Conversation
…dd result symlink for nixos manual
…e enablement, FPS limit, appearance, and hotkeys
…tter clarity and maintainability
…safety and error handling
…tions for configuration validation
…clarity and usability
…U text descriptions
…nd removing scalar.nix
…ervice, and Portmaster configuration
…ployment scripts - Removed chaotic input and updated hydenix input to point to the latest version. - Consolidated nix-podman-stacks and home-manager inputs for clarity. - Simplified mkHost function to directly use inputs.nixpkgs. - Removed the host configuration mapping and deployment scripts (rb, deploy-remote, deploy-local, deploy-cross) to clean up the codebase. - Added a default host configuration for easier access.
…nd installation instructions
…ement and Windows app support
…aming configurations
…streamlining environment setup
…mline imports and add management utilities
Added details for reporting bugs and enhancements.
…rt in default.nix
ClementBobin
added
documentation
|
Caution Review failedThe pull request is closed. Note Other AI code review bot(s) detectedCodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review. 📝 WalkthroughSummary by CodeRabbit
WalkthroughRefactors flake inputs and host builders, adds and modifies many Home Manager and system modules, converts root/storage to btrfs subvolumes, introduces new hosts and wrapper derivations, replaces Gitea with Forgejo, removes Chaotic/CachyOS and scalar module, and replaces a minimal README/TODO with expanded documentation. Changes
Sequence Diagram(s)sequenceDiagram
autonumber
participant User
participant Flake as flake.nix
participant mkHost as mkHost()
participant Nixpkgs as inputs.nixpkgs
participant Host as ./hosts/<name>
User->>Flake: nix build / call flake output (e.g., "oak")
Flake->>mkHost: mkHost("oak")
mkHost->>Nixpkgs: call nixpkgs.lib.nixosSystem with system/specialArgs
mkHost->>Host: import ./hosts/oak (with vars, inputs)
Host->>mkHost: return merged NixOS config
mkHost-->>Flake: system derivation
Flake-->>User: built system
sequenceDiagram
autonumber
participant Boot
participant LVM as LVM (/dev/mapper)
participant Btrfs as btrfs subvolumes
Boot->>LVM: detect volumes and dm-snapshot module
LVM->>Btrfs: mount root btrfs subvol=@ (compress, noatime)
Btrfs->>Btrfs: mount /nix@, /var/log@, /home@ and user subvols (/games, /Documents)
Btrfs-->>Boot: filesystems ready
Boot->>System: continue boot
Estimated code review effort🎯 4 (Complex) | ⏱️ ~60 minutes Areas to focus during review:
Possibly related PRs
Poem
Pre-merge checks and finishing touches❌ Failed checks (1 inconclusive)
✅ Passed checks (2 passed)
📜 Recent review detailsConfiguration used: CodeRabbit UI Review profile: ASSERTIVE Plan: Pro 📒 Files selected for processing (1)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull Request Overview
This pull request introduces a major refactoring to modernize the NixOS configuration, with a focus on migrating to upstream inputs, improving documentation, simplifying deployment, and enhancing module configurations. The changes streamline the flake structure by removing obsolete tooling and dependencies while adding comprehensive documentation throughout the codebase.
Key Changes:
- Migrated from hydenix-specific inputs to upstream nixpkgs and home-manager for better maintainability
- Complete rewrite of README.md with structured documentation including installation, usage, and contribution guidelines
- Removal of deployment scripts (rb, deploy-remote) in favor of standard nixos-rebuild workflow
Reviewed Changes
Copilot reviewed 57 out of 58 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| flake.nix | Migrated to upstream nixpkgs/home-manager, removed chaotic/nix-index-database inputs, added nixos-hardware, removed deployment scripts |
| README.md | Complete documentation overhaul with project description, features, installation guide, and contribution guidelines |
| hosts/oak/default.nix | Updated to use upstream inputs, simplified overlays, added hardware modules from nixos-hardware |
| hosts/oak/hardware-configuration.nix | Migrated to Btrfs with logical volumes for better filesystem organization and performance |
| modules/system/common/default.nix | Renamed gitea module to forgejo, removed linux-cachyos import |
| modules/hm/common/games/mangohud.nix | Restructured options for better organization with separate CPU/GPU text configuration |
| modules/wrapper/*.nix | Added new packages (winboat, hyprDisplays), updated versions for hayase and scalar |
| modules/system/common/virtualisation/*.nix | Enhanced documentation with detailed descriptions for all configuration options |
| modules/hm/common/shell/tools.nix | Added shellAliases option and lib.mkDefault for better override capability |
Comments suppressed due to low confidence (4)
modules/wrapper/winboat.nix:1
- The hash value is a placeholder with 'X' characters. This must be replaced with the actual SHA256 hash of the downloaded AppImage for the package to build correctly. Run
nix-prefetch-url https://github.com/TibixDev/winboat/releases/download/v0.8.7/Winboat-0.8.7.AppImageto get the correct hash.
modules/system/common/hardware/powersave/default.nix:1 - This creates a circular dependency because
startdepends onstop, but both are options that can be set by the user. The default should use a literal value or be marked withlib.mkDefaultto allow proper override. Consider usingdefault = 75;instead.
modules/system/common/server/print.nix:1 - The enum type now restricts log levels, but the description still mentions only 'debug', 'info', 'warn', or 'error'. The description should be updated to include 'fatal' and 'none' as valid options.
result:1 - The 'result' symlink should be added to .gitignore as it's a build artifact that shouldn't be tracked in version control. This is a Nix build output that will be different for each build.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| } | ||
| { | ||
| assertion = lib.all (p: lib.hasAttr p presets) cfg.presets; | ||
| message = "ianny: every preset in ianny.presets must exist in config.json."; |
There was a problem hiding this comment.
The error message mentions 'config.json' but the presets are defined in Nix configuration, not a JSON file. The message should be updated to: 'ianny: every preset in ianny.presets must be a valid preset name (safety, dev, game).'
| message = "ianny: every preset in ianny.presets must exist in config.json."; | |
| message = "ianny: every preset in ianny.presets must be a valid preset name (safety, dev, game)."; |
| default = []; | ||
| example = [ "webstorm" "android-studio" "datagrip" "vs-code" ]; | ||
| description = "List of IDEs to install"; | ||
| description = "List of IDEs to install. Note: 'vs-code' is enabled via programs.vscode; others are added to home.packages."; |
There was a problem hiding this comment.
[nitpick] Corrected formatting: the description has inconsistent formatting. Should be: 'List of IDEs to install. Note: vs-code is enabled via programs.vscode; others are added to home.packages.'
| description = "List of IDEs to install. Note: 'vs-code' is enabled via programs.vscode; others are added to home.packages."; | |
| description = "List of IDEs to install. Note: vs-code is enabled via programs.vscode; others are added to home.packages."; |
hosts/oak/default.nix
Outdated
| users.users.${vars.user} = { | ||
| isNormalUser = true; | ||
| #initialPassword = "${vars.user}"; | ||
| initialPassword = "epsilon21C"; |
There was a problem hiding this comment.
