m3tam3re/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cab1f73c8964c482dda4a80385dba583ff3f87fa
nixpkgs/PLAN.md
m3tm3re cab1f73c89 feat: containerized pi agent
2026-04-13 21:27:09 +02:00

3.4 KiB
Raw Blame History

PLAN

Context

  • Implement Option A: run pi through a rootless Podman container while keeping a native terminal UX.
  • Preserve flake.nix + nix develop workflows by using the host Nix daemon from inside the container.
  • Keep logic centralized in nixpkgs and host-specific values in nixos-config.

Approach

  • Extend the existing Home Manager module at modules/home-manager/coding/agents/pi.nix with a coding.agents.pi.container.* option set.
  • Implement Option A defaults from your decisions:
    • wrapper command name is pi (native command replacement),
    • project roots are mounted read-write,
    • autoStart = true by default,
    • autoNixDevelop = false by default,
    • image default set to docker.io/nixos/nix:latest as a conservative base and overridden in host config for a Pi-ready image.
  • Generate a deterministic wrapper script (installed via Home Manager) that:
    • verifies cwd is within allowed project roots,
    • ensures rootless container exists/runs,
    • maps cwd and runs podman exec -it <container> pi "$@",
    • optionally runs via nix develop -c pi ... when autoNixDevelop=true and flake.nix is present.
  • Configure safe Podman mounts:
    • allowed project roots only,
    • host Nix daemon socket (Option A),
    • minimal Nix config/certs needed for CLI operation.
  • Wire host-specific config in nixos-config/home/features/coding/pi.nix and remove direct host pi binary installation from the coding package list to avoid command-path ambiguity.

Files to modify

  • modules/home-manager/coding/agents/pi.nix (new container options + wrapper + container lifecycle logic)
  • /home/m3tam3re/p/NIX/nixos-config/home/features/coding/pi.nix (host-specific container settings)

Reuse

  • Existing Pi HM module and option namespace:
    • modules/home-manager/coding/agents/pi.nix
  • Existing coding feature wiring in nixos-config:
    • /home/m3tam3re/p/NIX/nixos-config/home/features/coding/default.nix
    • /home/m3tam3re/p/NIX/nixos-config/home/features/coding/pi.nix

Steps

  • Add coding.agents.pi.container options (enable/name/image/projectRoots/autoStart/autoNixDevelop/extraRunArgs/extraEnv) with defaults matching your preferences (autoStart=true, autoNixDevelop=false, default image as above).
  • Implement wrapper script generation in HM module with cwd allowlist checks and container create/start/exec behavior.
  • Make wrapper binary name pi (native UX) when container mode is enabled.
  • Add deterministic container run/create args with safe mounts and host Nix daemon socket.
  • Add optional in-container nix develop -c pi path when flake project is detected.
  • Wire host-specific values in nixos-config home/features/coding/pi.nix.
  • Remove direct host pi package install in nixos-config coding packages so wrapper is the effective pi command.
  • Validate eval/build and document command outputs for flake and non-flake wrapper behavior.

Verification

  • Static checks for both repos (module eval/build where appropriate).
  • Home Manager evaluation/switch check in nixos-config.
  • Manual wrapper checks:
    • Inside a flake project: pi resolves via nix develop -c pi ... when enabled.
    • Outside flake project: pi runs directly via container exec.
  • Capture exact commands + outputs for report.

Open questions

  • None currently blocking; proceed with conservative default image and host override guidance.
Reference in New Issue View Git Blame Copy Permalink