feat: pulumi, nix-std, ...

2026-02-09 04:19:19 -08:00 · 2023-01-18 13:35:31 -05:00 · 2023-01-18 13:35:31 -05:00 · 6eeb622a8c
commit 6eeb622a8c
parent d5da15e555
31 changed files with 244 additions and 106 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,4 @@
-result
+*.pyc
+venv/
 .direnv/
+result
--- a/Pulumi.yaml
+++ b/Pulumi.yaml
@ -0,0 +1,6 @@
+name: kittywitch
+description: The Katzian Monorepo
+runtime:
+    name: python
+    options:
+        virtualenv: venv
--- a/main.py
+++ b/main.py
@ -0,0 +1,22 @@
+"""The Katzian Monorepo Pulumi Stack"""
+
+import pulumi
+from pulumi import Output
+import pulumi_tailscale as tailscale
+#import pulumi_cloudflare as cloudflare
+
+tailnet = tailscale.get_devices()
+
+domain_names = [
+    "inskip.me",
+    "gensokyo.zone",
+    "kittywit.ch",
+    "dork.dev"
+]
+
+#domains = {zone: cloudflare.Zone(
+#    jump_start = False,
+#    resource_name = zone,
+#    zone = zone,
+#    plan = "free"
+#) for zone in domain_names}
--- a/common/home.nix
+++ b/common/home.nix
@ -3,10 +3,10 @@
  tree,
  machine,
  systemType,
-  lib,
+  std,
  ...
 }: let
-  inherit (lib.lists) optional;
+  inherit (std) list;
 in {
  home-manager = {
    useGlobalPkgs = true;
@ -15,13 +15,13 @@ in {
      [
        modules.home
      ]
-      ++ optional (tree.${systemType} ? home) tree.${systemType}.home;
+      ++ list.optional (tree.${systemType} ? home) tree.${systemType}.home;

    users.kat.imports = with tree.kat; [
      common
    ];
    extraSpecialArgs = {
-      inherit tree machine;
+      inherit tree machine std;
      parent = config;
    };
  };
--- a/common/nix.nix
+++ b/common/nix.nix
@ -1,19 +1,22 @@
 {
  config,
  lib,
+  std,
  inputs,
+  tree,
  ...
 }: let
-  inherit (lib.attrsets) mapAttrs mapAttrsToList;
-  inherit (lib.lists) optional;
+  inherit (std) set tuple list;
  inherit (lib.strings) versionAtLeast;
+  renameAttrs = names: set.remap ({_0, _1}: tuple.tuple2 (names.${_0} or _0) _1);
+  renameAttr = oldName: newName: renameAttrs { ${oldName} = newName; };
 in {
  nix = {
-    nixPath = mapAttrsToList (name: flake: "${name}=${flake}") inputs;
-    registry = mapAttrs (_: flake: {inherit flake;}) inputs;
+    nixPath = set.mapToValues (name: flake: "${name}=${flake.outPath}") (renameAttr "self" "kat" inputs);
+    registry = set.map (_: flake: {inherit flake;}) inputs;

    settings = {
-      experimental-features = optional (versionAtLeast config.nix.package.version "2.4") "nix-command flakes";
+      experimental-features = list.optional (versionAtLeast config.nix.package.version "2.4") "nix-command flakes";
      substituters = ["https://arc.cachix.org" "https://kittywitch.cachix.org" "https://nix-community.cachix.org"];
      trusted-public-keys = ["arc.cachix.org-1:DZmhclLkB6UO0rc0rBzNpwFbbaeLfyn+fYccuAy7YVY=" "kittywitch.cachix.org-1:KIzX/G5cuPw5WgrXad6UnrRZ8UDr7jhXzRTK/lmqyK0=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="];
      auto-optimise-store = true;
--- a/darwin/common/homebrew.nix
+++ b/darwin/common/homebrew.nix
@ -3,7 +3,7 @@ _: {
    enable = true;
    onActivation = {
      upgrade = true;
-      cleanup = "zap";
+      cleanup = "uninstall";
    };
    brews = [
      "mas"
--- a/default.nix
+++ b/default.nix
@ -1,9 +1,11 @@
 let
-  inputs = import ./inputs.nix;
-  self = import ./outputs.nix ({
-      inherit self inputs;
-      system = builtins.currentSystem;
-    }
-    // inputs);
+  lock = builtins.fromJSON (builtins.readFile ./flake.lock);
+  flakeCompat = fetchTarball {
+    url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
