The `clan.core.vars.settings.passBackend` option has been replaced with
`clan.vars.password-store.passPackage` to provide better type safety and
clearer configuration.
Changes:
- Remove problematic mkRemovedOptionModule that caused circular dependency
- Add proper option definition with assertion-based migration
- Users setting the old option get clear migration instructions
- Normal evaluation continues to work for users not using the old option
Migration: Replace `clan.core.vars.settings.passBackend = "passage"`
with `clan.vars.password-store.passPackage = pkgs.passage`
The is_cached method now correctly handles store paths that have line
numbers appended (e.g., /nix/store/file.nix:123:456). Previously, these
paths would fail the existence check because the exact path with line
numbers doesn't exist as a file.
The fix adds a helper method that:
- First checks if the exact path exists
- If not, and the path contains colons, validates that the suffix
consists only of numbers (line:column format)
- If valid, strips the line numbers and checks the base file path
This ensures that cached references to specific file locations are
properly validated while avoiding false positives with files that
have colons in their names.
Motivation: A warning should encourage consistent usage of inventory.machines setting targetHost inside the machine should be considered a custom override
Changing the warning strings to avoid the term 'nix'/'json' both inventory and nixos machines are nix features
Since apply changes the structure of the retuned value, the cache will
be confused about the structure and in subsequent request will use this
wrong structure.
For example: we would use builtins.attrNames on inputs, the flake will
forever think that inputs is a list of strings and will report errors
whenever we try to fetch subkeys from it
- Change Generator class to store machine name as string instead of Machine reference
- Update Generator.generators_from_flake() to only require machine name and flake
- Refactor check_vars() to accept machine name and flake instead of Machine object
- Create Machine instances only when needed for specific operations
This continues the effort to reduce dependencies on the Machine class,
making the codebase more modular and easier to refactor.
Replace all calls to machine.vars_generators() with direct calls to
Generator.generators_from_flake() to make the dependency more explicit
and remove unnecessary indirection.
This reduces coupling to the Machine class, making the codebase more
modular and easier to refactor in the future.
Add comprehensive test coverage for union types with None to prevent
regression of the issubclass() TypeError that was occurring when
checking if None is in a union type.
Motivation: A warning should encourage consistent usage of inventory.machines setting targetHost inside the machine should be considered a custom override
Changing the warning strings to avoid the term 'nix'/'json' both inventory and nixos machines are nix features
- Remove _serialized field from vars interface to prevent serialization
errors with throwing passBackend field
- Implement direct selection of generator fields using multi-select syntax
- Refactor vars_generators() to use new Generator.from_flake() method that
selects only safe fields (avoiding non-serializable values)
- Remove unused legacy methods: Generator.from_json(), Var.from_json(),
Prompt.from_json()
- Update precaching to match new selection approach
This fixes the serialization errors that were preventing vars from working
with the new password-store implementation by avoiding the problematic
_serialized field entirely.
When using multiselect with outPath like {outPath,?meta}, nix evaluation
collapses the attrset to just the outPath string, breaking further selection.
Add validation during selector parsing to catch this and provide a clear error.
- Remove deployment.json file generation from outputs.nix
- Add throw for deprecated deployment.file usage with upgrade instructions
- Remove vars data from deployment.data
- Update Machine class to use direct select() calls instead of deployment property
- Update all deployment property accesses to use direct selectors
- Add precaching for frequently accessed values in update.py:
- Module paths for facts and vars
- Deployment settings (requireExplicitUpdate, nixosMobileWorkaround)
- Services and generators data
- Secret upload locations
- This removes unnecessary JSON serialization and makes the code more composable
