Nix Flake Configuration

This repository contains a personal Nix flake configuration for managing systems across macOS (using nix-darwin) and WSL (using NixOS-WSL). It leverages Home Manager for user-specific configurations, SOPS-Nix for secrets management, and Nix Homebrew for macOS app installations. The configuration is modular, focusing on productivity tools, CLI programs, and essential packages for development workflows.

Key features:

• Cross-platform support for macOS (aarch64-darwin) and WSL (x86_64-linux).
• Declarative Homebrew cask and MAS app management on macOS.
• Pre-configured CLI tools like bat, eza, fzf, k9s, micro, ssh, zoxide, and zsh.
• Common packages including kubectl, helm, ansible, sops, talosctl, and more.
• System tweaks for macOS (e.g., Dock settings, Finder preferences, Touch ID for sudo).
• Reproducible builds with Nix flakes.

Prerequisites

Installing Nix with nix-determinate (Recommended)

For macOS (nix-darwin): Use nix-determinate instead of the upstream Nix installer for better reproducibility, sandboxing, and integration on macOS. It avoids common issues with multi-user setups and Homebrew conflicts.

Run the following command to install:

curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install

• This sets up Nix in a single-user mode optimized for deterministic builds.
• After installation, enable flakes by adding experimental-features = nix-command flakes to ~/.config/nix/nix.conf if not already present.

For WSL (NixOS): The standard Nix installation is sufficient. Install Nix following the official WSL guide.

If you prefer nix-determinate for consistency:

curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install

Ensure your WSL2 setup has systemd enabled for full NixOS compatibility (via wsl.exe --install --distribution Ubuntu or similar, then configure Nix).

Cloning the Repository

Clone this repository to a location of your choice. For WSL compatibility, clone it to ~/Nix to match the absolute paths in the flake (you may need to update paths in flake.nix otherwise).

git clone https://github.com/your-username/dotfiles.git ~/Nix  # Adjust URL
cd ~/Nix

System Setup

macOS (nix-darwin)

This configuration targets an M-series MacBook ("Dens-MacBook").

1. Apply the flake:

   darwin-rebuild switch --flake .#Dens-MacBook
   

   • This builds and activates the nix-darwin configuration from hosts/mbp/configuration.nix.
   • It includes:
     • Homebrew integration via nix-homebrew (enable = true, user = "duumxh").
     • Home Manager for user "duumxh" via hosts/mbp/home.nix.
     • SOPS-Nix for secrets.
     • System settings (e.g., Touch ID sudo, Dock autohide, Finder shows hidden files).

2. Homebrew Apps Installed:

   • Casks: arc, bettermouse, blender, citrix-workspace, cryptomator, discord, element, ghostty, iina, keka, meta, mullvad-vpn, obs, obsidian, orion, secretive, tailscale-app, telegram, utm, vscodium.
   • MAS Apps: Bitwarden, DropOver, Yubico Authenticator.
   • Auto-update and upgrade on activation.

3. User Configuration (Home Manager):

   • Imports modules for CLI tools (see Project Structure).
   • Zsh with SSH_AUTH_SOCK for Secretive integration.
   • Packages from modules/common.nix (e.g., age, ansible, bat, fzf-preview, kubectl, kubectx, helm, nerd-fonts.jetbrains-mono, nixfmt-rfc-style, opentofu, sops, talosctl, teleport, zsh-forgit, etc.).

WSL (NixOS-WSL)

This configuration sets up a lightweight NixOS instance in WSL2.

1. Apply the flake:

   sudo nixos-rebuild switch --flake .#nixos
   

   • This builds and activates the NixOS configuration from hosts/wsl/configuration.nix.
   • Note: The flake uses absolute paths (/home/duumxh/Nix/wsl/), so ensure the repo is cloned to ~/Nix. Update flake.nix to use relative paths (./hosts/wsl/) for portability.
   • Includes:
     • NixOS-WSL module (wsl.enable = true).
     • Default user "duumxh" with zsh shell.
     • Experimental features: nix-command and flakes.
     • System state version: 25.05.

2. User Configuration (Home Manager):

   • Similar to macOS: Imports modules for CLI tools via hosts/wsl/home.nix.
   • Same packages from modules/common.nix.
   • Zsh enabled globally.

Project Structure

• flake.nix: Defines inputs (nixpkgs, nix-darwin, NixOS-WSL, home-manager, etc.) and outputs:
  • darwinConfigurations."Dens-MacBook": macOS config.
  • nixosConfigurations.nixos: WSL config.
• hosts/:
  • mbp/: macOS-specific configs (configuration.nix, home.nix).
  • wsl/: WSL-specific configs (configuration.nix, home.nix).
• modules/:
  • common.nix: Shared Home Manager packages.
  • homebrew.nix: Homebrew settings (casks, MAS apps).
  • programs/: Modular configs for tools:
    • bat.nix, eza.nix, fzf.nix, git.nix, k9s.nix, micro.nix, ssh.nix, zoxide.nix, zsh.nix.

Usage

• Rebuild after changes:
  • macOS: darwin-rebuild switch --flake .#Dens-MacBook
  • WSL: sudo nixos-rebuild switch --flake .#nixos
• Update flake lock: nix flake update
• Secrets management: Use SOPS for encrypted files (integrated via sops-nix).
• Customize: Edit modules or add new ones. For user-specific tweaks, modify home.nix files.
• Developing: Run nix develop for a dev shell with common tools (if devShell is added to flake).

Notes

• nix-determinate: Essential for macOS to ensure deterministic Nix builds and avoid upstream installer pitfalls. Not strictly required for WSL but recommended for consistency.
• WSL Paths: Adjust absolute paths in flake.nix for non-~/Nix clones.
• State Versions: macOS: 5 (nix-darwin), Home: 25.11. WSL: 25.05.
• License: MIT or as per your repo.

For issues or contributions, open a PR or issue.