chore: cleanup configs

README.md

@@ -1,7 +1,130 @@
-# Nix Flake Config
-This repo contains personal nix flake config for macbook / wsl with home-manager.
+# Nix Flake Configuration
 
-# Getting started
-If you want to use my config on macbook, make sure you're using nix-determinate. It's the best for MacOS.
+This repository contains a personal Nix flake configuration for managing systems across **macOS (using nix-darwin)** and **WSL (using NixOS-WSL)**. It leverages Home Manager for user-specific configurations, SOPS-Nix for secrets management, and Nix Homebrew for macOS app installations. The configuration is modular, focusing on productivity tools, CLI programs, and essential packages for development workflows.
 
-Clone this repo to the folder of your liking, 
+Key features:
+- Cross-platform support for macOS (aarch64-darwin) and WSL (x86_64-linux).
+- Declarative Homebrew cask and MAS app management on macOS.
+- Pre-configured CLI tools like `bat`, `eza`, `fzf`, `k9s`, `micro`, `ssh`, `zoxide`, and `zsh`.
+- Common packages including `kubectl`, `helm`, `ansible`, `sops`, `talosctl`, and more.
+- System tweaks for macOS (e.g., Dock settings, Finder preferences, Touch ID for sudo).
+- Reproducible builds with Nix flakes.
+
+## Prerequisites
+
+### Installing Nix with nix-determinate (Recommended)
+
+**For macOS (nix-darwin):** Use [nix-determinate](https://github.com/DeterminateSystems/nix-installer) instead of the upstream Nix installer for better reproducibility, sandboxing, and integration on macOS. It avoids common issues with multi-user setups and Homebrew conflicts.
+
+Run the following command to install:
+
+```bash
+curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
+```
+
+- This sets up Nix in a single-user mode optimized for deterministic builds.
+- After installation, enable flakes by adding `experimental-features = nix-command flakes` to `~/.config/nix/nix.conf` if not already present.
+
+**For WSL (NixOS):** The standard Nix installation is sufficient. Install Nix following the [official WSL guide](https://nixos.wiki/wiki/NixOS_on_Windows).
+
+If you prefer nix-determinate for consistency:
+
+```bash
+curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
+```
+
+Ensure your WSL2 setup has systemd enabled for full NixOS compatibility (via `wsl.exe --install --distribution Ubuntu` or similar, then configure Nix).
+
+## Cloning the Repository
+
+Clone this repository to a location of your choice. For WSL compatibility, clone it to `~/Nix` to match the absolute paths in the flake (you may need to update paths in `flake.nix` otherwise).
+
+```bash
+git clone https://github.com/your-username/dotfiles.git ~/Nix  # Adjust URL
+cd ~/Nix
+```
+
+## System Setup
+
+### macOS (nix-darwin)
+
+This configuration targets an M-series MacBook ("Dens-MacBook").
+
+1. **Apply the flake:**
+
+   ```bash
+   darwin-rebuild switch --flake .#Dens-MacBook
+   ```
+
+   - This builds and activates the nix-darwin configuration from `hosts/mbp/configuration.nix`.
+   - It includes:
+     - Homebrew integration via `nix-homebrew` (enable = true, user = "duumxh").
+     - Home Manager for user "duumxh" via `hosts/mbp/home.nix`.
+     - SOPS-Nix for secrets.
+     - System settings (e.g., Touch ID sudo, Dock autohide, Finder shows hidden files).
