabled in 25.11 after security issues were resolved
pkgs.fluffychat
pkgs.nextcloud-talk-desktop
# For logging back into google chat
globalInputs.google-cookie-retrieval.packages.${system}.default
];
};
}

159
home/roles/desktop/default.nix
View File

@@ -4,7 +4,6 @@ with lib;
let
cfg = config.home.roles.desktop;
isLinux = pkgs.stdenv.isLinux;
in
{
options.home.roles.desktop = {
@@ -13,63 +12,61 @@ in
config = mkIf cfg.enable {
home.packages = with pkgs; [
# Cross-platform desktop applications
# Desktop applications
bitwarden-desktop
keepassxc
xdg-utils # XDG utilities for opening files/URLs with default applications
] ++ optionals isLinux [
# Linux-only desktop applications
dunst
keepassxc
unstable.ghostty
# Linux-only desktop utilities
# Desktop utilities
feh # Image viewer and wallpaper setter for X11
rofi # Application launcher for X11
solaar # Logitech management software
waybar
wofi # Application launcher for Wayland
# Linux-only system utilities with GUI components
xdg-utils # XDG utilities for opening files/URLs with default applications
# System utilities with GUI components
(snapcast.override { pulseaudioSupport = true; })
# KDE tiling window management (Linux-only)
# KDE tiling window management
kdePackages.krohnkite # Dynamic tiling extension for KWin 6
# KDE PIM applications for email, calendar, and contacts (Linux-only)
# KDE PIM applications for email, calendar, and contacts
kdePackages.kmail
kdePackages.kmail-account-wizard
kdePackages.kmailtransport
kdePackages.korganizer
kdePackages.kaddressbook
kdePackages.kontact
# KDE System components needed for proper integration (Linux-only)
# KDE System components needed for proper integration
kdePackages.kded
kdePackages.systemsettings
kdePackages.kmenuedit
# Desktop menu support (Linux-only)
# Desktop menu support
kdePackages.plasma-desktop # Contains applications.menu
# KDE Online Accounts support (Linux-only)
# KDE Online Accounts support
kdePackages.kaccounts-integration
kdePackages.kaccounts-providers
kdePackages.signond
# KDE Mapping (Linux-only)
# KDE Mapping
kdePackages.marble # Virtual globe and world atlas
# KDE Productivity (Linux-only)
# KDE Productivity
kdePackages.kate # Advanced text editor with syntax highlighting
kdePackages.okular # Universal document viewer (PDF, ePub, etc.)
kdePackages.spectacle # Screenshot capture utility
kdePackages.filelight # Visual disk usage analyzer
# KDE Multimedia (Linux-only)
# KDE Multimedia
kdePackages.gwenview # Image viewer and basic editor
kdePackages.elisa # Music player
# KDE System Utilities (Linux-only)
# KDE System Utilities
kdePackages.ark # Archive manager (zip, tar, 7z, etc.)
kdePackages.yakuake # Drop-down terminal emulator
];
@@ -80,66 +77,61 @@ in
programs.spotify-player.enable = true;
# Linux-only: GNOME keyring service
services.gnome-keyring = mkIf isLinux {
services.gnome-keyring = {
enable = true;
};
# Linux-only: systemd user services for rbw vault unlock
systemd.user.services = mkIf isLinux {
# rbw vault unlock on login
rbw-unlock-on-login = {
Unit = {
Description = "Unlock rbw vault at login";
After = [ "graphical-session.target" ];
};
Service = {
Type = "oneshot";
ExecStart = "${pkgs.rbw}/bin/rbw unlock";
Environment = "RBW_AGENT=${pkgs.rbw}/bin/rbw-agent";
# KillMode = "process" prevents systemd from killing the rbw-agent daemon
# when this oneshot service completes. The agent is spawned by rbw unlock
# and needs to persist after the service exits.
KillMode = "process";
};
Install = {
WantedBy = [ "graphical-session.target" ];
};
# rbw vault unlock on login and resume from suspend
systemd.user.services.rbw-unlock-on-login = {
Unit = {
Description = "Unlock rbw vault at login";
After = [ "graphical-session.target" ];
};
# rbw vault unlock on resume from suspend
rbw-unlock-on-resume = {
Unit = {
Description = "Unlock rbw vault after resume from suspend";
After = [ "suspend.target" ];
};
Service = {
Type = "oneshot";
ExecStart = "${pkgs.rbw}/bin/rbw unlock";
Environment = "RBW_AGENT=${pkgs.rbw}/bin/rbw-agent";
# KillMode = "process" prevents systemd from killing the rbw-agent daemon
# when this oneshot service completes. The agent is spawned by rbw unlock
# and needs to persist after the service exits.
KillMode = "process";
};
Install = {
WantedBy = [ "suspend.target" ];
};
Service = {
Type = "oneshot";
ExecStart = "${pkgs.rbw}/bin/rbw unlock";
Environment = "RBW_AGENT=${pkgs.rbw}/bin/rbw-agent";
# KillMode = "process" prevents systemd from killing the rbw-agent daemon
# when this oneshot service completes. The agent is spawned by rbw unlock
# and needs to persist after the service exits.
KillMode = "process";
};
Install = {
WantedBy = [ "graphical-session.target" ];
};
};
# Linux-only: KDE environment variables for proper integration
home.sessionVariables = mkIf isLinux {
systemd.user.services.rbw-unlock-on-resume = {
Unit = {
Description = "Unlock rbw vault after resume from suspend";
After = [ "suspend.target" ];
};
Service = {
Type = "oneshot";
ExecStart = "${pkgs.rbw}/bin/rbw unlock";
Environment = "RBW_AGENT=${pkgs.rbw}/bin/rbw-agent";
# KillMode = "process" prevents systemd from killing the rbw-agent daemon
# when this oneshot service completes. The agent is spawned by rbw unlock
# and needs to persist after the service exits.
KillMode = "process";
};
Install = {
WantedBy = [ "suspend.target" ];
};
};
# KDE environment variables for proper integration
home.sessionVariables = {
QT_QPA_PLATFORMTHEME = "kde";
KDE_SESSION_VERSION = "6";
};
xdg = {
enable = true;
# Ensure desktop files are made available for discovery
desktopEntries = {}; # This creates the desktop files directory structure
mimeApps = {
enable = true;
associations.added = {
@@ -149,14 +141,13 @@ in
"x-scheme-handler/https" = "firefox.desktop";
};
defaultApplications = {
# Web browsers (cross-platform)
# Web browsers
"text/html" = "firefox.desktop";
"x-scheme-handler/http" = "firefox.desktop";
"x-scheme-handler/https" = "firefox.desktop";
"x-scheme-handler/about" = "firefox.desktop";
"x-scheme-handler/unknown" = "firefox.desktop";
} // optionalAttrs isLinux {
# Linux-only: KDE application associations
# Documents
"application/pdf" = "okular.desktop";
"text/plain" = "kate.desktop";
@@ -164,7 +155,7 @@ in
"text/x-c" = "kate.desktop";
"text/x-python" = "kate.desktop";
"application/x-shellscript" = "kate.desktop";
# Images
"image/png" = "gwenview.desktop";
"image/jpeg" = "gwenview.desktop";
@@ -173,25 +164,25 @@ in
"image/bmp" = "gwenview.desktop";
"image/tiff" = "gwenview.desktop";
"image/webp" = "gwenview.desktop";
# Archives
"application/zip" = "ark.desktop";
"application/x-tar" = "ark.desktop";
"application/x-compressed-tar" = "ark.desktop";
"application/x-7z-compressed" = "ark.desktop";
"application/x-rar" = "ark.desktop";
# Audio
"audio/mpeg" = "elisa.desktop";
"audio/mp4" = "elisa.desktop";
"audio/flac" = "elisa.desktop";
"audio/ogg" = "elisa.desktop";
"audio/wav" = "elisa.desktop";
# Email
"message/rfc822" = "kmail.desktop";
"x-scheme-handler/mailto" = "kmail.desktop";
# Calendar
"text/calendar" = "korganizer.desktop";
"application/x-vnd.akonadi.calendar.event" = "korganizer.desktop";
@@ -199,11 +190,9 @@ in
};
};
# Linux-only: Fix for KDE applications.menu file issue on Plasma 6
# Fix for KDE applications.menu file issue on Plasma 6
# KDE still looks for applications.menu but Plasma 6 renamed it to plasma-applications.menu
xdg.configFile."menus/applications.menu" = mkIf isLinux {
source = "${pkgs.kdePackages.plasma-workspace}/etc/xdg/menus/plasma-applications.menu";
};
xdg.configFile."menus/applications.menu".source = "${pkgs.kdePackages.plasma-workspace}/etc/xdg/menus/plasma-applications.menu";
# Note: modules must be imported at top-level home config
};

