- Update lib/state-schema.nix to default both home and system themes to 'summer-night'.
- Fix 'nomarchy-theme-list' and 'nomarchy-theme-set-templates' to resolve themes and templates from '~/.local/share/nomarchy' instead of the obsolete '$NOMARCHY_PATH' (fixing failures on Live ISO).
- Update 'nomarchy-welcome' to properly convert Title Case theme display names back to kebab-case identifiers and add input validation to prevent crashes.
- Fix installer impermanence symlink by using a relative path ('../persist/etc/nixos'), ensuring it resolves during 'nixos-install' both inside and outside the chroot.
- Deploy '~/.XCompose' symlink via Home Manager and add 'nomarchy-restart-xcompose' to the menu.
- Relocate 'Nomarchy.ttf' to 'core/branding/' and move user-level scripts ('pkg-add', 'pkg-remove', 'env-update', 'preflight-migration') to 'features/scripts/utils/' to align with the distro architecture.
- Remove obsolete '$NOMARCHY_PATH' exports and redundant 'bashrc' template.
- Export theme templates via 'xdg.dataFile' for script accessibility.
Audited every entry in `installer/hardware-db.sh` against
`inputs.nixos-hardware.nixosModules` and found **21 of 43 entries (49%)
referenced modules that don't exist** in the upstream attribute set —
those installs would fail at eval time with "attribute not found"
errors on real hardware. Specifically:
- Framework 13 per-gen: nixos-hardware uses `framework-11th-gen-intel`,
not `framework-13-11th-gen-intel`. Fixed all four generations.
- Framework 13 AMD AI 300: `framework-amd-ai-300-series` (no "13-").
- Framework Intel Core Ultra: added `framework-intel-core-ultra-series1`.
- Framework 16 AMD AI 300: added `framework-16-amd-ai-300-series`.
- Framework generic fallback now uses the `framework` umbrella module.
- ThinkPad X1 Carbon: modules are `lenovo-thinkpad-x1-Nth-gen`,
not `-x1-carbon-genN`. Fixed gens 6/7/9/10/11; added X1 Nano.
- ThinkPad P14s: requires arch+gen suffix; switched to the AMD gen3/4/5
modules (the prior `lenovo-thinkpad-p14s` had no attribute).
- Surface Pro 6/7/8/10: all share `microsoft-surface-pro-intel`. Pro 9
keeps its dedicated module. Pro 3 fixed to `-pro-3`. Surface Book
2/3 and Intel-based Surface Laptop 3/4/5: no nixos-hardware module
— rows dropped; generic chassis+cpu+gpu detection still emits
sensible `common-pc-laptop`.
- ASUS ROG Strix G513 → `asus-rog-strix-g513im` (correct attr name).
- ASUS ROG Zephyrus GA403 didn't exist — dropped. Added `ga402x`,
`gu603h`, `g533zw`.
- ASUS Zenbook generic `asus-zenbook-ux` was non-existent — dropped
(too vague; available modules are per-model like `asus-zenbook-ux481`).
- Dell Latitude 5400 / 7480: no modules — replaced with the existing
`dell-latitude-7420`, `7430`, `7490`.
Added:
- ROG Ally / Ally X support (`asus-ally-rc71l` for `RC71L`,
`RC72LA`, and the "ROG Ally" product string). nixos-hardware
currently ships one module for both revisions.
Documented (in a footer comment) the devices nixos-hardware doesn't
cover so they're known-unsupported rather than accidentally missing:
- Valve Steam Deck → Jovian-NixOS as a separate flake input.
- Snapdragon X laptops → aarch64 only; Nomarchy installer is x86_64.
- Raspberry Pi → same as above.
Bug discovered along the way: the DB's pipe-separated row format
collides with bash regex alternation. A row like
`Microsoft|Surface Pro (10|8|7|6)|_|module` parses as 7 fields, with
"7" extracted as the module name. Surface Pro variants are now one
row per version.
CI gate added (`.forgejo/workflows/check.yml`): a new step extracts
every 4th-pipe-field from `HARDWARE_DB` and `comm -23`s it against
`inputs.nixos-hardware.nixosModules`. Any future entry pointing at a
non-existent module fails CI with a clear error. Closes the regression
class entirely.
