duumxh/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dotfiles/README.md

130 lines
6 KiB
Markdown
Raw Permalink Blame History

# Nix Flake Configuration
This repository contains a personal Nix flake configuration for managing systems across **macOS (using nix-darwin)** and **WSL (using NixOS-WSL)**. It leverages Home Manager for user-specific configurations, SOPS-Nix for secrets management, and Nix Homebrew for macOS app installations. The configuration is modular, focusing on productivity tools, CLI programs, and essential packages for development workflows.
Key features:
- Cross-platform support for macOS (aarch64-darwin) and WSL (x86_64-linux).
- Declarative Homebrew cask and MAS app management on macOS.
- Pre-configured CLI tools like `bat`, `eza`, `fzf`, `k9s`, `micro`, `ssh`, `zoxide`, and `zsh`.
- Common packages including `kubectl`, `helm`, `ansible`, `sops`, `talosctl`, and more.
- System tweaks for macOS (e.g., Dock settings, Finder preferences, Touch ID for sudo).
- Reproducible builds with Nix flakes.
## Prerequisites
### Installing Nix with nix-determinate (Recommended)
**For macOS (nix-darwin):** Use [nix-determinate](https://github.com/DeterminateSystems/nix-installer) instead of the upstream Nix installer for better reproducibility, sandboxing, and integration on macOS. It avoids common issues with multi-user setups and Homebrew conflicts.
Run the following command to install:
```bash
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
```
- This sets up Nix in a single-user mode optimized for deterministic builds.
- After installation, enable flakes by adding `experimental-features = nix-command flakes` to `~/.config/nix/nix.conf` if not already present.
**For WSL (NixOS):** The standard Nix installation is sufficient. Install Nix following the [official WSL guide](https://nixos.wiki/wiki/NixOS_on_Windows).
If you prefer nix-determinate for consistency:
```bash
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
```
Ensure your WSL2 setup has systemd enabled for full NixOS compatibility (via `wsl.exe --install --distribution Ubuntu` or similar, then configure Nix).
## Cloning the Repository
Clone this repository to a location of your choice. For WSL compatibility, clone it to `~/Nix` to match the absolute paths in the flake (you may need to update paths in `flake.nix` otherwise).
```bash
git clone https://github.com/your-username/dotfiles.git ~/Nix # Adjust URL
cd ~/Nix
```
## System Setup
### macOS (nix-darwin)
This configuration targets an M-series MacBook ("Dens-MacBook").
1. **Apply the flake:**
```bash
darwin-rebuild switch --flake .#Dens-MacBook
```
- This builds and activates the nix-darwin configuration from `hosts/mbp/configuration.nix`.
- It includes:
- Homebrew integration via `nix-homebrew` (enable = true, user = "duumxh").
- Home Manager for user "duumxh" via `hosts/mbp/home.nix`.
- SOPS-Nix for secrets.
- System settings (e.g., Touch ID sudo, Dock autohide, Finder shows hidden files).
2. **Homebrew Apps Installed:**
- Casks: `arc`, `bettermouse`, `blender`, `citrix-workspace`, `cryptomator`, `discord`, `element`, `ghostty`, `iina`, `keka`, `meta`, `mullvad-vpn`, `obs`, `obsidian`, `orion`, `secretive`, `tailscale-app`, `telegram`, `utm`, `vscodium`.
- MAS Apps: Bitwarden, DropOver, Yubico Authenticator.
- Auto-update and upgrade on activation.
3. **User Configuration (Home Manager):**
- Imports modules for CLI tools (see Project Structure).
- Zsh with SSH_AUTH_SOCK for Secretive integration.
- Packages from `modules/common.nix` (e.g., `age`, `ansible`, `bat`, `fzf-preview`, `kubectl`, `kubectx`, `helm`, `nerd-fonts.jetbrains-mono`, `nixfmt-rfc-style`, `opentofu`, `sops`, `talosctl`, `teleport`, `zsh-forgit`, etc.).
### WSL (NixOS-WSL)
This configuration sets up a lightweight NixOS instance in WSL2.
1. **Apply the flake:**
```bash
sudo nixos-rebuild switch --flake .#nixos
```
- This builds and activates the NixOS configuration from `hosts/wsl/configuration.nix`.
- Note: The flake uses absolute paths (`/home/duumxh/Nix/wsl/`), so ensure the repo is cloned to `~/Nix`. Update `flake.nix` to use relative paths (`./hosts/wsl/`) for portability.
- Includes:
- NixOS-WSL module (wsl.enable = true).
- Default user "duumxh" with zsh shell.
- Experimental features: `nix-command` and `flakes`.
- System state version: 25.05.
2. **User Configuration (Home Manager):**
- Similar to macOS: Imports modules for CLI tools via `hosts/wsl/home.nix`.
- Same packages from `modules/common.nix`.
- Zsh enabled globally.
## Project Structure
- **flake.nix**: Defines inputs (nixpkgs, nix-darwin, NixOS-WSL, home-manager, etc.) and outputs:
- `darwinConfigurations."Dens-MacBook"`: macOS config.
- `nixosConfigurations.nixos`: WSL config.
- **hosts/**:
- `mbp/`: macOS-specific configs (`configuration.nix`, `home.nix`).
- `wsl/`: WSL-specific configs (`configuration.nix`, `home.nix`).
- **modules/**:
- `common.nix`: Shared Home Manager packages.
- `homebrew.nix`: Homebrew settings (casks, MAS apps).
- `programs/`: Modular configs for tools:
- `bat.nix`, `eza.nix`, `fzf.nix`, `git.nix`, `k9s.nix`, `micro.nix`, `ssh.nix`, `zoxide.nix`, `zsh.nix`.
## Usage
- **Rebuild after changes:**
- macOS: `darwin-rebuild switch --flake .#Dens-MacBook`
- WSL: `sudo nixos-rebuild switch --flake .#nixos`
- **Update flake lock:** `nix flake update`
- **Secrets management:** Use SOPS for encrypted files (integrated via `sops-nix`).
- **Customize:** Edit modules or add new ones. For user-specific tweaks, modify `home.nix` files.
- **Developing:** Run `nix develop` for a dev shell with common tools (if `devShell` is added to flake).
## Notes
- **nix-determinate:** Essential for macOS to ensure deterministic Nix builds and avoid upstream installer pitfalls. Not strictly required for WSL but recommended for consistency.
- **WSL Paths:** Adjust absolute paths in `flake.nix` for non-`~/Nix` clones.
- **State Versions:** macOS: 5 (nix-darwin), Home: 25.11. WSL: 25.05.
- **License:** [MIT](LICENSE) or as per your repo.
For issues or contributions, open a PR or issue.
Reference in a new issue View git blame Copy permalink