148
home/roles/development/default.nix
View File

@@ -5,27 +5,6 @@ with lib;
let
cfg = config.home.roles.development;
# Build beads and gastown from flake inputs using shared package definitions
beadsRev = builtins.substring 0 8 (globalInputs.beads.rev or "unknown");
beadsPackage = pkgs.callPackage ../../../packages/beads {
src = globalInputs.beads;
version = "0.52.0-${beadsRev}";
};
gastownRev = builtins.substring 0 8 (globalInputs.gastown.rev or "unknown");
gastownPackage = pkgs.callPackage ../../../packages/gastown {
src = globalInputs.gastown;
version = "unstable-${gastownRev}";
};
# Build perles from flake input using shared package definition
perlesRev = builtins.substring 0 8 (globalInputs.perles.rev or "unknown");
perlesPackage = pkgs.callPackage ../../../packages/perles {
inherit (pkgs.unstable) buildGoModule;
src = globalInputs.perles;
version = "unstable-${perlesRev}";
};
# Fetch the claude-plugins repository (for humanlayer commands/agents)
# Update the rev to get newer versions of the commands
claudePluginsRepo = builtins.fetchGit {
@@ -36,12 +15,6 @@ let
ref = "main";
};
# Claude Code statusline: shows model, cwd, git branch, and context usage %
claudeCodeStatusLineConfig = pkgs.writeText "claude-statusline.json" (builtins.toJSON {
type = "command";
command = ''input=$(cat); model=$(echo "$input" | jq -r '.model.display_name'); cwd=$(echo "$input" | jq -r '.workspace.current_dir'); if git -C "$cwd" rev-parse --git-dir > /dev/null 2>&1; then branch=$(git -C "$cwd" --no-optional-locks rev-parse --abbrev-ref HEAD 2>/dev/null || echo ""); if [ -n "$branch" ]; then git_info=" on $branch"; else git_info=""; fi; else git_info=""; fi; usage=$(echo "$input" | jq '.context_window.current_usage'); if [ "$usage" != "null" ]; then current=$(echo "$usage" | jq '.input_tokens + .cache_creation_input_tokens + .cache_read_input_tokens'); size=$(echo "$input" | jq '.context_window.context_window_size'); pct=$((current * 100 / size)); context_info=" | ''${pct}% context"; else context_info=""; fi; printf "%s in %s%s%s" "$model" "$cwd" "$git_info" "$context_info"'';
});
in
{
options.home.roles.development = {
@@ -64,18 +37,13 @@ in
config = mkIf cfg.enable {
home.packages = [
beadsPackage
gastownPackage
perlesPackage
globalInputs.beads.packages.${system}.default
pkgs.unstable.claude-code
pkgs.unstable.claude-code-router
pkgs.unstable.codex
pkgs.unstable.dolt
pkgs.sqlite
# Custom packages
pkgs.custom.tea-rbw
pkgs.custom.pi-coding-agent
];
# Install Claude Code humanlayer command and agent plugins
@@ -84,9 +52,6 @@ in
rm -f ~/.claude/commands/humanlayer:* 2>/dev/null || true
rm -f ~/.claude/agents/humanlayer:* 2>/dev/null || true
# Remove explicitly blocked commands that may have been installed previously
rm -f ~/.claude/commands/humanlayer:create_handoff.md 2>/dev/null || true
# Create directories if they don't exist
mkdir -p ~/.claude/commands
mkdir -p ~/.claude/agents
@@ -95,21 +60,13 @@ in
for file in ${claudePluginsRepo}/humanlayer/commands/*.md; do
if [ -f "$file" ]; then
filename=$(basename "$file" .md)
# Skip blocked commands
case "$filename" in
create_handoff) continue ;;
esac
dest="$HOME/.claude/commands/humanlayer:''${filename}.md"
rm -f "$dest" 2>/dev/null || true
# Copy file and conditionally remove the "model:" line from frontmatter
${if cfg.allowArbitraryClaudeCodeModelSelection
then "cp \"$file\" \"$dest\""
else "${pkgs.gnused}/bin/sed '/^model:/d' \"$file\" > \"$dest\""
}
chmod u+w "$dest" 2>/dev/null || true
fi
done
@@ -118,19 +75,17 @@ in
if [ -f "$file" ]; then
filename=$(basename "$file" .md)
dest="$HOME/.claude/agents/humanlayer:''${filename}.md"
rm -f "$dest" 2>/dev/null || true
# Copy file and conditionally remove the "model:" line from frontmatter
${if cfg.allowArbitraryClaudeCodeModelSelection
then "cp \"$file\" \"$dest\""
else "${pkgs.gnused}/bin/sed '/^model:/d' \"$file\" > \"$dest\""
}
chmod u+w "$dest" 2>/dev/null || true
fi
done
# Copy local commands from this repo (with retry for race conditions with running Claude)
for file in ${./commands}/*.md; do
# Copy local skills from this repo (with retry for race conditions with running Claude)
for file in ${./skills}/*.md; do
if [ -f "$file" ]; then
filename=$(basename "$file" .md)
dest="$HOME/.claude/commands/''${filename}.md"
@@ -140,47 +95,14 @@ in
sleep 0.5
cp "$file" "$dest" || echo "Warning: Failed to copy $filename.md to commands"
fi
chmod u+w "$dest" 2>/dev/null || true
fi
done
# Copy local skills (reference materials) to skills subdirectory
mkdir -p ~/.claude/commands/skills
for file in ${./skills}/*.md; do
if [ -f "$file" ]; then
filename=$(basename "$file" .md)
dest="$HOME/.claude/commands/skills/''${filename}.md"
rm -f "$dest" 2>/dev/null || true
if ! cp "$file" "$dest" 2>/dev/null; then
sleep 0.5
cp "$file" "$dest" || echo "Warning: Failed to copy $filename.md to skills"
fi
chmod u+w "$dest" 2>/dev/null || true
fi
done
# Copy micro-skills (compact reusable knowledge referenced by formulas)
for file in ${./skills/micro}/*.md; do
if [ -f "$file" ]; then
dest="$HOME/.claude/commands/skills/$(basename "$file")"
rm -f "$dest" 2>/dev/null || true
cp "$file" "$dest"
chmod u+w "$dest" 2>/dev/null || true
fi
done
# Install beads formulas to user-level formula directory
mkdir -p ~/.beads/formulas
for file in ${./formulas}/*.formula.toml; do
if [ -f "$file" ]; then
dest="$HOME/.beads/formulas/$(basename "$file")"
rm -f "$dest" 2>/dev/null || true
cp "$file" "$dest"
chmod u+w "$dest" 2>/dev/null || true
fi
done
$DRY_RUN_CMD echo "Claude Code plugins installed: humanlayer commands/agents + local commands + local skills + formulas"
$DRY_RUN_CMD echo "Claude Code humanlayer commands and agents installed successfully${
if cfg.allowArbitraryClaudeCodeModelSelection
then " (model specifications preserved)"
else " (model selection removed)"
} + local skills"
'';
# Set up beads Claude Code integration (hooks for SessionStart/PreCompact)
@@ -188,63 +110,11 @@ in
home.activation.claudeCodeBeadsSetup = lib.hm.dag.entryAfter ["writeBoundary" "claudeCodeCommands"] ''
# Run bd setup claude to install hooks into ~/.claude/settings.json
# This is idempotent - safe to run multiple times
${beadsPackage}/bin/bd setup claude 2>/dev/null || true
${globalInputs.beads.packages.${system}.default}/bin/bd setup claude 2>/dev/null || true
$DRY_RUN_CMD echo "Claude Code beads integration configured (hooks installed)"
'';
# Configure Claude Code statusline (merge into existing settings.json)
home.activation.claudeCodeStatusLine = lib.hm.dag.entryAfter ["writeBoundary" "claudeCodeBeadsSetup"] ''
SETTINGS="$HOME/.claude/settings.json"
mkdir -p "$HOME/.claude"
if [ -f "$SETTINGS" ]; then
${pkgs.jq}/bin/jq --slurpfile sl ${claudeCodeStatusLineConfig} '.statusLine = $sl[0]' "$SETTINGS" > "''${SETTINGS}.tmp" && mv "''${SETTINGS}.tmp" "$SETTINGS"
else
${pkgs.jq}/bin/jq -n --slurpfile sl ${claudeCodeStatusLineConfig} '{statusLine: $sl[0]}' > "$SETTINGS"
fi
$DRY_RUN_CMD echo "Claude Code statusline configured"
'';
# Beads timer gate checker (Linux only - uses systemd)
# Runs every 5 minutes to auto-resolve expired timer gates across all beads projects
# This enables self-scheduling molecules (watchers, patrols, etc.)
systemd.user.services.beads-gate-check = lib.mkIf pkgs.stdenv.isLinux {
Unit = {
Description = "Check and resolve expired beads timer gates";
};
Service = {
Type = "oneshot";
# Check gates in all workspaces that have running daemons
ExecStart = pkgs.writeShellScript "beads-gate-check-all" ''
# Get list of workspaces from daemon registry
workspaces=$(${beadsPackage}/bin/bd daemon list --json 2>/dev/null | ${pkgs.jq}/bin/jq -r '.[].workspace // empty' 2>/dev/null)
if [ -z "$workspaces" ]; then
exit 0 # No beads workspaces, nothing to do
fi
for ws in $workspaces; do
if [ -d "$ws" ]; then
cd "$ws" && ${beadsPackage}/bin/bd gate check --type=timer --quiet 2>/dev/null || true
fi
done
'';
};
};
systemd.user.timers.beads-gate-check = lib.mkIf pkgs.stdenv.isLinux {
Unit = {
Description = "Periodic beads timer gate check";
};
Timer = {
OnBootSec = "5min";
OnUnitActiveSec = "5min";
};
Install = {
WantedBy = [ "timers.target" ];
};
};
# Note: modules must be imported at top-level home config
};
}

115
home/roles/development/formulas/quick-fix.formula.toml
View File

@@ -1,115 +0,0 @@
# Quick Fix Formula
#
# Streamlined workflow for well-understood bugs and small fixes.
# Skips the deep research and planning phases of RPI - get in, fix, get out.
#
# Use when:
# - Bug is well-understood (you know what's broken)
# - Fix is straightforward (no architectural decisions)
# - Change is small (< 100 lines)
#
# Use RPI instead when:
# - Root cause is unclear
# - Multiple approaches possible
# - Significant design decisions needed
formula = "quick-fix"
description = """
Streamlined workflow for bugs and small fixes.
A faster alternative to RPI for well-understood issues:
1. Quick investigation to confirm understanding
2. Implement the fix
3. Verify with tests
4. Commit and close
No human gates - designed for quick turnaround on obvious fixes.
"""
version = 1
type = "workflow"
# === Variables ===
[vars.title]
required = true
description = "Brief description of the bug/fix"
[vars.bead_id]
description = "Existing bead ID (creates new if not provided)"
[vars.test_cmd]
default = "make test"
description = "Command to verify the fix"
# === Steps ===
[[steps]]
id = "investigate"
title = "Investigate: {{title}}"
description = """
Quick investigation to confirm understanding of the bug.
Goals:
- Locate the problematic code
- Confirm root cause matches expectations
- Identify files that need changes
This is NOT deep research - spend 5-10 minutes max.
If the bug is more complex than expected, pivot to RPI workflow.
Output: Mental model of what to fix (no artifact needed).
"""
[[steps]]
id = "fix"
title = "Fix: {{title}}"
needs = ["investigate"]
description = """
Implement the fix.
Guidelines:
- Make minimal changes to fix the issue
- Follow existing code patterns
- Add/update tests if appropriate
- Keep changes focused (no drive-by refactors)
If the fix grows beyond expectations, pause and consider:
- Should this be an RPI workflow instead?
- Should we split into multiple changes?
"""
[[steps]]
id = "verify"
title = "Verify fix"
needs = ["fix"]
description = """
Verify the fix works correctly.
Run: {{test_cmd}}
Also check:
- Bug is actually fixed (manual verification)
- No obvious regressions introduced
- Code compiles/builds cleanly
If tests fail, iterate on the fix step.
"""
[[steps]]
id = "commit"
title = "Commit and close"
needs = ["verify"]
description = """
Commit the fix and close the bead.
Actions:
1. Stage changes: git add -A
2. Commit with descriptive message: git commit -m "fix: {{title}}"
3. Push to remote: git push
4. Close the bead: bd close {{bead_id}}
Commit message should explain:
- What was broken
- How it was fixed
- Any relevant context
"""

124
home/roles/development/formulas/rpi.formula.toml
View File

@@ -1,124 +0,0 @@
# RPI Formula - Research -> Plan -> Implement
#
# Universal workflow for feature development with human gates.
formula = "rpi"
description = """
Research -> Plan -> Implement workflow.
Usage:
bd pour rpi --var title="Add user preferences"
bd pour rpi --var title="Auth" --var bead_id="project-abc" --var test_cmd="nix flake check"
"""
version = 1
type = "workflow"
# ─── Variables ───
[vars.title]
required = true
description = "What are we building?"
[vars.bead_id]
description = "Existing bead ID (creates new if not provided)"
[vars.test_cmd]
default = "make test"
description = "Command to run tests"
[vars.lint_cmd]
default = "make lint"
description = "Command to run linting"
# ─── Research Phase ───
[[steps]]
id = "research"
title = "Research: {{title}}"
skill = "research-agents"
description = """
Conduct comprehensive codebase research.
Goals:
- Understand current implementation
- Identify patterns to follow
- Find relevant files and dependencies
- Document key discoveries
Output: thoughts/beads-{{bead_id}}/research.md
"""
# ─── Planning Phase ───
[[steps]]
id = "plan"
title = "Plan: {{title}}"
needs = ["research"]
type = "human"
skill = "planning"
description = """
Create detailed implementation plan based on research.
Goals:
- Present understanding and clarify requirements
- Propose design options with tradeoffs
- Define phases with success criteria
- Identify what we're NOT doing
Output: thoughts/beads-{{bead_id}}/plan.md
"""
[steps.gate]
type = "human"
reason = "Plan approval before implementation"
# ─── Implementation Phase ───
[[steps]]
id = "implement"
title = "Implement: {{title}}"
needs = ["plan"]
description = """
Execute the approved plan phase by phase.
For each phase:
1. Make the changes
2. Run verification: {{test_cmd}}, {{lint_cmd}}
3. Update plan checkboxes for resumability
Stop and ask if encountering unexpected issues.
"""
# ─── Verification Phase ───
[[steps]]
id = "verify"
title = "Manual verification"
needs = ["implement"]
type = "human"
description = """
Human confirms implementation works correctly.
Check: feature works, edge cases handled, no regressions.
Tests: {{test_cmd}} | Lint: {{lint_cmd}}
"""
[steps.gate]
type = "human"
reason = "Confirm implementation is correct"
# ─── Completion ───
[[steps]]
id = "complete"
title = "Close bead"
needs = ["verify"]
skill = "artifact-format"
description = """
Mark work as complete.
Actions:
- bd update {{bead_id}} --notes="Implementation complete"
- bd close {{bead_id}} --reason="Completed: {{title}}"
- bd sync && git push
"""

230
home/roles/development/skills/bd_workflow.md
View File

@@ -1,230 +0,0 @@
---
description: How to use the bd (beads) CLI for issue tracking, dependencies, and workflow orchestration
---
# BD Workflow
The `bd` CLI is a git-backed issue tracker with first-class dependency support. Use it for multi-session work, blocking relationships, and persistent memory across conversation compaction.
## When to Use BD vs TodoWrite
| Use BD | Use TodoWrite |
|--------|---------------|
| Work spans multiple sessions | Single-session tasks |
| Dependencies between tasks | Independent subtasks |
| Need audit trail in git | Ephemeral tracking |
| Cross-repo coordination | Local project only |
| Resuming after compaction | Simple task lists |
## Core Commands
### Creating Issues
```bash
bd create "Issue title" # Basic task
bd create "Bug title" --type=bug --priority=1 # P1 bug
bd create "Feature" --type=feature -d "Details" # With description
bd q "Quick capture" # Output only ID
```
### Managing Issues
```bash
bd show <id> # View issue details
bd show <id> --children # View children of epic
bd list # List open issues (default 50)
bd list --all # Include closed
bd list -s in_progress # Filter by status
bd list -t bug -p 0 # P0 bugs
bd list --pretty # Tree format
```
### Updating Issues
```bash
bd update <id> --status=in_progress # Start work
bd update <id> --status=blocked # Mark blocked
bd update <id> --claim # Claim atomically
bd update <id> --add-label=urgent # Add label
bd update <id> -d "New description" # Update description
```
### Closing Issues
```bash
bd close <id> # Close issue
bd close <id> --continue # Auto-advance to next step
bd close <id> --suggest-next # Show newly unblocked
```
## Finding Work
```bash
bd ready # Ready issues (no blockers)
bd ready --mol <mol-id> # Ready steps in molecule
bd ready -n 5 # Limit to 5
bd ready --assignee me # Assigned to me
bd blocked # Show blocked issues
bd blocked --parent <id> # Blocked within epic
```
## Dependency Management
### Creating Dependencies
```bash
bd dep <blocker> --blocks <blocked> # A blocks B
bd dep add <blocked> <blocker> # Same as above
bd dep relate <id1> <id2> # Bidirectional link
```
### Viewing Dependencies
```bash
bd dep list <id> # Show dependencies
bd dep tree <id> # Dependency tree
bd dep cycles # Detect cycles
```
### Removing Dependencies
```bash
bd dep remove <blocked> <blocker> # Remove dependency
bd dep unrelate <id1> <id2> # Remove relation
```
## Sync Workflow
BD syncs issues via git. The daemon handles this automatically, but manual sync is available:
```bash
bd sync # Full sync (pull, merge, push)
bd sync --flush-only # Export to JSONL only
bd sync --import-only # Import from JSONL only
bd sync --status # Show sync branch diff
bd sync --squash # Accumulate without commit
```
## Formula and Molecule Workflow
Formulas are reusable workflow templates. Molecules are instantiated workflows.
### Formulas
```bash
bd formula list # List available formulas
bd formula list --type=workflow # Filter by type
bd formula show <name> # Show formula details
bd cook <formula> # Compile to proto (stdout)
bd cook <formula> --var name=auth # With variable substitution
bd cook <formula> --dry-run # Preview steps
bd cook <formula> --persist # Save to database
```
### Molecules: Pour vs Wisp
| pour (persistent) | wisp (ephemeral) |
|-------------------|------------------|
| Feature implementations | Release workflows |
| Multi-session work | Patrol cycles |
| Audit trail needed | Health checks |
| Git-synced | Local only |
```bash
# Persistent molecule (liquid phase)
bd mol pour <proto> --var name=auth
# Ephemeral molecule (vapor phase)
bd mol wisp <proto> --var version=1.0
bd mol wisp list # List wisps
bd mol wisp gc # Garbage collect
```
### Tracking Molecule Progress
```bash
bd mol show <mol-id> # Show structure
bd mol show <mol-id> --parallel # Parallelizable steps
bd mol current # Where am I?
bd mol current <mol-id> # Status for molecule
bd mol progress <mol-id> # Progress summary + ETA
```
### Molecule Lifecycle
```bash
bd mol squash <mol-id> # Condense to digest
bd mol burn <mol-id> # Delete wisp
bd mol distill <epic-id> # Extract formula from epic
```
## Gates and Human Checkpoints
Gates are async wait conditions that block workflow steps:
| Gate Type | Wait Condition |
|-----------|---------------|
| human | Manual `bd close` |
| timer | Timeout expires |
| gh:run | GitHub workflow completes |
| gh:pr | PR merges |
| bead | Cross-rig bead closes |
```bash
bd gate list # Show open gates
bd gate list --all # Include closed
bd gate check # Evaluate all gates
bd gate check --type=bead # Check bead gates only
bd gate resolve <id> # Close manually
```
## Common Patterns
### Starting Work on a Bead
```bash
bd update <id> --status=in_progress
# ... do work ...
bd close <id>
```
### Creating Related Issues
```bash
bd create "Main task" --deps "blocks:<other-id>"
bd dep add <new-id> <blocker-id>
```
### Working Through a Molecule
```bash
bd mol pour my-workflow --var name=feature
bd ready --mol <mol-id> # Find next step
bd update <step-id> --claim # Claim step
# ... do work ...
bd close <step-id> --continue # Close and advance
```
### Quick Status Check
```bash
bd ready -n 3 # Top 3 ready items
bd list -s in_progress # What's in flight?
bd blocked # What's stuck?
```
## Useful Flags
| Flag | Effect |
|------|--------|
| `--json` | JSON output for scripting |
| `--quiet` | Suppress non-essential output |
| `--dry-run` | Preview without executing |
| `--pretty` | Tree format display |
## Integration Notes
- BD auto-syncs via daemon (check with `bd info`)
- Issues stored in `.beads/` directory
- JSONL files sync through git
- Use `bd doctor` if something seems wrong

