# Repository Guidelines ## Project Structure & Module Organization This repository is a declarative macOS setup built with Nix flakes, `flake-parts`, and a dendritic aspect layout. - `flake.nix` and `flake.lock`: flake entrypoint and pinned inputs. - `modules/flake/`: flake assembly, repo options, shared context modules, and `darwinConfigurations` generation. - `modules/aspects/`: public aspect entry modules auto-discovered with `import-tree`. Each aspect may expose `flake.modules.darwin.` and/or `repo.homeModules.`. - `modules/aspects/_*/`: private implementation trees intentionally excluded from `import-tree`. Import these manually from the owning aspect to keep each feature plug-and-play and in control of its own composition surface. - `hosts/`: auto-discovered host declarations that register `repo.hosts..system` and a flat `features` list. - `secrets/` and `.sops.yaml`: encrypted SOPS files and path rules. - `Justfile`: day-to-day contributor commands. Prefer adding a new focused aspect in `modules/aspects/` and keeping host files thin. Put reusable internals under a sibling `_/` tree and wire them in explicitly from the public aspect entry module. ## Build, Test, and Development Commands Use `just` as the primary interface: - `just darwin `: build and switch to the current host (ex: `fenrir`). - `just darwin-debug `: same as above with verbose trace output. - `just fmt .`: format Nix files from the repository root via `nix fmt` (Alejandra). - `just up`: update all flake inputs. - `just upp `: update one input (example: `just upp nixpkgs`). - `just history`, `just clean`, `just gc`: inspect and prune Nix generations/store. For validation without switching, run: `nix build .#darwinConfigurations.fenrir.system --extra-experimental-features 'nix-command flakes'`. For dependency-graph validation without realizing a full build, run: `nix build .#darwinConfigurations.fenrir.system --dry-run --extra-experimental-features 'nix-command flakes'`. ## Coding Style & Naming Conventions - Use 2-space indentation in `.nix` files and keep attribute sets readable. - Run `just fmt .` before committing; formatter is defined in `flake.nix` (`alejandra`). - Name aspect and helper files in lowercase kebab-case. - Keep public aspect filenames aligned with the feature names referenced from `repo.hosts..features`. - Keep host files declarative and small: they should select features, not carry large implementation blocks. - Use `imports` inside private `_*/` trees to compose internals, but expose the aspect itself through one public entry module in `modules/aspects/`. ## Testing Guidelines There is no dedicated unit-test suite in this repo. Treat evaluation/build as the test gate: - Run `just fmt .`. - Run `nix build .#darwinConfigurations.fenrir.system`. - Use `nix build .#darwinConfigurations.fenrir.system --dry-run` for a quick validation pass when you only need evaluation and dependency resolution. - Use `just darwin-debug ` when diagnosing evaluation/runtime issues. Document manual verification for user-facing changes (shell, terminal, window manager, app defaults, Homebrew behavior). ## Commit & Pull Request Guidelines Commit history follows Conventional Commit style: `feat:`, `fix:`, `refactor:`, `style:`. - Keep subject lines imperative and concise. - Scope each commit to one logical change. - In PRs, include: summary, affected modules/paths, command output used for validation, and any relevant screenshots for UI changes (for example WezTerm/AeroSpace behavior). ## Security & Configuration Tips - Never commit plaintext secrets. - Store secrets only in `secrets/*.yaml` and manage keys/rules in `.sops.yaml`. - `.sops.yaml` currently matches `secrets/.*\.yaml$`; keep new secret files within that pattern or update the rule before committing. - If adding new secret-backed modules, continue reading from encrypted files via the `secrets` aspect rather than hardcoding credentials into aspect modules.