Verified locally: bash -n + shellcheck --severity=error pass on
hardware-db.sh; the CI step's exact commands pass against the new DB.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Closes the last source-of-truth split after the state-defaults
centralization batches. The installer's heredoc was the only remaining
place that hardcoded the state.json literal — adding a default to the
schema previously required a parallel edit here, and silent drift was
exactly the bug class we kept fixing.
Before:
cat > /mnt/etc/nixos/state.json <<JSON_EOF
{
"theme": "nord",
"timezone": "${_state_tz}",
"dns": "DHCP",
...
}
JSON_EOF
After:
nix eval --impure --raw --expr "
let
flake = builtins.getFlake \"$NOMARCHY_REPO\";
lib = flake.inputs.nixpkgs.lib;
schema = import \"$NOMARCHY_REPO/lib/state-schema.nix\"
{ inherit lib; };
state = schema.system // { timezone = \"$_state_tz\"; };
in builtins.toJSON state
" | nrun jq '.' > /mnt/etc/nixos/state.json
Uses the flake's own pinned `inputs.nixpkgs` (matching what the rest of
Nomarchy resolves against), so the schema evaluates with the same `lib`
the consumer modules see. `nrun jq` pretty-prints for human inspection.
Behavioural notes:
- Output is identical to the old heredoc modulo alphabetical key
ordering — `builtins.toJSON` sorts keys, the heredoc was in
declaration order. Toggle scripts read/write via `jq` so it's
invisible to them.
- Dry-run path unchanged. `execute_dry_run` already bind-mounts a fake
/mnt for the generator; the generator's absolute paths still resolve.
- New schema fields show up automatically on the next install; no
parallel edit needed.
- `bash -n` + `shellcheck --severity=error` clean.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Four resume-flow papercuts in `installer/install.sh` that hurt the
"interrupted install" path the most.
1. `--resume` with no state file is no longer silent.
The most common operator confusion: reboot the live ISO, forget
/tmp/ is tmpfs, re-run with --resume, watch the installer start
over from scratch without saying anything. Now: loud error, tmpfs
explanation, exit 1.
2. Validate the saved TARGET_DRIVE still exists on resume.
Live ISO USB sticks get unplugged between sessions, dev hosts
sometimes have non-deterministic /dev/sdX numbering. Without the
guard the install proceeds and fails with cryptic disko / mount
errors deep in execute_installation. Now we fail at load_state
with the actual reason and a clean recovery path.
3. Resume now shows what's being resumed.
`save_state` stamps an ISO-8601 timestamp; `load_state` prints
"Resumed from <path> (saved Xm ago)" plus a "Target: /dev/X → user
@ host" summary line. Lets the user Ctrl-C before any destructive
prompt fires if they're resuming onto the wrong machine.
4. `--help` documents the tmpfs limitation.
Saved state lives in /tmp/ which is tmpfs on the live ISO; --resume
only works within the same boot. The man-page now says so instead
of letting users discover it the hard way.
`format_age` is the one new helper — pretty-prints "Xs/Xm/Xh Ym/Xd"
relative to now, falls back to the raw timestamp if `date -d` can't
parse the input. shellcheck --severity=error passes.
Out of scope (potential future work):
- Persistent state across reboots (would need a writable USB / external
drive — chicken/egg with the installer setting up the only persistent
storage in the first place).
- `--show-state` flag to inspect a saved file without running.
- State-file schema versioning.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Several installer reliability fixes that were left uncommitted:
- Impermanence + multi-disk LUKS: disko-config.nix names the main LUKS
mapping `crypted` for single-disk and `crypted_main` once extraDrives is
non-empty. The impermanence rollback hook used to hardcode `crypted`,
which made every multi-disk install fail to mount root in initrd. Added
a `nomarchy.system.impermanence.mainLuksName` option and wired the
installer to write the correct value into the generated system.nix
based on the drive count.
- Password no longer cleartext in /etc/nixos: installer now hashes the
user password with `mkpasswd -m sha-512` and emits
`initialHashedPassword` instead of `initialPassword`. Added mkpasswd to
the live ISO. Cleartext is unset immediately after hashing.
