clean wt rm etc

2026-04-15 05:02:10 +00:00 · 2026-03-30 22:59:49 -04:00 · 2026-03-30 22:59:49 -04:00 · 23f876dc7c
commit 23f876dc7c
parent 4b436bdbfa
12 changed files with 16 additions and 202 deletions
--- a/ci/agentcomputer-cli-stub/flake.nix
+++ b/ci/agentcomputer-cli-stub/flake.nix
@ -1,30 +0,0 @@
-{
-  description = "CI stub for the local agentcomputer-cli flake input";
-
-  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
-
-  outputs =
-    { nixpkgs, ... }:
-    let
-      systems = [
-        "aarch64-darwin"
-        "x86_64-darwin"
-        "aarch64-linux"
-        "x86_64-linux"
-      ];
-      forAllSystems = nixpkgs.lib.genAttrs systems;
-    in
-    {
-      packages = forAllSystems (
-        system:
-        let
-          pkgs = import nixpkgs { inherit system; };
-        in
-        {
-          default = pkgs.writeShellScriptBin "aicomputer" ''
-            echo "agentcomputer-cli CI stub"
-          '';
-        }
-      );
-    };
-}
--- a/docs/secrets.md
+++ b/docs/secrets.md
@ -1,80 +0,0 @@
-# Secrets
-
-## Current Model
-
-This repo does not store secret values in Nix.
-
-Instead:
-
- Bitwarden vault items are the current source of truth for imported machine
-  secrets
- Nix/Home Manager owns the integration points
- generated runtime files live outside the repo under `~/.config/secrets`
-
-That boundary matters because the Nix store is not the right place for real
-secret values.
-
-## What Is Already Wired
-
- [home/zsh.nix](/Users/rathi/Documents/GitHub/nix/home/zsh.nix) sources
-  `~/.config/secrets/shell.zsh` when present
- [scripts/render-bw-shell-secrets.sh](/Users/rathi/Documents/GitHub/nix/scripts/render-bw-shell-secrets.sh)
-  renders that file from Bitwarden vault items
- [scripts/restore-bw-files.sh](/Users/rathi/Documents/GitHub/nix/scripts/restore-bw-files.sh)
-  restores file-based credentials and SSH material from Bitwarden vault items
- [justfile](/Users/rathi/Documents/GitHub/nix/justfile) exposes this as
-  `just secrets-sync` and `just secrets-restore-files`
-
-## Daily Shell Flow
-
-```bash
-export BW_SESSION="$(bw unlock --raw)"
-just secrets-sync
-exec zsh -l
-```
-
-That flow currently materializes:
-
- `OPENAI_API_KEY`
- `GREPTILE_API_KEY`
- `CONTEXT7_API_KEY`
- `MISTRAL_API_KEY`
-
-## Machine Secret Coverage
-
-The Bitwarden vault now holds:
-
- API keys and CLI tokens
- AWS default credentials
- GCloud ADC
- Stripe CLI config
- Codex auth
- Vercel auth
- SSH configs
- SSH private keys
-
-The vault is currently the backup/recovery source of truth for those values.
-
-## Sandbox Strategy
-
-For a fresh sandbox or new machine, the clean bootstrap is:
-
-1. `darwin-rebuild switch` or Home Manager activation
-2. authenticate `bw`
-3. `just secrets-sync`
-4. `just secrets-restore-files`
-
-That gives you a usable dev shell quickly without committing any secret values
-into the repo.
-
-## Future Upgrade
-
-If you want fully non-interactive sandbox secret injection, the next step is to
-move the env-style secrets from normal Bitwarden vault items into Bitwarden
-Secrets Manager (`bws`) and keep file-based credentials and SSH material in the
-normal vault.
-
-That would give you:
-
- `bws` for machine/app secrets
- `bw` for human-managed vault items, SSH material, and recovery data
--- a/flake.nix
+++ b/flake.nix
@ -1,5 +1,5 @@
 {
-  description = "Rathi's macOS nix-darwin + NixOS + Home Manager config";
+  description = "Hari's nix config";