+    sha256 = lock.nodes.flake-compat.locked.narHash;
+  };
+  kittywitch = import flakeCompat {
+    src = ./.;
+  };
 in
-  self
+  kittywitch.defaultNix
--- a/flake.lock
+++ b/flake.lock
@ -98,11 +98,11 @@
        "utils": "utils"
      },
      "locked": {
-        "lastModified": 1673948101,
-        "narHash": "sha256-cD0OzFfnLFeeaz4jVszH9QiMTn+PBxmcYzrp+xujpwM=",
+        "lastModified": 1674041176,
+        "narHash": "sha256-cMf1BQzI39nHQ0H/mOatthbbI3392qLmJ9gU0u520P4=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "bd3efacb82c721edad1ce9eda583df5fb62ab00a",
+        "rev": "2c29ae48f9a149151bdd82f429ac61d4412c312a",
        "type": "github"
      },
      "original": {
@ -177,11 +177,11 @@
    "pypi-deps-db": {
      "flake": false,
      "locked": {
-        "lastModified": 1673954576,
-        "narHash": "sha256-fsnuDr954gveIRxcqIq2UKJDppQpYdoLbtl5MZlIDrE=",
+        "lastModified": 1674040379,
+        "narHash": "sha256-g0TSvbl31l81qYIMGIM7p1buPaA9rHM3N/WFD6Zk/RY=",
        "owner": "DavHau",
        "repo": "pypi-deps-db",
-        "rev": "7def05c2f169bc69abd2217e1410ef0cf0cd03c8",
+        "rev": "322a4f20c357704644abe8c2e50412e9b9c16909",
        "type": "github"
      },
      "original": {
@ -228,6 +228,7 @@
        "pypi-deps-db": "pypi-deps-db",
        "ragenix": "ragenix",
        "scalpel": "scalpel",
+        "std": "std",
        "tree": "tree",
        "utils": "utils_2"
      }
@ -280,18 +281,36 @@
        "type": "github"
      }
    },
+    "std": {
+      "locked": {
+        "lastModified": 1671250799,
+        "narHash": "sha256-uPIakP98gOf6504NtrAb2/0O0BgRRXNShM0PTV8z+T0=",
+        "owner": "chessai",
+        "repo": "nix-std",
+        "rev": "b300fd6dfeae8cc331c7d8cde0e81b404d50d40c",
+        "type": "github"
+      },
+      "original": {
+        "owner": "chessai",
+        "repo": "nix-std",
+        "type": "github"
+      }
+    },
    "tree": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
+        ],
+        "std": [
+          "std"
        ]
      },
      "locked": {
-        "lastModified": 1670085069,
-        "narHash": "sha256-IO9HcAjncPp/0sUGcCUWVwa0XoBVFQKx+oY+8EBRcTc=",
+        "lastModified": 1674066361,
+        "narHash": "sha256-1f7L1be7u3x0jNDJ+W641kM9pZfd2ZLkjziRvKIZMvw=",
        "owner": "kittywitch",
        "repo": "tree",
-        "rev": "501675588cb663a9bd18056002de697f4e91b667",
+        "rev": "638ad6549febe360b0120375cae2bc3bb3b477f3",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -6,6 +6,10 @@
      url = "github:edolstra/flake-compat";
      flake = false;
    };
+    # better than nixpkgs.lib
+    std = {
+      url = "github:chessai/nix-std";
+    };
    # used for overriding unwanted flake inputs
    empty.url = "github:input-output-hk/empty-flake";
    # self-explanatory
@ -25,6 +29,7 @@
    # file structure -> attrset
    tree = {
      url = "github:kittywitch/tree";
+      inputs.std.follows = "std";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    # secrets
@ -71,5 +76,5 @@
      flake = false;
    };
  };
-  outputs = inputs: import ./outputs.nix inputs;
+  outputs = inputs: import ./outputs.nix { inherit inputs; };
 }
--- a/inputs.nix
+++ b/inputs.nix
@ -1,11 +0,0 @@
-let
-  lock = builtins.fromJSON (builtins.readFile ./flake.lock);
-  flakeCompat = fetchTarball {
-    url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
-    sha256 = lock.nodes.flake-compat.locked.narHash;
-  };
-  kittywitch = import flakeCompat {
-    src = ./.;
-  };
-in
-  kittywitch.defaultNix.inputs
--- a/kat/base16.nix
+++ b/kat/base16.nix
@ -2,7 +2,9 @@
  pkgs,
  lib,
  ...