USER_PASSWORD_HASH is deliberately not persisted in --resume state —
configure_user re-prompts on resume.
- Revision pinning that actually works on the live ISO: `inputs.self`
strips .git in the Nix store copy, so `git rev-parse HEAD` would silently
return empty on a real install and the generated flake would track main.
Live ISO now writes `/etc/nomarchy-rev` from `inputs.self.rev` at build
time; install.sh reads it first, falls back to git, and aborts with a
loud confirmation prompt if both are empty (instead of silently
installing an unpinned system).
- Generated `/mnt/etc/nixos/state.json`: toggle scripts (nomarchy-tz-select,
nomarchy-setup-{fido2,fingerprint}, nomarchy-toggle-hybrid-gpu,
nomarchy-wifi-powersave) `jq` this file in place and fail hard if it
doesn't exist. Fresh installs now ship a schema-conformant file matching
lib/state-schema.nix.
- Unmount /mnt before exiting `finish()` regardless of reboot choice. Clean
unmount avoids dirty BTRFS on reboot; on "no", leaving /mnt mounted
blocked a second installer run on the same live ISO.
- Removed obsolete `installer/disko-btrfs-luks.nix` (superseded by
`disko-config.nix` per commit 3aadc36) and dropped its dangling
`docs/STRUCTURE.md` reference.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Move temporary LUKS keyfile to /tmp/ so Disko omits it from runtime config
- Explicitly add x-systemd.requires and x-systemd.device-timeout=0 to BTRFS mount options
- Ensures all LUKS devices are decrypted before BTRFS attempts to mount
- installer: set recursive ownership of /etc/nixos to main user post-install
- themes: fix NOMARCHY_PATH and discovery logic for Lua theme menu
- scripts: update CLI wrappers (font, theme, wallpaper) to use Walker menus
- core: remove obsolete NOMARCHY_PATH and cleanup dead code
- features: add pkgs.lua for Walker and remove obsolete switcher.nix
- docs: update ROADMAP.md, SCRIPTS.md and STRUCTURE.md
The post-install standalone HM activation kept failing in new ways
(daemon access, git ownership, missing PATH on first boot). Wire HM as
a NixOS module in the generated flake instead, so first-boot dotfiles
are activated by `nixos-install` itself with proper system context. The
standalone `homeConfigurations.<user>` is kept alongside for fast
iteration via `nomarchy-env-update`. Also:
- Drop the chroot HM activation block from the installer entirely.
- Move `nomarchy-env-update` from `features/scripts/utils/` to
`core/system/scripts/` so it ships in `nomarchy-system-scripts` and
exists on a freshly-installed system regardless of HM state.
- Set system-wide git `safe.directory` for /etc/nixos and the
impermanence-relocated /persist/etc/nixos so the user-mode HM run
doesn't trip on the root-owned flake repo.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
HM activation inside `nixos-enter` failed with `big.lock: Permission
denied` because the chroot has no systemd and therefore no nix-daemon —
the user-level `nix run` fell back to single-user mode and couldn't
write /nix/var/nix/db. Launch nix-daemon manually for the activation
window and force NIX_REMOTE=daemon. Also mark /etc/nixos (and the
impermanence path) as a git safe.directory so HM doesn't trip over
git's dubious-ownership check on the root-owned repo. Make
nomarchy-env-update self-bootstrap via `nix run home-manager` when
home-manager isn't on PATH so the recovery hint actually works on a
freshly-installed system.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Pass --yes-wipe-all-disks to disko so the silent gum-spin path no
longer hangs forever waiting on a hidden "yes" confirmation prompt
(added in disko 1.13's destroy,format,mount mode).
- Stop threading an externally-built pkgs into the user flake's
nixosSystem; configure nixpkgs through the module system instead so
core/system/default.nix's nixpkgs.config.allowUnfree stops conflicting
with the assertion "system configures nixpkgs with an externally
created instance".
- Enable boot.loader.systemd-boot in the generated system.nix so the
installed system has an actual bootloader (disko already lays out a
1 GiB ESP at /boot).
- Bump nix.settings.download-buffer-size to 512 MiB to silence the
"download buffer is full" warning on large NAR fetches.
