dendritic migration

dendritic migration

.sisyphus/boulder.json

@@ -0,0 +1,10 @@
+{
+  "active_plan": "/home/cschmatzler/nixos-config/.sisyphus/plans/dendritic-migration.md",
+  "started_at": "2026-03-05T10:57:53.044Z",
+  "session_ids": [
+    "ses_34287fe8effeSATHvHUmGqZ5Fp"
+  ],
+  "plan_name": "dendritic-migration",
+  "agent": "atlas",
+  "worktree_path": "/home/cschmatzler/nixos-config"
+}

.sisyphus/notepads/dendritic-migration/decisions.md

@@ -0,0 +1,2 @@
+
+- Do not include user aspects (e.g. `den.aspects.cschmatzler`) in host aspect `includes`. Den HM integration already applies the user aspect for each `den.hosts.<system>.<host>.users.<user>` via `den.ctx.user`; duplicating it via host `includes` leads to duplicated HM option merges (notably `types.lines` options like `programs.nushell.extraConfig`).

.sisyphus/notepads/dendritic-migration/issues.md

@@ -0,0 +1,3 @@
+
+- Nushell `programs.nushell.extraConfig` duplication traced to Den applying the user aspect twice: it is included via host aspect `includes` (e.g. `den.aspects.tahani.includes = [ ... den.aspects.cschmatzler ... ]`) AND Den's HM integration already includes the user aspect via `den.ctx.user` (see Den `hm-integration.nix`). Result: user-aspect-provided HM config (like `den.aspects.shell.homeManager`) merges twice, so `extraConfig` contains two identical copies.
+- `dev-tools` nushell functions (e.g. `ggpull`) missing in `michael` is expected: `modules/michael.nix` does not include `den.aspects.dev-tools`.