-}: {
+}: let
+  inherit (lib.modules) mkMerge;
+in {
  base16 = {
    vim.enable = false;
    vim.template = data: let
@ -32,7 +34,7 @@
          ];
      });
    shell.enable = true;
-    schemes = lib.mkMerge [
+    schemes = mkMerge [
      {
        light = "atelier.atelier-cave-light";
        dark = "atelier.atelier-cave";
--- a/kat/default.nix
+++ b/kat/default.nix
@ -1,14 +1,14 @@
 {
  tree,
-  lib,
+  std,
  ...
 }: let
-  inherit (lib.attrsets) mapAttrs;
+  inherit (std) set list;
  wrapImports = imports:
-    mapAttrs
+    set.map
    (_: paths: {config, ...}: {
      config.home-manager.users.kat = {
-        imports = lib.singleton paths;
+        imports = list.singleton paths;
      };
    })
    imports;
--- a/kat/neovim/default.nix
+++ b/kat/neovim/default.nix
@ -1,12 +1,12 @@
 {
  config,
  lib,
+  std,
  pkgs,
  ...
 }: let
  inherit (lib.modules) mkIf;
-  inherit (lib.strings) fixedWidthNumber hasInfix;
-  inherit (lib.attrsets) mapAttrs filterAttrs;
+  inherit (std) string set;
  packDir = builtins.toString (pkgs.vimUtils.packDir config.programs.neovim.generatedConfigViml.configure.packages);
  initLua = pkgs.substituteAll ({
      name = "init.lua";
@ -16,8 +16,8 @@
      inherit (config.base16) defaultSchemeName;
      defaultSchemeSlug = config.base16.defaultScheme.slug;
    }
-    // mapAttrs (_: col: fixedWidthNumber 2 col.ansiIndex)
-    (filterAttrs (var: _: hasInfix "base" var) config.base16.defaultScheme));
+    // set.map (_: col: string.justifyRight 2 "0" (builtins.toString col.ansiIndex))
+    (set.filter (var: _: string.hasInfix "base" var) config.base16.defaultScheme));
 in {
  home.sessionVariables = mkIf config.programs.neovim.enable {EDITOR = "nvim";};

--- a/kat/shell/bitw.nix
+++ b/kat/shell/bitw.nix
@ -7,7 +7,7 @@
    enable = true;
    package = pkgs.rbw-bitw;
    settings = {
-      inherit (import tree.kat.user.data) email;
+      inherit (tree.kat.user.data) email;
      base_url = "https://vault.kittywit.ch";
      identity_url = null;
      lock_timeout = 3600;
--- a/kat/shell/fzf.nix
+++ b/kat/shell/fzf.nix
@ -1,15 +1,15 @@
 {
  pkgs,
-  lib,
+  std,
  ...
 }: let
-  inherit (lib.lists) optional;
+  inherit (std) list;
 in {
  programs.fzf = {
    enable = true;
    enableZshIntegration = true;
  };
-  programs.zsh.plugins = optional (pkgs.hostPlatform == pkgs.buildPlatform) {
+  programs.zsh.plugins = list.optional (pkgs.hostPlatform == pkgs.buildPlatform) {
    name = "fzf-tab";
    src = "${pkgs.zsh-fzf-tab}/share/fzf-tab";
  };
--- a/kat/shell/git.nix
+++ b/kat/shell/git.nix
@ -2,9 +2,7 @@
  pkgs,
  tree,
  ...
