diff --git a/hosts/thegeneralist-central/configuration.nix b/hosts/thegeneralist-central/configuration.nix index 460e70d..4bec0ca 100644 --- a/hosts/thegeneralist-central/configuration.nix +++ b/hosts/thegeneralist-central/configuration.nix @@ -40,7 +40,6 @@ age.secrets.openclawGatewayEnv.owner = "thegeneralist"; age.secrets.openclawGatewayEnv.group = "users"; age.secrets.openclawGatewayEnv.mode = "0400"; - users.users = { thegeneralist = { isNormalUser = true; @@ -53,7 +52,7 @@ "scanner" "docker" ]; - shell = pkgs.zsh; + shell = pkgs.nushell; home = "/home/thegeneralist"; homeMode = "0750"; linger = true; @@ -92,31 +91,25 @@ ... }: let - # openclaw's packages require fetchPnpmDeps and other tooling that is - # only present in its own pinned nixpkgs input, so we must build from - # there rather than from the host nixpkgs. openclawPkgs = let pkgsAarch64 = import inputs.nix-openclaw.inputs.nixpkgs { system = "aarch64-linux"; }; + steipetePkgs = + if inputs.nix-openclaw.inputs.nix-steipete-tools ? packages + && builtins.hasAttr + "aarch64-linux" + inputs.nix-openclaw.inputs.nix-steipete-tools.packages + then + inputs.nix-openclaw.inputs.nix-steipete-tools.packages.aarch64-linux + else + { }; in import "${inputs.nix-openclaw}/nix/packages" { pkgs = pkgsAarch64; sourceInfo = import "${inputs.nix-openclaw}/nix/sources/openclaw-source.nix"; + inherit steipetePkgs; }; - - # openclaw bundles common CLI tools (rg, goplaces, …) directly in its - # /bin, which causes pkgs.buildEnv to abort with a "conflicting - # subpath" error when those tools are also in home.packages. - # - # Setting meta.priority = 10 (higher number = lower priority) tells - # buildEnv to silently prefer any other package that provides the same - # binary, instead of erroring out. Priority 5 is the nixpkgs default, - # so any explicitly installed package will win over openclaw's bundled - # copies while openclaw's own binaries (openclaw, openclaw-gateway, …) - # are still linked if nothing else claims them. - openclawPackage = openclawPkgs.openclaw.overrideAttrs (old: { - meta = (old.meta or { }) // { priority = 10; }; - }); + openclawPackage = openclawPkgs.openclaw; in { home = { @@ -126,39 +119,34 @@ }; programs.openclaw = { - instances.default = { - enable = true; - package = openclawPackage; + documents = ./openclaw-documents; + package = openclawPackage; + config = { + gateway = { + mode = "local"; + auth.mode = "token"; + }; - systemd.enable = true; - - config = { - gateway = { - mode = "local"; - auth.mode = "token"; - }; - - channels.telegram = { - tokenFile = osConfig.age.secrets.openclawTelegramToken.path; - # Placeholder overwritten at activation time by the script - # below, which reads the real ID from the age secret. - allowFrom = [ 0 ]; - groups."*" = { - requireMention = true; - }; + channels.telegram = { + tokenFile = osConfig.age.secrets.openclawTelegramToken.path; + # Replace with your Telegram user ID from @userinfobot. + allowFrom = [ 0 ]; + groups."