0
home/roles/development/commands/beads_batch_research_plan.md → home/roles/development/skills/beads_batch_research_plan.md
View File

6
home/roles/development/commands/beads_implement.md → home/roles/development/skills/beads_implement.md
View File

@@ -54,8 +54,6 @@ When this command is invoked:
- Read `thoughts/beads-{bead-id}/plan.md` FULLY
- Check for any existing checkmarks (- [x]) indicating partial progress
- Read any research at `thoughts/beads-{bead-id}/research.md`
- If plan's Success Criteria references contribution guidelines (e.g., "Per CONTRIBUTING.md:"),
verify the original CONTRIBUTING.md still exists and requirements are current
5. **Mark bead in progress** (if not already):
```bash
@@ -129,10 +127,6 @@ All phases completed and automated verification passed:
- {List manual verification items from plan}
Let me know when manual testing is complete so I can close the bead.
**Contribution guidelines compliance:**
- {List any contribution guideline requirements that were part of Success Criteria}
- {Note if any requirements could not be automated and need manual review}
```
**STOP HERE and wait for user confirmation.**

0
home/roles/development/commands/beads_iterate.md → home/roles/development/skills/beads_iterate.md
View File

29
home/roles/development/commands/beads_plan.md → home/roles/development/skills/beads_plan.md
View File

