ljlkjdsalkj

flake.nix

@@ -447,7 +447,7 @@
         # self.packages.${system}.nom-nixos-rebuild-ng
         self.packages.${system}.nom-home-manager
         pkgs.nix-output-monitor
-        pkgs.cachix
+        # pkgs.cachix
         pkgs.age
         pkgs.sops
         pkgs.ssh-to-age

justfile

@@ -13,18 +13,16 @@ export FZF_DEFAULT_OPTS := "--height 15 --cycle --bind 'ctrl-a:toggle-all' " + e
 eval $hostname=`just _a_host` $attrpath="" *args:
   #!/usr/bin/env -S bash -euo pipefail
   declare attrpath="${attrpath:-system.build.toplevel.outPath}"
-  declare -a args=("${@:3}")
   [[ "$attrpath" =~ ^config\. ]] && attrpath="${attrpath:7}" ||: # pop optional 'config.' prefix
   set -x
-  nix eval ".#nixosConfigurations.\"$hostname\".config.$attrpath" --show-trace "${args[@]}"
+  nix eval ".#nixosConfigurations.\"$hostname\".config.$attrpath" --show-trace "${@:3}"
 eval-vm $hostname=`just _a_host` $attrpath="" *args:
   #!/usr/bin/env -S bash -euo pipefail
   declare attrpath="${attrpath:-system.build.toplevel.outPath}"
-  declare -a args=("${@:3}")
   [[ "$attrpath" =~ ^config\. ]] && attrpath="${attrpath:7}" ||: # pop optional 'config.' prefix
   set -x
   # nix eval ".#nixosConfigurations.\"$hostname\".config.system.build.vm.outPath" --show-trace "${@:3}"
-  nix eval ".#nixosConfigurations.\"$hostname\".config.virtualisation.vmVariant.$attrpath" --show-trace "${args[@]}"
+  nix eval ".#nixosConfigurations.\"$hostname\".config.virtualisation.vmVariant.$attrpath" --show-trace "${@:3}"
 
 repl $hostname=`just _a_host`:
   NIX_NO_NOM=1 nixos-rebuild --flake .#"$hostname" repl

profiles/base/default.nix

@@ -30,20 +30,20 @@
   # https://consoledonottrack.com/
   environment.variables.DO_NOT_TRACK = "1";
 
-  environment.systemPackages = with pkgs; [
-    ddrescue
-    gptfdisk
-    ms-sys
-    nvme-cli
-    parted
-    pciutils
-    smartmontools
-    testdisk
-    usbutils
-  ] ++ lib.optionals (builtins.elem pkgs.stdenv.hostPlatform [ "x86_64-linux" "aarch64_linux"]) [
-    cage
-    weston
-  ];
+  environment.systemPackages = lib.mkIf (!config.virtualisation.isVmVariant) ([
+    pkgs.ddrescue
+    pkgs.gptfdisk
+    pkgs.ms-sys
+    pkgs.nvme-cli
+    pkgs.parted
+    pkgs.pciutils
+    pkgs.smartmontools
+    pkgs.testdisk
+    pkgs.usbutils
+  ] ++ lib.optionals (lib.elem pkgs.stdenv.hostPlatform [ "x86_64-linux" "aarch64_linux"]) [
+    pkgs.cage
+    pkgs.weston
+  ]);
 
   # TODO: selectively whitelist
   nixpkgs.config.allowUnfree = true;
@@ -75,9 +75,6 @@
   #networking.networkmanager.wifi.backend = "iwd"; # default is wpa_supplicant, iwd doesn't support eduroam
   networking.firewall.logRefusedConnections = false; # too spammy, rotates dmesg too quickly
 
-  #system.switch.enable = false;
-  #system.switch.enableNg = true; # rewritten in rust
-
   sops.secrets.nix-access-tokens = {};
   sops.secrets.nix-access-tokens-all.mode = "0440";
   sops.secrets.nix-access-tokens-all.group = config.users.groups."keys".name;