-}: let
-  kat = import tree.kat.user.data;
-in {
+}: {
  home.packages = with pkgs; [
    gitAndTools.git-remote-gcrypt
    git-crypt
@ -12,7 +10,7 @@ in {
  ];

  programs.git = {
-    inherit (kat) userName userEmail;
+    inherit (tree.kat.user.data) userName userEmail;
    package = pkgs.gitAndTools.gitFull;
    enable = true;
    extraConfig = {
@ -25,7 +23,7 @@ in {
      };
    };
    signing = {
-      inherit (kat) key;
+      inherit (tree.kat.user.data) key;
      signByDefault = true;
    };
  };
--- a/kat/shell/rink.nix
+++ b/kat/shell/rink.nix
@ -1,16 +1,16 @@
 {
  pkgs,
-  lib,
+  std,
  ...
 }: let
-  inherit (lib) toTOML;
+  inherit (std) serde;
 in {
  home.packages = with pkgs; [
    #rink-readline TODO: wait for fix
    rink
  ];

-  xdg.configFile."rink/config.toml".text = toTOML {
+  xdg.configFile."rink/config.toml".text = serde.toTOML {
    colors = {
      enabled = true;
      theme = "my_theme";
--- a/kat/shell/tmux.nix
+++ b/kat/shell/tmux.nix
@ -1,9 +1,9 @@
 {
-  lib,
+  std,
  pkgs,
  ...
 }: let
-  inherit (lib.attrsets) mapAttrs;
+  inherit (std) set;
 in {
  programs.zsh.shellAliases = {
    tt = "tmux new -AD -s";
@ -13,7 +13,7 @@ in {
    terminal = "tmux-256color";
    keyMode = "vi";
    baseIndex = 1;
-    extraConfig = with mapAttrs (_: v: "colour${toString v}") pkgs.base16.shell.shell256; ''
+    extraConfig = with set.map (_: v: "colour${builtins.toString v}") pkgs.base16.shell.shell256; ''
      # proper title handling
      set -g set-titles on
      set -g set-titles-string "#T"
--- a/kat/shell/zsh.nix
+++ b/kat/shell/zsh.nix
@ -1,15 +1,19 @@
 {
  config,
  lib,
+  std,
  pkgs,
  ...
-}: {
+}: let
+  inherit (lib.modules) mkMerge mkIf;
+  inherit (std) string list serde;
+in {
  home.packages = with pkgs; [
    # programs.zsh.enableAutosuggestions only includes nix-zsh-autocompletions
    zsh-completions
  ];

-  xdg.configFile."kattheme_immutable.json".text = builtins.toJSON rec {
+  xdg.configFile."kattheme_immutable.json".text = serde.toJSON rec {
    default = config.base16.defaultSchemeName;
    current = default;
  };
@ -73,7 +77,7 @@
                zstyle ':completion:*:complete:pass:*:*' matcher 'r:|[./_-]=** r:|=*' 'l:|=* r:|=*'
                zstyle ':completion:*' list-colors ''${(s.:.)LS_COLORS}
      zstyle ':fzf-tab:complete:cd:*' fzf-preview 'exa -1lb --color=always $realpath'
-        ${lib.concatStringsSep "\n" (map (opt: "setopt ${opt}") zshOpts)}
+        ${string.concatSep "\n" (map (opt: "setopt ${opt}") zshOpts)}
      bindkey '^ ' autosuggest-accept
        ${
        if pkgs.hostPlatform.isDarwin
@ -83,13 +87,13 @@
        else ""
      }
    '';
-    shellAliases = lib.mkMerge [
+    shellAliases = mkMerge [
      {
        nixdirfmt = "nixpkgs-fmt $(fd -e nix)";
        dmesg = "dmesg -HP";
        hg = "history 0 | rg";
      }
-      (lib.mkIf pkgs.hostPlatform.isLinux {
+      (mkIf pkgs.hostPlatform.isLinux {
        sys = "systemctl";
        sysu = "systemctl --user";
        logu = "journalctl --user";
@ -101,7 +105,7 @@
      ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE = "fg=3,bold";
      ZSH_AUTOSUGGEST_USE_ASYNC = 1;
    };
-    plugins = with pkgs.zsh-plugins; (map (plugin: plugin.zshPlugin) [
+    plugins = with pkgs.zsh-plugins; (list.map (plugin: plugin.zshPlugin) [
      tab-title
      vim-mode
      evil-registers
--- a/kat/user/common.nix
+++ b/kat/user/common.nix
@ -4,7 +4,7 @@
  ...