@@ -51,32 +51,13 @@ When this command is invoked:
- Any linked tickets or docs
- Use Read tool WITHOUT limit/offset
2. **Check for contribution guidelines**:
```bash
# Check standard locations for contribution guidelines
for f in CONTRIBUTING.md .github/CONTRIBUTING.md docs/CONTRIBUTING.md; do
if [ -f "$f" ]; then
echo "Found: $f"
break
fi
done
```
If found:
- Read the file fully
- Extract actionable requirements (testing, code style, documentation, PR conventions)
- These requirements MUST be incorporated into the plan's Success Criteria
If not found, note "No contribution guidelines found" and proceed.
3. **Spawn initial research tasks**:
2. **Spawn initial research tasks**:
- **codebase-locator**: Find all files related to the task
- **codebase-analyzer**: Understand current implementation
- **codebase-pattern-finder**: Find similar features to model after
- **thoughts-locator**: Find any existing plans or decisions
4. **Read all files identified by research**:
3. **Read all files identified by research**:
- Read them FULLY into main context
- Cross-reference with requirements
@@ -292,12 +273,6 @@ Always separate into two categories:
- Performance under real conditions
- Edge cases hard to automate
**From Contribution Guidelines** (if CONTRIBUTING.md exists):
- Include any testing requirements specified in guidelines
- Include any code style/linting requirements
- Include any documentation requirements
- Reference the guideline: "Per CONTRIBUTING.md: {requirement}"
## Example Invocation
```

16
home/roles/development/commands/beads_research.md → home/roles/development/skills/beads_research.md
View File

@@ -51,18 +51,6 @@ When this command is invoked:
- Use the Read tool WITHOUT limit/offset parameters
- Read these files yourself in the main context before spawning sub-tasks
### Step 1.5: Check for contribution guidelines
Before spawning sub-agents, check if the repository has contribution guidelines:
```bash
for f in CONTRIBUTING.md .github/CONTRIBUTING.md docs/CONTRIBUTING.md; do
if [ -f "$f" ]; then echo "Found: $f"; break; fi
done
```
If found, read the file and note key requirements. These should be included in the research document under a "## Contribution Guidelines" section if relevant to the research question.
### Step 2: Analyze and decompose the research question
- Break down the query into composable research areas
- Identify specific components, patterns, or concepts to investigate
@@ -155,10 +143,6 @@ status: complete
## Architecture Documentation
{Current patterns, conventions found in codebase}
## Contribution Guidelines
{If CONTRIBUTING.md exists, summarize key requirements relevant to the research topic}
{If no guidelines found, omit this section}
## Historical Context (from thoughts/)
{Relevant insights from thoughts/ with references}

0
home/roles/development/commands/beads_workflow.md → home/roles/development/skills/beads_workflow.md
View File

0
home/roles/development/commands/gitea_pr_review.md → home/roles/development/skills/gitea_pr_review.md
View File

0
home/roles/development/commands/import_gitea_issues.md → home/roles/development/skills/import_gitea_issues.md
View File

123
home/roles/development/skills/micro/artifact-format.md
View File

@@ -1,123 +0,0 @@
---
description: How to structure research and plan artifacts in thoughts/
---
# Artifact Format
Standardized format for thoughts/ artifacts. All beads-related artifacts should follow these conventions for consistency and machine parseability.
## Frontmatter (Required)
Every artifact MUST include YAML frontmatter:
```yaml
---
date: 2026-01-15T10:00:00-08:00 # ISO 8601 with timezone
bead_id: project-abc # Bead identifier
bead_title: "Title of the bead" # Human-readable title
author: claude # Who created this
git_commit: abc123def # Commit hash at creation
branch: main # Branch name
repository: repo-name # Repository name
status: draft|complete # Artifact status
---
```
### Gathering Metadata
```bash
git rev-parse HEAD # Current commit
git branch --show-current # Current branch
basename $(git rev-parse --show-toplevel) # Repo name
date -Iseconds # ISO timestamp
```
## Research Artifact Structure
Location: `thoughts/beads-{bead-id}/research.md`
```markdown
# Research: {bead title}
**Bead**: {bead-id}
**Date**: {timestamp}
**Git Commit**: {commit hash}
## Research Question
{Original question from bead description}
## Summary
{2-3 sentence overview answering the research question}
## Key Discoveries
- {Finding with file:line reference}
- {Pattern or convention found}
- {Architectural decision documented}
## Architecture
{Current patterns and conventions in the codebase}
## Code References
- `path/to/file.py:123` - Description of relevance
- `another/file.ts:45-67` - Description of relevance
## Open Questions
{Areas needing further investigation or human clarification}
```
## Plan Artifact Structure
Location: `thoughts/beads-{bead-id}/plan.md`
```markdown
# {Title} Implementation Plan
## Overview
{What we're implementing and why - 1-2 sentences}
## Current State
{What exists now, key constraints discovered}
### Key Discoveries
- {Finding with file:line reference}
- {Pattern to follow}
## Desired End State
{Specification of what success looks like}
## What We're NOT Doing
{Explicitly list out-of-scope items}
## Phase 1: {Descriptive Name}
### Overview
{What this phase accomplishes}
### Changes
- [ ] {Specific change with file path}
- [ ] {Another change}
### Success Criteria
#### Automated
- [ ] Tests pass: `{test command}`
- [ ] Lint passes: `{lint command}`
#### Manual
- [ ] {Human verification step}
## Phase 2: {Descriptive Name}
{Repeat structure...}
## References
- Bead: {bead-id}
- Research: `thoughts/beads-{bead-id}/research.md`
```
## Key Principles
1. **Always include file:line references** - Makes artifacts actionable
2. **Separate automated vs manual verification** - Enables agent autonomy
3. **Use checkboxes for phases** - Enables resumability after interruption
4. **Keep frontmatter machine-parseable** - Enables tooling integration
5. **Link related artifacts** - Research links to plan, plan links to bead

121
home/roles/development/skills/micro/planning.md
View File

@@ -1,121 +0,0 @@
---
description: How to create effective implementation plans with phased delivery and clear success criteria
---
# Planning
Create implementation plans that enable incremental, verifiable progress.
## Core Principles
1. **Incremental delivery**: Each phase should produce working, testable changes
2. **Clear checkpoints**: Success criteria that can be verified without ambiguity
3. **Buy-in before detail**: Confirm understanding and approach before writing specifics
4. **Explicit scope**: State what we're NOT doing to prevent scope creep
## Plan Document Structure
```markdown
# {Feature} Implementation Plan
## Overview
{1-2 sentences: what we're building and why}
## Current State Analysis
{What exists now, key constraints, file:line references}
## Desired End State
{Specification of outcome and how to verify it}
## What We're NOT Doing
{Explicit out-of-scope items}
## Phase 1: {Descriptive Name}
### Overview
{What this phase accomplishes - should be independently valuable}
### Changes Required
{Specific files and modifications with code snippets}
### Success Criteria
#### Automated Verification
- [ ] Tests pass: `{test command}`
- [ ] Lint passes: `{lint command}`
#### Manual Verification
- [ ] {Human-observable outcome}
## Testing Strategy
{Unit tests, integration tests, manual testing steps}
## References
{Links to research, related files, similar implementations}
```
## Phase Design
Good phases are:
- **Self-contained**: Completable in one session
- **Testable**: Has clear pass/fail criteria
- **Reversible**: Can be rolled back if needed
- **Incremental**: Builds on previous phases without requiring all phases
Bad phases are:
- "Refactor everything" (too broad)
- "Add helper function" (too granular)
- Phases that only work if ALL phases complete
## Success Criteria Guidelines
**Automated Verification** (agent-runnable):
- Test commands: `make test`, `npm test`, `nix flake check`
- Lint/format: `make lint`, `cargo fmt --check`
- Type checking: `make typecheck`, `tsc --noEmit`
- Build verification: `make build`, `nix build`
**Manual Verification** (requires human):
- UI/UX functionality and appearance
- Performance under realistic conditions
- Edge cases hard to automate
- Integration with external systems
**From Contribution Guidelines** (if CONTRIBUTING.md exists):
- Include any testing requirements specified
- Reference the guideline: "Per CONTRIBUTING.md: {requirement}"
## Presenting Understanding
Before writing the plan, confirm alignment:
```
Based on the requirements and my research, I understand we need to [summary].
I've found that:
- [Current implementation detail with file:line]
- [Relevant pattern or constraint]
- [Potential complexity identified]
Questions my research couldn't answer:
- [Specific technical question requiring judgment]
```
Only ask questions you genuinely cannot answer through code investigation.
## Design Options Pattern
When multiple approaches exist:
```
**Design Options:**
1. [Option A] - [1-sentence description]
- Pro: [benefit]
- Con: [drawback]
2. [Option B] - [1-sentence description]
- Pro: [benefit]
- Con: [drawback]
Which approach aligns best with [relevant consideration]?
```
Get buy-in on approach before detailing phases.

68
home/roles/development/skills/micro/pr-description.md
View File

@@ -1,68 +0,0 @@
---
description: How to write comprehensive PR descriptions that help reviewers understand changes
---
# PR Description
Write PR descriptions that help reviewers understand what changed and why.
## Structure
Use this standard structure for PR descriptions:
```markdown
## Summary
<1-3 bullet points of what changed and why>
## Context
<Why this change was needed - the problem being solved>
<Link to related issues/tickets>
## Changes
<Detailed breakdown by area/component>
- Area 1: What changed and why
- Area 2: What changed and why
## Testing
<How this was verified>
- Automated: Tests added/updated, CI status
- Manual: Steps to verify functionality
## Screenshots (if UI changes)
<Before/after screenshots if applicable>
```
## Guidelines
### Lead with WHY, not WHAT
- The diff shows WHAT changed - your description explains WHY
- Start with the problem being solved
- Explain the approach chosen and alternatives considered
### Link to context
- Reference related issues: `Fixes #123` or `Relates to #456`
- Link to design docs or discussions
- Mention dependent PRs if any
### Call out review areas
- Highlight areas needing careful review
- Note any tricky or non-obvious code
- Point out architectural decisions
### Note breaking changes prominently
- Use a dedicated "Breaking Changes" section if applicable
- Explain migration path for consumers
- List any deprecations
### Be scannable
- Use bullet points over paragraphs
- Keep sections focused and concise
- Put the most important info first
## Anti-patterns to Avoid
- Empty descriptions or just "fixes bug"
- Repeating the commit messages verbatim
- Including irrelevant implementation details
- Missing context on why the change was made
- Forgetting to mention breaking changes

49
home/roles/development/skills/micro/research-agents.md
View File

@@ -1,49 +0,0 @@
---
description: How to spawn and coordinate research sub-agents
---
# Research Agents
Use parallel sub-agents for efficient codebase research.
## Available Agents
| Agent | Purpose |
|-------|---------|
| codebase-locator | Find WHERE files and components live |
| codebase-analyzer | Understand HOW specific code works |
| codebase-pattern-finder | Find examples of existing patterns |
| thoughts-locator | Discover relevant documents in thoughts/ |
## Spawning Protocol
1. **Decompose** - Break the research question into 3-5 specific questions
2. **Spawn parallel** - Use one Task call with multiple agents
3. **Be specific** - Include directories and file patterns in prompts
4. **Wait for all** - Do not synthesize until ALL agents complete
5. **Synthesize** - Combine findings into coherent summary with file:line references
## Example
```
Task(codebase-locator, "Find all files related to authentication in src/")
Task(codebase-analyzer, "Explain how JWT tokens are validated in src/auth/")
Task(codebase-pattern-finder, "Find examples of middleware patterns in src/")
Task(thoughts-locator, "Find documents about auth design decisions in thoughts/")
```
## Key Principles
- **Parallel when different** - Run agents in parallel when searching for different things
- **WHAT not HOW** - Each agent knows its job; tell it what you need, not how to search
- **Document, don't evaluate** - Agents should describe what exists, not critique it
- **Specific directories** - Always scope searches to relevant directories
- **File references** - Include specific file:line references in synthesis
## Agent Prompts
When spawning agents, include:
- The specific question or goal
- Relevant directories to search
- Reminder to document (not evaluate) what they find
- Request for file:line references in findings

178
home/roles/development/commands/parallel_beads.md → home/roles/development/skills/parallel_beads.md
View File

@@ -42,46 +42,7 @@ AskUserQuestion with:
- options from filtered bd ready output
```
## Phase 2: Worktree Setup
Before launching implementation subagents, create worktrees for all selected beads:
1. **Get repository name**:
```bash
REPO_NAME=$(git remote get-url origin | sed 's|.*/||' | sed 's/\.git$//')
```
2. **For each selected bead**, create its worktree:
```bash
BEAD_ID="[bead-id]"
# Check if worktree already exists
if [ -d "$HOME/wt/${REPO_NAME}/${BEAD_ID}" ]; then
echo "Worktree already exists: ~/wt/${REPO_NAME}/${BEAD_ID}"
# Ask user: remove and recreate, or skip this bead?
else
git worktree add -b "bead/${BEAD_ID}" "$HOME/wt/${REPO_NAME}/${BEAD_ID}"
fi
```
3. **Track created worktrees**:
Maintain a list of (bead_id, worktree_path) pairs for use in subagent instructions.
4. **Report status**:
```
Created worktrees:
- nixos-configs-abc → ~/wt/nixos-configs/nixos-configs-abc (branch: bead/nixos-configs-abc)
- nixos-configs-xyz → ~/wt/nixos-configs/nixos-configs-xyz (branch: bead/nixos-configs-xyz)
Skipped (existing worktree):
- nixos-configs-123 → Ask user for resolution
```
**Note**: If a worktree or branch already exists, ask the user before proceeding:
- Remove existing worktree and branch, then recreate
- Skip this bead
- Use existing worktree as-is (risky - branch may have diverged)
## Phase 3: Parallel Implementation
## Phase 2: Parallel Implementation
For each selected bead, launch a subagent using the Task tool. All subagents should be launched in parallel (single message with multiple Task tool calls).
@@ -92,92 +53,50 @@ Each implementation subagent should receive these instructions:
```
Work on bead [BEAD_ID]: [BEAD_TITLE]
Worktree path: [WORKTREE_PATH]
1. **Create worktree**:
- Branch name: `bead/[BEAD_ID]`
- Worktree path: `~/wt/[REPO_NAME]/[BEAD_ID]`
- Command: `git worktree add -b bead/[BEAD_ID] ~/wt/[REPO_NAME]/[BEAD_ID]`
## CRITICAL: Branch Verification (MUST DO FIRST)
1. **Navigate to worktree**:
```bash
cd [WORKTREE_PATH]
```
2. **Verify branch** (MANDATORY before ANY modifications):
```bash
CURRENT_BRANCH=$(git branch --show-current)
echo "Current branch: $CURRENT_BRANCH"
pwd
```
**ABORT CONDITIONS** - If ANY of these are true, STOP IMMEDIATELY:
- Branch is `main` or `master`
- Branch does not match `bead/[BEAD_ID]`
If you detect any abort condition:
```
ABORTING: Branch verification failed.
Expected branch: bead/[BEAD_ID]
Actual branch: [CURRENT_BRANCH]
Working directory: [pwd output]
DO NOT PROCEED. Report this error to the orchestrator.
```
## After Verification Passes
3. **Review the bead requirements**:
2. **Review the bead requirements**:
- Run `bd show [BEAD_ID]` to understand the acceptance criteria
- Note any external issue references (GitHub issues, Linear tickets, etc.)
4. **Extract validation criteria**:
3. **Extract validation criteria**:
- Check for a plan: `thoughts/beads-[BEAD_ID]/plan.md`
- If plan exists:
- Read the plan and find the "Automated Verification" section
- Extract each verification command (lines starting with `- [ ]` followed by a command)
- Example: `- [ ] Tests pass: \`make test\`` → extract `make test`
- Note any "Per CONTRIBUTING.md:" requirements for additional validation
- Also read the "Manual Verification" section from the plan if present
- Save manual verification items for inclusion in the PR description (they won't be executed)
- If no plan exists, use best-effort validation:
- Check if `Makefile` exists → try `make test` and `make lint`
- Check if `flake.nix` exists → try `nix flake check`
- Check if `package.json` exists → try `npm test`
- **Check for CONTRIBUTING.md** → read and extract testing/linting requirements
- Track which requirements can be automated vs need manual review
- Automated: commands that can be run (e.g., "run `make test`")
- Manual: qualitative checks (e.g., "ensure documentation is updated")
- If none found, note "No validation criteria found"
5. **Implement the changes**:
4. **Implement the changes**:
- Work in the worktree directory
- Complete all acceptance criteria listed in the bead
After implementation, run validation:
- Execute each validation command from step 4
- Execute each validation command from step 3
- Track results in this format:
```
VALIDATION_RESULTS:
- make test: PASS
- make lint: FAIL (exit code 1: src/foo.ts:23 - missing semicolon)
- nix flake check: SKIP (not applicable - no flake.nix)
- cargo test: ERROR (command not found)
- nix flake check: SKIP (command not found)
```
**Status definitions:**
- **PASS**: Check executed successfully with no issues
- **FAIL**: Check executed but found issues that need attention
- **SKIP**: Check not applicable to this project (e.g., no Makefile for `make test`)
- **ERROR**: Check could not execute (missing tool, permission error, command not found)
- If any validation fails:
- Continue with PR creation (don't block)
- Document failures in bead notes: `bd update [BEAD_ID] --notes="Validation failures: [list]"`
6. **Commit and push**:
5. **Commit and push**:
- Stage all changes: `git add -A`
- Create a descriptive commit message
- Push the branch: `git push -u origin bead/[BEAD_ID]`
7. **Create a PR**:
6. **Create a PR**:
- Detect hosting provider from origin URL: `git remote get-url origin`
- If URL contains `github.com`, use `gh`; otherwise use `tea` (Gitea/Forgejo)
- PR title: "[BEAD_ID] [BEAD_TITLE]"
@@ -200,27 +119,14 @@ Worktree path: [WORKTREE_PATH]
## Changes
- [List of changes made]
## Validation Steps Completed
## Validation
[Include validation results from step 4]
### Automated Checks
| Check | Status | Details |
|-------|--------|---------|
| make test | PASS | |
| make lint | FAIL | src/foo.ts:23 - missing semicolon |
| nix flake check | SKIP | not applicable - no flake.nix |
| cargo test | ERROR | command not found |
### Manual Verification Required
[If plan has Manual Verification items, list them as unchecked boxes:]
- [ ] Verify UI changes match design mockups
- [ ] Test on mobile viewport sizes
[If no manual verification items: "None specified in plan."]
### CONTRIBUTING.md Compliance
[If CONTRIBUTING.md requirements were extracted:]
- [x] Tests pass (verified via `make test`)
- [ ] Documentation updated (needs manual review)
[If no CONTRIBUTING.md: "No contribution guidelines found."]
| nix flake check | SKIP | command not found |
EOF
)"
```
@@ -240,66 +146,44 @@ Worktree path: [WORKTREE_PATH]
## Changes
- [List of changes made]
## Validation Steps Completed
## Validation
[Include validation results from step 4]
### Automated Checks
| Check | Status | Details |
|-------|--------|---------|
| make test | PASS | |
| make lint | FAIL | src/foo.ts:23 - missing semicolon |
| nix flake check | SKIP | not applicable - no flake.nix |
| cargo test | ERROR | command not found |
### Manual Verification Required
[If plan has Manual Verification items, list them as unchecked boxes:]
- [ ] Verify UI changes match design mockups
- [ ] Test on mobile viewport sizes
[If no manual verification items: None specified in plan.]
### CONTRIBUTING.md Compliance
[If CONTRIBUTING.md requirements were extracted:]
- [x] Tests pass (verified via make test)
- [ ] Documentation updated (needs manual review)
[If no CONTRIBUTING.md: No contribution guidelines found.]"
| nix flake check | SKIP | command not found |"
```
8. **Update bead status**:
7. **Update bead status**:
- Mark the bead as "in_review": `bd update [BEAD_ID] --status=in_review`
- Add the PR URL to the bead notes: `bd update [BEAD_ID] --notes="$(bd show [BEAD_ID] --json | jq -r '.notes')
PR: [PR_URL]"`
9. **Report results**:
8. **Report results**:
- Return:
- PR URL
- Bead ID
- Implementation status (success/failure/blocked)
- Validation summary: `X passed, Y failed, Z skipped, W errors`
- List of any validation failures or errors with details
- Validation summary: `X passed, Y failed, Z skipped`
- List of any validation failures with details
- If blocked or unable to complete, explain what's blocking progress
- If validation failed, include the specific failures so the main agent can summarize them for the user
```
### Launching Subagents
For each bead, substitute into the template:
- `[BEAD_ID]` - the bead ID
- `[BEAD_TITLE]` - the bead title
- `[WORKTREE_PATH]` - the worktree path created in Phase 2
Use `subagent_type: "general-purpose"` for implementation subagents. Launch all selected beads' subagents in a single message for parallel execution:
```
<Task calls for each selected bead - all in one message>
```
**Important**: The worktree paths were created in Phase 2. Use the exact paths that were created, e.g.:
- `~/wt/nixos-configs/nixos-configs-abc`
- `~/wt/nixos-configs/nixos-configs-xyz`
Collect results from all subagents before proceeding.
## Phase 4: Parallel Review
## Phase 3: Parallel Review
After all implementation subagents complete, launch review subagents for each PR.
@@ -334,7 +218,7 @@ Review PR for bead [BEAD_ID]
Launch all review subagents in parallel.
## Phase 5: Cleanup and Summary
## Phase 4: Cleanup and Summary
After reviews complete:
@@ -380,21 +264,9 @@ Example output:
## Error Handling
- **Worktree creation failures** (Phase 2):
- If `git worktree add` fails (branch exists, path exists), prompt user:
- Remove existing and retry
- Skip this bead
- Use existing (with warning about potential divergence)
- Do NOT proceed to subagent launch until worktree is confirmed
- **Branch verification failures** (subagent reports):
- If subagent reports it's on `main` or `master`, do NOT retry
- Mark bead as failed with reason "Branch verification failed"
- Continue with other beads but flag this as a critical issue
- Investigation required: the worktree may have been corrupted or not created properly
- **Subagent failures**: If a subagent fails or times out, note it in the summary but continue with other beads
- **PR creation failures**: Report the error but continue with reviews of successful PRs
- **Worktree conflicts**: If a worktree already exists, ask the user if they want to remove it or skip that bead
## Resource Limits

51
home/roles/development/commands/reconcile_beads.md → home/roles/development/skills/reconcile_beads.md
View File