.sisyphus/notepads/dendritic-migration/learnings.md

@@ -0,0 +1,128 @@
+- For den migration, move legacy non-flake-parts modules into `modules/_legacy/` before enabling `inputs.import-tree ./modules`; import-tree ignores underscore-prefixed paths.
+- `flake-parts` must include `inputs.nixpkgs-lib.follows = "nixpkgs"` in this repository to match den bootstrap expectations.
+- The den bootstrap works with `modules/dendritic.nix` importing `(inputs.flake-file.flakeModules.dendritic or { })` and `(inputs.den.flakeModules.dendritic or { })`, plus initial `flake-file.inputs` declarations.
+- Den host wiring uses `den.hosts.<system>.<hostname>.users.<username> = {}` declarations in `modules/hosts.nix` for each host-user pair.
+- `den.default.includes` accepts batteries directly via `den.provides.*`; this bootstrap uses `den.provides.define-user` and `den.provides.inputs'`.
+- In this flake-parts setup, declaring `options.flake.darwinConfigurations` as `lib.types.lazyAttrsOf lib.types.raw` allows multiple Darwin hosts to merge correctly.
+
+## Task 3: Utility functions under _lib/ - COMPLETED
+
+**What was done:**
+- Created `modules/_lib/` directory
+- Copied 5 pure function files (not NixOS modules):
+  - `lib/constants.nix` → `modules/_lib/constants.nix` (14 lines)
+  - `lib/build-rust-package.nix` → `modules/_lib/build-rust-package.nix` (20 lines)
+  - `profiles/wallpaper.nix` → `modules/_lib/wallpaper.nix` (11 lines)
+  - `profiles/open-project.nix` → `modules/_lib/open-project.nix` (10 lines)
+  - `profiles/packages.nix` → `modules/_lib/packages.nix` (67 lines)
+
+**Key insight:**
+- import-tree ignores paths with `/_` prefix, so `modules/_lib/` is safe for pure functions
+- These files are NOT NixOS/home-manager modules - they're utility functions that would crash import-tree if placed directly under `modules/`
+- Files were COPIED (not moved) because old locations are still referenced by existing host configs until Task 26
+
+**Verification:**
+- All 5 files copied with identical content (byte-for-byte match)
+- `alejandra --check modules/_lib/` passed (formatting compliant)
+- `nix flake show` exits 0 (import-tree correctly ignores `_lib/`)
+
+**Dependencies:**
+- Unblocks Task 4 (overlays need `build-rust-package.nix` from `_lib/`)
+
+## Task 2: Hosts and defaults bootstrap notes
+
+- Den host wiring uses `den.hosts.<system>.<hostname>.users.<username> = {}` declarations in `modules/hosts.nix` for each host-user pair.
+- `den.default.includes` accepts batteries directly via `den.provides.*`; this bootstrap uses `den.provides.define-user` and `den.provides.inputs'`.
+- In this flake-parts setup, declaring `options.flake.darwinConfigurations` as `lib.types.lazyAttrsOf lib.types.raw` allows multiple Darwin hosts to merge correctly.
+
+## Task 5: Core aspect module - COMPLETED
+
+**What was done:**
+- Created `modules/core.nix` as a flake-parts module defining `den.aspects.core`
+- Ported all nix settings from `profiles/core.nix` into the `os` class (applies to both nixos and darwin)
+- Updated `modules/defaults.nix` to include `den.aspects.core` in `den.default.includes`
+
+**Key decisions:**
+- Used `os` class for shared settings (fish, nushell, nixpkgs.config.allowUnfree, nix package, substituters, trusted-public-keys, gc.automatic, gc.options, experimental-features)
+- Deliberately EXCLUDED `trusted-users` from core.nix (platform-specific: darwin uses "@admin", NixOS uses specific user — handled by darwin.nix and nixos-system.nix)
+- Deliberately EXCLUDED gc interval/dates (platform-specific: darwin uses `interval`, NixOS uses `dates` — handled by darwin.nix and nixos-system.nix)
+
+**Verification:**
+- `modules/core.nix` created with 35 lines (exact port of profiles/core.nix settings)
+- `modules/defaults.nix` updated to include `den.aspects.core` in includes list
+- `alejandra .` formatted both files successfully
+- `nix flake show` exits 0 (flake evaluates cleanly)
+
+**Dependencies:**
+- Unblocks Task 6 (darwin.nix and nixos-system.nix can now reference den.aspects.core)
+
+## Task 6a: NixOS system aspect - COMPLETED
+
+**What was done:**
+- Created `modules/nixos-system.nix` as a flake-parts module defining `den.aspects.nixos-system`
+- Ported NixOS-specific config from `profiles/nixos.nix` into the `nixos` class
+
+**Key decisions:**
+- Used `nixos` class (not `os`) since all settings are NixOS-specific (sudo, boot, systemd-boot, users)
+- `nixos` class uses NixOS module function form `{pkgs, ...}: { ... }` to access `pkgs` for `linuxPackages_latest` and `nushell`
+- `inputs` accessed from outer flake-parts module args for `home-manager.nixosModules.home-manager` import
+- Hardcoded "cschmatzler" instead of variable interpolation (user is always the same)
+- Hardcoded SSH keys inline instead of referencing constants (simplifies dependency)