 }: {
  users.users.kat = {
-    inherit (import tree.kat.user.data) description;
+    inherit (tree.kat.user.data) description;
    shell = pkgs.zsh;
  };
 }
--- a/kat/user/data.nix
+++ b/kat/user/data.nix
@ -1,4 +1,4 @@
-rec {
+_: rec {
  description = "Kat Inskip";
  email = "kat@inskip.me";
  keys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPsu3vNsvBb/G+wALpstD/DnoRZ3fipAs00jtl8rzDuv96RlS7AJr4aNvG6Pt2D9SYn2wVLaiw+76mz2gOycH9/N+VCvL4/0MN9uqj+7XIcxNRo0gHVOblmi2bOXcmGKh3eRwHj1xyDwRxo9WIuBEP2bPpDPz75OXRtEdlTgvky7siSguQxJu03cb0p9hNAYhUoohNXyWW2CjDCLUQVE1+QRVUzsKq3KkPy0cHYgmZC1gRSMQyKpMt72L5tayLz3Tp/zrshucc+QO5IJeZdqMxsNAcvALsysT1J5EqxZoYH9VpWLRhSgVD6Nvn853pycJAlXQxgOCpSD3/v/JbgUe5NE+ci0o7NMy5IiHUv2gQMRIEhwBHlRGwokUPL9upx0lsjaEiPya5xQqqDKRom87xytM778ANS5CuMdQMWg9qVbpHZUHMjA0QmNkjPgq71pUDXHk5L4mZuS8wVjyjnvlw68yIJuHEc8P7QiLcjvRHFS2L9Ck8NRmPDTQXlQi9kk6LmMyu6fdevR/kZL21b+xO1e2DMyxBbNDTot8luppiiL8adgUDMwptpIne7JCWB1o9NFCbXUVgwuCCYBif6pOGSc6bGo1JTAKMflRlcy6Mi3t5H0mR2lj/sCSTWwTlP5FM4aPIq08NvW6PeuK1bFJY9fIgTwVsUnbAKOhmsMt62w== pgp-${email}"];
--- a/kat/user/nixos.nix
+++ b/kat/user/nixos.nix
@ -3,7 +3,7 @@
    uid = 1000;
    isNormalUser = true;
    openssh.authorizedKeys = {
-      inherit (import tree.kat.user.data) keys;
+      inherit (tree.kat.user.data) keys;
    };
    extraGroups = [
      "wheel"
--- a/nixos/server.nix
+++ b/nixos/server.nix
@ -1,5 +1,5 @@
-{lib, ...}: let
-  inherit (lib.attrsets) mapAttrsToList;
+{std, ...}: let
+  inherit (std) set;
 in {
-  systemd.tmpfiles.rules = mapAttrsToList (username: _: "f /var/lib/systemd/linger/${username}") config.users.users;
+  systemd.tmpfiles.rules = set.mapToValues (username: _: "f /var/lib/systemd/linger/${username}") config.users.users;
 }
--- a/outputs.nix
+++ b/outputs.nix
@ -1,7 +1,8 @@
-inputs: let
+{ inputs }: let
  inherit (inputs.nixpkgs) lib;
+  std = import ./std.nix {inherit inputs;};
  tree = import ./tree.nix {inherit inputs;};
-  systems = import ./systems {inherit inputs tree lib;};
-  shells = import ./shells {inherit inputs tree lib;};
+  systems = import ./systems {inherit inputs tree lib std;};
+  shells = import ./shells {inherit inputs tree lib std;};
 in
-  {inherit inputs tree lib;} // systems // shells
+  {inherit inputs tree lib std;} // systems // shells
--- a/requirements.txt
+++ b/requirements.txt
@ -0,0 +1,3 @@
+pulumi>=3.0.0,<4.0.0
+pulumi-tailscale
+pulumi-cloudflare
--- a/shells/default.nix
+++ b/shells/default.nix
@ -2,17 +2,17 @@
  lib,
  tree,
  inputs,
+  std,
  ...
