up

2026-03-19 07:32:03 +00:00
parent 2452683a0c
commit ce490cacdc
12 changed files with 215 additions and 423 deletions
--- a/modules/_neovim/plugins/opencode.nix
+++ b/modules/_neovim/plugins/opencode.nix
@@ -9,16 +9,6 @@
 			version = "unstable";
 			src = nvim-plugin-sources.opencode-nvim;
 			doCheck = false;
-			postPatch = ''
-				# Widen sign column and move border further left for more padding
-				sed -i "s/signcolumn', 'yes'/signcolumn', 'yes:2'/" lua/opencode/ui/output_window.lua
-				sed -i "s/, -3)/, -5)/g" lua/opencode/ui/formatter.lua
-				sed -i "s/win_col = -3/win_col = -5/g" lua/opencode/ui/formatter.lua
-				# Fix off-by-one: user border starts 1 line too early (bleeds into header empty line)
-				sed -i 's/start_line = output:get_line_count() *$/start_line = output:get_line_count() + 1/' lua/opencode/ui/formatter.lua
-				# Fix file mention border starting 1 line too early
-				sed -i 's/file_line - 1, file_line/file_line, file_line/' lua/opencode/ui/formatter.lua
-			'';
 		};
 in {
 	programs.nixvim = {
--- a/modules/ai-tools.nix
+++ b/modules/ai-tools.nix
@@ -8,13 +8,8 @@
 		home.packages = [
 			inputs'.llm-agents.packages.claude-code
 			pkgs.cog-cli
-			pkgs.nono
 		];

-		home.shellAliases = {
-			noc = "nono run -s --allow-cwd --profile opencode --allow ~/.bun --allow ~/.local/share/opensrc --allow ~/.config/jj --network-profile developer --proxy-allow models.dev --proxy-allow chatgpt.com --proxy-allow mcp.grep.app --proxy-allow mcp.context7.com --proxy-allow mcp.exa.ai --proxy-allow mcp.sentry.dev -- opencode";
-		};
-
 		programs.opencode = {
 			enable = true;
 			package = inputs'.llm-agents.packages.opencode;
--- a/modules/chidi.nix
+++ b/modules/chidi.nix
@@ -1,30 +1,28 @@
 {den, ...}: {
 	den.aspects.chidi.includes = [
-		den.aspects.darwin-system
-		den.aspects.core
-		den.aspects.tailscale
-		den.aspects.desktop
-		den.aspects.terminal
-		den.aspects.atuin
-		den.aspects.dev-tools
-		den.aspects.neovim
-		den.aspects.ai-tools
-		den.aspects.secrets
-		den.aspects.zellij
-		den.aspects.zk
+		(den.lib.perHost {
+				includes = [
+					den.aspects.darwin-system
+					den.aspects.core
+					den.aspects.tailscale
+				];
+
+				darwin = {pkgs, ...}: {
+					networking.hostName = "chidi";
+					networking.computerName = "chidi";
+
+					environment.systemPackages = with pkgs; [
+						slack
+					];
+				};
+			})
+		(den.lib.perUser {
+				includes = [den.aspects.desktop];
+
+				homeManager = {...}: {
+					fonts.fontconfig.enable = true;
+					programs.git.settings.user.email = "christoph@tuist.dev";
+				};
+			})
 	];
-
-	den.aspects.chidi.darwin = {pkgs, ...}: {
-		networking.hostName = "chidi";
-		networking.computerName = "chidi";
-
-		environment.systemPackages = with pkgs; [
-			slack
-		];
-	};
-
-	den.aspects.chidi.homeManager = {...}: {
-		fonts.fontconfig.enable = true;
-		programs.git.settings.user.email = "christoph@tuist.dev";
-	};
 }
--- a/modules/dendritic.nix
+++ b/modules/dendritic.nix
@@ -62,7 +62,6 @@
 		};
 		jj-starship.url = "github:dmmulroy/jj-starship";
 		zjstatus.url = "github:dj95/zjstatus";
-		tuicr.url = "github:agavra/tuicr";
 		fenix = {
 			url = "github:nix-community/fenix";
 			inputs.nixpkgs.follows = "nixpkgs";
@@ -71,10 +70,6 @@
 			url = "github:nix-community/naersk/master";
 			inputs.nixpkgs.follows = "nixpkgs";
 		};
-		nono = {
-			url = "github:always-further/nono";
-			flake = false;
-		};
 		# Neovim plugin inputs
 		opencode-nvim = {
