- Fix critical bash dynamic scoping bug in install.sh (Impermanence/Form Factor).
- Polished Live ISO with auto-login and passwordless sudo.
- Repurposed nomarchy-toggle-suspend to directly execute systemctl suspend.
- Updated nomarchy-launch-wifi to use nmtui in alacritty.
- Optimized nomarchy-welcome to avoid redundant rebuilds via --no-update flag.
- Enabled nomarchy-welcome in Hyprland autostart.
- Wrapped Live ISO-modifying steps in welcome wizard to prevent failures.
- Removed obsolete hardware auto-detection from nomarchy-on-boot.
- Hardened script doc generator against false-positive wildcard tokens.
- Regenerated docs/SCRIPTS.md and updated docs/ROADMAP.md.
- Refactor generated flake.nix to use the Appliance Model.
- Downstream flake now only defines the 'nomarchy' input.
- Dependencies (nixpkgs, home-manager) are inherited from nomarchy.inputs to ensure maximum stability and version alignment with upstream.
- Fix disko-config.nix signature by adding '...' to handle unexpected CLI arguments.
- Update disko mode to 'destroy,format,mount' for the modern API and to avoid deprecation warnings.
- Fix infinite loops in 'configure_impermanence' and 'confirm_form_factor' caused by misinterpreting 'No' (rc=1) as an abort.
The disk phase was the dominant source of incomplete installs. Six
concrete failure modes addressed in one pass:
1. Live-ISO USB excluded from the disk picker. select_disk previously
filtered loop|ram|zram|sr but not the device the installer booted
from; picking it would format the boot media mid-install. New
detect_live_iso_devices walks /, /iso, /run/initramfs/live,
/nix/.ro-store, /nix/store and resolves each backing device to its
parent disk via lsblk -no PKNAME. Override with
NOMARCHY_INSTALL_ALLOW_ISO_TARGET=1 for the developer case.
2. 10 GiB minimum-capacity preflight. Disko fails late and obscurely
on undersized media; surface it while the picker is still open.
3. prewipe_target_drive rewritten:
- Enumerates every active dm-crypt mapping via dmsetup ls and
closes those whose backing device is on the target drive. The
old version only knew about the hardcoded names "crypted" /
"crypted_main" so an aborted multi-disk run or a non-Nomarchy
install would leave a holder open and silently break the wipe.
- Drops `|| true` from wipefs / sgdisk / dd. After the LUKS and
swap teardown above, a real failure means something is still
holding the device — surface that instead of papering over it.
- udevadm settle bounded to 30s so a flapping USB can't hang.
- Post-wipe sanity check: refuse to hand the disk to disko if
anything is still mounted off it.
4. run_disko_with_retry wraps the disko call. On failure, shows the
last 30 lines of output via gum style and offers Retry /
View full log / Abort. set -e is suspended for the disko call so
the exit code can be inspected. The previous bare `disko --mode
disko` aborted the whole installer with output scrolled past.
5. Sed-templated disko-golden.nix + disko-btrfs-multi.nix pair
replaced by a single disko-config.nix Nix function of
{ mainDrive, extraDrives ? [] } called via --argstr / --arg.
Templating Nix via shell-escaped string substitution caused at
least one production bug (3aadc36 fixed embedded-newline
escaping); function arguments are the right shape and eliminate
the entire class of escaping concerns. Single-disk path is
`extraDrives = []`; multi-disk gets BTRFS `-d single -m raid1`
plus the additional /dev/mapper/* devices. Hosts that shipped
/etc/disko-golden.nix now ship /etc/disko-config.nix.
6. EXIT trap added so the tmpfs LUKS key file (/dev/shm/nomarchy-
luks.key) is removed even if the script aborts between key-write
and the explicit unset. Replaced redundant `shred -u` on tmpfs
with `rm -f` (already in RAM).
