-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathjustfile
More file actions
230 lines (193 loc) · 7.42 KB
/
Copy pathjustfile
File metadata and controls
230 lines (193 loc) · 7.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
# Justfile for NixOS configuration management
# NOTE: nh (https://github.com/nix-community/nh) is preferred for system management
# Use 'nh os switch', 'nh os test', etc. instead of these commands when possible
# Default recipe - show available commands
_default:
@just --list
# Format all Nix files (uses formatter flake output)
format:
@echo "Formatting Nix files..."
nix fmt
@echo "✓ Formatting complete"
# Format all files using treefmt (multiple formatters in parallel)
# Uses treefmt.toml configuration file
treefmt:
@echo "Formatting all files with treefmt..."
treefmt
@echo "✓ Formatting complete"
# Format all files using treefmt via flake (uses treefmt.nix)
treefmt-flake:
@echo "Formatting all files with treefmt (via flake)..."
nix run .#treefmt
@echo "✓ Formatting complete"
# Format all files using treefmt in CI mode (fail-on-change)
treefmt-ci:
@echo "Checking formatting with treefmt (CI mode)..."
treefmt --ci
@echo "✓ Formatting check passed"
# Clear treefmt cache and re-format all files
treefmt-clear:
@echo "Clearing treefmt cache and formatting..."
treefmt --clear-cache
@echo "✓ Formatting complete"
# Format specific files or directories
treefmt-files PATHS:
@echo "Formatting {{PATHS}} with treefmt..."
treefmt {{PATHS}}
@echo "✓ Formatting complete"
# Check for unmatched files (show warnings)
treefmt-unmatched:
@echo "Checking for unmatched files..."
treefmt --on-unmatched warn
@echo "✓ Check complete"
# Validate flake
check:
@echo "Validating flake..."
nix flake check .
@echo "✓ Flake validation passed"
# Evaluate NixOS configuration without building (faster syntax check)
eval-config:
@echo "Evaluating NixOS configuration (no build)..."
nix eval .#nixosConfigurations.ikigai.config.system.build.toplevel.drvPath --show-trace
@echo "✓ Configuration evaluates successfully"
# Check syntax of a Nix file
syntax-check FILE:
@echo "Checking syntax of {{FILE}}..."
nix-instantiate --parse-only {{FILE}}
@echo "✓ Syntax check passed"
# Get store path for a package from nixpkgs (useful for debugging)
store-path PACKAGE:
@echo "Getting store path for {{PACKAGE}}..."
@nix eval '<nixpkgs>' --apply 'pkgs: builtins.toString pkgs.{{PACKAGE}}' 2>/dev/null || \
echo "Usage: just store-path <package-name> (e.g., just store-path firefox)"
@echo "Note: Package must exist in nixpkgs. Use nix search nixpkgs <name> to find exact name."
# Evaluate a package for a different platform (useful for cross-platform checks)
eval-package PACKAGE SYSTEM:
@echo "Evaluating {{PACKAGE}} for {{SYSTEM}}..."
@nix-instantiate --argstr system "{{SYSTEM}}" '<nixpkgs>' -A {{PACKAGE}} --show-trace
@echo "✓ Package evaluates for {{SYSTEM}}"
@echo "Example systems: x86_64-linux, x86_64-darwin, aarch64-linux"
# Dead code check (deadnix)
dead:
@echo "Running deadnix (fail on unused)..."
nix run github:astro/deadnix -- -f .
@echo "✓ No dead code found"
# Dead code fix (deadnix edit)
dead-fix:
@echo "Removing dead code with deadnix..."
nix run github:astro/deadnix -- -eq .
@echo "✓ Dead code removed"
# Build configuration
build:
@echo "Building NixOS configuration..."
nix build .#nixosConfigurations.default.config.system.build.toplevel -o result
@echo "✓ Build complete: ./result"
# Build from local nixpkgs checkout (useful for testing PRs)
build-from-local NIXPKGS_PATH:
@echo "Building from local nixpkgs at {{NIXPKGS_PATH}}..."
sudo nixos-rebuild -I nixpkgs={{NIXPKGS_PATH}} switch --flake .#ikigai
@echo "✓ Build complete from local nixpkgs"
# Build home-manager configuration
build-home:
@echo "Building Home Manager configuration..."
nix build .#homeConfigurations.kaizen -o result-home
@echo "✓ Build complete: ./result-home"
# Switch to configuration (requires sudo)
# NOTE: Use 'nh os switch' instead
switch:
@echo "Switching to new configuration..."