Hardcoded password in the configuration file is a security risk. This password will be stored in the Nix store and is world-readable. Consider removing this line or using hashedPassword with a hashed value instead. If this is for initial setup only, it should be documented with a comment explaining it should be changed immediately after first login.
| initialPassword = "epsilon21C"; | |
| # WARNING: This is a hashed password for initial setup only. | |
| # Change the password immediately after first login. | |
| hashedPassword = "$6$rounds=656000$exampleSalt$exampleHashedPasswordString"; |
| @@ -22,9 +26,13 @@ let | |||
| description = "Rocket League via nix-gaming"; | |||
| }; | |||
| star-citizen = { | |||
There was a problem hiding this comment.
Commented-out code should be removed or properly documented with an explanation. If lug-helper was intentionally disabled, add a TODO comment explaining why it was removed and whether it should be re-enabled in the future.
| star-citizen = { | |
| star-citizen = { | |
| # TODO: pkgs.lug-helper was disabled here. Add explanation for why it was removed (e.g., compatibility issues, deprecated, etc.) | |
| # If lug-helper should be re-enabled in the future, update this comment with the conditions for doing so. |
| ../common | ||
| inputs.hydenix.lib.homeModules | ||
| inputs.nix-index-database.homeModules.nix-index | ||
| inputs.hydenix.homeModules.default |
There was a problem hiding this comment.
Potential incompatibility: changed from inputs.hydenix.lib.homeModules to inputs.hydenix.homeModules.default. Verify that the new hydenix version exports homeModules at this path, as this could cause the configuration to fail if the structure doesn't match.
| inputs.hydenix.homeModules.default | |
| inputs.hydenix.lib.homeModules |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 14
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (9)
modules/hm/common/games/games.nix (1)
8-15: Consider extracting common Minecraft dependencies.Both
minecraftandminecraft-modrinthentries share the same dependencies (jdk17,gcc,glibc) with only the launcher differing. This duplication could make maintenance harder if dependency versions need updating.Consider refactoring to reduce duplication:
+ minecraftCommon = with pkgs; [ jdk17 gcc glibc ]; + availableGames = { minecraft = { - packages = with pkgs; [ prismlauncher jdk17 gcc glibc ]; + packages = minecraftCommon ++ (with pkgs; [ prismlauncher ]); description = "Minecraft Launcher with PrismLauncher"; }; minecraft-modrinth = { - packages = with pkgs; [ modrinth-app jdk17 gcc glibc ]; + packages = minecraftCommon ++ (with pkgs; [ modrinth-app ]); description = "Minecraft Launcher with Modrinth Launcher"; };modules/system/common/default.nix (1)
4-4: Renameflutter.nixtoandroid.nixto match its actual content.The file at
modules/system/common/dev/languages/flutter.niximplements Android development (definesconfig.modules.system.dev.languages.android, configuresandroid-studio,adb.enable, etc.), not Flutter. The filename is misleading and should be renamed toandroid.nix, and the import at line 4 ofdefault.nixshould be updated accordingly to./dev/languages/android.nix.modules/system/common/server/storage/forgejo.nix (1)
29-38: Consider exposing additional Forgejo configuration options for production deployments.The current configuration is functional. However, the module exposes only basic options (enable, httpPort, stateDir). NixOS Forgejo service supports database configuration, settings tree for app.ini options, Git LFS, and other production-grade features. For improved production readiness, consider exposing additional options such as:
- Database type and connection settings (currently defaults to SQLite)
- Domain/ROOT_URL configuration
- Authentication providers (LDAP, OAuth, etc.)
- Email/notification settings
These could be added via a
settingsoption that passes configuration toservices.forgejo.settings, allowing users to customize their deployment without modifying the module itself.modules/system/common/server/print.nix (1)
56-61: The web search confirms that CUPS supports a specific set of log levels. CUPS standard log levels are: none, emerg, alert, crit, error, warn, notice, info, debug, debug2.Comparing this to the enum in the code (
"debug","info","warn","error","fatal","none"):
- The enum includes
"fatal", which is not a valid CUPS log level- The enum is missing valid CUPS levels like
"emerg","alert","crit","notice", and"debug2"- The description only mentions four values but the enum has six, making them inconsistent
Update the enum to match CUPS standard log levels and revise the description accordingly.
The enum should use CUPS's standard values (at minimum:
none,error,warn,notice,info,debug), remove"fatal", and update the description to accurately reflect all supported values.modules/system/common/hardware/powersave/power-tuning.sh (1)
38-64: Fix the restore logic to handle mixed file format.Line 47 sources the backup file, but the file now contains
runtime_pm:...lines (added at line 33) which are not valid shell variable assignments. Sourcing will fail with "command not found" errors for these lines.Apply this diff to fix the issue by sourcing only valid shell variable lines:
log "Restoring settings from $SETTINGS_FILE" - # shellcheck source=/dev/null - source "$SETTINGS_FILE" + # Extract and source only shell variable assignments + while IFS= read -r line; do + [[ $line =~ ^[a-z_]+=.* ]] && eval "$line" + done < "$SETTINGS_FILE" # Restore CPU governor if [[ -n "${cpu_governor:-}" ]]; thenmodules/hm/desktops/random-theme.sh (1)
79-80: Remove the unnecessarywaitstatement.The
waitcommand has no effect here because no processes are backgrounded in this script. Boththeme.switch.sh(line 69) andwallpaper.sh(line 74) are invoked synchronously without&. Thewaitbuiltin only waits for jobs backgrounded by the current shell, so this is a no-op and should be removed.hosts/oak/default.nix (1)
70-81: Critical security issue: Hardcoded password in version control.The plain-text password "epsilon21C" is visible in the repository and its entire Git history. Anyone with repository access can see this credential. Initial passwords should be set via hashedPassword or managed through secure deployment mechanisms.
Apply this diff to remove the hardcoded password:
users.users.${vars.user} = { isNormalUser = true; - initialPassword = "epsilon21C"; + # Set password interactively after first boot with: passwd + # Or use hashedPassword instead of initialPassword extraGroups = [ "wheel"Alternatively, generate and use a hashed password:
#!/bin/bash # Generate a hashed password (run this locally, not in the repo) mkpasswd -m sha-512hosts/oak/hardware-configuration.nix (1)
1-3: Hardware configuration heavily modified despite warning.This file contains a warning not to modify it, yet has extensive customizations (LVM mappings, btrfs subvolumes, user-specific paths). While manual changes are sometimes necessary, the disconnect between the warning and reality is problematic.
Consider either:
- Moving custom filesystem configurations to a separate file (e.g.,
filesystems.nix) that imports the generated hardware-configuration.nix- Adding a comment explaining why modifications were necessary and how to regenerate safely
Example separation approach:
In
hardware-configuration.nix:# Keep only the auto-generated portionsIn
filesystems.nix:# Custom LVM/btrfs configuration { ... }: { fileSystems."/" = { ... }; fileSystems."/nix" = { ... }; # ... other custom mounts }modules/hm/common/utilities/safety/ianny.nix (1)
234-237: Restore the forced overwrite for the preset selector file.