+
+2. **Homebrew Apps Installed:**
+   - Casks: `arc`, `bettermouse`, `blender`, `citrix-workspace`, `cryptomator`, `discord`, `element`, `ghostty`, `iina`, `keka`, `meta`, `mullvad-vpn`, `obs`, `obsidian`, `orion`, `secretive`, `tailscale-app`, `telegram`, `utm`, `vscodium`.
+   - MAS Apps: Bitwarden, DropOver, Yubico Authenticator.
+   - Auto-update and upgrade on activation.
+
+3. **User Configuration (Home Manager):**
+   - Imports modules for CLI tools (see Project Structure).
+   - Zsh with SSH_AUTH_SOCK for Secretive integration.
+   - Packages from `modules/common.nix` (e.g., `age`, `ansible`, `bat`, `fzf-preview`, `kubectl`, `kubectx`, `helm`, `nerd-fonts.jetbrains-mono`, `nixfmt-rfc-style`, `opentofu`, `sops`, `talosctl`, `teleport`, `zsh-forgit`, etc.).
+
+### WSL (NixOS-WSL)
+
+This configuration sets up a lightweight NixOS instance in WSL2.
+
+1. **Apply the flake:**
+
+   ```bash
+   sudo nixos-rebuild switch --flake .#nixos
+   ```
+
+   - This builds and activates the NixOS configuration from `hosts/wsl/configuration.nix`.
+   - Note: The flake uses absolute paths (`/home/duumxh/Nix/wsl/`), so ensure the repo is cloned to `~/Nix`. Update `flake.nix` to use relative paths (`./hosts/wsl/`) for portability.
+   - Includes:
+     - NixOS-WSL module (wsl.enable = true).
+     - Default user "duumxh" with zsh shell.
+     - Experimental features: `nix-command` and `flakes`.
+     - System state version: 25.05.
+
+2. **User Configuration (Home Manager):**
+   - Similar to macOS: Imports modules for CLI tools via `hosts/wsl/home.nix`.
+   - Same packages from `modules/common.nix`.
+   - Zsh enabled globally.
+
+## Project Structure
+
+- **flake.nix**: Defines inputs (nixpkgs, nix-darwin, NixOS-WSL, home-manager, etc.) and outputs:
+  - `darwinConfigurations."Dens-MacBook"`: macOS config.
+  - `nixosConfigurations.nixos`: WSL config.
+- **hosts/**:
+  - `mbp/`: macOS-specific configs (`configuration.nix`, `home.nix`).
+  - `wsl/`: WSL-specific configs (`configuration.nix`, `home.nix`).
+- **modules/**:
+  - `common.nix`: Shared Home Manager packages.
+  - `homebrew.nix`: Homebrew settings (casks, MAS apps).
+  - `programs/`: Modular configs for tools:
+    - `bat.nix`, `eza.nix`, `fzf.nix`, `git.nix`, `k9s.nix`, `micro.nix`, `ssh.nix`, `zoxide.nix`, `zsh.nix`.
+
+## Usage
+
+- **Rebuild after changes:**
+  - macOS: `darwin-rebuild switch --flake .#Dens-MacBook`
+  - WSL: `sudo nixos-rebuild switch --flake .#nixos`
+- **Update flake lock:** `nix flake update`
+- **Secrets management:** Use SOPS for encrypted files (integrated via `sops-nix`).
+- **Customize:** Edit modules or add new ones. For user-specific tweaks, modify `home.nix` files.
+- **Developing:** Run `nix develop` for a dev shell with common tools (if `devShell` is added to flake).
+
+## Notes
+
+- **nix-determinate:** Essential for macOS to ensure deterministic Nix builds and avoid upstream installer pitfalls. Not strictly required for WSL but recommended for consistency.
+- **WSL Paths:** Adjust absolute paths in `flake.nix` for non-`~/Nix` clones.
+- **State Versions:** macOS: 5 (nix-darwin), Home: 25.11. WSL: 25.05.
+- **License:** [MIT](LICENSE) or as per your repo.
+
+For issues or contributions, open a PR or issue.

