remove openclaw

2026-05-30 08:37:01 +02:00 · 2026-03-30 11:48:52 +02:00 · 2026-03-30 11:48:52 +02:00 · 609179ec34
commit 609179ec34
parent 9399b1ab37
7 changed files with 1 additions and 176 deletions
--- a/flake.lock
+++ b/flake.lock
@ -234,27 +234,6 @@
        "type": "github"
      }
    },
-    "home-manager_2": {
-      "inputs": {
-        "nixpkgs": [
-          "nix-openclaw",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1767909183,
-        "narHash": "sha256-u/bcU0xePi5bgNoRsiqSIwaGBwDilKKFTz3g0hqOBAo=",
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "rev": "cd6e96d56ed4b2a779ac73a1227e0bb1519b3509",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "type": "github"
-      }
-    },
    "homebrew-cask": {
      "flake": false,
      "locked": {
@ -384,46 +363,6 @@
        "type": "github"
      }
    },
-    "nix-openclaw": {
-      "inputs": {
-        "flake-utils": "flake-utils_3",
-        "home-manager": "home-manager_2",
-        "nix-steipete-tools": "nix-steipete-tools",
-        "nixpkgs": "nixpkgs_2"
-      },
-      "locked": {
-        "lastModified": 1773558880,
-        "narHash": "sha256-hBkRVF4qzFa8GPUXe6X1hH9TmpuQhrqZUeKJZWFQwu4=",
-        "owner": "openclaw",
-        "repo": "nix-openclaw",
-        "rev": "3d784abe7f0305a4bd1b6f5c9a5a5de213637cf3",
-        "type": "github"
-      },
-      "original": {
-        "owner": "openclaw",
-        "repo": "nix-openclaw",
-        "rev": "3d784abe7f0305a4bd1b6f5c9a5a5de213637cf3",
-        "type": "github"
-      }
-    },
-    "nix-steipete-tools": {
-      "inputs": {
-        "nixpkgs": "nixpkgs"
-      },
-      "locked": {
-        "lastModified": 1773283011,
-        "narHash": "sha256-bRsRSdy2Wez2zUWZha6wYCcNwcUyYAOtP4/GOX4htLw=",
-        "owner": "openclaw",
-        "repo": "nix-steipete-tools",
-        "rev": "526067c585ede853ebd16172bb8a461ccc1df55c",
-        "type": "github"
-      },
-      "original": {
-        "owner": "openclaw",
-        "repo": "nix-steipete-tools",
-        "type": "github"
-      }
-    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1767364772,
@ -488,22 +427,6 @@
        "type": "github"
      }
    },
-    "nixpkgs_2": {
-      "locked": {
-        "lastModified": 1767767207,
-        "narHash": "sha256-Mj3d3PfwltLmukFal5i3fFt27L6NiKXdBezC1EBuZs4=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "5912c1772a44e31bf1c63c0390b90501e5026886",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
    "nixpkgs_3": {
      "locked": {
        "lastModified": 1755186698,
@ -628,7 +551,6 @@
        "niri": "niri",
        "nix-darwin": "nix-darwin",
        "nix-homebrew": "nix-homebrew",
-        "nix-openclaw": "nix-openclaw",
        "nixpkgs": "nixpkgs_3",
        "noctalia": "noctalia",
        "noctalia-qs": "noctalia-qs",
--- a/flake.nix
+++ b/flake.nix
@ -31,10 +31,6 @@
      inputs.darwin.follows = "nix-darwin";
    };

-    nix-openclaw = {
-      url = "github:openclaw/nix-openclaw/3d784abe7f0305a4bd1b6f5c9a5a5de213637cf3";
-    };
-
    ghostty = {
      url = "github:ghostty-org/ghostty";
    };
--- a/hosts/thegeneralist-central/configuration.nix
+++ b/hosts/thegeneralist-central/configuration.nix
@ -23,8 +23,6 @@
  age.secrets.readlaterBotToken.file = ./readlater-bot-token.age;
  age.secrets.readlaterBotSyncToken.file = ./readlater-bot-sync-token.age;
  age.secrets.readlaterBotUserId.file = ./readlater-bot-user-id.age;
-  age.secrets.openclawTelegramToken.file = ./openclaw-telegram-token.age;
-  age.secrets.openclawGatewayEnv.file = ./openclaw-gateway.env.age;
  age.secrets.readlaterBotToken.owner = "thegeneralist";
  age.secrets.readlaterBotToken.group = "users";
  age.secrets.readlaterBotToken.mode = "0400";
@ -34,12 +32,6 @@
  age.secrets.readlaterBotUserId.owner = "thegeneralist";
  age.secrets.readlaterBotUserId.group = "users";
  age.secrets.readlaterBotUserId.mode = "0400";
-  age.secrets.openclawTelegramToken.owner = "thegeneralist";
-  age.secrets.openclawTelegramToken.group = "users";
-  age.secrets.openclawTelegramToken.mode = "0400";
-  age.secrets.openclawGatewayEnv.owner = "thegeneralist";
-  age.secrets.openclawGatewayEnv.group = "users";
-  age.secrets.openclawGatewayEnv.mode = "0400";