Droppingforce = truemeans existing installs (which created~/.local/bin/ianny-preset-selectorwith the previousmutable = truesetting) will now hitln: … File existsand the entire Home Manager activation fails. Please keepforce = true(and, if you still want the file to be immutable, drop onlymutable) so upgrades don’t brick current users.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro
⛔ Files ignored due to path filters (1)
flake.lockis excluded by!**/*.lock
📒 Files selected for processing (57)
README.md(1 hunks)TODO.md(0 hunks)flake.nix(5 hunks)hosts/oak/default.nix(4 hunks)hosts/oak/hardware-configuration.nix(1 hunks)hosts/seed-birch/default.nix(1 hunks)info.txt(0 hunks)modules/hm/common/communication/mail.nix(1 hunks)modules/hm/common/default.nix(4 hunks)modules/hm/common/dev/environments/editor.nix(4 hunks)modules/hm/common/dev/languages/dotnet.nix(1 hunks)modules/hm/common/dev/languages/kotlin.nix(1 hunks)modules/hm/common/documentation/default.nix(1 hunks)modules/hm/common/games/games.nix(2 hunks)modules/hm/common/games/mangohud.nix(3 hunks)modules/hm/common/multimedia/editing/audio.nix(1 hunks)modules/hm/common/multimedia/editing/video.nix(1 hunks)modules/hm/common/multimedia/management-utility.nix(1 hunks)modules/hm/common/multimedia/remote-desktop.nix(1 hunks)modules/hm/common/multimedia/streaming.nix(1 hunks)modules/hm/common/network/tunnel.nix(0 hunks)modules/hm/common/security/burp.nix(1 hunks)modules/hm/common/shell/tools.nix(1 hunks)modules/hm/common/utilities/api.nix(1 hunks)modules/hm/common/utilities/app-launcher.nix(2 hunks)modules/hm/common/utilities/safety/ianny.nix(3 hunks)modules/hm/common/utilities/scalar.nix(0 hunks)modules/hm/desktops/configHydenix.nix(1 hunks)modules/hm/desktops/hydenix.nix(3 hunks)modules/hm/desktops/mirage-waybar.jsonc(1 hunks)modules/hm/desktops/nvidia-run.sh(1 hunks)modules/hm/desktops/random-theme.sh(1 hunks)modules/hm/hosts/oak/default.nix(4 hunks)modules/hm/hosts/seed-birch/default.nix(1 hunks)modules/system/common/default.nix(1 hunks)modules/system/common/dev/languages/flutter.nix(1 hunks)modules/system/common/games.nix(1 hunks)modules/system/common/hardware/powersave/default.nix(3 hunks)modules/system/common/hardware/powersave/power-benchmark.sh(5 hunks)modules/system/common/hardware/powersave/power-tuning.sh(3 hunks)modules/system/common/nix/linux-cachyos.nix(0 hunks)modules/system/common/server/communication/matrix.nix(1 hunks)modules/system/common/server/password-manager/vaultwarden.nix(1 hunks)modules/system/common/server/print.nix(3 hunks)modules/system/common/server/storage/forgejo.nix(1 hunks)modules/system/common/virtualisation/default.nix(1 hunks)modules/system/common/virtualisation/ollama.nix(1 hunks)modules/system/hosts/oak/default.nix(1 hunks)modules/system/hosts/seed-birch/default.nix(1 hunks)modules/wrapper/caelestia.nix(1 hunks)modules/wrapper/default.nix(1 hunks)modules/wrapper/hayase.nix(2 hunks)modules/wrapper/hyprDisplays.nix(1 hunks)modules/wrapper/safing/module.nix(1 hunks)modules/wrapper/scalar.nix(1 hunks)modules/wrapper/winboat.nix(1 hunks)result(1 hunks)
💤 Files with no reviewable changes (5)
- modules/hm/common/network/tunnel.nix
- info.txt
- modules/hm/common/utilities/scalar.nix
- TODO.md
- modules/system/common/nix/linux-cachyos.nix
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-05-27T21:08:03.407Z
Learnt from: ClementBobin
Repo: ClementBobin/flakeHypr PR: 2
File: modules/hm/common/dev/python.nix:141-142
Timestamp: 2025-05-27T21:08:03.407Z
Learning: In modules/hm/common/dev/python.nix, using both `force = true` and `mutable = true` for shell.nix files is intentional - it creates a pattern where the template is regenerated from config on each activation (force) but allows temporary user modifications between activations (mutable).
Applied to files:
modules/hm/common/default.nixmodules/system/hosts/seed-birch/default.nixmodules/hm/common/communication/mail.nixhosts/seed-birch/default.nixmodules/hm/hosts/seed-birch/default.nixmodules/hm/common/utilities/safety/ianny.nixhosts/oak/hardware-configuration.nixmodules/hm/common/dev/languages/kotlin.nixmodules/hm/desktops/hydenix.nixhosts/oak/default.nixmodules/hm/common/shell/tools.nixflake.nix
🧬 Code graph analysis (1)
modules/system/common/hardware/powersave/power-tuning.sh (1)
modules/system/common/hardware/powersave/power-benchmark.sh (1)
log(14-16)
🪛 LanguageTool
README.md
[style] ~107-~107: This word has been used in one of the immediately preceding sentences. Using a synonym could make your text more interesting to read, unless the repetition is intentional.
Context: ... and adjust system-specific settings as needed. Install the Configuration: ```bash ...
(EN_REPEATEDWORDS_NEED)
[style] ~124-~124: Since ownership is already implied, this phrasing may be redundant.
Context: ...- ## ⚙️ Configuration * Each host has its own configuration under hosts/ * Shared m...
(PRP_OWN)
🪛 markdownlint-cli2 (0.18.1)
README.md
10-10: Link fragments should be valid
(MD051, link-fragments)
11-11: Link fragments should be valid
(MD051, link-fragments)
12-12: Link fragments should be valid
(MD051, link-fragments)
13-13: Link fragments should be valid
(MD051, link-fragments)
14-14: Link fragments should be valid
(MD051, link-fragments)
18-18: Link fragments should be valid
(MD051, link-fragments)
19-19: Link fragments should be valid
(MD051, link-fragments)
42-42: Hard tabs
Column: 12
(MD010, no-hard-tabs)
44-44: Hard tabs
Column: 25
(MD010, no-hard-tabs)
45-45: Hard tabs
Column: 28
(MD010, no-hard-tabs)
46-46: Hard tabs
Column: 28
(MD010, no-hard-tabs)
47-47: Hard tabs
Column: 28
(MD010, no-hard-tabs)
48-48: Hard tabs
Column: 29
(MD010, no-hard-tabs)
49-49: Hard tabs
Column: 23
(MD010, no-hard-tabs)
57-57: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
171-171: Trailing spaces
Expected: 0 or 2; Actual: 4
(MD009, no-trailing-spaces)
172-172: Code block style
Expected: fenced; Actual: indented
(MD046, code-block-style)
181-181: Trailing spaces
Expected: 0 or 2; Actual: 4
(MD009, no-trailing-spaces)
182-182: Code block style
Expected: fenced; Actual: indented
(MD046, code-block-style)
🔇 Additional comments (54)
modules/system/common/server/password-manager/vaultwarden.nix (1)
21-21: LGTM! Description fix corrects copy-paste error.The description now correctly references "vaultwarden" instead of "photoprism", fixing what was clearly a copy-paste error.
modules/hm/common/utilities/app-launcher.nix (3)
54-54: Excellent addition: sanitization prevents invalid derivation names.The sanitization is essential because several theme names contain spaces (e.g., "EVNTech Vache", "Neo Ring", "Modified Bent Photon") which would otherwise produce invalid Nix derivation names. This ensures robust handling of all theme names.