flake.lock

@@ -40,11 +40,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1760130406,
-        "narHash": "sha256-GKMwBaFRw/C1p1VtjDz4DyhyzjKUWyi1K50bh8lgA2E=",
+        "lastModified": 1761005073,
+        "narHash": "sha256-r6qbieh8iC1q1eCaWv15f4UIp8SeGffwswhNSA1Qk3s=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "d305eece827a3fe317a2d70138f53feccaf890a1",
+        "rev": "84e1adb0cdd13f5f29886091c7234365e12b1e7f",
         "type": "github"
       },
       "original": {
@@ -72,11 +72,11 @@
     "homebrew-cask": {
       "flake": false,
       "locked": {
-        "lastModified": 1760211302,
-        "narHash": "sha256-HVl2Z625D3Y7Bh9fPbj0oFt1vGjVWt7ZCaoV1n08ojc=",
+        "lastModified": 1761041338,
+        "narHash": "sha256-nPPQWR1MXoGCbrkRPzjOLTzgAfbw1yedqw4IIP6rweA=",
         "owner": "homebrew",
         "repo": "homebrew-cask",
-        "rev": "f87e2b258ef5fbe8900380227a7215d54de104fd",
+        "rev": "2f2587d6d3432c35d23b0933ee9badb9caf1179b",
         "type": "github"
       },
       "original": {
@@ -88,11 +88,11 @@
     "homebrew-core": {
       "flake": false,
       "locked": {
-        "lastModified": 1760212566,
-        "narHash": "sha256-AqJpqsm1+WXonanloEoivHhb9WqvFvO38l2Y3Ze0E1Q=",
+        "lastModified": 1761041429,
+        "narHash": "sha256-x7mhT2JeMpRbFrT6X3NHDdRADjIANXG2tskRfx8WqNA=",
         "owner": "homebrew",
         "repo": "homebrew-core",
-        "rev": "49d48a960dc89c6282a903a8776c946d5c6be362",
+        "rev": "8de65e50e0df3c71b8f3f1a642b10c0192507db7",
         "type": "github"
       },
       "original": {
@@ -108,11 +108,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1758805352,
-        "narHash": "sha256-BHdc43Lkayd+72W/NXRKHzX5AZ+28F3xaUs3a88/Uew=",
+        "lastModified": 1760721282,
+        "narHash": "sha256-aAHphQbU9t/b2RRy2Eb8oMv+I08isXv2KUGFAFn7nCo=",
         "owner": "nix-darwin",
         "repo": "nix-darwin",
-        "rev": "c48e963a5558eb1c3827d59d21c5193622a1477c",
+        "rev": "c3211fcd0c56c11ff110d346d4487b18f7365168",
         "type": "github"
       },
       "original": {
@@ -148,11 +148,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1759833546,
-        "narHash": "sha256-rOfkgIiiZNPUbf61OqEym60wXEODeDG8XH+gV/SUoUc=",
+        "lastModified": 1760536587,
+        "narHash": "sha256-wfWqt+igns/VazjPLkyb4Z/wpn4v+XIjUeI3xY/1ENg=",
         "owner": "nix-community",
         "repo": "NixOS-WSL",
-        "rev": "7c0c0f4c3a51761434f18209fa9499b8579ff730",
+        "rev": "f98ee1de1fa36eca63c67b600f5d617e184e82ea",
         "type": "github"
       },
       "original": {
@@ -164,11 +164,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1760038930,
-        "narHash": "sha256-Oncbh0UmHjSlxO7ErQDM3KM0A5/Znfofj2BSzlHLeVw=",
+        "lastModified": 1760878510,
+        "narHash": "sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "0b4defa2584313f3b781240b29d61f6f9f7e0df3",
+        "rev": "5e2a59a5b1a82f89f2c7e598302a9cacebb72a67",
         "type": "github"
       },
       "original": {
@@ -198,11 +198,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1759635238,
-        "narHash": "sha256-UvzKi02LMFP74csFfwLPAZ0mrE7k6EiYaKecplyX9Qk=",
+        "lastModified": 1760998189,
+        "narHash": "sha256-ee2e1/AeGL5X8oy/HXsZQvZnae6XfEVdstGopKucYLY=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "6e5a38e08a2c31ae687504196a230ae00ea95133",
+        "rev": "5a7d18b5c55642df5c432aadb757140edfeb70b3",
         "type": "github"
       },
       "original": {

flake.nix

@@ -34,14 +34,28 @@
     };
   };
 
-	outputs = inputs@{ self, nixpkgs, nix-darwin, nixos-wsl, nix-homebrew, homebrew-core, homebrew-cask, homebrew-bundle, home-manager, sops-nix }: {
+  outputs =
+    {
+      self,
+      nixpkgs,
+      nix-darwin,
+      nixos-wsl,
+      nix-homebrew,
+      homebrew-core,
+      homebrew-cask,
+      homebrew-bundle,
+      home-manager,
+      sops-nix,
+    }:
+    {
       darwinConfigurations."Dens-MacBook" = nix-darwin.lib.darwinSystem {
         system = "aarch64-darwin";
         modules = [
           ./hosts/mbp/configuration.nix
           sops-nix.darwinModules.sops
 
-				nix-homebrew.darwinModules.nix-homebrew {
+          nix-homebrew.darwinModules.nix-homebrew
+          {
             nix-homebrew = {
               enable = true;
               enableRosetta = true;
@@ -55,7 +69,8 @@
             };
           }
 
-				home-manager.darwinModules.home-manager {
+          home-manager.darwinModules.home-manager
+          {
             home-manager.useGlobalPkgs = true;
             home-manager.useUserPackages = true;
             home-manager.users.duumxh = import ./hosts/mbp/home.nix;
@@ -68,12 +83,14 @@
         nixos = nixpkgs.lib.nixosSystem {
           system = "x86_64-linux";
           modules = [
-					nixos-wsl.nixosModules.default {
+            nixos-wsl.nixosModules.default
+            {
               system.stateVersion = "25.05";
               wsl.enable = true;
             }
             /home/duumxh/Nix/wsl/configuration.nix
-					home-manager.nixosModules.home-manager {
+            home-manager.nixosModules.home-manager
+            {
               home-manager.useGlobalPkgs = true;
               home-manager.useUserPackages = true;
               home-manager.users.duumxh = /home/duumxh/Nix/wsl/home.nix;

hosts/mbp/configuration.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ ... }:
 