 }: let
-  inherit (lib.attrsets) mapAttrs;
+  inherit (std) set;
 in
  inputs.utils.lib.eachDefaultSystem (system: {
    devShells = let
-      shells = mapAttrs (_: path:
+      shells = set.map (_: path:
        import path rec {
-          inherit tree inputs system;
+          inherit tree inputs system lib std;
          pkgs = inputs.nixpkgs.legacyPackages.${system};
-          inherit (inputs.nixpkgs) lib;
        })
      tree.shells;
    in
--- a/shells/repo.nix
+++ b/shells/repo.nix
@ -1,22 +1,38 @@
 {
  pkgs,
  inputs,
-  system,
+  std,
  ...
 }:
 with pkgs; let
-  repo = import ../outputs.nix (inputs // {inherit inputs system;});
-  inherit (lib.attrsets) mapAttrsToList;
-in
-  mkShell {
+  repo = import ../outputs.nix { inherit inputs; };
+  inherit (std) set list;
+  python = "python39";
+  mergeEnvs = envs:
+    pkgs.mkShell (list.foldl'
+      (a: v: {
+        buildInputs = a.buildInputs ++ v.buildInputs;
+        nativeBuildInputs = a.nativeBuildInputs ++ v.nativeBuildInputs;
+      })
+      (pkgs.mkShell { })
+      envs);
+  requirements = builtins.readFile ../requirements.txt;
+  mach-nix-wrapper = import inputs.mach-nix { inherit pkgs python; };
+  pythonShell = mach-nix-wrapper.mkPythonShell { inherit requirements; };
+  repoShell = mkShell {
    nativeBuildInputs =
      [
+        go # Required for pulumi
+        pulumi # Infrastructure as code
+        python39Packages.pulumi # Pulumi for Python!
+        pulumiPackages.pulumi-language-python # Python!
        deadnix # dead-code scanner
        alejandra # code formatter
        statix # anti-pattern finder
      ]
-      ++ mapAttrsToList (name: _: (pkgs.writeShellScriptBin "${name}-rebuild" ''
+      ++ set.values (set.map (name: _: (pkgs.writeShellScriptBin "${name}-rebuild" ''
        darwin-rebuild switch --flake $REPO_ROOT#${name}
      ''))
-      repo.darwinConfigurations;
-  }
+      repo.darwinConfigurations);
+  };
+in mergeEnvs [ repoShell pythonShell ]
--- a/std.nix
+++ b/std.nix
@ -0,0 +1,63 @@
+{ inputs, ... }: let
+  std = let
+    baseStd = inputs.std.lib;
+    inherit (baseStd) set function list bool types optional;
+    mergeWith = let
+      append = {
+        path
+      , values
+      , canMerge
+      , mapToSet
+      }: let
+        mergeWith' = values: mergeWith {
+          inherit canMerge mapToSet path;
+          sets = list.map (v: (mapToSet path v).value) values;
+        };
+        mergeUntil = list.findIndex (function.not (canMerge path)) values;
+        len = list.length values;
+      in if len == 0 then { }
+      else if len == 1 then list.unsafeHead values
+      else if list.all (canMerge path) values then mergeWith' values
+      else optional.match mergeUntil {
+        just = i: let
+          split = list.splitAt i values;
+        in if i > 0
+          then mergeWith' split._0
+          else list.unsafeHead values;
+        nothing = list.unsafeHead values;
+      };
+    in {
+      canMerge ? path: v: optional.isJust (mapToSet path v),
+      mapToSet ? path: v: bool.toOptional (types.attrs.check v) v,
+      path ? [ ],
+      sets
+    }: set.mapZip (name: values: append {
+      path = path ++ list.One name;
+      inherit canMerge mapToSet values;
+    }) sets;
+    merge = sets: mergeWith {
+      inherit sets;
+    };
+  in merge [
+    baseStd
+    {
+      function = {
+        pipe = list.foldl' (function.flip function.compose) function.id;
+      };
+      set = {
+        inherit merge mergeWith;
+        remap = f: s: set.fromList (list.map f (set.toList s));
+        recursiveMap = f: s: let
+          recurse = str: s: let
+            g = str1: str2:
+              if types.attrs.check str2
+              then f (str ++ [str1]) (recurse (str ++ [str1]) str2)
+              else f (str ++ [str1]) str2;
+          in
+            set.map g s;
+        in
+          f [] (recurse [] s);
+      };
+    }
+  ];
+in std
--- a/systems/default.nix
+++ b/systems/default.nix
@ -2,25 +2,24 @@
  inputs,
  tree,
  lib,
+  std,
  ...
