4.5 KiB
4.5 KiB
AGENTS.md
Overview
Nix flake — 3 devices (Mac Mini, MacBook Air: aarch64-darwin; WSL: x86_64-linux). Single user imbytecat. Uses Lix.
Architecture
flake.nix
├── darwinConfigurations.mac-mini (aarch64-darwin)
├── darwinConfigurations.macbook-air (aarch64-darwin)
└── nixosConfigurations.wsl (x86_64-linux)
lib/default.nix—mkDarwin/mkNixosbuilders,sshKeys(viaspecialArgs),homeManagerConfigmodules/shared/— cross-platform: Lix, overlays, fonts, fish, openssh, 1passwordmodules/darwin/— system preferences, homebrew, usermodules/nixos/— system packages, locale, docker, userhome/— home-manager (shared,useGlobalPkgs), catppuccinhosts/*/— per-host overridesoverlays/+pkgs/— custom packages (comment-checker)
Flow: hosts/* → modules/* → home/*
Commands
just rebuild mac-mini # macOS host (darwin-rebuild)
just rebuild macbook-air
just rebuild wsl # NixOS host (nixos-rebuild)
just check # eval without building (platform-aware)
just update # nix flake update
just up nixpkgs # update single input
just clean # nix-collect-garbage -d (user-level only)
just rollback # NixOS only — rollback to previous generation
just history # list system profile generations
just show # nix flake show
just lsp mac-mini # nixd option completion for VSCode
Note: just check and just rebuild have [macos]/[linux] variants — the justfile auto-selects by platform.
Gotchas
- Shared settings in
modules/shared/— don't re-declare fish/openssh/1password/fonts in platform modules. sshKeyscentralized inlib/default.nixviaspecialArgs. Don't hardcode.- WSL aliases force-cleared —
hosts/wsl/default.nixuseslib.mkForce {}. All aliases via Home Manager only. - Neovim = lazyvim-nix —
programs.lazyviminhome/dev/neovim.nix.catppuccin.nvim.enable = false(LazyVim manages colorscheme). Thelazyvim.homeManagerModules.defaultis loaded as a sharedModule inlib/default.nix. - catppuccin modules —
catppuccin.homeModules.catppuccin(home),catppuccin.nixosModules.catppuccin(NixOS). Not the oldhomeManagerModules. - Homebrew
cleanup = "zap"— undeclared casks/brews get removed.greedyCasks = trueupgrades even auto-updating casks. Shared →modules/darwin/, host-specific →hosts/*/. Tap casks need full path (e.g."goooler/repo/fl-clash"). - Ghostty macOS-only —
enable = pkgs.stdenv.isDarwin,package = null(Homebrew cask). Terminfo propagated viaghostty.terminfoinmodules/nixos/. - nix-ld on WSL —
programs.nix-ld.enable = truefor VSCode Remote. - home-manager
backupFileExtension = "bak"— set inlib/default.nix. Existing dotfiles get.baksuffix on conflict. - mise — runtime version management (
home/dev/languages.nix).trusted_config_paths = [ "/" ]trusts all config files.
Environment
1Password CLI secrets are cached locally — shell startup reads ~/.cache/op-env/env.fish (no network).
- Template:
home/shell/fish.nix→~/.config/op-env/env.tpl(op://refs, safe to commit) - Cache:
~/.cache/op-env/env.fish(plaintext,chmod 600, outside git/nix store) - Auth:
OP_SERVICE_ACCOUNT_TOKENin~/.config/fish/local.fish(gitignored) - Refresh: user runs
op-env-refreshmanually (needs network). Atomic write (mktemp + mv), failure keeps old cache. - Clear:
op-env-clearremoves cache file. local.fishis sourced after the cache, so it can override env vars per-machine.
Home Manager option API
Use the new names:
programs.git.settings.user.{name,email}(notuserName/userEmail)programs.git.settings.*(notextraConfig)programs.delta.{enable,options}(notprograms.git.delta.*)programs.delta.enableGitIntegration = true(must be explicit)programs.ssh.matchBlocks."*".addKeysToAgent(not top-level)programs.ssh.enableDefaultConfig = false
Nix tooling
- LSP:
nixd. Formatter:nixfmt. Linter:statix. - All in
home/dev/languages.nix. just lsp <host>generates.vscode/settings.jsonfrom.vscode/settings.base.json(gitignored output).
Tool usage
opencode.jsoncconfiguresjust-lsp(LSP) andmcp-nixos(MCP).- Always use
nixos_nixMCP to look up nix-darwin/NixOS/home-manager options before writing config. Don't guess option names.