Verification: bash -n on install.sh, nix-instantiate parse + strict
eval on disko-config.nix in both single and multi shapes, full
nix flake check --no-build evaluating all three NixOS configurations
(default, nomarchy-installer, nomarchy-live) plus the installerVm.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Implement a step-based state machine in main loop to support 'Back' navigation via Esc.
- Refactor all prompts to use safe exit-code capture (rc -eq 130/1) and handle 'not submitted' output.
- Add input flushing after Esc events to prevent cascading backtrack signals.
- Add short-circuit checks to every wizard stage for reliable skip-forward behavior.
- Fix sed error when generating multi-disk configurations by escaping newlines in additional_disks.
- Add explicit 'Set a hostname' message to the hostname prompt.
- Convert unsafe short-circuit lists to safe if statements to prevent set -e crashes.
- Allow selecting multiple drives in the TTY installer using gum choose --no-limit.
- Add installer/disko-btrfs-multi.nix template for BTRFS RAID/Single setups.
- Dynamically generate multi-disk disko configurations with LUKS-on-every-disk.
- Default to BTRFS 'single' data and 'raid1' metadata for maximum capacity across mismatched drives (e.g., 20GB + 120GB SSDs).
- Update roadmap and structure documentation to reflect the new capabilities.
- Rename installerIso and installerIsoGraphical to nomarchy-installer and nomarchy-live.
- Update host configurations with proper Nomarchy branding and volume IDs.
- Fix nomarchy-test-live-iso QEMU launch by using -drive if=pflash for UEFI firmware.
- Add nomarchy-build-live-iso utility script.
- Scrub remaining Omarchy references in Plymouth, installer messages, and docs.
- Regenerate docs/SCRIPTS.md to reflect new and renamed utilities.
Previously the review screen only offered Confirm/Abort, so a typo or
wrong-disk choice meant aborting the whole run and starting over (or
hand-editing /tmp/nomarchy-install.state.sh). On --resume the situation
was worse: every prompt re-runs (each short-circuits when its var is
set), the user lands on a review they can't change.
review_configuration() now offers Continue / Edit a field / Abort. Edit
opens a multi-select of every saved field; chosen fields clear and the
next loop iteration in main() re-prompts only those. The LUKS passphrase
short-circuits when already set, so editing other fields doesn't
re-prompt for it.
Net flow change:
- Fresh install: same prompts, then review with Edit option (typo fixes
without restarting).
- --resume: state loads, every prompt skips (vars set), lands straight on
review — exactly what the roadmap entry called for.
Verified via `bash -n`. Live VM dry-run not exercised in this session.
Replaces the bare `NAME SIZE` lsblk listing in select_disk with a
six-column table — NAME, SIZE, TYPE, VENDOR, MODEL, SERIAL — aligned
via column -t. TYPE is derived from ROTA + TRAN (NVMe / USB / SSD /
HDD). Empty vendor/model/serial fields render as `--` instead of
collapsing the alignment. Filters loop, ram, zram, sr devices.
Roadmap row moves to Shipped.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Installer prompts for keyboard layout (with optional variant) and locale
via curated short list + Other… fallback into the full localectl list;
applies to the live session immediately (loadkeys + hyprctl) so the
rest of the install types correctly. Generated system.nix emits
console.keyMap, i18n.defaultLocale, and services.xserver.xkb.{layout,
variant}.
- New nomarchy.{system,}.formFactor enum (laptop|desktop, default laptop).
Installer auto-detects via /sys/class/power_supply/BAT* and lets the
user flip the answer. Waybar drops the battery widget on desktop;
battery-monitor service is gated on the same option.
- Lift waybar tray out of the collapsed group/tray-expander in the default
theme so nm-applet's icon is visible without expanding the drawer.
- Live ISOs (TTY + graphical) get baseline mkDefault keyMap/locale so the
installer's runtime override always wins.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Tier A removals — small, half-wired modules nobody had asked for:
- makima (Copilot-key remapper): drop core/system/makima.nix, the
features/apps/makima/ keyboard.toml, the nomarchy-restart-makima script,
the `nomarchy.system.features.makima` option, the state-file binding,
the import in core/system/default.nix, and the "Key Remapping" entry
in nomarchy-menu. ~50 LoC + a service nobody asked for.
