feat: add sops-nix, centralize colors, and fix Stylix build#21
Merged
borland502 merged 9 commits intomainfrom May 2, 2026
Merged
feat: add sops-nix, centralize colors, and fix Stylix build#21borland502 merged 9 commits intomainfrom
borland502 merged 9 commits intomainfrom
Conversation
- Fix chezmoi-init to normalize backslashes to forward slashes when writing chezmoi.toml, preventing TOML parse errors on Windows (\U is misinterpreted as a Unicode escape sequence) - Add chezmoi-managed update_scoop.ps1 dotfile under dot_local/bin - Add Ensure-XdgDirectories to bootstrap-windows.ps1 to create standard XDG dirs (~/.local/bin, ~/.config, ~/.cache, etc.) on Windows - Add Ensure-Packages to bootstrap-windows.ps1 to idempotently install a core Scoop package set (git, chezmoi, task, ripgrep, fzf, go, etc.) - Add windows-bootstrap task for running bootstrap natively on Windows - Refactor taskfile.yaml: replace uname-based preconditions with proper platforms: guards; wrap all sh: var blocks in OS conditionals so task does not shell out to uname/hostname on Windows; use requires: for mandatory var checks instead of manual preconditions
Adds a chezmoi-based pipeline that keeps agent instructions available on Windows using the same agent-defaults.md single source of truth already used by the Nix/home-manager path. Changes: - chezmoi/.chezmoiignore -> .chezmoiignore.tmpl: template that suppresses the agent instruction paths on Linux/macOS (where home-manager owns them) and allows chezmoi to manage them on Windows only - chezmoi/dot_claude/CLAUDE.md: pre-rendered Claude instructions - chezmoi/dot_config/github-copilot/copilot-defaults.instructions.md, dot_config/github-copilot/intellij/global-copilot-instructions.md, dot_config/Code/User/prompts/copilot-defaults.instructions.md: pre-rendered Copilot instructions with YAML frontmatter - chezmoi/run_onchange_deploy-vscode-instructions.ps1.tmpl: chezmoi run script (Windows-only via template conditional) that copies the chezmoi-managed file to %APPDATA%\Code\User\prompts so Windows-native VS Code picks it up alongside the XDG path - taskfile.yaml: add generate:agent-instructions (renders source -> chezmoi files via sed) and check:agent-instructions (diffs rendered output against committed files, fails if stale); wire check into lint:nix so pre-commit and CI catch drift automatically
…tions - Replace stale directory tree with current structure (chezmoi/, lib/, instructions/, run_onchange script) - Add platform auto-detection table (Darwin/wsl/linux hostname rules) - Add Windows bootstrap section (task windows-bootstrap, chezmoi-init/apply) - Add Chezmoi Dotfile Management section explaining .chezmoiignore.tmpl platform split and the APPDATA run_onchange script - Add Agent Instructions section documenting the single-source pipeline, per-platform renderers, and generate:agent-instructions workflow - Correct Home Manager Profiles to match actual package contents - Add generate:agent-instructions and check:agent-instructions to Maintenance - Update Git Hooks section to mention check:agent-instructions in pre-commit - Remove Migration from Old Structure section (no longer relevant) - Remove stale macOS notes about ncdu and 2025 LLVM/Zig build warnings
…ools to home-manager
- Add sops-nix with age encryption across all platforms (WSL, Linux, Darwin) - Add .sops.yaml with age recipient key for secrets/ and hosts/*/secrets/ - Add home-manager/modules/sops.nix configuring age key path - Add chezmoi/.chezmoi.toml.tmpl to write [age] identity on bootstrap - Add scripts/provision-secrets.sh: gum-based secret provisioning script - Centralize all palette colors into home-manager/lib/colors.nix (Nix mirror) and home-manager/config/colors/monokai.base24.yaml (Stylix source, clean) - Replace classic Monokai kitty palette with Spectrumish base24 mapping injected via home-darwin.nix; strip color section from kitty.conf - Replace all hardcoded hex values in starship-settings.nix and zsh.nix with references to lib/colors.nix - Fix: remove stylixInputsModule (stylix.homeModules.stylix already sets stylix.inputs via flake-parts closure; duplicate readOnly definition broke build) - Fix: remove inline comments and extras section from YAML palette (fromYaml.nix pure-Nix parser crashes on them) - Fix: remove duplicate starship os.symbols from home-wsl.nix (common.nix already defines them via starship-settings.nix) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
lib/colors.nix); replace all hardcoded hex values in starship and zsh configsscripts/provision-secrets.sh: interactive gum-based age key provisioning scriptstylixInputsModule(readOnly conflict), YAML parser crashes on inline comments/extras, duplicate starship symbols inhome-wsl.nixTest plan
nix build .#nixosConfigurations.wsl.config.system.build.toplevel --dry-runpassesnix build .#nixosConfigurations.linux.config.system.build.toplevel --dry-runpassesnix build .#homeConfigurations."nixos@wsl".activationPackage --dry-runpassesscripts/provision-secrets.shprompts for age key and writes to~/.config/sops/age/keys.txt🤖 Generated with Claude Code