@@ -4,13 +4,12 @@ description: Reconcile beads with merged PRs and close completed beads
# Reconcile Beads Workflow
This skill reconciles beads that are in `in_review` status with their corresponding PRs. If a PR has been merged, the bead is closed and any linked Gitea issue is also closed.
This skill reconciles beads that are in `in_review` status with their corresponding PRs. If a PR has been merged, the bead is closed.
## Prerequisites
- Custom status `in_review` must be configured: `bd config set status.custom "in_review"`
- Beads in `in_review` status should have a PR URL in their notes
- `tea` CLI must be configured for closing Gitea issues
## Workflow
@@ -53,34 +52,6 @@ If the PR is merged:
bd close [BEAD_ID] --reason="PR merged: [PR_URL]"
```
### Step 3.1: Close corresponding Gitea issue (if any)
After closing a bead, check if it has a linked Gitea issue:
1. **Check for Gitea issue URL in bead notes**:
Look for the pattern `Gitea issue: <URL>` in the notes. Extract the URL.
2. **Extract issue number from URL**:
```bash
# Example: https://git.johnogle.info/johno/nixos-configs/issues/16 -> 16
echo "$GITEA_URL" | grep -oP '/issues/\K\d+'
```
3. **Close the Gitea issue**:
```bash
tea issues close [ISSUE_NUMBER]
```
4. **Handle errors gracefully**:
- If issue is already closed: Log warning, continue
- If issue not found: Log warning, continue
- If `tea` fails: Log error, continue with other beads
Example warning output:
```
Warning: Could not close Gitea issue #16: issue already closed
```
### Step 4: Report summary
Present results:
@@ -89,17 +60,10 @@ Present results:
## Beads Reconciliation Summary
### Closed (PR Merged)
| Bead | PR | Gitea Issue | Title |
|------|-----|-------------|-------|
| beads-abc | #123 | #16 closed | Feature X |
| beads-xyz | #456 | (none) | Bug fix Y |
### Gitea Issues Closed
| Issue | Bead | Status |
|-------|------|--------|
| #16 | beads-abc | Closed successfully |
| #17 | beads-def | Already closed (skipped) |
| #99 | beads-ghi | Error: issue not found |
| Bead | PR | Title |
|------|-----|-------|
| beads-abc | #123 | Feature X |
| beads-xyz | #456 | Bug fix Y |
### Still in Review
| Bead | PR | Status | Title |
@@ -116,14 +80,9 @@ Present results:
- **Missing PR URL**: Skip the bead and report it
- **PR not found**: Report the error but continue with other beads
- **API errors**: Report and continue
- **Gitea issue already closed**: Log warning, continue (not an error)
- **Gitea issue not found**: Log warning, continue (issue may have been deleted)
- **No Gitea issue linked**: Normal case, no action needed
- **tea command fails**: Log error with output, continue with other beads
## Notes
- This skill complements `/parallel_beads` which sets beads to `in_review` status
- Run this skill periodically or after merging PRs to keep beads in sync
- Beads with closed (but not merged) PRs are not automatically closed - they may need rework
- Gitea issues are only closed for beads that have a `Gitea issue: <URL>` in their notes

4
home/roles/emacs/default.nix
View File

@@ -8,8 +8,8 @@ let
doomEmacs = pkgs.fetchFromGitHub {
owner = "doomemacs";
repo = "doomemacs";
rev = "d23bbe87721c61f4d5a605f2914b32780bb89949";
sha256 = "sha256-z+3c0AGkrMf1xZ+pq57aVp4Zo4KsqFMIjEVzSZinghc=";
rev = "38d94da67dc84897a4318714dcc48494c016d8c4";
sha256 = "sha256-Uc6qONH3jjUVDgW+pPBCGC7mh88ZY05u1y37fQrsxq0=";
};
# Shared emacs packages

184
home/roles/emacs/doom/config.el
View File

@@ -53,22 +53,6 @@
;; change `org-directory'. It must be set before org loads!
(setq org-directory "~/org/")
(after! org
;; Skip recurring events past their CALDAV_UNTIL date
;; org-caldav ignores UNTIL from RRULE, so we store it as a property
;; and filter here in the agenda
(defun my/skip-if-past-until ()
"Return non-nil if entry has CALDAV_UNTIL and current date is past it."
(let ((until-str (org-entry-get nil "CALDAV_UNTIL")))
(when (and until-str
(string-match "^\\([0-9]\\{4\\}\\)\\([0-9]\\{2\\}\\)\\([0-9]\\{2\\}\\)" until-str))
(let* ((until-year (string-to-number (match-string 1 until-str)))
(until-month (string-to-number (match-string 2 until-str)))
(until-day (string-to-number (match-string 3 until-str)))
(until-time (encode-time 0 0 0 until-day until-month until-year))
(today (current-time)))
(when (time-less-p until-time today)
(org-end-of-subtree t))))))
(setq org-agenda-span 'week
org-agenda-start-with-log-mode t
my-agenda-dirs '("projects" "roam")
@@ -77,7 +61,6 @@
"\.org$"))
my-agenda-dirs))
org-log-done 'time
org-agenda-skip-function-global #'my/skip-if-past-until
org-agenda-custom-commands '(("n" "Agenda"
((agenda "")
(tags-todo "-someday-recurring")))
@@ -100,135 +83,25 @@
"d" #'org-agenda-day-view
"w" #'org-agenda-week-view))
;; org-caldav: Sync Org entries with Nextcloud CalDAV
;; Setup requirements:
;; 1. Create Nextcloud app password: Settings -> Security -> Devices & sessions
;; 2. Store in rbw: rbw add nextcloud-caldav (put app password as the secret)
;; 3. Run: doom sync
;; 4. Test: M-x my/org-caldav-sync-with-rbw (or SPC o a s)
;;
;; Note: Conflict resolution is "Org always wins" - treat Org as source of truth
;; for entries that originated in Org.
;; (use-package! org-caldav
;; :defer t
;; :config
;; (setq org-caldav-url "https://nextcloud.johnogle.info/remote.php/dav/calendars/johno"
;; org-caldav-calendar-id "personal"
;; org-icalendar-timezone "America/Los_Angeles"
;; org-caldav-inbox "~/org/calendar.org"
;; org-caldav-files nil
;; org-caldav-sync-direction 'cal->org))
;; Define sync wrapper before use-package (so keybinding works)
(defun my/org-caldav-sync-with-rbw ()
"Run org-caldav-sync with credentials from rbw embedded in URL."
(interactive)
(require 'org)
(require 'org-caldav)
(let* ((password (my/get-rbw-password "nextcloud-caldav"))
;; Embed credentials in URL (url-encode password in case of special chars)
(encoded-pass (url-hexify-string password)))
(setq org-caldav-url
(format "https://johno:%s@nextcloud.johnogle.info/remote.php/dav/calendars/johno"
encoded-pass))
(org-caldav-sync)))
(use-package! org-caldav
:after org
:commands (org-caldav-sync my/org-caldav-sync-with-rbw)
:init
(map! :leader
(:prefix ("o" . "open")
(:prefix ("a" . "agenda/calendar")
:desc "Sync CalDAV" "s" #'my/org-caldav-sync-with-rbw)))
:config
;; Nextcloud CalDAV base URL (credentials added dynamically by sync wrapper)
(setq org-caldav-url "https://nextcloud.johnogle.info/remote.php/dav/calendars/johno")
;; Timezone for iCalendar export
(setq org-icalendar-timezone "America/Los_Angeles")
;; Sync state storage (in org directory for multi-machine sync)
(setq org-caldav-save-directory (expand-file-name ".org-caldav/" org-directory))
;; Backup file for entries before modification
(setq org-caldav-backup-file (expand-file-name ".org-caldav/backup.org" org-directory))
;; Limit past events to 30 days (avoids uploading years of scheduled tasks)
(setq org-caldav-days-in-past 30)
;; Sync behavior: bidirectional by default
(setq org-caldav-sync-direction 'twoway)
;; What changes from calendar sync back to Org (conservative: title and timestamp only)
(setq org-caldav-sync-changes-to-org 'title-and-timestamp)
;; Deletion handling: never auto-delete to prevent accidental mass deletion
(setq org-caldav-delete-calendar-entries 'never)
(setq org-caldav-delete-org-entries 'never)
;; Enable TODO/VTODO sync
(setq org-icalendar-include-todo 'all)
(setq org-caldav-sync-todo t)
;; Map VTODO percent-complete to org-todo-keywords
;; Format: (PERCENT "KEYWORD") - percent thresholds map to states
(setq org-caldav-todo-percent-states
'((0 "TODO")
(25 "WAIT")
(50 "IN-PROGRESS")
(100 "DONE")
(100 "KILL")))
;; Allow export with broken links (mu4e links can't be resolved during export)
(setq org-export-with-broken-links 'mark)
;; Calendar-specific configuration
(setq org-caldav-calendars
'(;; Personal calendar: two-way sync with family-shared Nextcloud calendar
(:calendar-id "personal"
:inbox "~/org/personal-calendar.org"
:files ("~/org/personal-calendar.org"))
;; Tasks calendar: one-way sync (org → calendar only)
;; SCHEDULED/DEADLINE items from todo.org push to private Tasks calendar.
;; No inbox = no download from calendar (effectively one-way).
;; Note: Create 'tasks' calendar in Nextcloud first, keep it private.
(:calendar-id "tasks"
:files ("~/org/todo.org"))))
;; Handle UNTIL in recurring events
;; org-caldav ignores UNTIL from RRULE - events repeat forever.
;; This advice extracts UNTIL and stores it as a property for agenda filtering.
(defun my/org-caldav-add-until-property (orig-fun eventdata-alist)
"Advice to store CALDAV_UNTIL property for recurring events."
(let ((result (funcall orig-fun eventdata-alist)))
(let* ((rrule-props (alist-get 'rrule-props eventdata-alist))
(until-str (cadr (assoc 'UNTIL rrule-props)))
(summary (alist-get 'summary eventdata-alist)))
;; Debug: log what we're seeing
(message "CALDAV-DEBUG: %s | rrule-props: %S | until: %s"
(or summary "?") rrule-props until-str)
(when until-str
(save-excursion
(org-back-to-heading t)
(org-entry-put nil "CALDAV_UNTIL" until-str))))
result))
(advice-add 'org-caldav-insert-org-event-or-todo
:around #'my/org-caldav-add-until-property)
)
(defun my/get-rbw-password (alias &optional no-error)
"Return the password for ALIAS via rbw, unlocking the vault only if needed.
If NO-ERROR is non-nil, return nil instead of signaling an error when
rbw is unavailable or the entry is not found."
(if (not (executable-find "rbw"))
(if no-error
nil
(user-error "rbw: not installed or not in PATH"))
(let* ((cmd (format "rbw get %s 2>/dev/null" (shell-quote-argument alias)))
(output (string-trim (shell-command-to-string cmd))))
(if (string-empty-p output)
(if no-error
nil
(user-error "rbw: no entry found for '%s' - run: rbw add %s" alias alias))
output))))
(defun my/get-rbw-password (alias)
"Return the password for ALIAS via rbw, unlocking the vault only if needed."
(let* ((cmd (format "rbw get %s 2>&1" alias))
(output (shell-command-to-string cmd)))
(string-trim output)))
(after! gptel
:config
(setq! gptel-api-key (my/get-rbw-password "openai-api-key-chatgpt-el" t)
(setq! gptel-api-key (my/get-rbw-password "openai-api-key-chatgpt-el")
gptel-default-mode 'org-mode
gptel-use-tools t
gptel-confirm-tool-calls 'always
@@ -274,18 +147,6 @@ rbw is unavailable or the entry is not found."
(error (format "Error listing directory %s: %s" dirpath (error-message-string err)))))
:args (list '(:name "dirpath" :type "string" :description "Directory path to list"))))
(use-package! pi-coding-agent
:commands (pi-coding-agent pi-coding-agent-toggle)
:init
(defalias 'pi 'pi-coding-agent)
(map! :leader
(:prefix ("o" . "open")
:desc "Pi Coding Agent" "p" #'pi-coding-agent))
:config
;; Tree-sitter grammars are managed by Nix (treesit-grammars.with-all-grammars),
;; so suppress the auto-install prompt
(setq pi-coding-agent-essential-grammar-action 'warn))
(use-package! claude-code-ide
:commands (claude-code-ide-menu claude-code-ide-open-here)
:init
@@ -364,16 +225,11 @@ rbw is unavailable or the entry is not found."
mu4e-headers-time-format "%H:%M")
;; Sending mail via msmtp
;; NOTE: message-sendmail-f-is-evil and --read-envelope-from are required
;; to prevent msmtp from stripping the email body when processing headers.
;; Without these, multipart messages (especially from org-msg) may arrive
;; with empty bodies.
(setq sendmail-program (executable-find "msmtp")
send-mail-function #'message-send-mail-with-sendmail
message-send-mail-function #'message-send-mail-with-sendmail
message-sendmail-f-is-evil t
message-sendmail-extra-arguments '("--read-envelope-from")
message-sendmail-envelope-from 'header))
(setq message-send-mail-function 'message-send-mail-with-sendmail