- Typora theme dir (core/home/config/Typora/) — Typora is a paid tool
Nomarchy doesn't even ship; the SUPER+SHIFT+W keybinding pointed at a
binary that wasn't on PATH.
- xournalpp settings (core/home/config/xournalpp/) — referenced
/usr/share paths that don't exist on NixOS.
- core/home/config/environment.d/fcitx.conf — manual env vars are
redundant once fcitx5 routes through NixOS's i18n.inputMethod.
Optionalization — three half-wired features now sit behind explicit
toggles, all default off (except keyring which keeps its existing
default-on):
- nomarchy.system.inputMethod.enable: new core/system/input-method.nix
uses NixOS's i18n.inputMethod with fcitx5 + mozc/chinese/table addons.
Drops the Hyprland exec-once line — i18n.inputMethod handles autostart.
- nomarchy.system.voxtype.enable: marker option for users who install
voxtype out-of-band (it's not in nixpkgs). Today it just documents
intent; the existing keybinding + waybar widget no-op gracefully.
- nomarchy.apps.opencode.enable: gates the existing
features/apps/opencode/default.nix xdg.configFile so the opencode
config only deploys when the user opts in.
Installer:
- system.nix and home.nix templates now surface the new toggles in their
"Optional Nomarchy modules" comment blocks.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Five opt-in modules lifted from bernardo/nixos and adapted to Nomarchy's
nomarchy.system.* option namespace. All default off (except keyring which
defaults on); evaluation of the existing VM/ISO is unchanged when the
toggles are unset.
- core/system/snapper.nix: BTRFS timeline snapshots (5h/7d), nixos-rebuild-snap
wrapper that pre-snaps before each switch using the running hostname.
Auto-skips when / isn't BTRFS so impermanence/non-BTRFS hosts are safe.
- core/system/hibernate.nix: suspend-then-hibernate on lid/idle/power-key
with configurable idleMinutes (default 30). Description warns swap is
required.
- core/system/containers.nix: rootless Podman with dockerCompat + dns +
podman-compose, podman-tui, dive. Better default than the docker daemon
for a desktop distro.
- core/system/virtualization.nix: extends the existing uwsm/Hyprland file
with a libvirt + virt-manager + OVMF branch behind
nomarchy.system.virtualization.libvirt.enable.
- core/system/pam.nix: GNOME Keyring auto-unlock at SDDM/login/hyprlock
plus gcr-ssh-agent so SSH keys flow through the keyring instead of a
separate ssh-agent. Default on.
- core/system/options.nix: declares the five new options.
- core/system/default.nix: imports the four new files.
- installer/install.sh: surfaces all five toggles as commented one-liners
in the "Optional Nomarchy modules" section of the generated system.nix.
Verified via the existing dry-run / generator smoke test.
Verified each toggle lights up the right NixOS option (services.snapper,
logind IdleAction, virtualisation.podman/libvirtd, pam.sddm.enableGnomeKeyring)
via nix eval against extendModules. VM and live-ISO toplevels still build.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Upstream Nomarchy is hosted on the self-hosted Gitea at
git.bemagri.xyz/bernardo/Nomarchy.git, not github.com/bemagri/nomarchy.
- installer/install.sh: generated `nomarchy.url` now uses
`git+https://git.bemagri.xyz/bernardo/Nomarchy.git` (with `?rev=<sha>`
for the pinned form).
- MIGRATION.md: matches; the `hardware_detect` clone snippet now points
at the same URL.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds command-line flags and safety rails on top of the existing install.sh.
CLI:
- `--dry-run` generates the flake into /tmp/nomarchy-dryrun.* and parse-checks
every produced file without touching the disk. Skips LUKS / user password
prompts and the destructive confirmation; sets safe stub values.
