public/librenotes
1
0
Fork 0
Code Issues 37 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
58a9bd394cd7c0a0daa4363425af4e3b3f8da680
librenotes/flake.nix
Michael Czechowski 3a74a298a5 Initial project setup with Nix flake and gitignore 
Nix devshell with gh, bubblewrap sandbox, and yolo mode.
Gitignore for .claude, .wave internals, secrets.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 17:02:01 +01:00

101 lines
2.8 KiB
Nix
Raw Blame History

{
description = "Notesium notes environment";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, nixpkgs, flake-utils }:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = import nixpkgs { inherit system; config.allowUnfree = true; };
packages = with pkgs; [
# claude-code
gh
bubblewrap
];
shellFunctions = ''
yolo() { claude --dangerously-skip-permissions --resume; }
'';
shellFunctionsScript = pkgs.writeText "shell-functions.sh" shellFunctions;
sandboxScript = pkgs.writeShellScriptBin "enter-sandbox" ''
PROJECT_DIR="''${SANDBOX_PROJECT_DIR:-$PWD}"
BWRAP_ARGS=(
--unshare-all
--share-net
--die-with-parent
--ro-bind / /
--dev /dev
--proc /proc
--tmpfs "$HOME"
--bind "$PROJECT_DIR" "$PROJECT_DIR"
--bind "$HOME/.claude" "$HOME/.claude"
--bind "$HOME/.claude.json" "$HOME/.claude.json"
--ro-bind "$HOME/.gitconfig" "$HOME/.gitconfig"
--ro-bind "$HOME/.ssh" "$HOME/.ssh"
--ro-bind "$HOME/.config/gh" "$HOME/.config/gh"
--ro-bind "$HOME/.local/bin" "$HOME/.local/bin"
--tmpfs /tmp
--setenv HOME "$HOME"
--setenv PATH "$PATH"
--setenv TERM "''${TERM:-xterm}"
--setenv SANDBOX_ACTIVE "1"
--chdir "$PROJECT_DIR"
)
mkdir -p "$HOME/.claude"
touch "$HOME/.claude.json"
if [ $# -gt 0 ]; then
exec ${pkgs.bubblewrap}/bin/bwrap "''${BWRAP_ARGS[@]}" "$@"
else
exec ${pkgs.bubblewrap}/bin/bwrap "''${BWRAP_ARGS[@]}" ${pkgs.bash}/bin/bash
fi
'';
in
{
devShells = {
default = pkgs.mkShell {
buildInputs = packages ++ [ sandboxScript ];
shellHook = ''
export SANDBOX_PROJECT_DIR="$PWD"
export SHELL_FUNCTIONS="${shellFunctionsScript}"
if [ ! -t 0 ] || [ -n "$NIX_DEVELOP_COMMAND" ]; then
echo "=== Notesium (sandbox: enter-sandbox) ==="
else
echo "=== Notesium Sandbox ==="
echo "WRITE: $PWD, ~/.claude"
exec enter-sandbox ${pkgs.bash}/bin/bash --rcfile <(cat << 'SANDBOX_BASHRC'
source "$SHELL_FUNCTIONS"
PS1="[sandbox] \w \$ "
SANDBOX_BASHRC
)
fi
'';
};
yolo = pkgs.mkShell {
buildInputs = packages;
shellHook = ''
${shellFunctions}
echo "=== Notesium (YOLO - no sandbox) ==="
'';
};
};
}
);
}
Reference in New Issue View Git Blame Copy Permalink