sendmail-program (executable-find "msmtp")
message-sendmail-envelope-from 'header
mail-envelope-from 'header
mail-specify-envelope-from t))
;; Whenever you reconfigure a package, make sure to wrap your config in an
;; `after!' block, otherwise Doom's defaults may override your settings. E.g.

10
home/roles/emacs/doom/packages.el
View File

@@ -49,10 +49,7 @@
;; ...Or *all* packages (NOT RECOMMENDED; will likely break things)
;; (unpin! t)
(package! org-caldav)
;; Pin org-msg - upstream doom pin references a force-pushed commit
(package! org-msg :pin "aa608b399586fb771ad37045a837f8286a0b6124")
;; (package! org-caldav)
;; Note: Packages with custom recipes must be pinned for nix-doom-emacs-unstraightened
;; to build deterministically. Update pins when upgrading packages.
@@ -72,8 +69,3 @@
:recipe (:type git :repo "https://codeberg.org/ctietze/beads.el.git"
:files ("lisp/*.el"))
:pin "f40a6461d3c0fa0969311bbb6a1e30d1bba86c88")
(package! pi-coding-agent
:recipe (:host github :repo "dnouri/pi-coding-agent"
:files ("*.el"))
:pin "8d8158b0a6150ce13d91e561a1223790670acaa7")

55
home/roles/email/default.nix
View File

@@ -4,7 +4,6 @@ with lib;
let
cfg = config.home.roles.email;
isLinux = pkgs.stdenv.isLinux;
in
{
options.home.roles.email = {
@@ -90,38 +89,34 @@ in
account default : proton
'';
# Linux-only: Systemd service for mail sync (Darwin uses launchd instead)
systemd.user.services = mkIf isLinux {
mbsync = {
Unit = {
Description = "Mailbox synchronization service";
After = [ "network-online.target" ];
Wants = [ "network-online.target" ];
};
Service = {
Type = "oneshot";
ExecStart = "${pkgs.bash}/bin/bash -c 'mkdir -p ~/Mail && ${pkgs.isync}/bin/mbsync -a && (${pkgs.mu}/bin/mu info >/dev/null 2>&1 || ${pkgs.mu}/bin/mu init --maildir ~/Mail --personal-address=john@ogle.fyi) && ${pkgs.mu}/bin/mu index'";
Environment = "PATH=${pkgs.rbw}/bin:${pkgs.coreutils}/bin";
StandardOutput = "journal";
StandardError = "journal";
};
# Systemd service for mail sync
systemd.user.services.mbsync = {
Unit = {
Description = "Mailbox synchronization service";
After = [ "network-online.target" ];
Wants = [ "network-online.target" ];
};
Service = {
Type = "oneshot";
ExecStart = "${pkgs.bash}/bin/bash -c 'mkdir -p ~/Mail && ${pkgs.isync}/bin/mbsync -a && (${pkgs.mu}/bin/mu info >/dev/null 2>&1 || ${pkgs.mu}/bin/mu init --maildir ~/Mail --personal-address=john@ogle.fyi) && ${pkgs.mu}/bin/mu index'";
Environment = "PATH=${pkgs.rbw}/bin:${pkgs.coreutils}/bin";
StandardOutput = "journal";
StandardError = "journal";
};
};
# Linux-only: Systemd timer for automatic sync
systemd.user.timers = mkIf isLinux {
mbsync = {
Unit = {
Description = "Mailbox synchronization timer";
};
Timer = {
OnBootSec = "2min";
OnUnitActiveSec = "5min";
Unit = "mbsync.service";
};
Install = {
WantedBy = [ "timers.target" ];
};
# Systemd timer for automatic sync
systemd.user.timers.mbsync = {
Unit = {
Description = "Mailbox synchronization timer";
};
Timer = {
OnBootSec = "2min";
OnUnitActiveSec = "5min";
Unit = "mbsync.service";
};
Install = {
WantedBy = [ "timers.target" ];
};
};
};

4
home/roles/gaming/default.nix
View File

@@ -12,7 +12,9 @@ in
config = mkIf cfg.enable {
home.packages = with pkgs; [
custom.mcrcon-rbw
# Gaming applications would go here
# This role is created for future expansion
# moonlight-qt is currently in media role but could be moved here
];
};
}

4
home/roles/kdeconnect/default.nix
View File

@@ -4,15 +4,13 @@ with lib;
let
cfg = config.home.roles.kdeconnect;
isLinux = pkgs.stdenv.isLinux;
in
{
options.home.roles.kdeconnect = {
enable = mkEnableOption "Enable KDE Connect for device integration";
};
# KDE Connect services are Linux-only (requires D-Bus and systemd)
config = mkIf (cfg.enable && isLinux) {
config = mkIf cfg.enable {
services.kdeconnect = {
enable = true;
indicator = true;

6
home/roles/sync/default.nix
View File

@@ -4,7 +4,6 @@ with lib;
let
cfg = config.home.roles.sync;
isLinux = pkgs.stdenv.isLinux;
in
{
options.home.roles.sync = {
@@ -12,10 +11,9 @@ in
};
config = mkIf cfg.enable {
# Linux-only: syncthingtray requires system tray support
home.packages = optionals isLinux (with pkgs; [
home.packages = with pkgs; [
syncthingtray
]);
];
services.syncthing = {
enable = true;

2
home/wallpapers/default.nix
View File

@@ -2,7 +2,7 @@
# The currentIndex is incremented by `nix run .#rotate-wallpaper`
# and gets committed as part of `nix run .#upgrade`
{
currentIndex = 2; # Index into wallpapers list
currentIndex = 1; # Index into wallpapers list
wallpapers = [
{

33
machines/john-endesktop/configuration.nix
View File

@@ -54,7 +54,6 @@ with lib;
4000 # nfs callback
4001 # nlockmgr
4002 # mountd
5000 # harmonia binary cache
20048 # mountd
];
allowedUDPPorts = [
@@ -91,8 +90,6 @@ with lib;
htop
tmux
zfs
rclone
custom.rclone-torbox-setup # Helper script to set up TorBox credentials via rbw
];
# Enable SSH
@@ -129,36 +126,6 @@ with lib;
roles.virtualisation.enable = true;
# TorBox WebDAV mount for rdt-client and Jellyfin
roles.rclone-mount = {
enable = true;
mounts.torbox = {
webdavUrl = "https://webdav.torbox.app";
username = "john@ogle.fyi"; # TorBox account email
mountPoint = "/media/media/torbox-rclone";
environmentFile = "/etc/rclone/torbox.env";
vfsCacheMode = "full"; # Best for streaming media
dirCacheTime = "5m";
extraArgs = [
"--buffer-size=64M"
"--vfs-read-chunk-size=32M"
"--vfs-read-chunk-size-limit=off"
];
# Wait for ZFS media pool to be mounted before starting
requiresMountsFor = [ "/media" ];
};
};
# Harmonia binary cache server
# Replaces the broken k8s deployment with native NixOS service
services.harmonia = {
enable = true;
signKeyPaths = [ "/etc/harmonia/signing-key.private" ];
settings = {
bind = "[::]:5000";
};
};
# Time zone
time.timeZone = "America/Los_Angeles"; # Adjust as needed

30
machines/nix-book/configuration.nix
View File

@@ -23,12 +23,12 @@
printing.enable = true;
remote-build.builders = [
{
hostName = "zix790prors.oglehome";
hostName = "zix790prors";
maxJobs = 16;
speedFactor = 3;
}
{
hostName = "john-endesktop.oglehome";
hostName = "john-endesktop";
maxJobs = 1;
speedFactor = 1;
}
@@ -38,24 +38,7 @@
enable = true;
extraGroups = [ "video" ];
};
virtualisation = {
enable = true;
waydroid = true;
};
wireguard = {
enable = true;
autostart = true;
interfaceName = "ogleNet";
address = [ "192.168.4.2/32" ];
privateKeyFile = "/etc/wireguard/oglehome-private-key";
dns = [ "192.168.4.1" ];
peers = [{
publicKey = "AWkmtaz0poyyKJGnRcabO5ecd6ESh1lKu+XRb3ObxBc=";
endpoint = "pi.johnogle.info:6666";
allowedIPs = [ "0.0.0.0/0" ];
persistentKeepalive = 25;
}];
};
virtualisation.enable = true;
};
# Bootloader.
@@ -75,6 +58,13 @@
# Enable networking
networking.networkmanager.enable = true;
# WireGuard setup
networking.wg-quick.interfaces = {
ogleNet = {
configFile = "/root/Oglehome-VPN-johno-nixbook.conf";
};
};
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [

17
machines/nix-deck/configuration.nix
View File

@@ -19,18 +19,11 @@
desktopSession = "plasma";
};
};
remote-build.builders = [
{
hostName = "zix790prors.oglehome";
maxJobs = 16;
speedFactor = 4;
}
{
hostName = "john-endesktop.oglehome";
maxJobs = 1;
speedFactor = 2;
}
];
remote-build.builders = [{
hostName = "zix790prors";
maxJobs = 16;
speedFactor = 4; # Prefer remote heavily on Steam Deck
}];
users = {
enable = true;
extraGroups = [ "video" ];

26
packages/beads/default.nix
View File

@@ -1,26 +0,0 @@
# Beads package - issue tracker for AI-supervised coding workflows
# Takes src as argument so it can be called from both overlay and flake packages
{ lib
, buildGoModule
, git
, pkg-config
, icu
, src
, version ? "unknown"
}:
buildGoModule {
pname = "beads";
inherit version src;
subPackages = [ "cmd/bd" ];
doCheck = false;
vendorHash = "sha256-XAhe4yuLzP9vQ3IFhWAO5fN/3OOfokcRxfeGKaRYEws=";
nativeBuildInputs = [ git pkg-config ];
buildInputs = [ icu ];
meta = with lib; {
description = "beads (bd) - An issue tracker designed for AI-supervised coding workflows";
homepage = "https://github.com/steveyegge/beads";
license = licenses.mit;
mainProgram = "bd";
};
}

29
packages/claude-code/default.nix
View File

@@ -1,29 +1,28 @@
{ lib
, stdenv
, fetchurl
, patchelf
, glibc
, autoPatchelfHook
}:
let
version = "2.1.69";
version = "2.0.76";
srcs = {
aarch64-darwin = {
url = "https://storage.googleapis.com/claude-code-dist-86c565f3-f756-42ad-8dfa-d59b1c096819/claude-code-releases/${version}/darwin-arm64/claude";
sha256 = "a86e14f44b167c1e8dbf764f76755b92ecf52c097d732a3461fe65b5fb60be05";
sha256 = "b76f6d4d09233e67295897b0a1ed2e22d7afa406431529d8b1b532b63b8cbcbd";
};
x86_64-darwin = {
url = "https://storage.googleapis.com/claude-code-dist-86c565f3-f756-42ad-8dfa-d59b1c096819/claude-code-releases/${version}/darwin-x64/claude";
sha256 = "e5987b4dd502a6542bf86c3c0bcd1d533b774616fc7d49566ce0b2040e6c1374";
sha256 = "9d94582f0af5d2201f1c907bf24ff8d216104b897ee0b24795a6c081f40e08d7";
};
x86_64-linux = {
url = "https://storage.googleapis.com/claude-code-dist-86c565f3-f756-42ad-8dfa-d59b1c096819/claude-code-releases/${version}/linux-x64/claude";
sha256 = "b3bdbd5a3cbf8caafe353022170df77fefa80b00003074d4d27e7da8c59e629a";
sha256 = "5dcdb480f91ba0df0bc8bd6aff148d3dfd3883f0899eeb5b9427a8b0abe7a687";
};
aarch64-linux = {
url = "https://storage.googleapis.com/claude-code-dist-86c565f3-f756-42ad-8dfa-d59b1c096819/claude-code-releases/${version}/linux-arm64/claude";
sha256 = "ecc7bbf10513ff122327866eb97212945b73afd7f81e30700375cdf10f50b2a3";
sha256 = "f64a994c8e5bfb84d7242cebbec75d6919db2ee46d50b8fc7a88d5066db193f9";
};
};
@@ -39,14 +38,8 @@ in stdenv.mkDerivation {
dontUnpack = true;
dontBuild = true;
# Bun standalone binaries have JS code appended after the ELF sections
# stripping/patching would remove or corrupt this appended data
dontStrip = true;
dontPatchELF = true;
# Don't use autoPatchelfHook - it rewrites the ELF and strips the appended
# bun bundle (the JS code is appended after the ELF sections)
nativeBuildInputs = lib.optionals stdenv.isLinux [ patchelf ];
nativeBuildInputs = lib.optionals stdenv.isLinux [ autoPatchelfHook ];
installPhase = ''
runHook preInstall
@@ -56,14 +49,6 @@ in stdenv.mkDerivation {
runHook postInstall
'';
# Manually patch the interpreter for bun standalone binaries
# patchelf --set-interpreter modifies in-place without rewriting the entire ELF,
# preserving the appended JS bundle that bun needs at runtime
postFixup = lib.optionalString stdenv.isLinux ''
interpreter="${glibc}/lib/${if stdenv.hostPlatform.system == "aarch64-linux" then "ld-linux-aarch64.so.1" else "ld-linux-x86-64.so.2"}"
patchelf --set-interpreter "$interpreter" $out/bin/claude
'';
meta = with lib; {
description = "Terminal-based AI coding assistant from Anthropic";
homepage = "https://www.anthropic.com/claude-code";

3
packages/default.nix
View File

@@ -3,7 +3,4 @@
tea-rbw = pkgs.callPackage ./tea-rbw {};
app-launcher-server = pkgs.callPackage ./app-launcher-server {};
claude-code = pkgs.callPackage ./claude-code {};
mcrcon-rbw = pkgs.callPackage ./mcrcon-rbw {};
rclone-torbox-setup = pkgs.callPackage ./rclone-torbox-setup {};
pi-coding-agent = pkgs.callPackage ./pi-coding-agent {};
}

31
packages/gastown/default.nix
View File

@@ -1,31 +0,0 @@
# Gastown package - multi-agent workspace manager
# Takes src as argument so it can be called from both overlay and flake packages
{ lib
, buildGoModule
, src
, version ? "unknown"
}:
buildGoModule {
pname = "gastown";
inherit version src;
vendorHash = "sha256-8SdvSASP+bJjMooqEQvkCzG+J6CbsK+HCQulrPnJZ1Y=";
subPackages = [ "cmd/gt" ];
doCheck = false;
# Must match ldflags from gastown Makefile - BuiltProperly=1 is required
# or gt will error with "This binary was built with 'go build' directly"
ldflags = [