 			url = "github:sudo-tee/opencode.nvim";
--- a/modules/jason.nix
+++ b/modules/jason.nix
@@ -1,26 +1,24 @@
 {den, ...}: {
 	den.aspects.jason.includes = [
-		den.aspects.darwin-system
-		den.aspects.core
-		den.aspects.tailscale
-		den.aspects.desktop
-		den.aspects.terminal
-		den.aspects.atuin
-		den.aspects.dev-tools
-		den.aspects.neovim
-		den.aspects.ai-tools
-		den.aspects.secrets
-		den.aspects.zellij
-		den.aspects.zk
+		(den.lib.perHost {
+				includes = [
+					den.aspects.darwin-system
+					den.aspects.core
+					den.aspects.tailscale
+				];
+
+				darwin = {...}: {
+					networking.hostName = "jason";
+					networking.computerName = "jason";
+				};
+			})
+		(den.lib.perUser {
+				includes = [den.aspects.desktop];
+
+				homeManager = {...}: {
+					fonts.fontconfig.enable = true;
+					programs.git.settings.user.email = "christoph@schmatzler.com";
+				};
+			})
 	];
-
-	den.aspects.jason.darwin = {...}: {
-		networking.hostName = "jason";
-		networking.computerName = "jason";
-	};
-
-	den.aspects.jason.homeManager = {...}: {
-		fonts.fontconfig.enable = true;
-		programs.git.settings.user.email = "christoph@schmatzler.com";
-	};
 }
--- a/modules/michael.nix
+++ b/modules/michael.nix
@@ -1,26 +1,30 @@
 {
-	inputs,
 	den,
+	inputs,
 	...
 }: {
 	den.aspects.michael.includes = [
-		den.aspects.nixos-system
-		den.aspects.core
-		den.aspects.openssh
-		den.aspects.fail2ban
-		den.aspects.tailscale
+		(den.lib.perHost {
+				includes = [
+					den.aspects.nixos-system
+					den.aspects.core
+					den.aspects.openssh
+					den.aspects.fail2ban
+					den.aspects.tailscale
+				];
+
+				nixos = {modulesPath, ...}: {
+					imports = [
+						(modulesPath + "/installer/scan/not-detected.nix")
+						./_hosts/michael/backups.nix
+						./_hosts/michael/disk-config.nix
+						./_hosts/michael/gitea.nix
+						./_hosts/michael/hardware-configuration.nix
+						inputs.disko.nixosModules.default
+					];
+
+					networking.hostName = "michael";
+				};
+			})
 	];
-
-	den.aspects.michael.nixos = {modulesPath, ...}: {
-		imports = [
-			(modulesPath + "/installer/scan/not-detected.nix")
-			./_hosts/michael/backups.nix
-			./_hosts/michael/disk-config.nix
-			./_hosts/michael/gitea.nix
-			./_hosts/michael/hardware-configuration.nix
-			inputs.disko.nixosModules.default
-		];
-
-		networking.hostName = "michael";
-	};
 }
--- a/modules/overlays.nix
+++ b/modules/overlays.nix
@@ -27,22 +27,7 @@
 						doCheck = false;
 					};
 			})
-		# nono (AI agent sandbox CLI — Cargo workspace)
-		(final: prev: let
-				naersk-lib = prev.callPackage inputs.naersk {};
-				manifest = (prev.lib.importTOML "${inputs.nono}/crates/nono-cli/Cargo.toml").package;
-			in {
-				nono =
-					naersk-lib.buildPackage {
-						pname = manifest.name;
-						version = manifest.version;
-						src = inputs.nono;
-						nativeBuildInputs = [prev.pkg-config prev.cmake prev.perl];
-						buildInputs = [prev.openssl] ++ prev.lib.optionals prev.stdenv.isLinux [prev.dbus];
-						OPENSSL_NO_VENDOR = 1;
-						doCheck = false;
-					};
-			})
+
 		# cog-cli
 		(final: prev: let
 				version = "0.20.0";
@@ -67,11 +52,13 @@
 							srcs.${prev.stdenv.hostPlatform.system}
 						or (throw "Unsupported system for cog-cli: ${prev.stdenv.hostPlatform.system}");

+						dontUnpack = true;
 						dontConfigure = true;
 						dontBuild = true;

 						installPhase = ''
 							runHook preInstall
+							tar -xzf "$src"
 							install -Dm755 cog "$out/bin/cog"