- Activate home-manager via `runuser -l` instead of `runuser -u … --
env HOME=…`. The latter only switches uid and leaves \$USER=root, so
HM's activation script saw root, warned, and wrote dotfiles into
/root/ — meaning the user's first login had no Hyprland config.
- Revert default Hyprland monitor line back to highres (live ISO and
user default) — preferred falls back to EDID's 1024x768 in QEMU and
on several laptop panels, which is the bug highres was put there to
defeat.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- nrun git git init -q passed 'git' as a subcommand to git itself,
failing the post-disko repo init. Drop the duplicated arg.
- disko's luks module reads passwordFile at the top level; placing it
under settings.* meant it was silently ignored and disko fell back
to askPassword=true, prompting the user again on luksOpen. Move the
option to the right scope.
- configure_impermanence now uses local rc, nrun gum confirm, and an
explicit case (0/1/130) with a final return 0 so a No answer no
longer aborts the installer.
- run_disko_with_retry hides disko's chatty output behind a gum spin
by default and surfaces the captured log on failure. Set
NOMARCHY_VERBOSE_DISKO=1 to stream output live.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Fix critical bash dynamic scoping bug in install.sh (Impermanence/Form Factor).
- Polished Live ISO with auto-login and passwordless sudo.
- Repurposed nomarchy-toggle-suspend to directly execute systemctl suspend.
- Updated nomarchy-launch-wifi to use nmtui in alacritty.
- Optimized nomarchy-welcome to avoid redundant rebuilds via --no-update flag.
- Enabled nomarchy-welcome in Hyprland autostart.
- Wrapped Live ISO-modifying steps in welcome wizard to prevent failures.
- Removed obsolete hardware auto-detection from nomarchy-on-boot.
- Hardened script doc generator against false-positive wildcard tokens.
- Regenerated docs/SCRIPTS.md and updated docs/ROADMAP.md.
- Refactor generated flake.nix to use the Appliance Model.
- Downstream flake now only defines the 'nomarchy' input.
- Dependencies (nixpkgs, home-manager) are inherited from nomarchy.inputs to ensure maximum stability and version alignment with upstream.
- Fix disko-config.nix signature by adding '...' to handle unexpected CLI arguments.
- Update disko mode to 'destroy,format,mount' for the modern API and to avoid deprecation warnings.
- Fix infinite loops in 'configure_impermanence' and 'confirm_form_factor' caused by misinterpreting 'No' (rc=1) as an abort.
The disk phase was the dominant source of incomplete installs. Six
concrete failure modes addressed in one pass:
1. Live-ISO USB excluded from the disk picker. select_disk previously
filtered loop|ram|zram|sr but not the device the installer booted
from; picking it would format the boot media mid-install. New
detect_live_iso_devices walks /, /iso, /run/initramfs/live,
/nix/.ro-store, /nix/store and resolves each backing device to its
parent disk via lsblk -no PKNAME. Override with
NOMARCHY_INSTALL_ALLOW_ISO_TARGET=1 for the developer case.
2. 10 GiB minimum-capacity preflight. Disko fails late and obscurely
on undersized media; surface it while the picker is still open.
3. prewipe_target_drive rewritten:
- Enumerates every active dm-crypt mapping via dmsetup ls and
closes those whose backing device is on the target drive. The
old version only knew about the hardcoded names "crypted" /
"crypted_main" so an aborted multi-disk run or a non-Nomarchy
install would leave a holder open and silently break the wipe.
- Drops `|| true` from wipefs / sgdisk / dd. After the LUKS and
swap teardown above, a real failure means something is still
holding the device — surface that instead of papering over it.
- udevadm settle bounded to 30s so a flapping USB can't hang.
- Post-wipe sanity check: refuse to hand the disk to disko if
anything is still mounted off it.
4. run_disko_with_retry wraps the disko call. On failure, shows the
last 30 lines of output via gum style and offers Retry /
View full log / Abort. set -e is suspended for the disko call so
the exit code can be inspected. The previous bare `disko --mode
disko` aborted the whole installer with output scrolled past.
5. Sed-templated disko-golden.nix + disko-btrfs-multi.nix pair
replaced by a single disko-config.nix Nix function of
{ mainDrive, extraDrives ? [] } called via --argstr / --arg.