  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
@ -25,11 +25,6 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };

-    agentcomputer-cli = {
-      url = "path:/Users/rathi/Documents/GitHub/companion/agentcomputer/apps/cli";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
    openspec = {
      url = "github:Fission-AI/OpenSpec";
    };
--- a/home/bat.nix
+++ b/home/bat.nix
@ -1,7 +1,4 @@
-{ config, ... }:
-let
-  theme = import ../lib/theme.nix { inherit config; };
-in
+{ theme, ... }:
 {
  programs.bat = {
    enable = true;
--- a/home/common.nix
+++ b/home/common.nix
@ -1,5 +1,7 @@
-{ ... }:
+{ config, ... }:
 {
+  _module.args.theme = import ../lib/theme.nix { inherit config; };
+
  imports = [
    ./bat.nix
    ./eza.nix
--- a/home/fzf.nix
+++ b/home/fzf.nix
@ -1,7 +1,4 @@
-{ config, ... }:
-let
-  theme = import ../lib/theme.nix { inherit config; };
-in
+{ theme, ... }:
 {
  home.sessionVariables = {
    FZF_DEFAULT_OPTS_FILE = theme.paths.fzfCurrentFile;
--- a/home/ghostty.nix
+++ b/home/ghostty.nix
@ -1,12 +1,11 @@
 {
-  config,
  lib,
  pkgs,
  hostConfig,
+  theme,
  ...
 }:
 let
-  theme = import ../lib/theme.nix { inherit config; };
  ghosttyConfig = ''
    theme = "cozybox-current"
    font-family = Berkeley Mono
--- a/home/git.nix
+++ b/home/git.nix
@ -1,7 +1,4 @@
-{ config, ... }:
-let
-  theme = import ../lib/theme.nix { inherit config; };
-in
+{ theme, ... }:
 {
  programs.git = {
    enable = true;
--- a/home/prompt.nix
+++ b/home/prompt.nix
@ -1,12 +1,9 @@
 {
-  config,
  lib,
  pkgs,
+  theme,
  ...
 }:
-let
-  theme = import ../lib/theme.nix { inherit config; };
-in
 {
  home.packages = [ pkgs.pure-prompt ];

@ -38,12 +35,14 @@ in
        typeset -g prompt_pure_git_branch_color=$prompt_pure_colors[git:branch]
        [[ -n ''${prompt_pure_git_last_dirty_check_timestamp+x} ]] && prompt_pure_git_branch_color=$prompt_pure_colors[git:branch:cached]

-        # Branch + arrows turn yellow when dirty
+        # Branch, arrows, and prompt symbol turn yellow when dirty
        if [[ -n $prompt_pure_git_dirty ]]; then
          prompt_pure_git_branch_color=$prompt_pure_colors[git:dirty]
          prompt_pure_colors[git:arrow]=$prompt_pure_colors[git:dirty]
+          prompt_pure_colors[prompt:success]=$prompt_pure_colors[git:dirty]
        else
          prompt_pure_colors[git:arrow]=$_codex_pure_default_arrow
+          prompt_pure_colors[prompt:success]=$_codex_pure_default_success
        fi

        psvar[12]=; ((''${(M)#jobstates:#suspended:*} != 0)) && psvar[12]=''${PURE_SUSPENDED_JOBS_SYMBOL:-✦}
@ -66,6 +65,7 @@ in
      }

      typeset -g _codex_pure_default_arrow=$prompt_pure_colors[git:arrow]
+      typeset -g _codex_pure_default_success=$prompt_pure_colors[prompt:success]