@echo "NOTE: Consider using 'nh os switch' instead"
sudo nixos-rebuild switch --flake .#default
# Test configuration without switching (requires sudo)
# NOTE: Use 'nh os test' instead
test-switch:
@echo "Testing configuration (no switch)..."
@echo "NOTE: Consider using 'nh os test' instead"
sudo nixos-rebuild test --flake .#ikigai
# Update flake inputs
# NOTE: Use 'nh update' instead
update:
@echo "Updating flake inputs..."
@echo "NOTE: Consider using 'nh update' instead"
nix flake update
@echo "✓ Flake inputs updated"
# Show flake inputs
show-inputs:
@echo "Flake inputs:"
nix flake show
# Enter development shell
dev:
@echo "Entering development shell..."
nix develop
# Show configuration tree
tree:
@echo "Configuration tree:"
nix-tree .#nixosConfigurations.default.config.system.build.toplevel
# Download a store path from cache (useful for debugging)
download-store-path STORE_PATH:
@echo "Downloading store path {{STORE_PATH}} from cache..."
nix-store -r {{STORE_PATH}}
@echo "✓ Store path downloaded"
# Clean build artifacts and old generations
clean:
@echo "Cleaning build artifacts and old generations..."
nh clean
rm -rf result result-home result-vm .direnv
@echo "✓ Cleaned"
# Garbage collect generations older than 3 days (optional)
gc-old:
@echo "GC generations older than 3 days..."
sudo nix-collect-garbage --delete-older-than 3d
@echo "✓ GC complete"
# Show system information
info:
@echo "NixOS Configuration Info:"
@echo "========================"
@nix flake show
@echo ""
@echo "System packages:"
@nix eval .#nixosConfigurations.ikigai.config.environment.systemPackages --apply 'x: builtins.length x' 2>/dev/null || echo "Run 'nix develop' first"
# Probe system hardware and configuration
probe:
@echo "Probing system information..."
./scripts/probe.sh
# Verify hardware matches configuration
verify:
@echo "Verifying hardware configuration..."
./scripts/verify-hardware.sh
# SOPS secret management
# Reference: https://github.com/Mic92/sops-nix
sops-edit:
@echo "Editing secrets/secrets.yaml with SOPS..."
@echo "This will open your editor and auto-encrypt on save"
nix-shell -p sops --run "sops secrets/secrets.yaml"
# Decrypt and show secrets (read-only)
sops-show:
@echo "Showing decrypted secrets..."
nix-shell -p sops --run "sops -d secrets/secrets.yaml"
# Initialize age key for SOPS
sops-init-age:
@echo "Generating age key for SOPS..."
mkdir -p ~/.config/sops/age
nix-shell -p age --run "age-keygen -o ~/.config/sops/age/keys.txt"
@echo ""
@echo "Age key generated at ~/.config/sops/age/keys.txt"
@echo "Public key (add to .sops.yaml):"
nix-shell -p age --run "age-keygen -y ~/.config/sops/age/keys.txt"
# Create secrets file from example
sops-create:
@echo "Creating secrets/secrets.yaml from example..."
cp secrets/secrets.yaml.example secrets/secrets.yaml
@echo "Edit secrets/secrets.yaml with: just sops-edit"
# Update keys in all secrets (after adding new keys to .sops.yaml)
sops-updatekeys:
@echo "Updating keys in all SOPS files..."
@echo "Run this after adding new keys to .sops.yaml"
nix-shell -p sops --run "sops updatekeys secrets/secrets.yaml"
# CPU frequency scaling and AMD P-State status
# Reference: https://docs.kernel.org/admin-guide/pm/amd-pstate.html
cpu:
./scripts/cpu-info.sh
# Check kernel modules status
modules-check:
./scripts/modules-check.sh