test and dev wrappers

modules/hosts/john-pc/default.nix

@@ -15,23 +15,18 @@ in
     selfPkgs = inputs.self.packages.${pkgs.stdenv.hostPlatform.system};
     resticPasswordFile = "${config.xdg.configHome}/restic/password.txt";
     flakeDir = "${config.xdg.configHome}/home-manager/jsl-dendritic";
-    test-push = with pkgs; writeShellApplication {
-      name = "test-push";
-      runtimeInputs = [ nh ];
-      text = ''nh os switch ${flakeDir}#${testHost} --target-host root@${testTarget} -e none'';
-    };
   in
   {
     imports = with inputs.self.modules.homeManager; [
       rebuild
       john
-      mysops
-      janus-ca
       mtls
       restic
       docker
       desktop
-      # sshCerts
+      step-client
+      mysops
+      # myPackage
       # myStepClient
     ];
     # TODO: make this more restrictive, rather than allowing all unfree packages
@@ -43,13 +38,17 @@ in
     home.username = "${username}";
     home.homeDirectory = "/home/${username}";
     home.packages = with pkgs; [
-      nixos-rebuild
-      test-push
       selfPkgs.jsl-zsh
       selfPkgs.my-neovim
-      selfPkgs.step-client
+      selfPkgs.ssh-certs
+      # selfPkgs.step-bootstrap
       # selfPkgs.wg-platform
       # self'.packages.myWrappedPackage
+      # (inputs.self.wrappers.test-push.apply {
+      #   inherit pkgs flakeDir;
+      #   host = testHost;
+      #   target = testTarget;
+      # }).wrapper
     ];
 
     shell.program = "zsh";

modules/hosts/john-pc/dev.nix

@@ -0,0 +1,33 @@
+{ self, inputs, ... }: {
+  flake.wrappers.test-push = inputs.wrappers.lib.wrapModule ({config, lib, wlib, ... }: {
+    options = {
+      flakeDir = lib.mkOption {
+        type = lib.types.str;
+      };
+      host = lib.mkOption {
+        type = lib.types.str;
+      };
+      target = lib.mkOption {
+        type = lib.types.str;
+      };
+      sshUser = lib.mkOption {
+        type = lib.types.str;
+        default = "root";
+      };
+      elevationStrategy = lib.mkOption {
+        type = lib.types.str;
+        default = "none";
+      };
+    };
+
+    config = {
+      binName = "test-push";
+      package = config.pkgs.nh;
+      args = [
+        "os" "switch" "${config.flakeDir}#${config.host}"
+        "--target-host" "${config.sshUser}@${config.target}"
+        "--elevation-strategy" "${config.elevationStrategy}"
+      ]; 
+    };
+  });
+}

modules/nix-tools/rebuild.nix

@@ -40,7 +40,6 @@
     { config, pkgs, lib, ... }:
     let
       flakeDir = config.homeManagerFlakeDir;
-      hostnameCmd = "$(${lib.getExe pkgs.hostname} -s)";
 
       flake-parts-check = with pkgs; writeShellApplication {
         name = "flake-parts-check";
@@ -52,23 +51,6 @@
         '';
       };
 
