Merge branch 'main' into wave/qa-core-home

Merge pull request 'chore(lib): drop dead helpers, document schema boundary' (#2 ) from wave/qa-lib-schema into main
Reviewed-on: #2
2026-05-19 18:49:15 +01:00 · 2026-05-19 18:48:30 +01:00 · 2026-05-19 18:48:02 +01:00 · 2026-05-19 18:46:41 +01:00 · 2026-05-19 18:46:30 +01:00 · 2026-05-19 18:28:54 +01:00
6 changed files with 19 additions and 47 deletions
--- a/docs/MIGRATION.md
+++ b/docs/MIGRATION.md
@@ -210,7 +210,7 @@ and it's whichever has higher Nix priority. Fix these explicitly:
 | Graphics | `hardware.graphics.enable = true` (was `hardware.opengl`) | Probably already enabled — fine |
 | User groups | needs `video render networkmanager` | Add to your `users.users.<user>.extraGroups` |
 | `/etc/os-release` | `ID=nomarchy`, `NAME=Nomarchy` | A few third-party scripts grep `ID=nixos` — adjust them or rely on `ID_LIKE` (TBD) |
-| autoLogin | `enable = true; user = "nomarchy";` (mkDefault) | Override with `services.displayManager.autoLogin.user = "<your user>"` or disable |
+| autoLogin | `enable = false; user = "nomarchy";` (mkDefault) | Off by default — opt in with `services.displayManager.autoLogin = { enable = true; user = "<your user>"; };` if you want it |
 Impermanence is **off** unless you set `nomarchy.system.impermanence.enable = true`,
 and it requires a BTRFS layout with a `root-blank` snapshot. Don't enable it
--- a/docs/ROADMAP.md
+++ b/docs/ROADMAP.md
@@ -40,6 +40,7 @@ Guardrails (apply when adding anything):
 - **Forgejo release pipeline.** `vYY.MM.x` tags matching the upstream NixOS channel; the pipeline pushes the three ISOs and an updated `flake.lock` snapshot.
 - **Optional `nomarchy-installer-vm`** rebuilt as a real flake app (not a one-off shell script) so users can install Nomarchy into a libvirt VM declaratively.
 - **Surface support module** via the relevant `nixos-hardware` profile + Surface kernel patches behind a `nomarchy.hardware.isSurface` toggle.
 - **Consolidate palette imports in `flake.nix` via `nomarchyLib`.** `flake.nix:79-80` re-imports `./themes/palettes` and recomputes `themeNames` even though `lib/default.nix` already exports both. Two computations, same result today — drift risk tomorrow. Import `nomarchyLib = import ./lib { inherit lib; }` once and use `nomarchyLib.{palettes,themeNames}` to make `lib/default.nix` the single source of truth for the theme list.
 ## 3. Pillar: Script & menu audit
--- a/features/scripts/utils/nomarchy-welcome
+++ b/features/scripts/utils/nomarchy-welcome
@@ -59,39 +59,9 @@ if [[ "$USER" == "nixos" ]]; then
    exit 0
 fi
-# 4. Starter home.nix
+# 4. Setup Local Repo (Crucial for nomarchy-env-update to work)
 echo ""
-echo "Step 4: Starter home.nix"
+echo "Step 4: Git Repository Check"
 HOME_NIX="$HOME/.config/home-manager/home.nix"
 if [ ! -f "$HOME_NIX" ]; then
    echo "It looks like you don't have a ~/.config/home-manager/home.nix file yet."
    echo "Nomarchy uses this file to manage your user-level packages and settings."
    if gum confirm "Would you like to generate a starter home.nix?"; then
        mkdir -p "$(dirname "$HOME_NIX")"
        cat <<EOF > "$HOME_NIX"
 { pkgs, ... }:
 {
  # Nomarchy starter home.nix
  # Add your user packages here.
  home.packages = with pkgs; [
    btop
    fastfetch
    chromium
    # Add more packages here
  ];
  # home.stateVersion = "25.11"; # Consult docs/MIGRATION.md if you change this
 }
 EOF
        echo "Starter home.nix generated at $HOME_NIX"
    fi
 else
    echo "Detected existing home.nix at $HOME_NIX. Skipping generation."
 fi
 # 5. Setup Local Repo (Crucial for nomarchy-env-update to work)
 echo ""
 echo "Step 5: Git Repository Check"
 echo "Nomarchy relies on a local git repository for declarative updates."
 if [ ! -d "/etc/nixos/.git" ]; then
    echo "Warning: /etc/nixos is not a git repository. Declarative updates might fail."
@@ -102,7 +72,7 @@ if [ ! -d "/etc/nixos/.git" ]; then
    fi
 fi
-# 6. Success
+# 5. Success
 echo ""
 echo "Applying all changes..."