Templating Nix via shell-escaped string substitution caused at
least one production bug (3aadc36 fixed embedded-newline
escaping); function arguments are the right shape and eliminate
the entire class of escaping concerns. Single-disk path is
`extraDrives = []`; multi-disk gets BTRFS `-d single -m raid1`
plus the additional /dev/mapper/* devices. Hosts that shipped
/etc/disko-golden.nix now ship /etc/disko-config.nix.
6. EXIT trap added so the tmpfs LUKS key file (/dev/shm/nomarchy-
luks.key) is removed even if the script aborts between key-write
and the explicit unset. Replaced redundant `shred -u` on tmpfs
with `rm -f` (already in RAM).
Verification: bash -n on install.sh, nix-instantiate parse + strict
eval on disko-config.nix in both single and multi shapes, full
nix flake check --no-build evaluating all three NixOS configurations
(default, nomarchy-installer, nomarchy-live) plus the installerVm.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Implement a step-based state machine in main loop to support 'Back' navigation via Esc.
- Refactor all prompts to use safe exit-code capture (rc -eq 130/1) and handle 'not submitted' output.
- Add input flushing after Esc events to prevent cascading backtrack signals.
- Add short-circuit checks to every wizard stage for reliable skip-forward behavior.
- Fix sed error when generating multi-disk configurations by escaping newlines in additional_disks.
- Add explicit 'Set a hostname' message to the hostname prompt.
- Convert unsafe short-circuit lists to safe if statements to prevent set -e crashes.
- Allow selecting multiple drives in the TTY installer using gum choose --no-limit.
- Add installer/disko-btrfs-multi.nix template for BTRFS RAID/Single setups.
- Dynamically generate multi-disk disko configurations with LUKS-on-every-disk.
- Default to BTRFS 'single' data and 'raid1' metadata for maximum capacity across mismatched drives (e.g., 20GB + 120GB SSDs).
- Update roadmap and structure documentation to reflect the new capabilities.
- Rename installerIso and installerIsoGraphical to nomarchy-installer and nomarchy-live.
- Update host configurations with proper Nomarchy branding and volume IDs.
- Fix nomarchy-test-live-iso QEMU launch by using -drive if=pflash for UEFI firmware.
- Add nomarchy-build-live-iso utility script.
- Scrub remaining Omarchy references in Plymouth, installer messages, and docs.
- Regenerate docs/SCRIPTS.md to reflect new and renamed utilities.
Previously the review screen only offered Confirm/Abort, so a typo or
wrong-disk choice meant aborting the whole run and starting over (or
hand-editing /tmp/nomarchy-install.state.sh). On --resume the situation
was worse: every prompt re-runs (each short-circuits when its var is
set), the user lands on a review they can't change.
review_configuration() now offers Continue / Edit a field / Abort. Edit
opens a multi-select of every saved field; chosen fields clear and the
next loop iteration in main() re-prompts only those. The LUKS passphrase
short-circuits when already set, so editing other fields doesn't
re-prompt for it.
Net flow change:
- Fresh install: same prompts, then review with Edit option (typo fixes
without restarting).
- --resume: state loads, every prompt skips (vars set), lands straight on
review — exactly what the roadmap entry called for.
Verified via `bash -n`. Live VM dry-run not exercised in this session.
Replaces the bare `NAME SIZE` lsblk listing in select_disk with a
six-column table — NAME, SIZE, TYPE, VENDOR, MODEL, SERIAL — aligned
via column -t. TYPE is derived from ROTA + TRAN (NVMe / USB / SSD /
HDD). Empty vendor/model/serial fields render as `--` instead of
collapsing the alignment. Filters loop, ram, zram, sr devices.
Roadmap row moves to Shipped.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Installer prompts for keyboard layout (with optional variant) and locale
via curated short list + Other… fallback into the full localectl list;
applies to the live session immediately (loadkeys + hyprctl) so the
rest of the install types correctly. Generated system.nix emits
console.keyMap, i18n.defaultLocale, and services.xserver.xkb.{layout,
variant}.
