From 9283403d8fc150fb1eebbfec2caa2383c0231eaa Mon Sep 17 00:00:00 2001 From: Bernardo Magri Date: Tue, 19 May 2026 17:26:22 +0100 Subject: [PATCH 1/4] docs(roadmap): add Pillar 8 QA audit + clean stale Pillar 4 rows MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Pillar 3 audited script existence; Pillar 8 audits feature behavior. Adds a per-component sweep methodology (10 components, one PR each on wave/qa-) and lists it on the Now board so the next session can pick it up without re-deriving scope. Cleanup pass on Pillar 4: removes two "(Now)" entries (software-profile multi-select, form-factor → laptop preset) already in the Shipped log, and promotes the two remaining open items ("What's installed?" summary, non-LUKS branch) to the Now board. --- docs/ROADMAP.md | 39 ++++++++++++++++++++++++++++++++++----- 1 file changed, 34 insertions(+), 5 deletions(-) diff --git a/docs/ROADMAP.md b/docs/ROADMAP.md index 85f0f30..b84dd4e 100644 --- a/docs/ROADMAP.md +++ b/docs/ROADMAP.md @@ -19,7 +19,9 @@ Guardrails (apply when adding anything): ### Now (ready to pick up) -- (Empty for now) +- **Full QA audit of shipped features.** Walk every feature/component end-to-end on a real install, fix what's small, log what's not. Runs as per-component PR sweeps — methodology in [Pillar 8](#8-pillar-qa-audit--features--components). +- **Installer: "What's installed?" summary on first boot.** Surface what the installer actually wrote (theme, font, profiles, drives, form factor) from `state.json` + `nomarchy-system-scripts` introspection so the user can verify before they start customising. Detail in [Pillar 4](#4-pillar-installer). +- **Installer: optional non-LUKS branch.** Let users explicitly opt out of FDE during install. Detail in [Pillar 4](#4-pillar-installer). ### Next (bigger lifts that build on Now) @@ -73,13 +75,13 @@ Each PR description should reference the row(s) in `docs/SCRIPTS.md` it closes, ## 4. Pillar: Installer -- Software-profile multi-select (Now). +- "What's installed?" summary screen on boot of a freshly-installed system, sourced from `state.json` + `nomarchy-system-scripts` introspection (Now). +- Optional non-LUKS branch in the installer for users who explicitly opt out of FDE (Now). - Richer disk metadata (Shipped). -- Form-factor → laptop preset (Now, depends on Pillar 5). - `disko-golden.nix` variants for software-RAID and BTRFS-pool-as-root (Shipped). - Pre-flight resume polish (Shipped). -- "What's installed?" summary screen on boot of a freshly-installed system, sourced from `state.json` + `nomarchy-system-scripts` introspection. -- Optional non-LUKS branch in the installer for users who explicitly opt out of FDE. +- Software-profile multi-select (Shipped). +- Form-factor → laptop preset (Shipped). ## 5. Pillar: Power, hardware, presets @@ -109,6 +111,33 @@ Each PR description should reference the row(s) in `docs/SCRIPTS.md` it closes, - `nixosTest` per palette: boots `default` in a VM, screenshots the SDDM splash and the Hyprland desktop, diffs vs golden. Failure surfaces as CI red. - A small `bin/utils/nomarchy-bench-iso-build` that records ISO build time + size into a per-commit JSON so we notice regressions. +## 8. Pillar: QA audit — features & components + +Nomarchy now spans an installer, ~159 `nomarchy-*` scripts, a Hyprland desktop stack (Hyprland + waybar + walker + nightlight + idle), curated apps, a 22-palette theme engine, and two ISO hosts. Pillar 3 audited script *existence*; this pillar audits feature *behavior*. The goal: walk every shipped feature end-to-end on a real install, fix every bug or surprise inline when small, and capture the rest as new roadmap rows. + +Runs as **per-component sweeps**. One PR per component, branch `wave/qa-`. Don't grow scope mid-PR — bugs that need a new option, refactor, or missing module become a new **Now**/**Next** row. + +Components (each is one sweep): + +1. **Installer** — `installer/install.sh`, `installer/hardware-db.sh`, disko configs. Fresh install + `--resume` + `--dry-run`, on laptop and desktop, with FDE (non-LUKS branch is Later). Verify every generated file (`flake.nix`, `system.nix`, `home.nix`, `hardware-selection.nix`, `state.json`) is correct and idempotent. +2. **First-boot UX** — `nomarchy-welcome`, generated `home.nix`, SDDM and Plymouth metadata, default theme/font/panel position. Re-run on a clean VM; note every prompt that confuses and every default that's wrong. +3. **Core system modules** — `core/system/*` (laptop, desktop, accessibility, gaming, hybridGPU, impermanence, network, hardware, branding). For each: enable → rebuild → observe the claimed effect → disable → rebuild → observe it's gone. Cross-check against `docs/OPTIONS.md`. +4. **Core home modules** — `core/home/*` (options, state, behavior, overrides, deployed config). Verify every home-side `nomarchy.*` option does what its description claims; confirm `~/.config/nomarchy/overrides/` actually overrides. +5. **Desktop stack** — Hyprland (keybindings, window rules, monitors, input), waybar (every module × both panel positions × both form factors), walker (every launcher mode), idle, nightlight, notifications (mako). Reconcile `docs/KEYBINDINGS.md` against runtime. +6. **Apps** — `features/apps/*`. Each app: launches, themed via Stylix, configured as expected. Catches the "we package it but nobody configured it" class. +7. **Theme engine + palettes** — `nomarchy-theme-set` across all 22 palettes, font and wallpaper switchers, light-mode toggle. Verify per-palette Stylix targets render correctly across SDDM, Plymouth, GTK, Qt, terminals, browsers, waybar, walker. +8. **Scripts (runtime behavior)** — Pillar 3 confirmed existence; this sweep runs every user-visible script (especially every `nomarchy-menu` entry) on current NixOS and confirms it actually does the thing. +9. **ISOs** — boot `nomarchy-installer` and `nomarchy-live`; verify the `nomarchy-test-live-iso` flow; check the installer ISO ships every tool `install.sh` calls (regression class: `hardware-db.sh` missing, already shipped). +10. **Lib + state schema** — `lib/state-schema.nix`, color resolution, path helpers. Cross every codepath that produces `state.json` (installer, welcome wizard, hand-edit) against the schema; confirm bad inputs are rejected with a useful message. + +Per-PR deliverable: + +- PR body lists what was tested, what was broken, what was fixed inline, what was deferred (with the new roadmap row linked). +- Doc updates ride with the change per `docs/AGENT.md` §5.4. +- Don't bundle fixes across components — keep one component per branch so reviewers can spot-check end-to-end without context-switching. + +Pillar is **done** when every component has a closed `wave/qa-` PR and the roadmap captures every deferred finding. + ## 9. Process notes - **Branch naming:** `wave/-`. Examples: `wave/audit-pkg-scripts`, `wave/installer-disk-metadata`, `wave/laptop-preset`. -- 2.49.1 From bfd95cb40b98aa739d61cd1ad47f04c5cbc584e6 Mon Sep 17 00:00:00 2001 From: Bernardo Magri Date: Tue, 19 May 2026 17:28:16 +0100 Subject: [PATCH 2/4] docs(roadmap): mark Pillar 5 preset rows as Shipped Laptop, Desktop, Accessibility, and Gaming presets all shipped on 2026-04-26 but were still tagged (Next). Reorders the pillar so the two genuinely open items (dGPU auto-detect, Surface support) lead. --- docs/ROADMAP.