Also applies to: 62-62
63-64: Good shell hardening withset -euand proper quoting.The addition of
set -euensures the script exits immediately on errors and treats unset variables as failures, significantly improving error handling. The quoted"$out"is defensive programming that prevents potential word-splitting issues.
73-73: Consistent quoting improves safety.The quoted
"$out"references maintain consistency with the earlier changes and provide protection against potential word-splitting issues. Note that the glob pattern/*correctly remains outside quotes to allow proper shell expansion.Also applies to: 77-77
modules/hm/common/shell/tools.nix (3)
9-14: LGTM! Well-structured shell aliases option.The new
shellAliasesoption follows NixOS module best practices with proper typing, safe defaults, clear documentation, and helpful examples. Wiring it tohome.shellAliasescorrectly propagates aliases to all configured shells.Also applies to: 23-23
27-27: LGTM! Proper use oflib.mkDefaultfor overridable defaults.Wrapping the enable flags and configuration values with
lib.mkDefaultfollows NixOS best practices and allows users to override these defaults at higher priority levels. This makes the module more flexible and composable.Also applies to: 30-31, 34-35, 40-40, 46-46, 49-49, 52-52
19-24: No packages were removed in this refactoring.Verification of git history shows that the
home.packageslist containing onlytreeis identical between HEAD~1 and HEAD. The recent commit focused on configuration clarity and maintainability, not package changes. No action required.Likely an incorrect or invalid review comment.
modules/system/common/games.nix (6)
22-33: Excellent documentation improvement.The enhanced description clearly lists all supported gaming clients with helpful context about each option. The note about Steam's automatic configuration is particularly useful for users.
36-48: Clear and comprehensive documentation.The enhanced description effectively explains the purpose of the
compatToolsPathoption, including the environment variable it exposes and practical usage details.
66-77: Well-documented trade-offs.The enhanced description effectively communicates both the benefits and potential drawbacks of enabling renice optimization. This helps users make informed decisions.
80-104: Comprehensive and practical documentation.The enhanced description provides an excellent example with custom notification styling and lists diverse use cases (logging, automation, RGB control). This significantly improves the usability of this option.
107-130: Excellent reference documentation.The enhanced description provides a clear overview of common settings with practical examples while appropriately directing users to the official GameMode documentation for the complete list. This strikes a good balance between usability and maintainability.
133-158: Important safety documentation.The enhanced description appropriately highlights the hardware risk acknowledgment required by the "accept-responsibility" value and provides vendor-specific guidance. The safety warning about proper cooling is crucial for users configuring GPU optimizations.
modules/system/common/server/storage/forgejo.nix (2)
1-7: LGTM!The module structure follows NixOS conventions correctly with proper use of
lib,mkOption, andmkIf.
9-27: LGTM!The options are properly defined with appropriate types and defaults. The default HTTP port (3000) matches the standard Forgejo/Gitea port, and the state directory path follows NixOS conventions.
modules/system/common/default.nix (1)
33-33: Migration from Gitea to Forgejo verified as complete.The import has been correctly updated to
forgejo.nixat line 33 ofmodules/system/common/default.nix. Verification confirms:
forgejo.nixexists and is properly configured with the Forgejo service- No remaining Gitea references found in the codebase
- All module configuration correctly references Forgejo
modules/system/common/server/print.nix (4)
15-22: Good documentation improvement!The added example clearly demonstrates how to configure multiple printer drivers, covering common brands (Canon, HP, Samsung).
31-44: Excellent documentation enhancement!The expanded description with multiple examples and security guidance significantly improves usability. The format explanations and network printing considerations are particularly helpful.
49-49: Good example addition!The example effectively demonstrates the three common allowFrom patterns: specific host, network range, and domain wildcard.
85-91: Helpful example for GUI tool options!The example demonstrates alternative printer management tools users can choose from, complementing the default system-config-printer.
modules/system/common/server/communication/matrix.nix (1)
180-180: LGTM!The TODO comment appropriately documents the planned matrix-hookshot integration and clearly states the precondition (required configuration and dependencies).
modules/hm/desktops/configHydenix.nix (1)
22-26: LGTM!The reordering ensures
randomCommandexecutes after the sleep and Kando launch, which provides better sequencing for startup initialization.modules/hm/common/documentation/default.nix (1)
22-22: LGTM!Adding the example improves option documentation and demonstrates valid values from the available editors.
modules/hm/desktops/random-theme.sh (2)
66-66: LGTM!Using
notify-sendprovides better user feedback through desktop notifications compared to terminal echo.
70-72: LGTM!The sleep ensures theme application completes before wallpaper changes, preventing race conditions between theme and wallpaper updates.
modules/system/common/hardware/powersave/power-tuning.sh (3)
28-36: LGTM!The new backup format using
runtime_pm:path|valueprovides cleaner separation of device paths and values compared to the previous approach.
71-71: LGTM!Using
grep -Eqfor pattern matching is more portable and explicit than bash regex matching.
77-81: LGTM!Using
sudo teeinstead of direct redirection is more reliable and avoids shell permission issues when writing to system files.modules/system/hosts/seed-birch/default.nix (2)
1-6: LGTM!The import structure and module organization follow the standard pattern for NixOS host configurations.
27-41: Verify whether the empty disk array is intentional for this host.The powersave configuration is otherwise comprehensive. Comparing seed-birch to the oak host configuration, which explicitly lists NVMe devices (disk = [ "nvme0n1" "nvme1n1" ]), the empty disk array here appears inconsistent. Given that seed-birch is configured as an active desktop/gaming system with battery health settings enabled (typical of laptops), it likely has storage devices that could benefit from power management. Confirm whether this is intentional or if disk devices should be added.
modules/hm/common/multimedia/remote-desktop.nix (1)
9-10: Both packages exist in nixpkgs — no issues identified.The flake references nixos-unstable, where both
rustdesk-flutterandremminapackages are available. The package names in the changes are correct and the code is safe to proceed.modules/hm/common/dev/languages/dotnet.nix (1)
21-21: Verification complete: .NET 9 SDK is available in nixpkgs-unstable.The flake uses
nixos-unstable, where dotnet-sdk_9 is available. The code change is correct and will function as intended.modules/wrapper/safing/module.nix (1)
10-70: Excellent documentation enhancements.The comprehensive mdDoc descriptions with warnings, examples, and detailed explanations significantly improve the module's usability and discoverability. The documentation clearly explains Portmaster's purpose, configuration options, and potential implications.
modules/system/common/virtualisation/default.nix (1)
49-187: Well-structured documentation improvements.The enhanced option descriptions provide comprehensive context about each virtualization component, including their purposes, capabilities, and configuration implications. The consistent formatting and detailed explanations significantly improve the module's usability.