- New nomarchy.{system,}.formFactor enum (laptop|desktop, default laptop).
Installer auto-detects via /sys/class/power_supply/BAT* and lets the
user flip the answer. Waybar drops the battery widget on desktop;
battery-monitor service is gated on the same option.
- Lift waybar tray out of the collapsed group/tray-expander in the default
theme so nm-applet's icon is visible without expanding the drawer.
- Live ISOs (TTY + graphical) get baseline mkDefault keyMap/locale so the
installer's runtime override always wins.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Tier A removals — small, half-wired modules nobody had asked for:
- makima (Copilot-key remapper): drop core/system/makima.nix, the
features/apps/makima/ keyboard.toml, the nomarchy-restart-makima script,
the `nomarchy.system.features.makima` option, the state-file binding,
the import in core/system/default.nix, and the "Key Remapping" entry
in nomarchy-menu. ~50 LoC + a service nobody asked for.
- Typora theme dir (core/home/config/Typora/) — Typora is a paid tool
Nomarchy doesn't even ship; the SUPER+SHIFT+W keybinding pointed at a
binary that wasn't on PATH.
- xournalpp settings (core/home/config/xournalpp/) — referenced
/usr/share paths that don't exist on NixOS.
- core/home/config/environment.d/fcitx.conf — manual env vars are
redundant once fcitx5 routes through NixOS's i18n.inputMethod.
Optionalization — three half-wired features now sit behind explicit
toggles, all default off (except keyring which keeps its existing
default-on):
- nomarchy.system.inputMethod.enable: new core/system/input-method.nix
uses NixOS's i18n.inputMethod with fcitx5 + mozc/chinese/table addons.
Drops the Hyprland exec-once line — i18n.inputMethod handles autostart.
- nomarchy.system.voxtype.enable: marker option for users who install
voxtype out-of-band (it's not in nixpkgs). Today it just documents
intent; the existing keybinding + waybar widget no-op gracefully.
- nomarchy.apps.opencode.enable: gates the existing
features/apps/opencode/default.nix xdg.configFile so the opencode
config only deploys when the user opts in.
Installer:
- system.nix and home.nix templates now surface the new toggles in their
"Optional Nomarchy modules" comment blocks.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Five opt-in modules lifted from bernardo/nixos and adapted to Nomarchy's
nomarchy.system.* option namespace. All default off (except keyring which
defaults on); evaluation of the existing VM/ISO is unchanged when the
toggles are unset.
- core/system/snapper.nix: BTRFS timeline snapshots (5h/7d), nixos-rebuild-snap
wrapper that pre-snaps before each switch using the running hostname.
Auto-skips when / isn't BTRFS so impermanence/non-BTRFS hosts are safe.
- core/system/hibernate.nix: suspend-then-hibernate on lid/idle/power-key
with configurable idleMinutes (default 30). Description warns swap is
required.
- core/system/containers.nix: rootless Podman with dockerCompat + dns +
podman-compose, podman-tui, dive. Better default than the docker daemon
for a desktop distro.
- core/system/virtualization.nix: extends the existing uwsm/Hyprland file
with a libvirt + virt-manager + OVMF branch behind
nomarchy.system.virtualization.libvirt.enable.
- core/system/pam.nix: GNOME Keyring auto-unlock at SDDM/login/hyprlock
plus gcr-ssh-agent so SSH keys flow through the keyring instead of a
separate ssh-agent. Default on.
- core/system/options.nix: declares the five new options.
- core/system/default.nix: imports the four new files.
- installer/install.sh: surfaces all five toggles as commented one-liners
in the "Optional Nomarchy modules" section of the generated system.nix.
Verified via the existing dry-run / generator smoke test.
Verified each toggle lights up the right NixOS option (services.snapper,
logind IdleAction, virtualisation.podman/libvirtd, pam.sddm.enableGnomeKeyring)
via nix eval against extendModules. VM and live-ISO toplevels still build.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Upstream Nomarchy is hosted on the self-hosted Gitea at
git.bemagri.xyz/bernardo/Nomarchy.git, not github.com/bemagri/nomarchy.
- installer/install.sh: generated `nomarchy.url` now uses
`git+https://git.bemagri.xyz/bernardo/Nomarchy.git` (with `?rev=<sha>`
for the pinned form).
