From d7e0aaf7982651e3e663c9366f5d07915df1093a Mon Sep 17 00:00:00 2001 From: imbytecat Date: Mon, 13 Apr 2026 21:35:55 +0800 Subject: [PATCH] chore: remove stale sops secrets recipe, sync AGENTS.md - Remove justfile secrets recipe (sops no longer used) - Add just rollback and WSL bootstrap to AGENTS.md - Clarify just clean is user-level only --- AGENTS.md | 11 ++++++++--- Justfile | 7 +------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/AGENTS.md b/AGENTS.md index 947ff47..aa40929 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -34,12 +34,12 @@ All platforms use **Lix** (`nix.package = pkgs.lix` in `modules/shared/nix.nix`) just rebuild mac-mini # rebuild macOS host (on macOS) just rebuild macbook-air just rebuild # rebuild WSL (linux only, default: "wsl") +just rollback # rollback to previous generation (linux only) just check # eval configs without building (platform-aware) just update # nix flake update just up nixpkgs # update a single flake input just show # nix flake show -just secrets # sops secrets/secrets.yaml -just clean # nix-collect-garbage -d +just clean # nix-collect-garbage -d (user-level only; NixOS system-level needs sudo) just history # list system profile generations just lsp mac-mini # generate .vscode/settings.json for nixd option completion @@ -51,6 +51,10 @@ nix build .#darwinConfigurations.mac-mini.system # validate (full bu # First-time bootstrap (nix-darwin not yet installed) sudo nix run nix-darwin -- switch --flake .#mac-mini + +# First-time bootstrap WSL (fresh NixOS-WSL has no git) +nix-shell -p git --run "git clone ~/nix-config" +cd ~/nix-config && sudo nixos-rebuild switch --flake .#wsl ``` ## Critical gotchas @@ -59,7 +63,8 @@ sudo nix run nix-darwin -- switch --flake .#mac-mini - **catppuccin module name**: Home-manager uses `catppuccin.homeModules.catppuccin` (imported in `home/default.nix`). NixOS uses `catppuccin.nixosModules.catppuccin` (in `lib/default.nix`). Don't use the old `homeManagerModules` name. - **Homebrew tap casks**: Casks from taps need full path (e.g. `"goooler/repo/fl-clash"`), not just the short name. - **`onActivation.cleanup = "zap"`**: Any brew formula/cask NOT declared in `modules/darwin/default.nix` WILL be removed on rebuild. Be comprehensive. -- **First-time bootstrap requires sudo**: `sudo nix run nix-darwin -- switch --flake .#mac-mini` (not `darwin-rebuild` which doesn't exist yet). +- **First-time macOS bootstrap requires sudo**: `sudo nix run nix-darwin -- switch --flake .#mac-mini` (not `darwin-rebuild` which doesn't exist yet). +- **First-time WSL bootstrap needs `nix-shell -p git`**: Fresh NixOS-WSL has no `git`. Use `nix-shell -p git --run "git clone ..."` to clone, then `sudo nixos-rebuild switch`. - **mise for version management**: Activated in `home/shell/fish.nix` via `mise activate fish | source`. Config in `home/dev/languages.nix` trusts all config paths. ## Secrets (1Password CLI) diff --git a/Justfile b/Justfile index 3ee5cd8..283bfed 100644 --- a/Justfile +++ b/Justfile @@ -72,15 +72,10 @@ clean: ############################################################################ # -# Secrets & tooling +# Tooling # ############################################################################ -# Edit encrypted secrets -[group('tools')] -secrets: - sops secrets/secrets.yaml - # Generate .vscode/settings.json with LSP option completion [macos] [group('tools')]