modules/wrapper/hayase.nix (1)
8-9: Release URL verified and valid.The release at version 6.4.37 exists at the specified GitHub URL (HTTP 200). The update is correct.
modules/hm/common/multimedia/streaming.nix (1)
1-27: Review comment is based on incorrect assumptions and should be dismissed.No evidence of an old
modules.hm.multimedia.obsmodule path exists in the codebase. Comprehensive searches found zero references to the old path in any configuration files, and no predecessor module to restructure. The streaming.nix module appears to be a new addition properly imported in the module structure, not a migration from existing code. The warning about "existing configurations" needing updates is not applicable since no such configurations exist.Likely an incorrect or invalid review comment.
modules/system/common/dev/languages/flutter.nix (1)
1-23: File should be renamed to match its content; breaking change concern is unfounded.The verification search found zero references to the old
modules.system.dev.languages.flutteroption path, confirming no active configurations are broken. However, this file presents two issues:
Filename mismatch: The file
modules/system/common/dev/languages/flutter.nixdefinesmodules.system.dev.languages.android, not a flutter module. The filename should beandroid.nixfor consistency.Review comment assumption unclear: The code snippet shows the android module already defined and imported in
modules/system/common/default.nix:4. The active configurationmodules/system/hosts/oak/default.nix:30already usesandroid.enable = true. It's unclear what original flutter configuration existed to break.Clarify what the previous file contained and rename for consistency.
modules/wrapper/scalar.nix (1)
4-7: Verify the updated package checksum in a proper Nix environment.The checksum verification cannot be completed in the sandbox environment due to SSL certificate verification limitations and missing tools. The file URL is accessible but cannot be downloaded and hashed using available tools.
Verify locally or in your Nix environment by running:
nix-hash --type sha256 --flat <(curl -L "https://download.scalar.com/linux/deb/x64")Ensure the computed hash matches the sha256 value in the code and confirm the upstream package update is intentional.
modules/hm/desktops/hydenix.nix (3)
22-22: LGTM: Import consolidation.The consolidation of hydenix imports from
inputs.hydenix.lib.homeModulestoinputs.hydenix.homeModules.defaultsimplifies the module structure.
169-172: LGTM: New keybindings added.The new keybindings are well-organized:
$mainMod Alt, Rfor random theme switching$mainMod, Mfor Spotify$mainMod, Ofor ObsidianThese follow the existing keybinding patterns in the configuration.
183-186: LGTM: NVIDIA offload wrapper integration.The
nvidia-runscript integration is appropriate for enabling NVIDIA Prime offload on demand. The script is properly marked as executable.modules/hm/desktops/nvidia-run.sh (1)
1-2: LGTM: Correct NVIDIA Prime offload implementation.This script correctly implements NVIDIA Prime render offload by:
- Setting
__NV_PRIME_RENDER_OFFLOAD=1to enable Prime offload- Setting
__GLX_VENDOR_LIBRARY_NAME=nvidiato use the NVIDIA GLX library- Using
execto replace the shell process (efficient)- Properly passing through all arguments with
"$@"modules/hm/common/multimedia/editing/audio.nix (1)
1-16: LGTM: Well-structured audio editing module.This new module follows the established pattern:
- Clear enable option with descriptive text
- Conditional package installation using
lib.mkIf- Installs Audacity as the audio editor
The implementation is clean and consistent with other multimedia editing modules in the codebase.
modules/hm/common/security/burp.nix (1)
1-16: LGTM: Well-structured security module.This new module follows the established pattern:
- Clear enable option specifying "Community Edition"
- Conditional package installation using
lib.mkIf- Installs Burp Suite Community Edition
The implementation is clean and consistent with other security tool modules in the codebase.
modules/wrapper/default.nix (1)
1-15: LGTM: Wrapper module consolidation.This new module provides a clean consolidation point for wrapper-related modules. The implementation is straightforward and follows standard Nix module patterns.
Note:
caelestia.nixis commented out on line 7. Please verify this is intentional or remove the commented line if the module is no longer needed.modules/hm/common/default.nix (2)
56-56: ****The premise of the review comment is incorrect. There was no
utilities/scalar.nixfile to migrate. The search results show:
- Only
modules/wrapper/scalar.nixexists (not in utilities)utilities/api.nixis a new module that imports scalar fromwrapper/scalar.nixas a dependencyscalar.nixremains in the wrapper module and is still imported viamodules/wrapper/default.nixThe addition of
./utilities/api.nixis a new utility module, not a replacement for anything. No action is required.Likely an incorrect or invalid review comment.
85-85: ****The commented-out line disables only the user-level Home Manager CLI tool (
home-managercommand), not Home Manager itself. Home Manager is properly configured at the system level across all host configurations (e.g.,hosts/seed-birch/default.nix). Commenting outprograms.home-manager.enableis correct for system-level Home Manager management, where users don't need individual CLI tool installation. The change does not affect Home Manager functionality.Likely an incorrect or invalid review comment.
modules/wrapper/winboat.nix (1)
9-9: Replace the placeholder SHA-256 hash before mergingThe hard-coded
"sha256-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX="is not a valid hash and will causefetchurlto fail. Replace it with the actual SHA-256 digest of the AppImage using:nix store prefetch-file https://github.com/TibixDev/winboat/releases/download/v0.8.7/Winboat-0.8.7.AppImageThis command outputs the correct hash in the format needed for the
hashfield.hosts/oak/hardware-configuration.nix (4)
12-12: Appropriate kernel module for LVM setup.Adding "dm-snapshot" to initrd kernel modules is correct for the LVM-backed btrfs configuration used throughout this file.
33-53: Good compression strategy for different workloads.Using zstd:1 for
/nix(binary packages) and zstd:3 for/var/log(text logs) is appropriate. Logs compress better and benefit from higher compression, while the Nix store contains mostly pre-compressed binaries where lighter compression avoids CPU overhead.
91-91: Swap device configuration looks correct.Using UUID-based swap device reference is the right approach for reliability.
16-25: Verify LVM volumes exist on the "oak" machine before deployment.The configuration references
/dev/mapper/vg--system-root,/dev/mapper/vg--system-nix, and/dev/mapper/vg--system-log, which require pre-existing LVM logical volumes. This is a deployment prerequisite that must be verified on the target machine—not in code review.Before applying this configuration, run the following on the "oak" machine to confirm the LVM setup:
lvs | grep vg-system ls -la /dev/mapper/ | grep vg--systemIf the volumes don't exist, the system will fail to boot. Ensure the LVM logical volumes are properly initialized and formatted (root as btrfs with subvolume "@") before deploying this configuration.
hosts/oak/default.nix (2)
13-15: Security risk acknowledged: No secure jitsi-meet version available in nixpkgs.As of November 13, 2025, the nixpkgs jitsi-meet package is at version 1.0.8043 and is marked insecure—there is no newer "secure" jitsi-meet package in nixpkgs. The version pinned here (1.0.8792) is newer than the current nixpkgs version but remains insecure.