 nomarchy-env-update
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -98,7 +98,6 @@ let
 in {
  inherit
    palettes
    readState
    readHomeState
    readSystemState
    resolveWallpaper
--- a/lib/state-schema.nix
+++ b/lib/state-schema.nix
@@ -1,5 +1,13 @@
 # Nomarchy State Schema
-# Defines the complete state shape with defaults for both home and system state
+#
 # Defines the default values for every state.json field that's consumed by a
 # Nix option. Read by core/{system,home}/options.nix (for `default = …`) and
 # by core/{system,home}/state.nix (for `or` fallbacks).
 #
 # state.json may also hold runtime-only fields that aren't declared here —
 # notably `welcome_done`, managed by `nomarchy-welcome`. Those are intentionally
 # off-schema because no Nix option reads them; the schema is the "consumed by
 # Nix" surface, not the full state.json shape.
 { lib }:
 {
@@ -54,14 +62,4 @@
    };
  };
  # Get a value from state with fallback to default
  getWithDefault = state: path: default:
    let
      pathList = lib.splitString "." path;
      getValue = obj: remaining:
        if remaining == [] then obj
        else if builtins.isAttrs obj && builtins.hasAttr (builtins.head remaining) obj
        then getValue obj.${builtins.head remaining} (builtins.tail remaining)
        else default;
    in getValue state pathList;
 }
--- a/themes/engine/sddm.nix
+++ b/themes/engine/sddm.nix
@@ -27,8 +27,12 @@ in
  services.displayManager.defaultSession = lib.mkDefault "hyprland-uwsm";
  # autoLogin defaults off so hand-migrated configs (no installer-written
  # username) don't try to log in as a nonexistent "nomarchy" user. The
  # installer-generated system.nix sets both `enable = true;` and
  # `user = "$USERNAME";` at normal priority, overriding these defaults.
  services.displayManager.autoLogin = {
-    enable = lib.mkDefault true;
+    enable = lib.mkDefault false;
    user = lib.mkDefault "nomarchy";
  };
Author	SHA1	Message	Date
Bernardo Magri	2529ca114f	Merge branch 'main' into wave/qa-core-home	2026-05-19 18:49:15 +01:00
Bernardo Magri	94927952db	Merge pull request 'chore(lib): drop dead helpers, document schema boundary' (#2 ) from wave/qa-lib-schema into main Reviewed-on: #2	2026-05-19 18:48:30 +01:00
Bernardo Magri	0930458418	Merge pull request 'wave/qa-first-boot' (#1 ) from wave/qa-first-boot into main Reviewed-on: #1	2026-05-19 18:48:02 +01:00
Bernardo Magri	95101fda3f	fix(sddm): default autoLogin off, not on with hardcoded "nomarchy" `themes/engine/sddm.nix` defaulted `services.displayManager.autoLogin` to `enable = true; user = "nomarchy";` (both mkDefault). The installer flow overrode both with the real username at normal priority, so this was invisible there — but a hand-migrated user (per docs/MIGRATION.md) who imported `nomarchy.nixosModules.system` without setting `autoLogin.user` would auto-login as a nonexistent "nomarchy" user and SDDM would error. `docs/MIGRATION.md` even documented the override as a post-import chore. Flipped the default to `enable = lib.mkDefault false`. Installer generates `enable = true` directly so its flow is unchanged. Migration flow now gets the safe default — opt-in instead of opt-out — and the docs row is updated to reflect the new shape. The hardcoded "nomarchy" username fallback for `autoLogin.user` is the same class of bug as the impermanence persistence block was. A future roadmap row to consolidate "primary user" across impermanence, autoLogin, and any future modules might be worthwhile, but it's deferred — this commit is the immediate fix. Found during Pillar 8 audit of first-boot UX.	2026-05-19 18:46:41 +01:00
Bernardo Magri	6e0d17b859	fix(welcome): drop Step 4's dead starter home.nix generation `nomarchy-welcome` wrote a "starter" `~/.config/home-manager/home.nix` for users without one. Two problems: 1. Wrong path. The installer-generated canonical home.nix lives at `/etc/nixos/home.nix` and is imported via the flake (both home-manager.users and the standalone homeConfigurations). Nothing in the installer flow ever reads `~/.config/home-manager/home.nix` — it's a dead file. 2. Broken content. The starter is missing `home.username`, `home.homeDirectory`, `home.stateVersion`, and doesn't import `nomarchy.nixosModules.home`. Even on a hand-migration path it wouldn't evaluate as a standalone HM config. So in the installer flow it's dead, and in the migration flow it's broken. Removed Step 4 entirely. The git-init step (was Step 5) is now Step 4. Hand-migrated users follow `docs/MIGRATION.md`, which has the correct home.nix template. Found during Pillar 8 audit of first-boot UX.	2026-05-19 18:46:30 +01:00
Bernardo Magri	27d1506b54	chore(lib): drop dead helpers, document schema boundary Two unused helpers and a missing comment in the lib/ surface, found during the Pillar 8 sweep. - `readState` in `lib/default.nix` was exported but has no external callers — only `readHomeState` and `readSystemState` use it internally. Removed from the export list; the function stays in the let-block (still wraps the two public readers). - `getWithDefault` in `lib/state-schema.nix` was a complete dead function: declared as a path-walking fallback helper but never called anywhere in the tree. core/{system,home}/state.nix use inline `togglesState.<key> or schema.<scope>.<key>` instead. Removed. - Added a header comment to `lib/state-schema.nix` explaining the schema's boundary — it lists every state.json field consumed by a Nix option, but state.json may also hold runtime-only fields (`welcome_done` from `nomarchy-welcome`) that are intentionally off-schema because no Nix option reads them. Future readers will otherwise think welcome_done is an orphan. Logged a Later-column roadmap row for consolidating `flake.nix`'s palette/themeNames re-imports with `nomarchyLib` so the theme list has one source of truth instead of two.	2026-05-19 18:28:54 +01:00