From 7d8df70308794536a39ffd82b6ed00b8d473c1bd Mon Sep 17 00:00:00 2001 From: Christoph Schmatzler Date: Fri, 6 Mar 2026 16:58:50 +0000 Subject: [PATCH] Add nono AI agent sandbox CLI --- flake.lock | 17 +++++++++++++++ flake.nix | 4 ++++ modules/_lib/build-rust-package.nix | 20 ----------------- modules/ai-tools.nix | 1 + modules/dendritic.nix | 4 ++++ modules/overlays.nix | 34 ++++++++++++++++++++++++----- 6 files changed, 55 insertions(+), 25 deletions(-) delete mode 100644 modules/_lib/build-rust-package.nix diff --git a/flake.lock b/flake.lock index 11e04f0..79a74b9 100644 --- a/flake.lock +++ b/flake.lock @@ -750,6 +750,22 @@ "type": "github" } }, + "nono": { + "flake": false, + "locked": { + "lastModified": 1772780805, + "narHash": "sha256-U7ZC5WuoW8GkvIxZzAwzEQDJ2p9pgJ4QmsnPR4P34qE=", + "owner": "always-further", + "repo": "nono", + "rev": "92e2b5c4920bd31ddd87b10112ac8882769fa9e9", + "type": "github" + }, + "original": { + "owner": "always-further", + "repo": "nono", + "type": "github" + } + }, "pimalaya": { "flake": false, "locked": { @@ -790,6 +806,7 @@ "nixpkgs" ], "nixvim": "nixvim", + "nono": "nono", "sops-nix": "sops-nix", "tuicr": "tuicr", "zjstatus": "zjstatus" diff --git a/flake.nix b/flake.nix index 3a3132d..edb7674 100644 --- a/flake.nix +++ b/flake.nix @@ -48,6 +48,10 @@ nixpkgs.url = "github:nixos/nixpkgs/master"; nixpkgs-lib.follows = "nixpkgs"; nixvim.url = "github:nix-community/nixvim"; + nono = { + flake = false; + url = "github:always-further/nono"; + }; sops-nix = { inputs.nixpkgs.follows = "nixpkgs"; url = "github:Mic92/sops-nix"; diff --git a/modules/_lib/build-rust-package.nix b/modules/_lib/build-rust-package.nix deleted file mode 100644 index 8c7d661..0000000 --- a/modules/_lib/build-rust-package.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - inputs, - input, - prev, -}: let - naersk-lib = prev.callPackage inputs.naersk {}; - manifest = (prev.lib.importTOML "${input}/Cargo.toml").package; -in - naersk-lib.buildPackage { - pname = manifest.name; - version = manifest.version; - - src = input; - - nativeBuildInputs = [prev.pkg-config]; - buildInputs = [prev.openssl]; - OPENSSL_NO_VENDOR = 1; - - doCheck = false; - } diff --git a/modules/ai-tools.nix b/modules/ai-tools.nix index e2f08fb..234f02a 100644 --- a/modules/ai-tools.nix +++ b/modules/ai-tools.nix @@ -52,6 +52,7 @@ home.packages = [ inputs'.llm-agents.packages.claude-code + pkgs.nono ]; xdg.configFile = { diff --git a/modules/dendritic.nix b/modules/dendritic.nix index ac4b5da..4cde516 100644 --- a/modules/dendritic.nix +++ b/modules/dendritic.nix @@ -63,6 +63,10 @@ url = "github:nix-community/naersk/master"; inputs.nixpkgs.follows = "nixpkgs"; }; + nono = { + url = "github:always-further/nono"; + flake = false; + }; # Secrets inputs sops-nix = { url = "github:Mic92/sops-nix"; diff --git a/modules/overlays.nix b/modules/overlays.nix index adc9610..b363e89 100644 --- a/modules/overlays.nix +++ b/modules/overlays.nix @@ -4,12 +4,36 @@ (final: prev: { himalaya = inputs.himalaya.packages.${prev.stdenv.hostPlatform.system}.default; }) - # jj-ryu (uses build-rust-package helper) - (final: prev: { + # jj-ryu + (final: prev: let + naersk-lib = prev.callPackage inputs.naersk {}; + manifest = (prev.lib.importTOML "${inputs.jj-ryu}/Cargo.toml").package; + in { jj-ryu = - import ./_lib/build-rust-package.nix { - inherit inputs prev; - input = inputs.jj-ryu; + naersk-lib.buildPackage { + pname = manifest.name; + version = manifest.version; + src = inputs.jj-ryu; + nativeBuildInputs = [prev.pkg-config]; + buildInputs = [prev.openssl]; + OPENSSL_NO_VENDOR = 1; + doCheck = false; + }; + }) + # nono (AI agent sandbox CLI — Cargo workspace) + (final: prev: let + naersk-lib = prev.callPackage inputs.naersk {}; + manifest = (prev.lib.importTOML "${inputs.nono}/crates/nono-cli/Cargo.toml").package; + in { + nono = + naersk-lib.buildPackage { + pname = manifest.name; + version = manifest.version; + src = inputs.nono; + nativeBuildInputs = [prev.pkg-config prev.cmake prev.perl]; + buildInputs = [prev.openssl] ++ prev.lib.optionals prev.stdenv.isLinux [prev.dbus]; + OPENSSL_NO_VENDOR = 1; + doCheck = false; }; }) # jj-starship (passes through upstream overlay)