- MIGRATION.md: matches; the `hardware_detect` clone snippet now points
at the same URL.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds command-line flags and safety rails on top of the existing install.sh.
CLI:
- `--dry-run` generates the flake into /tmp/nomarchy-dryrun.* and parse-checks
every produced file without touching the disk. Skips LUKS / user password
prompts and the destructive confirmation; sets safe stub values.
- `--resume` reloads non-secret answers from /tmp/nomarchy-install.state.sh
(saved via `declare -p` after each step) and skips already-answered prompts.
Passwords are NEVER persisted — the user re-enters them.
- `--help` documents the flags.
Safety:
- Bail early in check_environment if /sys/firmware/efi is absent. The disko
config assumes UEFI + ESP; on a BIOS-booted host we'd partially install
before failing.
- After nixos-install, run `nixos-rebuild dry-build --flake /etc/nixos#$HOSTNAME`
inside `nixos-enter` to surface evaluation errors while the live ISO is
still around to fix them.
- ENABLE_IMPERMANENCE now defaults to "" so the resume path can distinguish
"not yet asked" from a deliberate "false" answer.
Generated config:
- system.nix gets `zramSwap.enable = true;` — near-free memory headroom on
small machines, harmless on big ones (kernel only uses it under pressure).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Hardware:
- New installer/hardware-db.sh: flat regex table mapping sys_vendor +
product_name to nixos-hardware modules (Framework, Dell, Lenovo, Surface,
ASUS, Apple T2, System76).
- install.sh:select_hardware now auto-detects CPU vendor, GPU vendor, chassis
type, and known model, then offers Accept / Add / Override. Manual menu
retained as a fallback.
- Fixes a latent bug where HARDWARE_MODULES used literal "\n" inside a
heredoc, producing invalid Nix.
Downstream flake:
- Capture the running Nomarchy commit and pin `nomarchy.url` to it so the
installed system can't drift onto a newer breaking main.
- Prompt for a real hostname; nixosConfigurations.<hostname> replaces the
generic .default. networking.hostName lands in system.nix.
- Generated flake now derives a single `pkgs` from nixpkgs + Nomarchy's
`overlays.default` and shares it between nixosSystem and the standalone
homeManagerConfiguration so dotfile-fast-iteration with nomarchy-env-update
stays separate from `nixos-rebuild` while still seeing Nomarchy packages.
- `nix flake lock` runs in /mnt/etc/nixos before nixos-install so first boot
consumes the resolved set.
- Post-install, run home-manager switch inside `nixos-enter` via runuser so
the user's first login already has dotfiles. Failure is non-fatal.
Disk layout:
- /boot bumped to 1 GiB (was 512 MiB; tight with multi-generation kernels).
- New @snapshots subvolume at /.snapshots for snapper/btrbk/rollback.
- LUKS passphrase moved from /tmp/secret.key to /dev/shm/nomarchy-luks.key
(tmpfs), shredded after disko, LUKS_PASSWORD unset.
Branding:
- New core/system/branding.nix sets system.nixos.distroId = "nomarchy" and
distroName = "Nomarchy". /etc/os-release now reports Nomarchy, so fastfetch
and other os-release readers show the right name.
Cleanup:
- flake.nix exposes `overlays.default = nomarchyOverlay` for downstream use.
- Trailing duplicated `main "$@"` + orphan `}` removed from install.sh.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Migrate VM and graphical ISO to home-manager.nixosModules.home-manager;
drop the standalone-HM sudo-based activation script (ran HM against
/root because HOME wasn't reset) in flake.nix, core/system/vm-guest.nix,
hosts/live-iso.nix.
- Run swaybg as nomarchy-wallpaper.service instead of a silent Hyprland
exec-once so failures surface in systemctl.
- Skip the battery monitor unit on hosts without /sys/class/power_supply/BAT*
(VMs, desktops).
- Don't wrap walker --dmenu in uwsm-app; redirect setsid background std-fds
in nomarchy-launch-walker so $(menu ...) in nomarchy-menu doesn't hang.
- Restart waybar/walker via systemctl --user rather than pkill + uwsm-app
to stop the post-theme-switch color race.