 							runHook postInstall
 						'';
@@ -92,10 +79,6 @@
 		(final: prev: {
 				zjstatus = inputs.zjstatus.packages.${prev.stdenv.hostPlatform.system}.default;
 			})
-		# tuicr
-		(final: prev: {
-				tuicr = inputs.tuicr.defaultPackage.${prev.stdenv.hostPlatform.system};
-			})
 	];
 in {
 	den.default.nixos.nixpkgs.overlays = overlays;
--- a/modules/tahani.nix
+++ b/modules/tahani.nix
@@ -1,114 +1,106 @@
 {den, ...}: {
 	den.aspects.tahani.includes = [
-		den.aspects.nixos-system
-		den.aspects.core
-		den.aspects.openssh
-		den.aspects.tailscale
-		den.aspects.terminal
-		den.aspects.email
-		den.aspects.atuin
-		den.aspects.dev-tools
-		den.aspects.neovim
-		den.aspects.ai-tools
-		den.aspects.secrets
-		den.aspects.zellij
-		den.aspects.zk
+		(den.lib.perHost {
+				includes = [
+					den.aspects.nixos-system
+					den.aspects.core
+					den.aspects.openssh
+					den.aspects.tailscale
+				];
+
+				nixos = {...}: {
+					imports = [
+						./_hosts/tahani/adguardhome.nix
+						./_hosts/tahani/cache.nix
+						./_hosts/tahani/networking.nix
+						./_hosts/tahani/paperless.nix
+					];
+
+					networking.hostName = "tahani";
+
+					sops.secrets = {
+						tahani-paperless-password = {
+							sopsFile = ../secrets/tahani-paperless-password;
+							format = "binary";
+							path = "/run/secrets/tahani-paperless-password";
+						};
+						tahani-paperless-gpt-env = {
+							sopsFile = ../secrets/tahani-paperless-gpt-env;
+							format = "binary";
+							path = "/run/secrets/tahani-paperless-gpt-env";
+						};
+						tahani-email-password = {
+							sopsFile = ../secrets/tahani-email-password;
+							format = "binary";
+							owner = "cschmatzler";
+							path = "/run/secrets/tahani-email-password";
+						};
+					};
+					virtualisation.docker.enable = true;
+					users.users.cschmatzler.extraGroups = ["docker" "paperless"];
+
+					systemd.tmpfiles.rules = [
+						"d /var/lib/paperless/consume 2775 paperless paperless -"
+						"d /var/lib/paperless/consume/inbox-triage 2775 paperless paperless -"
+					];
+					swapDevices = [
+						{
+							device = "/swapfile";
+							size = 16 * 1024;
+						}
+					];
+				};
+			})
+		(den.lib.perUser {
+				homeManager = {
+					config,
+					inputs',
+					...
+				}: let
+					opencode = inputs'.llm-agents.packages.opencode;
+				in {
+					programs.git.settings.user.email = "christoph@schmatzler.com";
+
+					programs.opencode.settings.permission.external_directory = {
+						"/tmp/himalaya-triage/*" = "allow";
+						"/var/lib/paperless/consume/inbox-triage/*" = "allow";
+					};
+
+					programs.nushell.extraConfig = ''
+						if $nu.is-interactive and ('SSH_CONNECTION' in ($env | columns)) and ('ZELLIJ' not-in ($env | columns)) {
+							try {
+								zellij attach -c main
+								exit
+							} catch {
+								print "zellij auto-start failed; staying in shell"
+							}
+						}
+					'';
+
+					systemd.user.services.opencode-inbox-triage = {
+						Unit = {
+							Description = "OpenCode inbox triage";
+						};
+						Service = {
+							Type = "oneshot";
+							ExecStart = "${opencode}/bin/opencode run --command inbox-triage --model opencode-go/glm-5";
+							Environment = "PATH=${config.home.profileDirectory}/bin:/run/current-system/sw/bin";
+						};
+					};
+
+					systemd.user.timers.opencode-inbox-triage = {
+						Unit = {
+							Description = "Run OpenCode inbox triage every 12 hours";
+						};
+						Timer = {
