readme

2026-04-15 05:02:10 +00:00 · 2026-03-22 14:45:14 -04:00 · 2026-03-22 14:45:14 -04:00 · 5cdf8fd873
commit 5cdf8fd873
parent 24b16cba14
1 changed files with 1 additions and 105 deletions
--- a/README.md
+++ b/README.md
@ -1,20 +1,5 @@
 # Nix Config

-## Approach
-
-This repo is the source of truth for the machine's reproducible developer
-environment across macOS and Linux:
-
- `home/` contains the Home Manager modules for user-facing tools
- `config/` contains the repo-owned config trees copied from your daily setup
- `modules/` contains host-level `nix-darwin` policy and package layers
- `modules/homebrew.nix` is intentionally narrow and only exists for GUI apps
-  that are still easier to keep in Brew on macOS
- `home/migration.nix` contains one-time ownership handoff logic from `~/dots`
-  into Home Manager so the steady-state modules can stay focused on real config
- `lib/package-sets.nix` defines the shared CLI package subsets used by both
-  macOS and Linux hosts
-
 ## Layout

 - `flake.nix`: top-level flake and host wiring
@ -39,15 +24,7 @@ environment across macOS and Linux:
  `~/Library/Application Support` state are intentionally outside declarative
  Nix ownership

-## Dedicated Inputs
-
-Most tools come from `nixpkgs`. Fast-moving CLIs that you want to update on
-their own cadence are pinned as dedicated flake inputs:
-
- `googleworkspace-cli`
- `claudeCode`
-
-Bitwarden note:
+## Bitwarden note:

 - `bw` is installed via Homebrew as `bitwarden-cli`
 - `bws` is not currently managed in this repo because I did not find a
@ -56,84 +33,3 @@ Bitwarden note:
  via `just secrets-sync`
 - vault items are currently the source of truth for imported machine secrets and
  SSH material
-
-## Commands
-
-First switch:
-
-```bash
-nix run github:LnL7/nix-darwin/master#darwin-rebuild -- switch --flake path:.#hari-macbook-pro
-```
-
-First Linux switch:
-
-```bash
-nix run github:nix-community/home-manager -- switch --flake path:.#workstation -b hm-bak
-```
-
-After the first successful switch:
-
-```bash
-just switch
-just switch workstation
-just build
-just build workstation
-just check
-```
-
-Update everything pinned by the flake:
-
-```bash
-nix flake update
-just switch
-```
-
-Update only Codex or Claude:
-
-```bash
-nix flake lock --update-input claudeCode
-just switch
-```
-
-Update Codex:
-
-```bash
-brew upgrade --cask codex
-just switch
-```
-
-Sync Bitwarden-backed shell secrets:
-
-```bash
-export BW_SESSION="$(bw unlock --raw)"
-just secrets-sync
-```
-
-Restore file-based secrets from Bitwarden:
-
-```bash
-export BW_SESSION="$(bw unlock --raw)"
-just secrets-restore-files
-```
-
-## What Still Needs Manual Handling
-
- Promoting vault-backed secrets into Bitwarden Secrets Manager machine-account
-  flows, if you want fully non-interactive sandbox secret injection later
- App state under `~/Library/Application Support`
- Anything that depends on local credentials, keychains, or encrypted stores
- Manual cleanup of old non-Nix installs that are no longer wanted
-
-## Current Homebrew Scope
-
-The current Homebrew boundary is only:
-
- `cap`
- `codex`
- `raycast`
- `riptide-dev`
- `thebrowsercompany-dia`
- `wispr-flow`
-
-Homebrew activation is currently `cleanup = "uninstall"`, so anything outside
-that list is treated as drift and removed on `darwin-rebuild switch`.