From b6fdd922ba80aceaa6b888b5c1fa1de981bb9358 Mon Sep 17 00:00:00 2001 From: Christoph Schmatzler Date: Mon, 2 Feb 2026 15:59:18 +0000 Subject: [PATCH] Add nono sandbox for AI agents --- flake.lock | 17 +++++++++++++++++ flake.nix | 4 ++++ hosts/chidi/default.nix | 1 + hosts/jason/default.nix | 1 + hosts/tahani/default.nix | 1 + overlays/nono.nix | 18 ++++++++++++++++++ profiles/nono.nix | 5 +++++ 7 files changed, 47 insertions(+) create mode 100644 overlays/nono.nix create mode 100644 profiles/nono.nix diff --git a/flake.lock b/flake.lock index 5eb22a0..4b83a72 100644 --- a/flake.lock +++ b/flake.lock @@ -548,6 +548,22 @@ "type": "github" } }, + "nono": { + "flake": false, + "locked": { + "lastModified": 1770047555, + "narHash": "sha256-BL1lBZYs6bsjk/+g+Zc2lUjErlvgYYJQqYEKLUjvtVU=", + "owner": "lukehinds", + "repo": "nono", + "rev": "8d382fbc0b21ad06d255a97000d876c15b5dea09", + "type": "github" + }, + "original": { + "owner": "lukehinds", + "repo": "nono", + "type": "github" + } + }, "root": { "inputs": { "colmena": "colmena", @@ -564,6 +580,7 @@ "nix-homebrew": "nix-homebrew", "nixpkgs": "nixpkgs_3", "nixvim": "nixvim", + "nono": "nono", "sops-nix": "sops-nix", "zjstatus": "zjstatus" } diff --git a/flake.nix b/flake.nix index cfb4085..a9cde1f 100644 --- a/flake.nix +++ b/flake.nix @@ -45,6 +45,10 @@ flake = false; }; jj-starship.url = "github:dmmulroy/jj-starship"; + nono = { + url = "github:lukehinds/nono"; + flake = false; + }; }; outputs = inputs @ {flake-parts, ...}: diff --git a/hosts/chidi/default.nix b/hosts/chidi/default.nix index f1f290e..87a3a9c 100644 --- a/hosts/chidi/default.nix +++ b/hosts/chidi/default.nix @@ -36,6 +36,7 @@ ../../profiles/lazygit.nix ../../profiles/lumen.nix ../../profiles/mise.nix + ../../profiles/nono.nix ../../profiles/neovim ../../profiles/opencode.nix ../../profiles/ripgrep.nix diff --git a/hosts/jason/default.nix b/hosts/jason/default.nix index be44b50..5744cd4 100644 --- a/hosts/jason/default.nix +++ b/hosts/jason/default.nix @@ -35,6 +35,7 @@ ../../profiles/lazygit.nix ../../profiles/lumen.nix ../../profiles/mise.nix + ../../profiles/nono.nix ../../profiles/neovim ../../profiles/opencode.nix ../../profiles/ripgrep.nix diff --git a/hosts/tahani/default.nix b/hosts/tahani/default.nix index 1a6474b..92f0ac8 100644 --- a/hosts/tahani/default.nix +++ b/hosts/tahani/default.nix @@ -36,6 +36,7 @@ ../../profiles/lazygit.nix ../../profiles/lumen.nix ../../profiles/mise.nix + ../../profiles/nono.nix ../../profiles/neovim ../../profiles/opencode.nix ../../profiles/ripgrep.nix diff --git a/overlays/nono.nix b/overlays/nono.nix new file mode 100644 index 0000000..5348195 --- /dev/null +++ b/overlays/nono.nix @@ -0,0 +1,18 @@ +{inputs}: final: prev: let + manifest = (prev.lib.importTOML "${inputs.nono}/Cargo.toml").package; +in { + nono = prev.rustPlatform.buildRustPackage { + pname = manifest.name; + version = manifest.version; + + cargoLock.lockFile = "${inputs.nono}/Cargo.lock"; + + src = inputs.nono; + + nativeBuildInputs = with prev; [pkg-config]; + buildInputs = with prev; [openssl dbus]; + OPENSSL_NO_VENDOR = 1; + + doCheck = false; + }; +} diff --git a/profiles/nono.nix b/profiles/nono.nix new file mode 100644 index 0000000..c8ccac3 --- /dev/null +++ b/profiles/nono.nix @@ -0,0 +1,5 @@ +{pkgs, ...}: { + home.packages = with pkgs; [ + nono + ]; +}