  users.users = {
    thegeneralist = {
@ -82,97 +74,16 @@
  home-manager = {
    backupFileExtension = "home.bak";
    extraSpecialArgs = { inherit inputs; };
-    sharedModules = [ inputs.nix-openclaw.homeManagerModules.openclaw ];
    users.thegeneralist =
      {
-        osConfig,
-        lib,
-        pkgs,
-        inputs,
        ...
      }:
-      let
-        # openclaw's packages require fetchPnpmDeps and other tooling that is
-        # only present in its own pinned nixpkgs input, so we must build from
-        # there rather than from the host nixpkgs.
-        openclawPkgs =
-          let
-            pkgsAarch64 = import inputs.nix-openclaw.inputs.nixpkgs { system = "aarch64-linux"; };
-          in
-          import "${inputs.nix-openclaw}/nix/packages" {
-            pkgs = pkgsAarch64;
-            sourceInfo = import "${inputs.nix-openclaw}/nix/sources/openclaw-source.nix";
-          };
-
-        # openclaw bundles common CLI tools (rg, goplaces, …) directly in its
-        # /bin, which causes pkgs.buildEnv to abort with a "conflicting
-        # subpath" error when those tools are also in home.packages.
-        #
-        # Setting meta.priority = 10 (higher number = lower priority) tells
-        # buildEnv to silently prefer any other package that provides the same
-        # binary, instead of erroring out.  Priority 5 is the nixpkgs default,
-        # so any explicitly installed package will win over openclaw's bundled
-        # copies while openclaw's own binaries (openclaw, openclaw-gateway, …)
-        # are still linked if nothing else claims them.
-        openclawPackage = openclawPkgs.openclaw.overrideAttrs (old: {
-          meta = (old.meta or { }) // { priority = 10; };
-        });
-      in
      {
        home = {
          username = "thegeneralist";
          homeDirectory = "/home/thegeneralist";
          stateVersion = "25.11";
        };
-
-        programs.openclaw = {
-          instances.default = {
-            enable = true;
-            package = openclawPackage;
-
-            systemd.enable = true;
-
-            config = {
-              gateway = {
-                mode = "local";
-                auth.mode = "token";
-              };
-
-              channels.telegram = {
-                tokenFile = osConfig.age.secrets.openclawTelegramToken.path;
-                # Placeholder overwritten at activation time by the script
-                # below, which reads the real ID from the age secret.
-                allowFrom = [ 0 ];
-                groups."*" = {
-                  requireMention = true;
-                };
-              };
-            };
-          };
-        };
-
-        # Inject gateway credentials (ANTHROPIC_API_KEY, gateway token, …)
-        # from the age-encrypted env file into the systemd unit at runtime.
-        systemd.user.services.openclaw-gateway.Service.EnvironmentFile = [
-          osConfig.age.secrets.openclawGatewayEnv.path
-        ];
-
-        # Patch the generated openclaw.json to replace the placeholder 0 above
-        # with the real Telegram user ID stored in the age secret.
-        home.activation.openclawTelegramAllowFrom =
-          lib.hm.dag.entryAfter [ "openclawConfigFiles" ] ''
-            set -euo pipefail
-
-            user_id="$(${lib.getExe' pkgs.coreutils "cat"} ${osConfig.age.secrets.readlaterBotUserId.path})"
-            tmp="$(${lib.getExe' pkgs.coreutils "mktemp"})"
-
-            ${lib.getExe pkgs.jq} --argjson user_id "$user_id" \
-              '.channels.telegram.allowFrom = [$user_id]' \
-              /home/thegeneralist/.openclaw/openclaw.json > "$tmp"
-
-            rm -f /home/thegeneralist/.openclaw/openclaw.json
-            mv "$tmp" /home/thegeneralist/.openclaw/openclaw.json
-          '';
      };
  };

--- a/hosts/thegeneralist-central/openclaw-gateway.env.age
+++ b/hosts/thegeneralist-central/openclaw-gateway.env.age
--- a/hosts/thegeneralist-central/openclaw-telegram-token.age
+++ b/hosts/thegeneralist-central/openclaw-telegram-token.age
--- a/lib/system.nix
+++ b/lib/system.nix
@ -14,9 +14,7 @@ let
  collectInputModules = packagePath:
    let
      getModule = name: input:
-        if name == "nix-openclaw" && packagePath == [ "overlays" "default" ] then
-          []
-        else if hasAttrByPath packagePath input
+        if hasAttrByPath packagePath input
        then [ (getAttrFromPath packagePath input) ]
        else [];
    in
--- a/secrets.nix
+++ b/secrets.nix
@ -18,8 +18,6 @@ in
  "hosts/thegeneralist-central/readlater-bot-token.age".publicKeys = [ thegeneralist ];
  "hosts/thegeneralist-central/readlater-bot-sync-token.age".publicKeys = [ thegeneralist ];
  "hosts/thegeneralist-central/readlater-bot-user-id.age".publicKeys = [ thegeneralist ];
-  "hosts/thegeneralist-central/openclaw-telegram-token.age".publicKeys = [ thegeneralist ];
-  "hosts/thegeneralist-central/openclaw-gateway.env.age".publicKeys = [ thegeneralist ];

  "modules/linux/tailscale-marshall.age".publicKeys = [ thegeneralist ];
 }