*" = { + requireMention = true; }; }; }; + + instances.default = { + enable = true; + package = openclawPackage; + }; }; - # Inject gateway credentials (ANTHROPIC_API_KEY, gateway token, …) - # from the age-encrypted env file into the systemd unit at runtime. systemd.user.services.openclaw-gateway.Service.EnvironmentFile = [ osConfig.age.secrets.openclawGatewayEnv.path ]; - # Patch the generated openclaw.json to replace the placeholder 0 above - # with the real Telegram user ID stored in the age secret. home.activation.openclawTelegramAllowFrom = lib.hm.dag.entryAfter [ "openclawConfigFiles" ] '' set -euo pipefail diff --git a/hosts/thegeneralist-central/hardware-configuration.nix b/hosts/thegeneralist-central/hardware-configuration.nix index 1457e67..070666c 100644 --- a/hosts/thegeneralist-central/hardware-configuration.nix +++ b/hosts/thegeneralist-central/hardware-configuration.nix @@ -10,7 +10,6 @@ "sd_mod" ]; boot.initrd.kernelModules = [ ]; - boot.loader.systemd-boot.graceful = true; # Wi-Fi stuff nixpkgs.config.allowUnfree = true; diff --git a/modules/common/custom-options.nix b/modules/common/custom-options.nix index c55d401..9535eda 100644 --- a/modules/common/custom-options.nix +++ b/modules/common/custom-options.nix @@ -16,7 +16,7 @@ in { isServer = mkOption { type = types.bool; - default = config.nixpkgs.hostPlatform.isAarch64 && config.nixpkgs.hostPlatform.system == "aarch64-linux"; + default = config.nixpkgs.hostPlatform.isAarch64; description = "Whether the system is a server. Determined by the processor architecture."; }; diff --git a/modules/common/ghostty.nix b/modules/common/ghostty.nix index f6785bf..afa847a 100644 --- a/modules/common/ghostty.nix +++ b/modules/common/ghostty.nix @@ -25,7 +25,6 @@ gtk-titlebar = false; mouse-hide-while-typing = true; - custom-shader = "~/.config/ghostty-shaders/shader.glsl"; }; }; }]; diff --git a/modules/common/shell/0_nushell.nix b/modules/common/shell/0_nushell.nix index 0d66161..01ad1b6 100644 --- a/modules/common/shell/0_nushell.nix +++ b/modules/common/shell/0_nushell.nix @@ -20,7 +20,7 @@ let unstable = import (builtins.fetchTarball { url = "https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz"; - sha256 = if (config.isServer) then "sha256:0fgmdh1j6qrx64wq8wk2hry2rjh3rkvz9pch29l8zn49nlndvxy2" else (if (config.onLinux) then "sha256:0fgmdh1j6qrx64wq8wk2hry2rjh3rkvz9pch29l8zn49nlndvxy2" else "sha256:16xi1yijq2ccbp8254zc0b5fgz0igxvyf4yn349wj2ggk4cl6dgn"); + sha256 = if (config.onLinux) then "sha256:0fgmdh1j6qrx64wq8wk2hry2rjh3rkvz9pch29l8zn49nlndvxy2" else "sha256:16xi1yijq2ccbp8254zc0b5fgz0igxvyf4yn349wj2ggk4cl6dgn"; }) { system = pkgs.system; }; package = unstable.nushell; in diff --git a/modules/common/shell/default.nix b/modules/common/shell/default.nix index a6f4a5e..d3c37f7 100644 --- a/modules/common/shell/default.nix +++ b/modules/common/shell/default.nix @@ -11,6 +11,7 @@ let flatten getAttr mapAttrsToList + mkIf mkOption sortOn toInt @@ -63,28 +64,23 @@ in } ) - ( + (mkIf config.isDarwin ( homeArgs: let config' = homeArgs.config; - nuExecCondition = - if config.isDarwin then - ''[ -z "$INTELLIJ_ENVIRONMENT_READER" ] && [ -z "$skip" ]'' - else - ''[ -z "$INTELLIJ_ENVIRONMENT_READER" ] && [ -z "$skip" ] && [ -n "$SSH_TTY" ]''; in { home.file.".zshrc".text = # zsh '' - export PATH="$HOME/.local/bin:/run/current-system/sw/bin:/nix/var/nix/profiles/default/bin:/etc/profiles/per-user/$USER/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin''${PATH:+:}''${PATH}" + export PATH="/run/current-system/sw/bin:/nix/var/nix/profiles/default/bin:/etc/profiles/per-user/$USER/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin''${PATH:+:}''${PATH}" source ${config'.home.sessionVariablesPackage}/etc/profile.d/hm-session-vars.sh - if ${nuExecCondition}; then + if [ -z "$INTELLIJ_ENVIRONMENT_READER" ] && [ -z "$skip" ]; then SHELL='${lib.getExe <| lib.head config'.shellsByPriority}' exec "$SHELL" fi ''; } - ) + )) ]; }