- Wire nomarchy-restart-walker/-waybar into nomarchy-theme-set so themes
that only change the imported CSS reload correctly.
- Waybar: pin #custom-nomarchy to the Nomarchy font and use the U+F000
codepoint so the logo shows across all themes.
- Auto-install the correct icon-theme package per palette via a new
nomarchyLib.iconThemePackage helper in lib/default.nix; Everforest now
actually renders for summer-night.
- Pre-cache every theme's HM generation: new packages.allThemeVariants
flake output and nomarchy-themes-prebuild script so theme switches are
cache-only (no Stylix rebuild, no downloads).
- Add nomarchy-test-live-iso to boot the graphical ISO in QEMU the same
way nomarchy-test-vm does, with virtio-gpu support added to live-iso.nix.
- Installer-generated home.nix/system.nix now ship a curated, commented
app menu (btop/fastfetch/chromium on by default) plus optional system
services (Docker, libvirtd, Tailscale, Syncthing, Flatpak, Steam).
- nomarchy-test-vm now wipes the stale nomarchy.qcow2 before launch.
- Remove obsolete GEMINI.md and PLAN.md.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Move 32+ app-specific scripts from features/apps/scripts/ to features/scripts/utils/ for centralized packaging.
- Create individual Nix modules for orphaned app configurations (btop, kitty, tmux, etc.) in features/apps/ using xdg.configFile.
- Fix broken paths in core/system/makima.nix and features/apps/vscode.nix.
- Update VSCode configuration to use the modern 'profiles.default.userSettings' API, resolving deprecation warnings.
- Merge duplicate 'nomarchy-launch-walker' scripts into a single robust utility.
- Remove stale root 'config/' directory.
- Update README.md and docs/creating-themes.md to reflect the new architecture and keybindings.
- Ensure all modules are correctly imported and verified via nix flake check.
Theme System:
- Move all theme app configs to apps/ subdirectory (20 themes)
- Add theme-loader.nix for dynamic theme config deployment
- Simplify stylix.nix to focus on base theming only
Override System:
- Add overrides.nix for file-based config overrides
- Add behavior-configs.nix for non-visual configuration
- Split hypr/nomarchy.conf into behavior vs visual sections
Module Improvements:
- Add lib.mkDefault to all customizable settings
- Add modules/lib/ with shared utilities and state schema
- Update all home and system modules for downstream overridability
Installer:
- New minimal TTY installer (installer/install.sh)
- Golden path: BTRFS + LUKS2 (disko-golden.nix)
- New installer-iso.nix for TTY-only installation
- Keep graphical installer as installerIsoGraphical option
Cleanup:
- Remove obsolete install.sh, disko-ext4.nix, install-nomarchy.sh
- Update live-iso.nix references
- Add .claude/ to .gitignore for local IDE settings
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Refactor installer with Gum for a professional interactive experience
- Create custom Nomarchy Plymouth theme with centered logo
- Establish assets/branding directory for official logos and ASCII art
- Update Fastfetch config with official ASCII art and declarative stats
- Declaratively link branding assets via Home Manager
- Update installer to use git+https://git.bemagri.xyz/bernardo/Nomarchy.git
- Remove redundant bundling/copying of the engine to /etc/nixos/nomarchy
- Expose all themes via xdg.dataFile for script accessibility
- Update theme scripts to resolve directories via local share instead of hardcoded system paths
- Update documentation to reflect the new remote-first architecture
- Introduce nomarchy.configOverrides option to map a user directory to ~/.config
- Implement automatic merging of upstream defaults and user overrides
- Use lib.mkDefault for all upstream mappings to allow granular HM overrides
- Update installer template with usage examples
- Add @persist subvolume to BTRFS layout
- Implement automatic root-blank snapshotting during installation
- Add initrd rollback script to wipe root on every boot
- Configure persistence for core system state (NM, Bluetooth, SSH, NixOS config)
- Update flake.nix with 25.11 release and core inputs
- Add dedicated modules for audio (Pipewire), bluetooth, and networking
- Update GEMINI.md with the new Modular Merging Architecture blueprint
- Configure graphical installer ISO and test VM outputs
