clan-cli silently ignores the `?dir=` URL parameter when resolving a
flake source, so with the flake at nixos/flake.nix `clan machines
update` fails with "flake.nix does not exist". Move the flake tree up
so the repo root contains flake.nix, flake.lock, flake-modules/, lib/,
modules/, sops/, and vars/. Host-specific NixOS modules stay in
nixos/{hosts,home,fish.nix,neovim.nix,…}; flake-module paths updated
accordingly.
- dotfiles-rebuild flakeRef is now "${dotfilesDir}#<host>" (was
"${dotfilesDir}/nixos#<host>").
- CLAUDE.md build commands + clan section updated. nixupdate fish alias
updated. sunken-ship hostsfile comment updated.
- Existing /etc/dotfiles checkouts on the servers will pick up the new
layout on the next `dotfiles-rebuild` timer tick; the rebuild service
was pre-updated via rsync so its flakeRef matches before the pull.
Also includes 4b follow-through: zerotier identities are now live on
both servers (sunken-ship=d553a2de33 controller, phantom-ship=6c048abbdc
peer) and IPv6 ping across the ZT mesh works.
Stage 4a of the dendritic + clan migration. Both servers now live under
clan.machines (via nixos/flake-modules/clan.nix) and clan-core generates
their nixosConfigurations for us; the previous per-host flake-modules
are removed.
Notes:
- clan.core.enableRecommendedDefaults = false on both machines so we
keep the existing dhcpcd / non-networkd / non-resolved stack. Services
like dnsmasq, navidrome, and the existing wireless setup break with
the clan defaults on.
- dotfiles-rebuild timer is untouched (safety net). Replacing it with
clan machines update / dm-pull-deploy comes in 4e.
- mac stays outside the clan as admin only.
Verified: `clan machines list --flake path:…/nixos` returns both hosts;
both servers rebuild cleanly and all services (navidrome, cloudflare-
tunnel, fitness-bot, dnsmasq, openclaw-gateway, sshd) stay active.
- Add import-tree input; flake.nix now auto-loads every file under
./flake-modules so new hosts/features drop in without editing flake.nix.
- Extract the duplicated dotfiles-rebuild service, timer, and
safe.directory wiring into nixos/modules/dotfiles-rebuild.nix, exposed
via flake.nixosModules.dotfiles-rebuild.
- sunken-ship and phantom-ship now pull it in from their flake-modules;
hostname-specific flakeRef is derived from config.networking.hostName.
- Convert flake.nix to flake-parts.lib.mkFlake; split each host into
its own module under nixos/flake-modules/.
- Replace zen-browser specialArgs plumbing with a nixpkgs overlay so
home.nix can just reference pkgs.zen-browser.
Telegram bot via nix-openclaw NixOS module. Secrets (API key,
bot token) loaded from /etc/openclaw/ at runtime. Telegram user
ID read from gitignored openclaw-allow-from.nix.
Enable home-manager on WSL, importing the shared home.nix config.
Remove duplicate packages and env vars from wsl.nix that are now
provided by home-manager (git, ripgrep, fzf, direnv, etc.).
Restore flake checks by removing deprecated `programs.light` from sunken-ship and switching to brightnessctl guidance. Also clean up flake formatting and make the Raycast char-count script safer for empty input.
Made-with: Cursor
OpenClaw is no longer used. Removes flake inputs (nix-openclaw,
openclaw-documents), overlays, home-manager modules, config files,
docs, and related TODO/gitignore entries.
- Set home-manager.backupFileExtension to 'backup'
- Automatically backs up files before home-manager overwrites them
- Prevents data loss when managing Firefox profiles.ini
- track nixpkgs at `github:NixOS/nixpkgs/nixpkgs-unstable` to pair with
`nix-darwin/master`
- update lockfile inputs: flake-compat, home-manager, NixOS-WSL,
nixpkgs, nixos-vscode-server
- darwin: wrap HM module in a function to access `lib` and
`mkForce` `home.homeDirectory = "/Users/danny"` (and set username) to
satisfy HM’s absolute-path requirement under root activation
- HM: comment out duplicated `home.username` / `home.homeDirectory` in
`home/danny/home.nix`
- HM: remove `neovim` and `tmux` from `home.packages` (managed via
`programs.*`), fixing conflicting `nvim` subpath error