      _codex_apply_prompt_theme() {
        local mode="$(_codex_read_theme_mode)"
@ -78,6 +78,7 @@ in
        fi

        typeset -g _codex_pure_default_arrow=$prompt_pure_colors[git:arrow]
+        typeset -g _codex_pure_default_success=$prompt_pure_colors[prompt:success]
        typeset -g _CODEX_LAST_PROMPT_THEME="$mode"
      }
    '')
--- a/home/tmux.nix
+++ b/home/tmux.nix
@ -1,12 +1,9 @@
 {
-  config,
  lib,
  pkgs,
+  theme,
  ...
 }:
-let
-  theme = import ../lib/theme.nix { inherit config; };
-in
 {
  programs.tmux = {
    enable = true;
--- a/home/zsh.nix
+++ b/home/zsh.nix
@ -3,11 +3,9 @@
  lib,
  pkgs,
  hostConfig,
+  theme,
  ...
 }:
-let
-  theme = import ../lib/theme.nix { inherit config; };
-in
 {
  programs.zsh = {
    enable = true;
@ -156,12 +154,6 @@ in
        _codex_apply_prompt_theme
        _codex_apply_highlight_styles

-        ${lib.optionalString hostConfig.isDarwin ''
-          if command -v wt >/dev/null 2>&1; then
-            eval "$(command wt config shell init zsh)"
-            wtc() { wt switch --create --base @ "$@"; }
-          fi
-        ''}
      '')

      (lib.mkAfter ''
--- a/lib/package-sets.nix
+++ b/lib/package-sets.nix
@ -6,56 +6,8 @@
 let
  gwsPackage = inputs.googleworkspace-cli.packages.${pkgs.stdenv.hostPlatform.system}.default;
  claudePackage = inputs.claudeCode.packages.${pkgs.stdenv.hostPlatform.system}.default;
-  agentcomputerPackage = inputs.agentcomputer-cli.packages.${pkgs.stdenv.hostPlatform.system}.default;
  openspecPackage = inputs.openspec.packages.${pkgs.stdenv.hostPlatform.system}.default;

-  graphite = pkgs.stdenvNoCC.mkDerivation rec {
-    pname = "graphite";
-    version = "1.7.20";
-
-    src = pkgs.fetchurl {
-      url = "https://github.com/withgraphite/homebrew-tap/releases/download/v${version}/gt-macos-arm64";
-      hash = "sha256-ho9VQw1ic3jhG3yxNwUL0W1WvNFku9zw6DQnGehs7+8=";
-    };
-
-    dontUnpack = true;
-
-    installPhase = ''
-      install -Dm755 "$src" "$out/bin/gt"
-    '';
-
-    meta = {
-      description = "Manage stacked Git changes and submit them for review";
-      homepage = "https://graphite.dev/";
-      license = lib.licenses.agpl3Only;
-      mainProgram = "gt";
-      platforms = lib.platforms.darwin;
-    };
-  };
-
-  worktrunk = pkgs.rustPlatform.buildRustPackage rec {
-    pname = "worktrunk";
-    version = "0.23.1";
-
-    src = pkgs.fetchurl {
-      url = "https://github.com/max-sixty/worktrunk/archive/refs/tags/v${version}.tar.gz";
-      hash = "sha256-cdQDUz7to3JkriWE9i5iJ2RftJFZivw7CTwGxDZPAqw=";
-    };
-
-    cargoHash = "sha256-DHjwNqMiVkWqL3CuOCITvyqkdKe+GOZ2nlMSstDIcTg=";
-    doCheck = false;
-
-    meta = {
-      description = "CLI for Git worktree management";
-      homepage = "https://worktrunk.dev";
-      license = with lib.licenses; [
-        asl20
-        mit
-      ];
-      mainProgram = "wt";
-      platforms = lib.platforms.darwin;
-    };
-  };
 in
 {
  core = with pkgs; [
@ -107,15 +59,10 @@ in
      yt-dlp
    ])
    ++ lib.optionals pkgs.stdenv.isDarwin [
-      agentcomputerPackage
      pkgs.texliveFull
    ]
    ++ [
      openspecPackage
-    ]
-    ++ lib.optionals pkgs.stdenv.isDarwin [
-      graphite
-      worktrunk
    ];

  fonts = with pkgs; [