 {
   #Disable nix managment, since we use nix-determinate

hosts/mbp/home.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
 
 {
   imports = [
@@ -14,9 +14,16 @@
     ../../modules/programs/zsh.nix
   ];
 
+  programs.ssh.matchBlocks."*".extraOptions = {
+    SetEnv = "TERM=xterm-256color";
+  };
   programs.zsh = {
     localVariables = {
       SSH_AUTH_SOCK = "/Users/duumxh/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh";
     };
+    shellAliases = {
+      nix-upgrade = "sudo darwin-rebuild switch --flake ~/Nix";
     };
+  };
+
 }

hosts/wsl/configuration.nix

@@ -5,10 +5,13 @@
 # NixOS-WSL specific options are documented on the NixOS-WSL repository:
 # https://github.com/nix-community/NixOS-WSL
 
-{ config, lib, pkgs, ... }:
+{ pkgs, ... }:
 
 {
-  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+  nix.settings.experimental-features = [
+    "nix-command"
+    "flakes"
+  ];
   wsl.defaultUser = "duumxh";
   wsl.interop.register = true;
 

hosts/wsl/home.nix

@@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ ... }:
 
 {
   imports = [

modules/common.nix

@@ -1,4 +1,4 @@
-{ pkgs, lib, ... }:
+{ pkgs, ... }:
 
 {
   # Define home options directly if this is a standalone home.nix
@@ -8,13 +8,19 @@
       age
       ansible
       bat
+      bun
+      cilium-cli
+      cmake
+      ninja
+      rustup
       deploy-rs
       fzf-preview
       kubectl
       kubectx
       kubernetes-helm
       nerd-fonts.jetbrains-mono
-			nixfmt-rfc-style
+      nil
+      nixd
       opentofu
       sops
       talosctl

modules/homebrew.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ ... }:
 
 {
   homebrew = {
@@ -20,6 +20,7 @@
       "IINA"
       "Keka"
       "meta"
+      "mullvad-browser"
       "mullvad-vpn"
       "obs"
       "Obsidian"
@@ -29,6 +30,8 @@
       "telegram"
       "UTM"
       "vscodium"
+      "raycast"
+      "zed"
     ];
 
     masApps = {

modules/programs/bat.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ ... }:
 
 {
   programs.bat = {

modules/programs/eza.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ ... }:
 
 {
   programs.eza = {

modules/programs/fzf.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ ... }:
 
 {
   programs.fzf = {

modules/programs/git.nix

@@ -1,9 +1,13 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
 
 {
   programs.git = {
     enable = true;
-    userName = "Den Afanasyev";
-    userEmail = "ceo@furry.industries";
+    settings = {
+      user = {
+        name = "Den Afanasyev";
+        email = "ceo@furry.industries";
+      };
+    };
   };
 }

modules/programs/k9s.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ ... }:
 {
   programs.k9s = {
     skins = {

modules/programs/micro.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ ... }:
 
 {
   programs.micro = {

modules/programs/ssh.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ ... }:
 
 {
   programs.ssh = {

modules/programs/zoxide.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ ... }:
 
 {
   programs.zoxide = {

modules/programs/zsh.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }: 
+{ lib, pkgs, ... }:
 
 {
   programs.zsh = {
@@ -7,7 +7,9 @@
     syntaxHighlighting.enable = true;
 
     prezto = {
-				prompt = { theme = "powerlevel10k"; };
+      prompt = {
+        theme = "powerlevel10k";
+      };
       enable = true;
     };
 
@@ -29,16 +31,17 @@
       expireDuplicatesFirst = true;
     };
 
-			initContent = lib.mkOrder 500 ''
-			source ~/.p10k.zsh
-			echo "Hey there raccoon! 🦝🍁"
-			'';
     localVariables = {
       PURE_GIT_PULL = "0";
       TELEPORT_ADD_KEYS_TO_AGENT = "no";
       K9S_SKIN = "transparent";
     };
 
+    initContent = lib.mkOrder 500 ''
+      			  source ~/.p10k.zsh
+      				echo "Hey there raccoon! 🦝🍁"
+      			'';
+
     shellAliases = {
       ls = "eza";
       cd = "z";