- `--resume` reloads non-secret answers from /tmp/nomarchy-install.state.sh
(saved via `declare -p` after each step) and skips already-answered prompts.
Passwords are NEVER persisted — the user re-enters them.
- `--help` documents the flags.
Safety:
- Bail early in check_environment if /sys/firmware/efi is absent. The disko
config assumes UEFI + ESP; on a BIOS-booted host we'd partially install
before failing.
- After nixos-install, run `nixos-rebuild dry-build --flake /etc/nixos#$HOSTNAME`
inside `nixos-enter` to surface evaluation errors while the live ISO is
still around to fix them.
- ENABLE_IMPERMANENCE now defaults to "" so the resume path can distinguish
"not yet asked" from a deliberate "false" answer.
Generated config:
- system.nix gets `zramSwap.enable = true;` — near-free memory headroom on
small machines, harmless on big ones (kernel only uses it under pressure).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Hardware:
- New installer/hardware-db.sh: flat regex table mapping sys_vendor +
product_name to nixos-hardware modules (Framework, Dell, Lenovo, Surface,
ASUS, Apple T2, System76).
- install.sh:select_hardware now auto-detects CPU vendor, GPU vendor, chassis
type, and known model, then offers Accept / Add / Override. Manual menu
retained as a fallback.
- Fixes a latent bug where HARDWARE_MODULES used literal "\n" inside a
heredoc, producing invalid Nix.
Downstream flake:
- Capture the running Nomarchy commit and pin `nomarchy.url` to it so the
installed system can't drift onto a newer breaking main.
- Prompt for a real hostname; nixosConfigurations.<hostname> replaces the
generic .default. networking.hostName lands in system.nix.
- Generated flake now derives a single `pkgs` from nixpkgs + Nomarchy's
`overlays.default` and shares it between nixosSystem and the standalone
homeManagerConfiguration so dotfile-fast-iteration with nomarchy-env-update
stays separate from `nixos-rebuild` while still seeing Nomarchy packages.
- `nix flake lock` runs in /mnt/etc/nixos before nixos-install so first boot
consumes the resolved set.
- Post-install, run home-manager switch inside `nixos-enter` via runuser so
the user's first login already has dotfiles. Failure is non-fatal.
Disk layout:
- /boot bumped to 1 GiB (was 512 MiB; tight with multi-generation kernels).
- New @snapshots subvolume at /.snapshots for snapper/btrbk/rollback.
- LUKS passphrase moved from /tmp/secret.key to /dev/shm/nomarchy-luks.key
(tmpfs), shredded after disko, LUKS_PASSWORD unset.
Branding:
- New core/system/branding.nix sets system.nixos.distroId = "nomarchy" and
distroName = "Nomarchy". /etc/os-release now reports Nomarchy, so fastfetch
and other os-release readers show the right name.
Cleanup:
- flake.nix exposes `overlays.default = nomarchyOverlay` for downstream use.
- Trailing duplicated `main "$@"` + orphan `}` removed from install.sh.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Migrate VM and graphical ISO to home-manager.nixosModules.home-manager;
drop the standalone-HM sudo-based activation script (ran HM against
/root because HOME wasn't reset) in flake.nix, core/system/vm-guest.nix,
hosts/live-iso.nix.
- Run swaybg as nomarchy-wallpaper.service instead of a silent Hyprland
exec-once so failures surface in systemctl.
- Skip the battery monitor unit on hosts without /sys/class/power_supply/BAT*
(VMs, desktops).
- Don't wrap walker --dmenu in uwsm-app; redirect setsid background std-fds
in nomarchy-launch-walker so $(menu ...) in nomarchy-menu doesn't hang.
- Restart waybar/walker via systemctl --user rather than pkill + uwsm-app
to stop the post-theme-switch color race.
- Wire nomarchy-restart-walker/-waybar into nomarchy-theme-set so themes
that only change the imported CSS reload correctly.