-      nhms = with pkgs; writeShellApplication {
-        name = "nhms";
-        runtimeInputs = [ coreutils hostname nh ];
-        text = ''
-          USERNAME=''${USER:-$(whoami)}
-          HOSTNAME=$(hostname -s)
-          echo "Switching to the $HOSTNAME home-manager profile"
-          nh home switch ${flakeDir} -c "$USERNAME@$HOSTNAME" "$@"
-        '';
-      };
-
-      nhmu = with pkgs; writeShellApplication {
-        name = "nhmu";
-        runtimeInputs = [ nhms ];
-        text = ''nhms --update'';
-      };
-
       test-build = with pkgs; writeShellApplication {
         name = "test-build";
         runtimeInputs = [ coreutils nix hostname ];
@@ -82,24 +64,6 @@
           nix eval "${flakeDir}#nixosConfigurations.$HOSTNAME.config.system.build.toplevel.drvPath"
         '';
       };
-
-      cleanup = with pkgs; writeShellApplication {
-        name = "cleanup";
-        runtimeInputs = [ coreutils home-manager nix ];
-        text = ''
-          set -e
-          DAYS=$1
-          if [ -z "$DAYS" ]; then
-            echo "usage: cleanup <days>"
-            exit 1
-          fi
-          home-manager expire-generations "-$DAYS days"
-          nix profile wipe-history --older-than "''${DAYS}d"
-          nix store gc
-          nix store optimise
-        '';
-      };
-
     in
     {
       options = {
@@ -121,13 +85,63 @@
             name = "build-tools";
             paths = [
               flake-parts-check
-              nhms
-              nhmu
               test-build
-              cleanup
+              (inputs.self.wrappers.home-switch.apply {
+                inherit pkgs flakeDir;
+              }).wrapper
+              (inputs.self.wrappers.home-switch.apply {
+                binName = lib.mkForce "nhmu";
+                inherit pkgs flakeDir;
+                extraOptions = [ "--update" ];
+              }).wrapper
+              (inputs.wrappers.lib.wrapPackage {
+                binName = "cleanup";
+                inherit pkgs;
+                package = nh;
+                args = [ "clean" "user" "--keep-since" "3days" ];
+              })
             ];
           })
         ];
       };
     };
+
+  flake.wrappers.home-switch = inputs.wrappers.lib.wrapModule ({config, lib, wlib, ... }: {
+    options = {
+      flakeDir = lib.mkOption {
+        type = lib.types.str;
+      };
+      user = lib.mkOption {
+        type = lib.types.str;
+        default = "$(whoami)";
+      };
+      hostname = lib.mkOption {
+        type = lib.types.str;
+        default = "$(hostname -s)";
+      };
+      configuration = lib.mkOption {
+        type = lib.types.str;
+        default = "${config.user}@${config.hostname}";
+      };
+      extraOptions = lib.mkOption {
+        type = lib.types.listOf lib.types.str;
+        default = [ ];
+      };
+    };
+
+    config = {
+      binName = "nhms";
+      extraPackages = with config.pkgs; [ coreutils hostname nh ];
+      preHook = ''
+        CONFIG=${config.configuration}
+        echo "Switching to $CONFIG"
+      '';
+      package = config.pkgs.nh;
+      args = [
+        "home" "switch"
+        "--configuration" "${config.configuration}"
+        "${config.flakeDir}"
+      ] ++ config.extraOptions ++ [ "$@" ];
+    };
+  });
 }

modules/programs/sops.nix

@@ -42,6 +42,14 @@ in
         }).wrapper;
       in
       {
+        # Option definitions for the sops home-manager module:
+        # https://github.com/Mic92/sops-nix/blob/master/modules/home-manager/sops.nix
+        sops = {
+          defaultSopsFile = ../../keys/secrets.yaml;
+          defaultSopsFormat = "yaml";
+          age.sshKeyPaths = [ "${config.ssh.identityFile}" ];
+        };
+
         home.packages = with pkgs; [
           my-sops
           (inputs.wrappers.lib.wrapPackage {
@@ -53,21 +61,14 @@ in
               "${config.xdg.configHome}/sops-nix/secrets"
             ];
           })
-          (inputs.wrappers.lib.wrapPackage {
+          
-            binName = "edit-secrets";
+        ]
-            inherit pkgs;
+        ++ lib.optional (cfg.hostSecretFile != null) (inputs.wrappers.lib.wrapPackage {
-            package = my-sops;
+          binName = "edit-secrets";
-            args = [ cfg.hostSecretFile ];
+          inherit pkgs;
-          })
+          package = my-sops;
-        ];
+          args = [ cfg.hostSecretFile ];
-
+        });
-        # Option definitions for the sops home-manager module:
-        # https://github.com/Mic92/sops-nix/blob/master/modules/home-manager/sops.nix
-        sops = {
-          defaultSopsFile = ../../keys/secrets.yaml;
-          defaultSopsFormat = "yaml";
-          age.sshKeyPaths = [ "${config.ssh.identityFile}" ];
-        };
       };
   };