+							OnCalendar = "*-*-* 0/12:00:00";
+							Persistent = true;
+						};
+						Install = {
+							WantedBy = ["timers.target"];
+						};
+					};
+				};
+			})
 	];
-
-	den.aspects.tahani.nixos = {...}: {
-		imports = [
-			./_hosts/tahani/adguardhome.nix
-			./_hosts/tahani/cache.nix
-			./_hosts/tahani/networking.nix
-			./_hosts/tahani/paperless.nix
-		];
-
-		networking.hostName = "tahani";
-
-		sops.secrets = {
-			tahani-paperless-password = {
-				sopsFile = ../secrets/tahani-paperless-password;
-				format = "binary";
-				path = "/run/secrets/tahani-paperless-password";
-			};
-			tahani-paperless-gpt-env = {
-				sopsFile = ../secrets/tahani-paperless-gpt-env;
-				format = "binary";
-				path = "/run/secrets/tahani-paperless-gpt-env";
-			};
-			tahani-email-password = {
-				sopsFile = ../secrets/tahani-email-password;
-				format = "binary";
-				owner = "cschmatzler";
-				path = "/run/secrets/tahani-email-password";
-			};
-		};
-		virtualisation.docker.enable = true;
-		users.users.cschmatzler.extraGroups = ["docker" "paperless"];
-
-		systemd.tmpfiles.rules = [
-			"d /var/lib/paperless/consume 2775 paperless paperless -"
-			"d /var/lib/paperless/consume/inbox-triage 2775 paperless paperless -"
-		];
-		swapDevices = [
-			{
-				device = "/swapfile";
-				size = 16 * 1024;
-			}
-		];
-	};
-
-	den.aspects.tahani.homeManager = {
-		config,
-		pkgs,
-		inputs',
-		...
-	}: let
-		opencode = inputs'.llm-agents.packages.opencode;
-	in {
-		programs.git.settings.user.email = "christoph@schmatzler.com";
-
-		# Allow inbox-triage to access attachment staging and paperless ingestion dirs
-		programs.opencode.settings.permission.external_directory = {
-			"/tmp/himalaya-triage/*" = "allow";
-			"/var/lib/paperless/consume/inbox-triage/*" = "allow";
-		};
-
-		# Auto-start zellij in nushell on tahani (headless server)
-		programs.nushell.extraConfig = ''
-			if $nu.is-interactive and ('SSH_CONNECTION' in ($env | columns)) and ('ZELLIJ' not-in ($env | columns)) {
-				try {
-					zellij attach -c main
-					exit
-				} catch {
-					print "zellij auto-start failed; staying in shell"
-				}
-			}
-		'';
-
-		# Inbox-triage systemd service
-		systemd.user.services.opencode-inbox-triage = {
-			Unit = {
-				Description = "OpenCode inbox triage";
-			};
-			Service = {
-				Type = "oneshot";
-				ExecStart = "${opencode}/bin/opencode run --command inbox-triage --model opencode-go/glm-5";
-				Environment = "PATH=${config.home.profileDirectory}/bin:/run/current-system/sw/bin";
-			};
-		};
-
-		systemd.user.timers.opencode-inbox-triage = {
-			Unit = {
-				Description = "Run OpenCode inbox triage every 12 hours";
-			};
-			Timer = {
-				OnCalendar = "*-*-* 0/12:00:00";
-				Persistent = true;
-			};
-			Install = {
-				WantedBy = ["timers.target"];
-			};
-		};
-	};
 }
--- a/modules/terminal.nix
+++ b/modules/terminal.nix
@@ -24,7 +24,6 @@
 				ov
 				sd
 				tree
-				tuicr
 			]
 			++ lib.optionals stdenv.isLinux [
 				ghostty.terminfo
--- a/modules/user.nix
+++ b/modules/user.nix
@@ -1,9 +1,6 @@
-{
-	den,
-	lib,
-	...
-}: {
+{den, ...}: {
 	den.aspects.cschmatzler.includes = [
+		den._.bidirectional
 		den.provides.primary-user
 		den.aspects.shell
 		den.aspects.ssh-client
@@ -16,10 +13,6 @@
 		den.aspects.secrets
 		den.aspects.zellij
 		den.aspects.zk
-		({host, ...}:
-				lib.optionalAttrs (host.class == "darwin") {
-					includes = [den.aspects.desktop];
-				})
 	];

 	den.aspects.cschmatzler.homeManager = {