If jitsi-meet is required for your use case, document why this insecure package is necessary and accepted. Otherwise, consider removing it entirely. Upgrading to a patched version is not currently an option in nixpkgs.
98-98: Verify system.stateVersion matches your initial NixOS installation version."25.05" is a valid NixOS release identifier (May 2025). However, best practice is to set
system.stateVersionto the version you initially installed with. If you installed with a different version (e.g., "25.11" as of November 2025), update accordingly and follow the NixOS upgrade path when changing this value, as it can affect module compatibility and configuration behavior.
| inputs.home-manager.nixosModules.home-manager | ||
| inputs.hydenix.nixosModules.default | ||
| ./hardware-configuration.nix | ||
| #./temp.nix |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Clean up commented import.
The commented #./temp.nix import should either be removed if obsolete or uncommented if needed. Leaving commented code in production configurations reduces clarity.
Apply this diff to remove the commented line:
./hardware-configuration.nix
- #./temp.nix
../../modules/system/hosts/oak📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| #./temp.nix | |
| ./hardware-configuration.nix | |
| ../../modules/system/hosts/oak |
🤖 Prompt for AI Agents
In hosts/oak/default.nix around line 29, remove the commented import line
"#./temp.nix" (delete the line entirely) so the production configuration no
longer contains obsolete commented code; if the import is actually required,
instead uncomment it and ensure the referenced file exists and is valid.
| fileSystems."/home" = | ||
| { device = "/dev/mapper/vg--home-home"; | ||
| fsType = "btrfs"; | ||
| options = [ | ||
| "subvol=@home" | ||
| "compress=zstd:1" | ||
| "noatime" | ||
| "ssd" | ||
| "space_cache=v2" | ||
| ]; | ||
| }; |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Consider applying space_cache=v2 consistently.
The /home filesystem uses space_cache=v2, which improves btrfs performance. For consistency and optimal performance, consider adding this option to all btrfs filesystems (/, /nix, /var/log, games, Documents).
Example for root filesystem:
fileSystems."/" =
{ device = "/dev/mapper/vg--system-root";
fsType = "btrfs";
options = [
"subvol=@"
"compress=zstd:1"
"noatime"
"ssd"
+ "space_cache=v2"
];
};Committable suggestion skipped: line range outside the PR's diff.
🤖 Prompt for AI Agents
In hosts/oak/hardware-configuration.nix around lines 55 to 65, the /home btrfs
mount uses "space_cache=v2" but other btrfs mounts (/, /nix, /var/log, games,
Documents) do not; update each btrfs fileSystems entry to include
"space_cache=v2" in their options arrays to ensure consistent kernel-level
free-space caching and improved performance, adding the option alongside
existing mount options for every btrfs dataset.
| fileSystems."/home/${vars.user}/games" = | ||
| { device = "/dev/mapper/vg--home-home"; | ||
| fsType = "btrfs"; | ||
| options = [ | ||
| "subvol=@games" | ||
| "compress=zstd:1" | ||
| "noatime" | ||
| "ssd" | ||
| ]; | ||
| neededForBoot = false; | ||
| }; | ||
|
|
||
| fileSystems."/home/${vars.user}/Documents" = | ||
| { device = "/dev/mapper/vg--home-home"; | ||
| fsType = "btrfs"; | ||
| options = [ | ||
| "subvol=@Documents" | ||
| "compress=zstd:3" | ||
| "noatime" | ||
| "ssd" | ||
| ]; | ||
| neededForBoot = false; | ||
| }; |
There was a problem hiding this comment.
User-specific mount points in hardware configuration are problematic.
Defining filesystem mounts at /home/${vars.user}/games and /home/${vars.user}/Documents in hardware-configuration.nix creates several issues:
- Tight coupling: Hardware config now depends on the
vars.uservariable - Portability: Changing usernames requires hardware config changes
- Mount failures: If the directories don't exist, systemd mount units will fail
- Separation of concerns: User-specific layouts belong in user/home configuration, not hardware config
Consider moving these to a separate user-filesystems configuration:
Create user-filesystems.nix:
{ config, vars, ... }:
{
# User-specific subvolume mounts
fileSystems."/home/${vars.user}/games" = {
device = "/dev/mapper/vg--home-home";
fsType = "btrfs";
options = [ "subvol=@games" "compress=zstd:1" "noatime" "ssd" ];
neededForBoot = false;
};
fileSystems."/home/${vars.user}/Documents" = {
device = "/dev/mapper/vg--home-home";
fsType = "btrfs";
options = [ "subvol=@Documents" "compress=zstd:3" "noatime" "ssd" ];
neededForBoot = false;
};
}Then import it in default.nix instead:
imports = [
./hardware-configuration.nix
./user-filesystems.nix
# ...
];| }; | ||
| star-citizen = { | ||
| packages = [ inputs.nix-gaming.packages.${pkgs.system}.star-citizen pkgs.lug-helper ]; | ||
| packages = [ inputs.nix-gaming.packages.${pkgs.system}.star-citizen ]; #pkgs.lug-helper ]; |
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
Remove commented-out code.
The inline comment #pkgs.lug-helper ] should be removed entirely rather than left as a comment. Dead code comments reduce readability and can cause confusion.
Apply this diff:
- packages = [ inputs.nix-gaming.packages.${pkgs.system}.star-citizen ]; #pkgs.lug-helper ];
+ packages = [ inputs.nix-gaming.packages.${pkgs.system}.star-citizen ];📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| packages = [ inputs.nix-gaming.packages.${pkgs.system}.star-citizen ]; #pkgs.lug-helper ]; | |
| packages = [ inputs.nix-gaming.packages.${pkgs.system}.star-citizen ]; |
🤖 Prompt for AI Agents
In modules/hm/common/games/games.nix around line 29, there's a commented-out
fragment ("#pkgs.lug-helper ]") trailing the packages list; remove that
commented dead code so the line reads only the active package entry (packages =
[ inputs.nix-gaming.packages.${pkgs.system}.star-citizen ];). Ensure no leftover
comment characters remain and run a quick nixfmt or lint to confirm syntax
remains valid.
| description = "Star Citizen Launcher"; | ||
| }; | ||
| geforce-now = { | ||
| packages = with pkgs; [ gfn-electron]; |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Fix formatting inconsistency.
There's missing whitespace before the closing bracket. Other entries in this file consistently use a space before ];.
Apply this diff:
- packages = with pkgs; [ gfn-electron];
+ packages = with pkgs; [ gfn-electron ];📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| packages = with pkgs; [ gfn-electron]; | |
| packages = with pkgs; [ gfn-electron ]; |
🤖 Prompt for AI Agents
In modules/hm/common/games/games.nix around line 33, the package list lacks the
space before the closing bracket; change the line from using "[ gfn-electron];"
to "[ gfn-electron ];", ensuring the spacing matches other entries in the file
for consistent formatting.
| dev.languages = { | ||
| php.enable = true; | ||
| flutter = { | ||
| enable = true; | ||
| withAndroid = true; | ||
| }; | ||
| android.enable = true; | ||
| }; |
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
🧩 Analysis chain
Verify Android module provides equivalent Flutter functionality.