"-X github.com/steveyegge/gastown/internal/cmd.Version=${version}"
"-X github.com/steveyegge/gastown/internal/cmd.Commit=${version}"
"-X github.com/steveyegge/gastown/internal/cmd.BuildTime=nix-build"
"-X github.com/steveyegge/gastown/internal/cmd.BuiltProperly=1"
];
meta = with lib; {
description = "Gas Town - multi-agent workspace manager by Steve Yegge";
homepage = "https://github.com/steveyegge/gastown";
license = licenses.mit;
mainProgram = "gt";
};
}

40
packages/mcrcon-rbw/default.nix
View File

@@ -1,40 +0,0 @@
{ pkgs, ... }:
pkgs.writeShellScriptBin "mcrcon" ''
set -euo pipefail
# Configuration - can be overridden with environment variables
MINECRAFT_RCON_HOST="''${MCRCON_HOST:-10.0.0.165}"
MINECRAFT_RCON_PORT="''${MCRCON_PORT:-25575}"
RBW_ENTRY="minecraft-rcon"
# Check if rbw is available
if ! command -v rbw &> /dev/null; then
echo "Error: rbw is not available. Please ensure rbw is installed and configured."
exit 1
fi
# Retrieve password from Bitwarden
if ! MCRCON_PASS=$(rbw get "$RBW_ENTRY" 2>/dev/null); then
echo "Error: Failed to retrieve RCON password from rbw entry '$RBW_ENTRY'"
echo "Please ensure the entry exists in Bitwarden and rbw is synced."
echo ""
echo "To create the entry:"
echo " 1. Add 'minecraft-rcon' to Bitwarden with the RCON password"
echo " 2. Run 'rbw sync' to refresh the local cache"
exit 1
fi
# Export for mcrcon
export MCRCON_HOST="$MINECRAFT_RCON_HOST"
export MCRCON_PORT="$MINECRAFT_RCON_PORT"
export MCRCON_PASS
# If no arguments provided, start interactive terminal mode
if [[ $# -eq 0 ]]; then
exec ${pkgs.mcrcon}/bin/mcrcon -t
fi
# Execute mcrcon with all provided arguments
exec ${pkgs.mcrcon}/bin/mcrcon "$@"
''

25
packages/perles/default.nix
View File

@@ -1,25 +0,0 @@
# Perles - Terminal UI for beads issue tracking
# Takes src as argument so it can be called from both overlay and flake packages
{ lib
, buildGoModule
, src
, version ? "unknown"
}:
buildGoModule {
pname = "perles";
inherit version src;
doCheck = false;
vendorHash = "sha256-A5LE9Cor/DRcJtVpiScSoqDYhJIKyaq0cbK+OGmr4XU=";
ldflags = [
"-X main.version=${version}"
];
meta = with lib; {
description = "Perles - Terminal UI for beads issue tracking";
homepage = "https://github.com/zjrosen/perles";
license = licenses.mit;
mainProgram = "perles";
};
}

79
packages/pi-coding-agent/default.nix
View File

@@ -1,79 +0,0 @@
{ lib
, stdenv
, fetchurl
, patchelf
, glibc
, makeWrapper
}:
let
version = "0.55.4";
srcs = {
aarch64-darwin = {
url = "https://github.com/badlogic/pi-mono/releases/download/v${version}/pi-darwin-arm64.tar.gz";
sha256 = "0vsav9frvnzskk6p6j60i7klrs3m8lphhyi4c39mv2mvhpm8fkl5";
};
x86_64-darwin = {
url = "https://github.com/badlogic/pi-mono/releases/download/v${version}/pi-darwin-x64.tar.gz";
sha256 = "1377rvhsiiww1bbpgv2v46fjm7iz2smmh8g2yhm28kbsq3gwvvr0";
};
x86_64-linux = {
url = "https://github.com/badlogic/pi-mono/releases/download/v${version}/pi-linux-x64.tar.gz";
sha256 = "1wnfwnkfq5ffz6wyqyhciv4lz06bpxims0hv0dlhz0f9vliyc1md";
};
aarch64-linux = {
url = "https://github.com/badlogic/pi-mono/releases/download/v${version}/pi-linux-arm64.tar.gz";
sha256 = "00fp37hgjl40kc59jfpv189i7np53ymm037hvds6k9y2sz818wjy";
};
};
src = srcs.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
in stdenv.mkDerivation {
pname = "pi-coding-agent";
inherit version;
src = fetchurl {
inherit (src) url sha256;
};
sourceRoot = "pi";
# Bun standalone binaries have JS code appended after the ELF sections
dontStrip = true;
dontPatchELF = true;
nativeBuildInputs = [ makeWrapper ]
++ lib.optionals stdenv.isLinux [ patchelf ];
installPhase = ''
runHook preInstall
# Install the full pi directory structure (binary + supporting files)
mkdir -p $out/lib/pi-coding-agent
cp -r . $out/lib/pi-coding-agent/
# Create bin wrapper that runs the binary from its lib directory
# (pi expects supporting files like themes and wasm relative to itself)
mkdir -p $out/bin
makeWrapper $out/lib/pi-coding-agent/pi $out/bin/pi
runHook postInstall
'';
# Manually patch the interpreter for bun standalone binaries on Linux
postFixup = lib.optionalString stdenv.isLinux ''
interpreter="${glibc}/lib/${if stdenv.hostPlatform.system == "aarch64-linux" then "ld-linux-aarch64.so.1" else "ld-linux-x86-64.so.2"}"
patchelf --set-interpreter "$interpreter" $out/lib/pi-coding-agent/pi
'';
meta = with lib; {
description = "Minimal terminal coding agent with extensible tools and session management";
homepage = "https://github.com/badlogic/pi-mono/tree/main/packages/coding-agent";
license = licenses.mit;
maintainers = [ ];
platforms = [ "aarch64-darwin" "x86_64-darwin" "x86_64-linux" "aarch64-linux" ];
mainProgram = "pi";
};
}

98
packages/rclone-torbox-setup/default.nix
View File

@@ -1,98 +0,0 @@
{ pkgs, ... }:
pkgs.writeShellScriptBin "rclone-torbox-setup" ''
set -euo pipefail
# Default values
RBW_ENTRY="''${1:-torbox}"
ENV_FILE="''${2:-/etc/rclone/torbox.env}"
usage() {
echo "Usage: rclone-torbox-setup [rbw-entry] [env-file]"
echo ""
echo "Sets up rclone credentials for TorBox WebDAV mount."
echo "Retrieves password from rbw (Bitwarden), obscures it for rclone,"
echo "and writes it to the environment file for the systemd service."
echo ""
echo "Arguments:"
echo " rbw-entry Name of the Bitwarden entry containing the password (default: torbox)"
echo " env-file Path to write the environment file (default: /etc/rclone/torbox.env)"
echo ""
echo "The Bitwarden entry should contain your TorBox password as the password field."
echo ""
echo "Example:"
echo " rclone-torbox-setup torbox-password /etc/rclone/torbox.env"
exit 1
}
if [[ "''${1:-}" == "-h" ]] || [[ "''${1:-}" == "--help" ]]; then
usage
fi
echo "rclone TorBox credential setup"
echo "=============================="
echo ""
# Check if rbw is available
if ! command -v rbw &> /dev/null; then
echo "Error: rbw is not available. Please ensure rbw is installed and configured."
exit 1
fi
# Check if rclone is available
if ! command -v rclone &> /dev/null; then
echo "Error: rclone is not available. Please ensure rclone is installed."
exit 1
fi
echo "Retrieving password from rbw entry: $RBW_ENTRY"
# Retrieve password from Bitwarden
if ! TORBOX_PASS=$(rbw get "$RBW_ENTRY" 2>/dev/null); then
echo ""
echo "Error: Failed to retrieve password from rbw entry '$RBW_ENTRY'"
echo ""
echo "Please ensure:"
echo " 1. The entry '$RBW_ENTRY' exists in Bitwarden"
echo " 2. rbw is unlocked: rbw unlock"
echo " 3. rbw is synced: rbw sync"
echo ""
echo "To create the entry in Bitwarden:"
echo " - Name: $RBW_ENTRY"
echo " - Password: Your TorBox password"
exit 1
fi
echo "Password retrieved successfully"
# Obscure the password for rclone
echo "Obscuring password for rclone..."
if ! OBSCURED_PASS=$(echo -n "$TORBOX_PASS" | rclone obscure -); then
echo "Error: Failed to obscure password with rclone"
exit 1
fi
# Create the directory if needed (requires sudo)
ENV_DIR=$(dirname "$ENV_FILE")
if [[ ! -d "$ENV_DIR" ]]; then
echo "Creating directory $ENV_DIR (requires sudo)..."
sudo mkdir -p "$ENV_DIR"
fi
# Write the environment file
echo "Writing environment file to $ENV_FILE (requires sudo)..."
echo "RCLONE_WEBDAV_PASS=$OBSCURED_PASS" | sudo tee "$ENV_FILE" > /dev/null
sudo chmod 600 "$ENV_FILE"
echo ""
echo "Setup complete!"
echo ""
echo "The environment file has been created at: $ENV_FILE"
echo "The rclone-mount-torbox systemd service will use this file."
echo ""
echo "To activate the mount after NixOS rebuild:"
echo " sudo systemctl start rclone-mount-torbox"
echo ""
echo "To check status:"
echo " sudo systemctl status rclone-mount-torbox"
''

108
renovate.json
View File

@@ -1,108 +0,0 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"timezone": "America/Los_Angeles",
"gitAuthor": "Renovate Bot <renovate@ogle.fyi>",
"nix": {
"enabled": true
},
"github-actions": {
"managerFilePatterns": [
"/.gitea/workflows/.+\\.ya?ml$/"
]
},
"lockFileMaintenance": {
"enabled": true,
"schedule": [
"after 2pm and before 4pm on Saturday"
]
},
"dependencyDashboard": true,
"dependencyDashboardAutoclose": false,
"dependencyDashboardTitle": "NixOS Configs Dependency Dashboard",
"packageRules": [
{
"description": "Group all GitHub Actions updates",
"matchManagers": [
"github-actions"
],
"groupName": "github-actions"
},
{
"description": "Group stable NixOS ecosystem inputs",
"matchManagers": [
"nix"
],
"groupName": "nix-stable-ecosystem",
"matchPackageNames": [
"/^nixpkgs$/",
"/^home-manager$/",
"/^nix-darwin$/"
],
"schedule": [
"after 2pm and before 4pm on Saturday"
]
},
{
"description": "Group unstable NixOS ecosystem inputs",
"matchManagers": [
"nix"
],
"groupName": "nix-unstable-ecosystem",
"matchPackageNames": [
"/nixpkgs-unstable/",
"/home-manager-unstable/"
],
"schedule": [
"after 2pm and before 4pm on Saturday"
]
},
{
"description": "nixpkgs-qt updates on Saturday (staggered from main ecosystem)",
"matchManagers": [
"nix"
],
"matchPackageNames": [
"/nixpkgs-qt/"
],
"schedule": [
"after 4pm and before 6pm on Saturday"
]
},
{
"description": "Ignore private Gitea inputs (handle separately)",
"matchManagers": [
"nix"
],
"enabled": false,
"matchPackageNames": [
"/google-cookie-retrieval/"
]
},
{
"description": "Gastown is under active development - check for updates daily",
"matchManagers": [
"nix"
],
"matchPackageNames": [
"/gastown/"
],
"schedule": [
"before 6am"
],
"automerge": false
},
{
"description": "Beads is under active development - check for updates daily",
"matchManagers": [
"nix"
],
"matchPackageNames": [
"/beads/"
],
"schedule": [
"before 6am"
],
"automerge": false
}
]
}

2
roles/audio/default.nix
View File

@@ -21,8 +21,6 @@ in
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};

9
roles/common.nix
View File

@@ -8,12 +8,11 @@
environment.systemPackages = with pkgs; [
git
glances
ghostty.terminfo # So tmux works when SSH'ing from ghostty
pciutils
tree
usbutils
vim
] ++ lib.optionals pkgs.stdenv.isLinux [
ghostty.terminfo # So tmux works when SSH'ing from ghostty
];
nix = {
@@ -23,13 +22,7 @@
max-jobs = "auto";
trusted-users = [ "johno" ];
substituters = [
"http://john-endesktop.oglehome:5000"
];
trusted-public-keys = [
"harmonia.john-endesktop:1iGr4xZrsR7WtXOlPCgFF3LcODYBpu+B3TS54MyBn4M="
];
fallback = true;
connect-timeout = 5;
};
gc = {

2
roles/default.nix
View File

@@ -14,12 +14,10 @@ with lib;
./nfs-mounts
./nvidia
./printing
./rclone-mount
./remote-build
./spotifyd
./users
./virtualisation
./wireguard
];
config = {

3
roles/desktop/wayland.nix
View File

@@ -11,8 +11,9 @@ in
enable = true;
wrapperFeatures.gtk = true;
};
programs.light.enable = true;
environment.systemPackages = with pkgs; [
brightnessctl
grim
slurp
wl-clipboard

13
roles/kodi/default.nix
View File

@@ -47,23 +47,23 @@ in
if cfg.jellyfinScaleFactor != null
then pkgs.symlinkJoin {
name = "jellyfin-media-player-scaled";
paths = [ pkgs.qt-pinned.jellyfin-media-player ];
paths = [ pkgs.jellyfin-media-player ];
nativeBuildInputs = [ pkgs.makeWrapper ];
postBuild = ''
mkdir -p $out/bin
rm -f $out/bin/jellyfin-desktop
makeWrapper ${pkgs.qt-pinned.jellyfin-media-player}/bin/jellyfin-desktop $out/bin/jellyfin-desktop \
makeWrapper ${pkgs.jellyfin-media-player}/bin/jellyfin-desktop $out/bin/jellyfin-desktop \
--add-flags "--tv --scale-factor ${toString cfg.jellyfinScaleFactor}"
# Update .desktop file to include scale factor and TV mode arguments
mkdir -p $out/share/applications
rm -f $out/share/applications/org.jellyfin.JellyfinDesktop.desktop
substitute ${pkgs.qt-pinned.jellyfin-media-player}/share/applications/org.jellyfin.JellyfinDesktop.desktop \
substitute ${pkgs.jellyfin-media-player}/share/applications/org.jellyfin.JellyfinDesktop.desktop \