 }: let
  # The purpose of this file is to set up the host module which allows assigning of the system, e.g. aarch64-linux and the builder used with less pain.
-  inherit (lib.lists) fold;
-  inherit (lib.attrsets) mapAttrs mapAttrsToList recursiveUpdate;
-  inherit (lib.strings) toLower;
-  inherit (lib.options) mkOption;
-  inherit (lib.types) str listOf attrs unspecified;
  inherit (lib.modules) evalModules;
-  recursiveMergeAttrs = fold recursiveUpdate {};
+  inherit (std) string list function types bool optional set;
  defaultSpecialArgs = {
-    inherit inputs tree;
+    inherit inputs tree std;
  };
  hostModule = {
    config,
    machine,
    ...
  }: {
-    options = {
+    options = let
+      inherit (lib.types) str listOf attrs unspecified;
+      inherit (lib.options) mkOption;
+    in {
      arch = mkOption {
        description = "Processor architecture of the host";
        type = str;
@ -60,7 +59,7 @@
            darwin = "darwin";
            linux = "linux";
          }
-          .${toLower config.type};
+          .${string.toLower config.type};
      in "${config.arch}-${kernel}";
      folder =
        {
@ -69,7 +68,7 @@
          darwin = "darwin";
          linux = "linux";
        }
-        .${toLower config.type};
+        .${string.toLower config.type};
      modules = with tree; [
        tree.modules.${config.folder}
        tree.${config.folder}.common
@ -82,7 +81,7 @@
          darwin = inputs.darwin.lib.darwinSystem;
          macos = inputs.darwin.lib.darwinSystem;
        }
-        .${toLower config.type};
+        .${string.toLower config.type};
      specialArgs =
        {
          inherit machine;
@ -91,7 +90,7 @@
        // defaultSpecialArgs;
    };
  };
-  hostConfigs = mapAttrs (name: path:
+  hostConfigs = set.map (name: path:
    evalModules {
      modules = [
        hostModule
@ -123,4 +122,4 @@
      else hostConfig;
  };
 in
-  recursiveMergeAttrs (mapAttrsToList processHost hostConfigs)
+  set.merge (set.mapToValues processHost hostConfigs)
--- a/systems/sumireko.nix
+++ b/systems/sumireko.nix
@ -68,16 +68,19 @@ _: let
        "brave-browser"
        "disk-inventory-x"
        "dozer"
-        "firefox"
        "devtoys"
        "cyberduck"
        "docker"
        "pycharm-ce"
+        "vscode"
        "slack"
        "boop"
        "obsidian"
        "contexts"
      ];
+      taps = [
+        "pulumi/tap"
+      ];
      masApps = {
        Tailscale = 1475387142;
        Dato = 1470584107;
--- a/tree.nix
+++ b/tree.nix
@ -29,6 +29,7 @@
    # Re-map home directory profiles
    kat.evaluateDefault = true;
    "kat/user".evaluateDefault = true;
+    "kat/user/data".evaluate = true;
    # Allow profile importing
    "nixos/*".functor.enable = true;
    "darwin/*".functor.enable = true;