The change from flutter.enable with withAndroid to android.enable is a breaking change. Please verify:
- The
androidmodule provides all necessary Android development tools previously included via Flutter'swithAndroidoption - If Flutter development is still required, ensure it's enabled elsewhere or users are notified to enable it separately
- This aligns with the PR objective of "Flutter replaced by Android development"
Run the following script to check if Flutter is still referenced elsewhere:
🏁 Script executed:
#!/bin/bash
# Description: Check for Flutter references in the codebase
# Search for Flutter module references
rg -n --type=nix 'flutter\.(enable|withAndroid)|languages\.flutter' -g '!*.md'
# Search for flutter package references
rg -n --type=nix '\bflutter\b' -g '!*.md' -C 2Length of output: 1052
I need to examine the Flutter and Android module implementations to verify feature parity.
Now let me search the codebase to inspect the actual Flutter and Android module implementations.
Let me examine the actual module files in the codebase to verify the change:
Let me examine the actual module files from the codebase to understand the configuration:
Based on my analysis of the script output from your first query and the web search results about Flutter development on NixOS, I can now generate the final review comment:
Verify that android.enable provides equivalent Android development tools without Flutter SDK.
The change from flutter.enable with withAndroid to android.enable may be incomplete. When Flutter is enabled in devenv, it automatically enables Dart alongside Android support, while enabling only the android module removes Flutter SDK entirely.
Confirm:
- If Flutter development is still required, it must be enabled separately (e.g.,
dart.enableor a dedicated Flutter module) - If Android-only development is the goal, verify all users of this config are aware that Flutter SDK is no longer provided
- Check that the
androidmodule provides all necessary build tools, emulator, and SDK components previously included via Flutter's Android support
🏁 Script executed:
#!/bin/bash
# Find and examine the Flutter and Android language modules
# First, find the flutter.nix module
echo "=== Finding flutter.nix ==="
fd -n "flutter.nix" --type f
# Find the android.nix or android module
echo -e "\n=== Finding android module ==="
fd -n "android.nix" --type f
# Look for languages directory structure
echo -e "\n=== Languages directory structure ==="
find modules -path "*/dev/languages*" -type d 2>/dev/null | head -20Length of output: 628
🏁 Script executed:
#!/bin/bash
# Examine the Flutter module contents
echo "=== Flutter module (flutter.nix) ==="
cat modules/system/common/dev/languages/flutter.nix
echo -e "\n=== Android module (android.nix) ==="
cat modules/system/common/dev/languages/android.nix 2>/dev/null || echo "File not found at expected location"
# Check what's in the languages directory
echo -e "\n=== Contents of languages directory ==="
ls -la modules/system/common/dev/languages/ 2>/dev/null || ls -la modules/hm/common/dev/languages/ 2>/dev/nullLength of output: 829
🏁 Script executed:
#!/bin/bash
# Check how flutter and android are configured in oak/default.nix context
echo "=== oak/default.nix context (lines 1-40) ==="
head -40 modules/system/hosts/oak/default.nix
# Check if there are any android-related configurations elsewhere in oak
echo -e "\n=== Android references in oak directory ==="
rg -n "android" modules/system/hosts/oak/ -g '!*.md'
# Check if flutter is imported/enabled in common defaults
echo -e "\n=== Flutter configuration in common/default.nix ==="
rg -n -A5 -B5 "flutter" modules/system/common/default.nix | head -40Length of output: 1300
🏁 Script executed:
#!/bin/bash
# Examine the flutter.nix module to see what options it provides
echo "=== Flutter module (flutter.nix) ==="
cat modules/system/common/dev/languages/flutter.nix 2>/dev/null | head -50
echo -e "\n=== Android module (android.nix) if exists ==="
cat modules/system/common/dev/languages/android.nix 2>/dev/null | head -50
# Check common/default.nix to see if flutter is enabled by default
echo -e "\n=== common/default.nix flutter configuration ==="
grep -A 10 -B 5 "flutter" modules/system/common/default.nix 2>/dev/null | head -40
# Check oak config context
echo -e "\n=== oak config (full) ==="
cat modules/system/hosts/oak/default.nixLength of output: 2013
Rename flutter.nix to android.nix—the file defines Android configuration but has a misleading filename.
The file modules/system/common/dev/languages/flutter.nix currently defines the Android development environment (with android-studio, adb, and user groups), not Flutter. While this aligns with the PR objective to replace Flutter with Android development, the filename is misleading and suggests incomplete refactoring.
The provided Android tools are adequate for Android development. However, verify:
- No developers need Flutter SDK separately (it is not provided)
- Rename the file to
modules/system/common/dev/languages/android.nixfor clarity
🤖 Prompt for AI Agents
In modules/system/hosts/oak/default.nix around lines 28-31, the dev.languages
entry references android but the underlying file is misleadingly named
modules/system/common/dev/languages/flutter.nix; rename that file to
modules/system/common/dev/languages/android.nix and update any
imports/references to use the new path, ensuring the file content still provides
android-studio, adb, and appropriate group configuration; additionally verify
with the team that no developers require the Flutter SDK (if they do, add a
separate flutter.nix that installs the Flutter SDK) and run a full Nix eval to
confirm there are no broken imports.
| # services.portmaster = { | ||
| # enable = true; | ||
| # devmode.enable = true; | ||
| # }; |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Document or remove the commented portmaster configuration.
The commented portmaster service configuration lacks context about why it's disabled and when it should be enabled. Consider either:
- Adding a TODO comment explaining the reason and conditions for enabling
- Removing it if it's not planned for near-term use
- Enabling it if the service is ready
🤖 Prompt for AI Agents
In modules/system/hosts/seed-birch/default.nix around lines 44 to 47, the
portmaster service block is left commented without context; either add a short
TODO comment explaining why it's disabled and when to enable it (e.g., "disabled
due to X; enable when Y"), remove the commented block entirely if it's not
planned to be used, or enable the service if it's production-ready—pick one
approach and apply it consistently so the intent is clear to future maintainers.
| inputs.caelestia-shell.packages.${system}.default | ||
| inputs.caelestia-cli.packages.${system}.default | ||
|
|
||
| # Not sure if all these dependencies are necessary or not | ||
| xdg-desktop-portal-hyprland | ||
| xdg-desktop-portal-gtk | ||
| hyprpicker | ||
| hypridle | ||
| wl-clipboard | ||
| cliphist | ||
| bluez | ||
| bluez-tools | ||
| inotify-tools | ||
| app2unit | ||
| wireplumber | ||
| trash-cli | ||
| foot | ||
| fish | ||
| fastfetch | ||
| starship | ||
| btop | ||
| jq | ||
| socat | ||
| imagemagick | ||
| curl | ||
| adw-gtk3 | ||
| papirus-icon-theme | ||
| kdePackages.qt6ct | ||
| libsForQt5.qt5ct | ||
| nerd-fonts.jetbrains-mono | ||
| ]; |
There was a problem hiding this comment.
Define system before using it in the Caelestia wrapper
system is undefined here, so evaluation blows up as soon as Nix expands inputs.caelestia-shell.packages.${system}. Bind it from the host platform (e.g. pkgs.stdenv.hostPlatform.system) before constructing the package list.