+- Deliberately EXCLUDED: system.stateVersion (in defaults.nix), sops.age.sshKeyPaths (in secrets.nix), home-manager.sharedModules/_module.args (den handles via inputs' battery)
+
+**Pattern:**
+- Outer function: `{inputs, ...}:` — flake-parts module args
+- Inner class: `nixos = {pkgs, ...}: { ... }` — NixOS module function
+- `imports = [inputs.home-manager.nixosModules.home-manager]` inside the nixos class
+
+**Verification:**
+- `alejandra --check .` passes (already compliant on write)
+- `nix flake show` exits 0 (both michael and tahani evaluate cleanly)
+
+## Task 6b: Darwin system aspect - COMPLETED
+
+**What was done:**
+- Created `modules/darwin.nix` as a flake-parts module defining `den.aspects.darwin-system`
+- Created `modules/_darwin/dock.nix` — the dock module (NixOS-style with options/config)
+- Ported profiles/darwin.nix, profiles/dock.nix, profiles/homebrew.nix, and nix-homebrew config
+
+**Files created:**
+- `modules/darwin.nix` — flake-parts module with `den.aspects.darwin-system.darwin` class
+- `modules/_darwin/dock.nix` — dock options+activation script module (underscore prefix avoids import-tree)
+
+**Key decisions:**
+- `darwin` class uses NixOS module function form `{pkgs, ...}: { ... }` to access `pkgs.nushell`
+- `inputs` accessed from outer flake-parts module args via closure (for nix-homebrew, home-manager, homebrew taps)
+- Dock module placed in `modules/_darwin/dock.nix` and imported via `imports = [./_darwin/dock.nix]` inside the darwin class
+- All `user` variable references replaced with hardcoded "cschmatzler"
+- Excluded: home-manager.extraSpecialArgs (den handles via batteries), system.stateVersion (in defaults.nix)
+- nix-homebrew config wired with taps from flake inputs (homebrew-core, homebrew-cask)
+
+**Pattern for complex sub-modules:**
+- Use `modules/_<platform>/` prefix (underscore avoids import-tree auto-import)
+- Import from aspect class via `imports = [./_darwin/dock.nix]`
+- The inner NixOS module function captures `inputs` from outer flake-parts scope via Nix closure
+
+**Verification:**
+- `alejandra .` — already compliant on write (no changes needed)
+- `nix flake show` exits 0 (flake evaluates cleanly with new aspect)
+
+## Task 23: Michael aspect with absorbed gitea module - COMPLETED
+
+- Created `modules/_hosts/michael/` and copied `hosts/michael/disk-config.nix` plus `hosts/michael/hardware-configuration.nix` byte-for-byte into underscore-prefixed paths so import-tree ignores them.
+- Added `modules/michael.nix` defining `den.aspects.michael` with includes `den.aspects.nixos-system`, `den.aspects.core`, and `den.aspects.cschmatzler`.
+- Inlined the full gitea/redis/litestream/caddy/restic/systemd config directly in the michael aspect and removed dependency on `options.my.gitea`.
+- Preserved intentional `lib.mkForce` overrides for litestream and restic service users/groups.
+- Replaced legacy `cfg.*` references with concrete values and SOPS paths: litestream bucket `michael-gitea-litestream`, restic bucket `michael-gitea-repositories`, endpoint `s3.eu-central-003.backblazeb2.com`, and `config.sops.secrets.michael-gitea-*.path`.
+
+## Task 25: Tahani aspect with host sub-files - COMPLETED
+
+- Created `modules/_hosts/tahani/` and copied `hosts/tahani/{adguardhome,cache,networking,paperless}.nix` byte-for-byte into underscore-prefixed paths so import-tree ignores host-only sub-files.
+- Added `modules/tahani.nix` defining `den.aspects.tahani` with includes `den.aspects.nixos-system`, `den.aspects.core`, and `den.aspects.cschmatzler` (network aspects intentionally deferred).
+- Ported tahani-specific NixOS settings into the aspect (`networking.hostName`, docker enablement, docker group membership for `cschmatzler`, and 16 GiB swapfile declaration).
+- Ported tahani-specific Home Manager settings into the aspect (`programs.git.settings.user.email`, zellij Nushell integration override enabled for tahani).
+- Inbox-triage systemd unit now uses `pkgs.himalaya` from overlay in `PATH` (`${pkgs.himalaya}/bin`) with `inputs'.llm-agents.packages.opencode` for `ExecStart`; no `config.home-manager.users...` lookup.
+- Verification: `alejandra .`, `alejandra --check .`, and `nix flake show` all pass; `lsp_diagnostics` is clean on all newly created tahani files.
+
+- Home Manager `programs.nushell` module writes `config.nu` as a merge of: `environmentVariables` (via `load-env`), flattened `settings`, optional `configFile.text`, then `extraConfig`, then generated `shellAliases` (see HM `modules/programs/nushell.nix`). So any duplication in `config.nu` that is isolated to `extraConfig` almost always means the option value was merged multiple times (module included multiple times), not that HM writes it twice.
+- In Den, HM user contexts include both the host aspect chain and the user aspect (`den.ctx.user`). If you also include the user aspect from the host aspect `includes`, user HM config is applied twice.