- Waybar: pin #custom-nomarchy to the Nomarchy font and use the U+F000
codepoint so the logo shows across all themes.
- Auto-install the correct icon-theme package per palette via a new
nomarchyLib.iconThemePackage helper in lib/default.nix; Everforest now
actually renders for summer-night.
- Pre-cache every theme's HM generation: new packages.allThemeVariants
flake output and nomarchy-themes-prebuild script so theme switches are
cache-only (no Stylix rebuild, no downloads).
- Add nomarchy-test-live-iso to boot the graphical ISO in QEMU the same
way nomarchy-test-vm does, with virtio-gpu support added to live-iso.nix.
- Installer-generated home.nix/system.nix now ship a curated, commented
app menu (btop/fastfetch/chromium on by default) plus optional system
services (Docker, libvirtd, Tailscale, Syncthing, Flatpak, Steam).
- nomarchy-test-vm now wipes the stale nomarchy.qcow2 before launch.
- Remove obsolete GEMINI.md and PLAN.md.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Move 32+ app-specific scripts from features/apps/scripts/ to features/scripts/utils/ for centralized packaging.
- Create individual Nix modules for orphaned app configurations (btop, kitty, tmux, etc.) in features/apps/ using xdg.configFile.
- Fix broken paths in core/system/makima.nix and features/apps/vscode.nix.
- Update VSCode configuration to use the modern 'profiles.default.userSettings' API, resolving deprecation warnings.
- Merge duplicate 'nomarchy-launch-walker' scripts into a single robust utility.
- Remove stale root 'config/' directory.
- Update README.md and docs/creating-themes.md to reflect the new architecture and keybindings.
- Ensure all modules are correctly imported and verified via nix flake check.
Theme System:
- Move all theme app configs to apps/ subdirectory (20 themes)
- Add theme-loader.nix for dynamic theme config deployment
- Simplify stylix.nix to focus on base theming only
Override System:
- Add overrides.nix for file-based config overrides
- Add behavior-configs.nix for non-visual configuration
- Split hypr/nomarchy.conf into behavior vs visual sections
Module Improvements:
- Add lib.mkDefault to all customizable settings
- Add modules/lib/ with shared utilities and state schema
- Update all home and system modules for downstream overridability
Installer:
- New minimal TTY installer (installer/install.sh)
- Golden path: BTRFS + LUKS2 (disko-golden.nix)
- New installer-iso.nix for TTY-only installation
- Keep graphical installer as installerIsoGraphical option
Cleanup:
- Remove obsolete install.sh, disko-ext4.nix, install-nomarchy.sh
- Update live-iso.nix references
- Add .claude/ to .gitignore for local IDE settings
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Refactor installer with Gum for a professional interactive experience
- Create custom Nomarchy Plymouth theme with centered logo
- Establish assets/branding directory for official logos and ASCII art
- Update Fastfetch config with official ASCII art and declarative stats
- Declaratively link branding assets via Home Manager
- Update installer to use git+https://git.bemagri.xyz/bernardo/Nomarchy.git
- Remove redundant bundling/copying of the engine to /etc/nixos/nomarchy
- Expose all themes via xdg.dataFile for script accessibility
- Update theme scripts to resolve directories via local share instead of hardcoded system paths
- Update documentation to reflect the new remote-first architecture
- Introduce nomarchy.configOverrides option to map a user directory to ~/.config
- Implement automatic merging of upstream defaults and user overrides
- Use lib.mkDefault for all upstream mappings to allow granular HM overrides
- Update installer template with usage examples
- Add @persist subvolume to BTRFS layout
- Implement automatic root-blank snapshotting during installation
- Add initrd rollback script to wipe root on every boot
- Configure persistence for core system state (NM, Bluetooth, SSH, NixOS config)
- Update flake.nix with 25.11 release and core inputs
- Add dedicated modules for audio (Pipewire), bluetooth, and networking
- Update GEMINI.md with the new Modular Merging Architecture blueprint
- Configure graphical installer ISO and test VM outputs