-{ pkgs, inputs, ... }: {
-
- services.upower.enable = true;
+{ pkgs, inputs, ... }:
+let
+ inherit (pkgs.stdenv.hostPlatform) system;
+in {
+
+ services.upower.enable = true;Committable suggestion skipped: line range outside the PR's diff.
🤖 Prompt for AI Agents
In modules/wrapper/caelestia.nix around lines 6 to 36, `system` is used in
expressions like inputs.caelestia-shell.packages.${system} but is not defined,
causing evaluation to fail; fix by binding `system` to the host platform before
constructing the package list (for example add a let-binding using the pkgs in
scope such as `system = pkgs.stdenv.hostPlatform.system` or otherwise import
`pkgs` and derive the host system), then replace use-sites with that bound
`system` so the inputs.*.packages.${system} references evaluate correctly.
| * [About](#about) | ||
| * [Features](#features) | ||
| * [Contents / Structure](#contents--structure) | ||
| * [Requirements](#requirements) | ||
| * [Installation](#installation) | ||
| * [Configuration](#configuration) | ||
| * [Usage](#usage) | ||
| * [Customization](#customization) | ||
| * [Modules](#modules) | ||
| * [Contributing](#contributing) | ||
| * [License](#license) | ||
| * [Roadmap / TODO](#roadmap--todo) |
There was a problem hiding this comment.
Fix Table of Contents anchors for emoji headings
Several ToC links (Features, Contents / Structure, Requirements, Installation, Configuration, Contributing, License) don’t jump anywhere because GitHub strips the emoji and prefixes the slug with a hyphen. Please align the entries with the actual section slugs (and add Project Description while you’re there) so navigation works.
-* [About](#about)
-* [Features](#features)
-* [Contents / Structure](#contents--structure)
-* [Requirements](#requirements)
-* [Installation](#installation)
-* [Configuration](#configuration)
+* [About](#about)
+* [Project Description](#-project-description)
+* [Key Features](#-key-features)
+* [Contents / Structure](#-contents--structure)
+* [Requirements](#-requirements)
+* [Installation](#-installation)
+* [Configuration](#-configuration)
* [Usage](#usage)
* [Customization](#customization)
* [Modules](#modules)
-* [Contributing](#contributing)
-* [License](#license)
+* [Contributing](#-contributing)
+* [License](#-license)
* [Roadmap / TODO](#roadmap--todo)📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| * [About](#about) | |
| * [Features](#features) | |
| * [Contents / Structure](#contents--structure) | |
| * [Requirements](#requirements) | |
| * [Installation](#installation) | |
| * [Configuration](#configuration) | |
| * [Usage](#usage) | |
| * [Customization](#customization) | |
| * [Modules](#modules) | |
| * [Contributing](#contributing) | |
| * [License](#license) | |
| * [Roadmap / TODO](#roadmap--todo) | |
| * [About](#about) | |
| * [Project Description](#-project-description) | |
| * [Key Features](#-key-features) | |
| * [Contents / Structure](#-contents--structure) | |
| * [Requirements](#-requirements) | |
| * [Installation](#-installation) | |
| * [Configuration](#-configuration) | |
| * [Usage](#usage) | |
| * [Customization](#customization) | |
| * [Modules](#modules) | |
| * [Contributing](#-contributing) | |
| * [License](#-license) | |
| * [Roadmap / TODO](#roadmap--todo) |
🧰 Tools
🪛 markdownlint-cli2 (0.18.1)
10-10: Link fragments should be valid
(MD051, link-fragments)
11-11: Link fragments should be valid
(MD051, link-fragments)
12-12: Link fragments should be valid
(MD051, link-fragments)
13-13: Link fragments should be valid
(MD051, link-fragments)
14-14: Link fragments should be valid
(MD051, link-fragments)
18-18: Link fragments should be valid
(MD051, link-fragments)
19-19: Link fragments should be valid
(MD051, link-fragments)
🤖 Prompt for AI Agents
In README.md around lines 9 to 20, the Table of Contents links don't match
GitHub's generated section slugs because emoji in headings are stripped and a
leading hyphen is added; update the listed entries so each link uses the actual
slug GitHub creates (for example include the leading hyphen before the word for
headings that start with an emoji) and add a "Project Description" entry with
the correct slug; ensure you update the entries: Features, Contents / Structure,
Requirements, Installation, Configuration, Contributing, License (and add
Project Description) to use the hyphen-prefixed slugs that match the
corresponding headings.
| @@ -0,0 +1 @@ | |||
| /nix/store/pcqgdvd7f2mbil1px790856fnjnz2wgr-nixos-system-oak-25.11.20251022.01f116e No newline at end of file | |||
There was a problem hiding this comment.
Build artifact should not be committed.
The result file contains a Nix store path, which is a build artifact generated locally. Build artifacts should not be committed to version control as they are environment-specific and unnecessary for the repository.
Apply this to remove the file and ensure it's gitignored:
#!/bin/bash
# Remove the result file
git rm result
# Ensure result is in .gitignore
if ! grep -q "^result$" .gitignore 2>/dev/null; then
echo "result" >> .gitignore
fi🤖 Prompt for AI Agents
In result around lines 1 to 1, the file is a Nix build artifact and should not
be committed; remove it from the repository (git rm result or git rm --cached
result if you want to keep a local copy), add a "result" entry to .gitignore if
absent, and commit the change (git add .gitignore && git commit -m "Remove build
artifact result and add to .gitignore"). Ensure no other build artifacts are
staged before committing.
|
🎉 This PR is included in version 1.4.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This pull request introduces a major overhaul to the repository, with a strong focus on improving documentation, simplifying host configuration, and modernizing the Nix flake setup for better maintainability and extensibility. The
README.mdis now much more comprehensive, the flake structure is refactored to use upstream inputs and modules, and host-specific configurations (especially foroak) are updated for clarity and best practices. Additionally, new hardware and filesystem setups are introduced, and obsolete deployment scripts are removed.Documentation Improvements
README.mdis completely rewritten to provide a clear overview, usage instructions, project features, and contribution guidelines, making it much more accessible for new users and contributors.TODO.mdis cleaned up to remove completed items and clarify remaining tasks.Flake and Input Refactoring
flake.nixnow uses upstreamnixpkgsandhome-managerinputs directly, removes the oldchaoticandnix-index-databaseinputs, and addsnixos-hardwarefor hardware-specific modules. Host configuration functions are simplified, and the default host is set tooak. [1] [2] [3] [4]rb,deploy-remote, etc.) and related devShell tooling are removed, streamlining the codebase.Host Configuration Updates
oakhost configuration (hosts/oak/default.nix) is refactored to use upstreamnixpkgsandhome-manager, modern overlays, and hardware modules fromnixos-hardware. The user setup and hardware options are also updated for clarity and security. [1] [2] [3] [4]oakhardware configuration switches to a modern Btrfs-based partitioning scheme with logical volumes for/,/nix,/var/log,/home, and user directories, improving performance and reliability.seed-birchis introduced, following the updated conventions and using upstream modules.