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/ROADMAP.md b/docs/ROADMAP.md index b84dd4e..a3ea69d 100644 --- a/docs/ROADMAP.md +++ b/docs/ROADMAP.md @@ -85,13 +85,13 @@ Each PR description should reference the row(s) in `docs/SCRIPTS.md` it closes, ## 5. Pillar: Power, hardware, presets -- Laptop preset (Next): TLP, upower, brightness, lid, hypridle tuning. -- Desktop preset (Next): performance governor, no laptop UI (already filtered), ZFS hooks. -- Accessibility preset (Next). -- Gaming preset (Next). -- Vendor matchers in `installer/hardware-db.sh` (Shipped — ROG Ally added; Surface/Framework/Lenovo entries corrected; Steam Deck + Snapdragon X documented as nixos-hardware-unsupported. CI now lints DB references). -- Surface support behind `nomarchy.hardware.isSurface` (Later). - Auto-detect dGPU presence in `installer/hardware-db.sh` and pre-fill `hardware.nvidia.prime.{intel,nvidia}BusId` in the generated `system.nix` (driver stack itself is Shipped — see entry below). +- Surface support behind `nomarchy.hardware.isSurface` (Later). +- Laptop preset: TLP, upower, brightness, lid, hypridle tuning (Shipped). +- Desktop preset: performance governor, no laptop UI (already filtered), ZFS hooks (Shipped). +- Accessibility preset (Shipped). +- Gaming preset (Shipped). +- Vendor matchers in `installer/hardware-db.sh` (Shipped — ROG Ally added; Surface/Framework/Lenovo entries corrected; Steam Deck + Snapdragon X documented as nixos-hardware-unsupported. CI now lints DB references). ## 6. Pillar: Onboarding & docs -- 2.49.1 From 6e0d17b859352682581bdfee09ec140312efcf0b Mon Sep 17 00:00:00 2001 From: Bernardo Magri Date: Tue, 19 May 2026 18:46:30 +0100 Subject: [PATCH 3/4] fix(welcome): drop Step 4's dead starter home.nix generation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit `nomarchy-welcome` wrote a "starter" `~/.config/home-manager/home.nix` for users without one. Two problems: 1. Wrong path. The installer-generated canonical home.nix lives at `/etc/nixos/home.nix` and is imported via the flake (both home-manager.users and the standalone homeConfigurations). Nothing in the installer flow ever reads `~/.config/home-manager/home.nix` — it's a dead file. 2. Broken content. The starter is missing `home.username`, `home.homeDirectory`, `home.stateVersion`, and doesn't import `nomarchy.nixosModules.home`. Even on a hand-migration path it wouldn't evaluate as a standalone HM config. So in the installer flow it's dead, and in the migration flow it's broken. Removed Step 4 entirely. The git-init step (was Step 5) is now Step 4. Hand-migrated users follow `docs/MIGRATION.md`, which has the correct home.nix template. Found during Pillar 8 audit of first-boot UX. --- features/scripts/utils/nomarchy-welcome | 36 +++---------------------- 1 file changed, 3 insertions(+), 33 deletions(-) diff --git a/features/scripts/utils/nomarchy-welcome b/features/scripts/utils/nomarchy-welcome index 4ce78f6..bf30367 100755 --- a/features/scripts/utils/nomarchy-welcome +++ b/features/scripts/utils/nomarchy-welcome @@ -59,39 +59,9 @@ if [[ "$USER" == "nixos" ]]; then exit 0 fi -# 4. Starter home.nix +# 4. Setup Local Repo (Crucial for nomarchy-env-update to work) echo "" -echo "Step 4: Starter home.nix" -HOME_NIX="$HOME/.config/home-manager/home.nix" -if [ ! -f "$HOME_NIX" ]; then - echo "It looks like you don't have a ~/.config/home-manager/home.nix file yet." - echo "Nomarchy uses this file to manage your user-level packages and settings." - if gum confirm "Would you like to generate a starter home.nix?"; then - mkdir -p "$(dirname "$HOME_NIX")" - cat < "$HOME_NIX" -{ pkgs, ... }: -{ - # Nomarchy starter home.nix - # Add your user packages here. - home.packages = with pkgs; [ - btop - fastfetch - chromium - # Add more packages here - ]; - - # home.stateVersion = "25.11"; # Consult docs/MIGRATION.md if you change this -} -EOF - echo "Starter home.nix generated at $HOME_NIX" - fi -else - echo "Detected existing home.nix at $HOME_NIX. Skipping generation." -fi - -# 5. Setup Local Repo (Crucial for nomarchy-env-update to work) -echo "" -echo "Step 5: Git Repository Check" +echo "Step 4: Git Repository Check" echo "Nomarchy relies on a local git repository for declarative updates." if [ ! -d "/etc/nixos/.git" ]; then echo "Warning: /etc/nixos is not a git repository. Declarative updates might fail." @@ -102,7 +72,7 @@ if [ ! -d "/etc/nixos/.git" ]; then fi fi -# 6. Success +# 5. Success echo "" echo "Applying all changes..." nomarchy-env-update -- 2.49.1 From 95101fda3f2525d2101465af04106f014b2d7f14 Mon Sep 17 00:00:00 2001 From: Bernardo Magri Date: Tue, 19 May 2026 18:46:41 +0100 Subject: [PATCH 4/4] fix(sddm): default autoLogin off, not on with hardcoded "nomarchy" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit `themes/engine/sddm.nix` defaulted `services.displayManager.autoLogin` to `enable = true; user = "nomarchy";` (both mkDefault). The installer flow overrode both with the real username at normal priority, so this was invisible there — but a hand-migrated user (per docs/MIGRATION.md) who imported `nomarchy.nixosModules.system` without setting `autoLogin.user` would auto-login as a nonexistent "nomarchy" user and SDDM would error. `docs/MIGRATION.md` even documented the override as a post-import chore. Flipped the default to `enable = lib.mkDefault false`. Installer generates `enable = true` directly so its flow is unchanged. Migration flow now gets the safe default — opt-in instead of opt-out — and the docs row is updated to reflect the new shape. The hardcoded "nomarchy" username fallback for `autoLogin.user` is the same class of bug as the impermanence persistence block was. A future roadmap row to consolidate "primary user" across impermanence, autoLogin, and any future modules might be worthwhile, but it's deferred — this commit is the immediate fix. Found during Pillar 8 audit of first-boot UX. --- docs/MIGRATION.md | 2 +- themes/engine/sddm.nix | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/docs/MIGRATION.md b/docs/MIGRATION.md index b3ceb35..5d68162 100644 --- a/docs/MIGRATION.md +++ b/docs/MIGRATION.md @@ -210,7 +210,7 @@ and it's whichever has higher Nix priority. Fix these explicitly: | Graphics | `hardware.graphics.enable = true` (was `hardware.opengl`) | Probably already enabled — fine | | User groups | needs `video render networkmanager` | Add to your `users.users..extraGroups` | | `/etc/os-release` | `ID=nomarchy`, `NAME=Nomarchy` | A few third-party scripts grep `ID=nixos` — adjust them or rely on `ID_LIKE` (TBD) | -| autoLogin | `enable = true; user = "nomarchy";` (mkDefault) | Override with `services.displayManager.autoLogin.user = ""` or disable | +| autoLogin | `enable = false; user = "nomarchy";` (mkDefault) | Off by default — opt in with `services.displayManager.autoLogin = { enable = true; user = ""; };` if you want it | Impermanence is **off** unless you set `nomarchy.system.impermanence.enable = true`, and it requires a BTRFS layout with a `root-blank` snapshot. Don't enable it diff --git a/themes/engine/sddm.nix b/themes/engine/sddm.nix index 6e0e851..eb57ce7 100644 --- a/themes/engine/sddm.nix +++ b/themes/engine/sddm.nix @@ -27,8 +27,12 @@ in services.displayManager.defaultSession = lib.mkDefault "hyprland-uwsm"; + # autoLogin defaults off so hand-migrated configs (no installer-written + # username) don't try to log in as a nonexistent "nomarchy" user. The + # installer-generated system.nix sets both `enable = true;` and + # `user = "$USERNAME";` at normal priority, overriding these defaults. services.displayManager.autoLogin = { - enable = lib.mkDefault true; + enable = lib.mkDefault false; user = lib.mkDefault "nomarchy"; }; -- 2.49.1