$out/share/applications/org.jellyfin.JellyfinDesktop.desktop \
--replace-fail "Exec=jellyfin-desktop" "Exec=jellyfin-desktop --tv --scale-factor ${toString cfg.jellyfinScaleFactor}"
'';
}
else pkgs.qt-pinned.jellyfin-media-player;
else pkgs.jellyfin-media-player;
in mkIf cfg.enable
{
users.extraUsers.kodi = {
@@ -77,15 +77,14 @@ in
};
environment.systemPackages = with pkgs; [
firefox
jellyfinMediaPlayerPkg
kodiPkg
qt-pinned.stremio
wget
firefox
] ++ optional cfg.appLauncherServer.enable pkgs.custom.app-launcher-server;
nixpkgs.config.permittedInsecurePackages = lib.warn
"Allowing insecure package qtwebengine-5.15.19 as a jellyfin-media-player/stremio dependency. These are pinned to nixpkgs-qt to avoid rebuilds - update that input separately when you have time."
"Allowing insecure package qtwebengine-5.15.19 as a jellyfin-media-player dependency. Remove this once jellyfin is updated to use qt6"
[
"qtwebengine-5.15.19"
];

19
roles/nfs-mounts/default.nix
View File

@@ -8,21 +8,6 @@ in
{
options.roles.nfs-mounts = {
enable = mkEnableOption "Enable default NFS mounts";
server = mkOption {
type = types.str;
default = "10.0.0.43";
description = "IP address or hostname of the NFS server";
};
remotePath = mkOption {
type = types.str;
default = "/media";
description = "Remote path to mount from the NFS server";
};
mountPoint = mkOption {
type = types.str;
default = "/media";
description = "Local mount point for the NFS share";
};
# TODO: implement requireMount
requireMount = mkOption {
type = types.bool;
@@ -33,8 +18,8 @@ in
config = mkIf cfg.enable
{
fileSystems.${cfg.mountPoint} = {
device = "${cfg.server}:${cfg.remotePath}";
fileSystems."/media" = {
device = "10.0.0.43:/media";
fsType = "nfs";
options = [
"defaults"

23
roles/printing/default.nix
View File

@@ -8,21 +8,6 @@ in
{
options.roles.printing = {
enable = mkEnableOption "Enable default printing setup";
printerName = mkOption {
type = types.str;
default = "MFC-L8900CDW_series";
description = "Name for the default printer";
};
printerUri = mkOption {
type = types.str;
default = "ipp://brother.oglehome/ipp/print";
description = "Device URI for the default printer (e.g., ipp://hostname/ipp/print)";
};
printerModel = mkOption {
type = types.str;
default = "everywhere";
description = "PPD model for the printer (use 'everywhere' for driverless IPP)";
};
};
config = mkIf cfg.enable
@@ -36,11 +21,11 @@ in
};
hardware.printers.ensurePrinters = [{
name = cfg.printerName;
deviceUri = cfg.printerUri;
model = cfg.printerModel;
name = "MFC-L8900CDW_series";
deviceUri = "ipp://brother.oglehome/ipp/print";
model = "everywhere";
}];
hardware.printers.ensureDefaultPrinter = cfg.printerName;
hardware.printers.ensureDefaultPrinter = "MFC-L8900CDW_series";
# Fix ensure-printers service to wait for network availability
systemd.services.ensure-printers = {

149
roles/rclone-mount/default.nix
View File

@@ -1,149 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.roles.rclone-mount;
# Generate systemd service for a single mount
mkMountService = name: mountCfg: {
description = "rclone mount for ${name}";
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
# Wait for parent mount points (e.g., ZFS pools) to be available
unitConfig = mkIf (mountCfg.requiresMountsFor != []) {
RequiresMountsFor = mountCfg.requiresMountsFor;
};
serviceConfig = {
Type = "notify";
ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${mountCfg.mountPoint}";
ExecStart = concatStringsSep " " ([
"${pkgs.rclone}/bin/rclone mount"
":webdav:${mountCfg.remotePath}"
"${mountCfg.mountPoint}"
"--webdav-url=${mountCfg.webdavUrl}"
"--webdav-vendor=${mountCfg.webdavVendor}"
"--webdav-user=${mountCfg.username}"
"--allow-other"
"--vfs-cache-mode=${mountCfg.vfsCacheMode}"
"--dir-cache-time=${mountCfg.dirCacheTime}"
"--poll-interval=${mountCfg.pollInterval}"
"--log-level=${mountCfg.logLevel}"
] ++ mountCfg.extraArgs);
ExecStop = "${pkgs.fuse}/bin/fusermount -uz ${mountCfg.mountPoint}";
Restart = "on-failure";
RestartSec = "10s";
EnvironmentFile = mountCfg.environmentFile;
};
};
in
{
options.roles.rclone-mount = {
enable = mkEnableOption "Enable rclone WebDAV mounts";
mounts = mkOption {
type = types.attrsOf (types.submodule {
options = {
webdavUrl = mkOption {
type = types.str;
description = "WebDAV server URL (e.g., https://webdav.torbox.app)";
};
webdavVendor = mkOption {
type = types.enum [ "other" "nextcloud" "owncloud" "sharepoint" "sharepoint-ntlm" "fastmail" ];
default = "other";
description = "WebDAV server vendor for optimizations";
};
username = mkOption {
type = types.str;
description = "WebDAV username (often email address)";
};
environmentFile = mkOption {
type = types.path;
description = ''
Path to environment file containing RCLONE_WEBDAV_PASS.
The password should be obscured using: rclone obscure <password>
File format: RCLONE_WEBDAV_PASS=<obscured_password>
'';
};
mountPoint = mkOption {
type = types.str;
description = "Local mount point path";
};
remotePath = mkOption {
type = types.str;
default = "/";
description = "Remote path on WebDAV server to mount";
};
vfsCacheMode = mkOption {
type = types.enum [ "off" "minimal" "writes" "full" ];
default = "full";
description = ''
VFS cache mode. For streaming media, 'full' is recommended.
- off: No caching (direct reads/writes)
- minimal: Cache open files only
- writes: Cache writes and open files
- full: Full caching of all files
'';
};
dirCacheTime = mkOption {
type = types.str;
default = "5m";
description = "Time to cache directory entries";
};
pollInterval = mkOption {
type = types.str;
default = "1m";
description = "Poll interval for remote changes";
};
logLevel = mkOption {
type = types.enum [ "DEBUG" "INFO" "NOTICE" "ERROR" ];
default = "INFO";
description = "rclone log level";
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
description = "Extra arguments to pass to rclone mount";
};
requiresMountsFor = mkOption {
type = types.listOf types.str;
default = [];
description = ''
List of mount points that must be available before this service starts.
Use this when the mount point's parent is on a ZFS pool or other filesystem
that may not be mounted at boot time.
Example: [ "/media" ] to wait for the media ZFS pool to mount.
'';
};
};
});
default = {};
description = "Attribute set of rclone WebDAV mounts to configure";
};
};
config = mkIf cfg.enable {
# Ensure FUSE is available
environment.systemPackages = [ pkgs.rclone pkgs.fuse ];
programs.fuse.userAllowOther = true;
# Create systemd services for each mount
systemd.services = mapAttrs' (name: mountCfg:
nameValuePair "rclone-mount-${name}" (mkMountService name mountCfg)
) cfg.mounts;
};
}

4
roles/remote-build/default.nix
View File

@@ -35,12 +35,12 @@
# a) Configure builders in configuration.nix:
# roles.remote-build.builders = [
# {
# hostName = "zix790prors.oglehome";
# hostName = "zix790prors";
# maxJobs = 16; # Number of parallel build jobs
# speedFactor = 3; # Higher = prefer this builder
# }
# {
# hostName = "john-endesktop.oglehome";
# hostName = "john-endesktop";
# maxJobs = 1; # Conservative for busy machines
# speedFactor = 1;
# }

13
roles/virtualisation/default.nix
View File

@@ -8,16 +8,6 @@ in
{
options.roles.virtualisation = {
enable = mkEnableOption "Enable virtualisation";
dockerUsers = mkOption {
type = types.listOf types.str;
default = [ "johno" ];
description = "List of users to add to the docker group";
};
waydroid = mkOption {
type = types.bool;
default = false;
description = "Enable waydroid support";
};
};
config = mkIf cfg.enable
@@ -25,7 +15,6 @@ in
virtualisation.libvirtd.enable = true;
programs.virt-manager.enable = true;
virtualisation.docker.enable = true;
users.extraGroups.docker.members = cfg.dockerUsers;
virtualisation.waydroid.enable = cfg.waydroid;
users.extraGroups.docker.members = [ "johno" ];
};
}

71
roles/wireguard/default.nix
View File

@@ -1,71 +0,0 @@
{ config, lib, ... }:
with lib;
let
cfg = config.roles.wireguard;
in
{
options.roles.wireguard = {
enable = mkEnableOption "Enable WireGuard VPN";
interfaceName = mkOption {
type = types.str;
default = "wg0";
description = "Name of the WireGuard interface";
};
address = mkOption {
type = types.listOf types.str;
description = "Address(es) for the WireGuard interface";
};
privateKeyFile = mkOption {
type = types.path;
description = "Path to a root-owned file containing the WireGuard private key";
};
dns = mkOption {
type = types.listOf types.str;
default = [];
description = "DNS servers to use when the tunnel is active";
};
peers = mkOption {
type = types.listOf (types.submodule {
options = {
publicKey = mkOption {
type = types.str;
description = "Public key of the peer";
};
endpoint = mkOption {
type = types.str;
description = "Endpoint address of the peer (host:port)";
};
allowedIPs = mkOption {
type = types.listOf types.str;
description = "List of allowed IP ranges for this peer";
};
persistentKeepalive = mkOption {
type = types.int;
default = 25;
description = "Persistent keepalive interval in seconds";
};
};
});
description = "WireGuard peers";
};
autostart = mkOption {
type = types.bool;
default = false;
description = "Whether to start the VPN automatically on boot";
};
};
config = mkIf cfg.enable {
networking.wg-quick.interfaces.${cfg.interfaceName} = {
inherit (cfg) address dns autostart peers;
privateKeyFile = cfg.privateKeyFile;
};
systemd.services."wg-quick-${cfg.interfaceName}" = {
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
};
};
}

24
scripts/rotate-wallpaper.sh Executable file → Normal file
View File

@@ -1,30 +1,6 @@
#!/usr/bin/env bash
set -euo pipefail
# Parse arguments
while [[ $# -gt 0 ]]; do
case $1 in
--help|-h)
echo "Usage: $0 [OPTIONS]"
echo ""
echo "Rotate to the next wallpaper in the configured list."
echo ""
echo "This script increments the currentIndex in home/wallpapers/default.nix,"
echo "cycling through available wallpapers. Rebuild your system to apply"
echo "the new wallpaper."
echo ""
echo "Options:"
echo " --help, -h Show this help message"
exit 0
;;
*)
echo "Unknown option: $1"
echo "Use --help for usage information"
exit 1
;;
esac
done
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'

24
scripts/update-doomemacs.sh
View File

@@ -1,30 +1,6 @@
#!/usr/bin/env bash
set -euo pipefail
# Parse arguments
while [[ $# -gt 0 ]]; do
case $1 in
--help|-h)
echo "Usage: $0 [OPTIONS]"
echo ""
echo "Update Doom Emacs to the latest commit from the doomemacs repository."
echo ""
echo "This script fetches the latest commit SHA from the default branch,"
echo "updates the rev and sha256 in home/roles/emacs/default.nix, and"
echo "prepares the configuration for a system rebuild."
echo ""
echo "Options:"
echo " --help, -h Show this help message"
exit 0
;;
*)
echo "Unknown option: $1"
echo "Use --help for usage information"
exit 1
;;
esac
done
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'

29
scripts/upgrade.sh
View File

@@ -1,35 +1,6 @@
#!/usr/bin/env bash
set -euo pipefail
# Parse arguments
while [[ $# -gt 0 ]]; do
case $1 in
--help|-h)
echo "Usage: $0 [OPTIONS]"
echo ""
echo "Perform a major upgrade of the NixOS configuration."
echo ""
echo "This script runs the following steps:"
echo " 1. Update all flake inputs (nix flake update)"
echo " 2. Update Doom Emacs to the latest commit"
echo " 3. Update Claude Code to the latest version"
echo " 4. Rotate to the next wallpaper"
echo ""
echo "After completion, review changes with 'git diff' and rebuild"
echo "your system with 'sudo nixos-rebuild switch --flake .'"
echo ""
echo "Options:"
echo " --help, -h Show this help message"
exit 0
;;
*)
echo "Unknown option: $1"
echo "Use --help for usage information"
exit 1
;;
esac
done
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'