From 211a46384616eb1ace4470d2e5b01a7c5fc2ad3b Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Tue, 2 Dec 2025 10:12:05 +0100 Subject: [PATCH] initial macos setup --- README.md | 12 ++ flake.lock | 172 ++++++++++++++++++++- flake.nix | 32 +++- hosts/macbook-pro/configuration.nix | 28 ++++ hosts/macbook-pro/default.nix | 15 ++ hosts/mobile-usb/default.nix | 1 - hosts/yoga-7-pro/default.nix | 1 - modules/{nixos => home-manager}/nh.nix | 0 modules/home-manager/work/cryptography.nix | 7 + modules/home-manager/work/default.nix | 17 ++ modules/home-manager/work/kluster.nix | 9 ++ modules/nixos/macos-tiling/default.nix | 16 ++ modules/nixos/macos-tiling/tiling.nix | 41 +++++ users/remy.nix | 1 + users/remy_macos/default.nix | 32 ++++ users/remy_usb/default.nix | 1 + users/remy_yoga/default.nix | 1 + 17 files changed, 379 insertions(+), 7 deletions(-) create mode 100644 hosts/macbook-pro/configuration.nix create mode 100644 hosts/macbook-pro/default.nix rename modules/{nixos => home-manager}/nh.nix (100%) create mode 100644 modules/home-manager/work/cryptography.nix create mode 100644 modules/home-manager/work/default.nix create mode 100644 modules/home-manager/work/kluster.nix create mode 100644 modules/nixos/macos-tiling/default.nix create mode 100644 modules/nixos/macos-tiling/tiling.nix create mode 100644 users/remy_macos/default.nix diff --git a/README.md b/README.md index b1b0639..e77e987 100644 --- a/README.md +++ b/README.md @@ -47,6 +47,18 @@ nix build .#nixosConfigurations.bcachefs-iso.config.system.build.isoImage This will create an iso image in the result directory. +### Macos install +Initial install of nix using the determinate nix installer. Then a "full" bootstrap that installs all required packages such as `nh`, `git` etc.: +``` +sudo nix run nix-darwin/master#darwin-rebuild -- switch --flake .#Remys-MacBook-Pro +``` +> some modifications might be necessary (i.e. due to faulty git setup at that stage). + +Finally, the desired state has been reached where `nh` is available: +``` +nh darwin switch . +``` + ## Installation TODO - disable root user ``` diff --git a/flake.lock b/flake.lock index eef1498..6c90ece 100644 --- a/flake.lock +++ b/flake.lock @@ -101,6 +101,22 @@ "type": "github" } }, + "cl-nix-lite": { + "locked": { + "lastModified": 1763190794, + "narHash": "sha256-Uhdbf0YbPkBeCBfL1+5ONo/o8sFJd0Gahg6MD0ktwEQ=", + "owner": "r4v3n6101", + "repo": "cl-nix-lite", + "rev": "a781bd2bd0a444e27bdb5d4aabfc0e81422bdc91", + "type": "github" + }, + "original": { + "owner": "r4v3n6101", + "ref": "url-fix", + "repo": "cl-nix-lite", + "type": "github" + } + }, "dankMaterialShell": { "inputs": { "dgop": "dgop", @@ -198,6 +214,23 @@ "type": "github" } }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1730663653, + "narHash": "sha256-kFCUWettiFHDIqxCWWQ9qY8pVh+Lj+XL0Giyy/kdomg=", + "owner": "hraban", + "repo": "flake-compat", + "rev": "e5b16676185cb7548581c852f51ce7f3a49bba5e", + "type": "github" + }, + "original": { + "owner": "hraban", + "ref": "fixed-output", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -219,6 +252,26 @@ "type": "github" } }, + "flake-utils": { + "inputs": { + "systems": [ + "mac-app-util", + "systems" + ] + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "id": "flake-utils", + "type": "indirect" + } + }, "fromYaml": { "flake": false, "locked": { @@ -574,6 +627,50 @@ "type": "github" } }, + "mac-app-util": { + "inputs": { + "cl-nix-lite": "cl-nix-lite", + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_2", + "systems": "systems_2", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1756057867, + "narHash": "sha256-ziR5eQGqRWhW8tf8r0TIplaqNt+HXu1G1X41LUr4IYo=", + "owner": "hraban", + "repo": "mac-app-util", + "rev": "8414fa1e2cb775b17793104a9095aabeeada63ef", + "type": "github" + }, + "original": { + "owner": "hraban", + "repo": "mac-app-util", + "type": "github" + } + }, + "nix-darwin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1764161084, + "narHash": "sha256-HN84sByg9FhJnojkGGDSrcjcbeioFWoNXfuyYfJ1kBE=", + "owner": "nix-darwin", + "repo": "nix-darwin", + "rev": "e95de00a471d07435e0527ff4db092c84998698e", + "type": "github" + }, + "original": { + "owner": "nix-darwin", + "ref": "nix-darwin-25.11", + "repo": "nix-darwin", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1754777568, @@ -594,7 +691,7 @@ "nixpkgs": [ "nixpkgs" ], - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1762394598, @@ -643,6 +740,38 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1732617236, + "narHash": "sha256-PYkz6U0bSEaEB1al7O1XsqVNeSNS+s3NVclJw7YC43w=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "af51545ec9a44eadf3fe3547610a5cdd882bc34e", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "af51545ec9a44eadf3fe3547610a5cdd882bc34e", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1754340878, + "narHash": "sha256-lgmUyVQL9tSnvvIvBp7x1euhkkCho7n3TMzgjdvgPoU=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "cab778239e705082fe97bb4990e0d24c50924c04", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1762111121, "narHash": "sha256-4vhDuZ7OZaZmKKrnDpxLZZpGIJvAeMtK6FKLJYUtAdw=", @@ -712,9 +841,11 @@ "dms-cli": "dms-cli", "home-manager": "home-manager", "hyprland": "hyprland", + "mac-app-util": "mac-app-util", + "nix-darwin": "nix-darwin", "nix-flatpak": "nix-flatpak", "nix4vscode": "nix4vscode", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_4", "nixpkgs-unstable": "nixpkgs-unstable", "sops-nix": "sops-nix", "stylix": "stylix", @@ -755,7 +886,7 @@ "nixpkgs" ], "nur": "nur", - "systems": "systems_3", + "systems": "systems_4", "tinted-foot": "tinted-foot", "tinted-kitty": "tinted-kitty", "tinted-schemes": "tinted-schemes", @@ -792,6 +923,21 @@ } }, "systems_2": { + "locked": { + "lastModified": 1689347925, + "narHash": "sha256-ozenz5bFe1UUqOn7f60HRmgc01BgTGIKZ4Xl+HbocGQ=", + "owner": "nix-systems", + "repo": "default-darwin", + "rev": "2235d7e6cc29ae99878133c95e9fe5e157661ffb", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default-darwin", + "type": "github" + } + }, + "systems_3": { "flake": false, "locked": { "lastModified": 1681028828, @@ -807,7 +953,7 @@ "type": "github" } }, - "systems_3": { + "systems_4": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -903,6 +1049,24 @@ "type": "github" } }, + "treefmt-nix": { + "inputs": { + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1755934250, + "narHash": "sha256-CsDojnMgYsfshQw3t4zjRUkmMmUdZGthl16bXVWgRYU=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "74e1a52d5bd9430312f8d1b8b0354c92c17453e5", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, "watt": { "inputs": { "nixpkgs": [ diff --git a/flake.nix b/flake.nix index d0be1b0..6691b86 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { description = "Nix config entry point"; # since secrets live in a submodule, enable submodules by default - inputs.self.submodules = true; + # inputs.self.submodules = true; inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; @@ -54,6 +54,15 @@ url = "github:nix-community/nix4vscode"; inputs.nixpkgs.follows = "nixpkgs"; }; + + + nix-darwin.url = "github:nix-darwin/nix-darwin/nix-darwin-25.11"; + nix-darwin.inputs.nixpkgs.follows = "nixpkgs"; + mac-app-util = { + # see https://github.com/hraban/mac-app-util/issues/39#issuecomment-3503946041 + url = "github:hraban/mac-app-util"; + inputs.cl-nix-lite.url = "github:r4v3n6101/cl-nix-lite/url-fix"; + }; }; outputs = { @@ -64,6 +73,8 @@ stylix, sops-nix, nix4vscode, + nix-darwin, + mac-app-util, ... } @ inputs: let @@ -153,6 +164,25 @@ ) systems; + darwinConfigurations."Remys-MacBook-Pro" = nix-darwin.lib.darwinSystem { + modules = [ + home-manager.darwinModules.home-manager { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.backupFileExtension = ".backup"; + home-manager.extraSpecialArgs = { inherit inputs pkgs-unstable; }; + + home-manager.users.remy.imports = [ + ./users/remy_macos + mac-app-util.homeManagerModules.default + ]; + } + # mac-app-util.darwinModules.default + { nixpkgs.overlays = [ inputs.nix4vscode.overlays.default ]; } + ./hosts/macbook-pro + ]; + }; + # ## Useful nix build tools # # iso builder TODO # nixosConfigurations.bcachefs-iso = nixpkgs.lib.nixosSystem { diff --git a/hosts/macbook-pro/configuration.nix b/hosts/macbook-pro/configuration.nix new file mode 100644 index 0000000..65d7785 --- /dev/null +++ b/hosts/macbook-pro/configuration.nix @@ -0,0 +1,28 @@ +{ config, lib, pkgs, ... }: + +{ + users.users.remy = { + home = "/Users/remy"; + }; + system.primaryUser = "remy"; + + environment.systemPackages = [ pkgs.git ]; # required because git is hardcoded into mac + nix.enable=false; + nixpkgs.config.allowUnfree = true; + # nixpkgs.config.allowUnsupportedSystem = true; + security.pam.services.sudo_local.touchIdAuth = true; + + # Necessary for using flakes on this system. + nix.settings.experimental-features = "nix-command flakes"; + + # Enable alternative shell support in nix-darwin. + # programs.fish.enable = true; + + # Set Git commit hash for darwin-version. + # system.configurationRevision = self.rev or self.dirtyRev or null; + + # Used for backwards compatibility, please read the changelog before changing. + # $ darwin-rebuild changelog + system.stateVersion = 6; + nixpkgs.hostPlatform = "aarch64-darwin"; +} diff --git a/hosts/macbook-pro/default.nix b/hosts/macbook-pro/default.nix new file mode 100644 index 0000000..a58fdd6 --- /dev/null +++ b/hosts/macbook-pro/default.nix @@ -0,0 +1,15 @@ +{ + config = { + #nix-config = { + # networking.hostName = "nyx"; + + # userName = "remy"; + #}; + }; + + # Merge the configuration and hardware configuration + imports = [ + ./configuration.nix + ../../modules/nixos/macos-tiling + ]; +} diff --git a/hosts/mobile-usb/default.nix b/hosts/mobile-usb/default.nix index b485ddb..2f9107f 100644 --- a/hosts/mobile-usb/default.nix +++ b/hosts/mobile-usb/default.nix @@ -24,7 +24,6 @@ ../../modules/nixos/ld.nix ../../modules/nixos/monitoring.nix ../../modules/nixos/networking.nix - ../../modules/nixos/nh.nix ../../modules/nixos/pipewire.nix ../../modules/nixos/podman.nix ../../modules/nixos/power.nix diff --git a/hosts/yoga-7-pro/default.nix b/hosts/yoga-7-pro/default.nix index 0bada65..41c6d1a 100644 --- a/hosts/yoga-7-pro/default.nix +++ b/hosts/yoga-7-pro/default.nix @@ -22,7 +22,6 @@ ../../modules/nixos/ld.nix ../../modules/nixos/monitoring.nix ../../modules/nixos/networking.nix - ../../modules/nixos/nh.nix ../../modules/nixos/pipewire.nix ../../modules/nixos/podman.nix ../../modules/nixos/power.nix diff --git a/modules/nixos/nh.nix b/modules/home-manager/nh.nix similarity index 100% rename from modules/nixos/nh.nix rename to modules/home-manager/nh.nix diff --git a/modules/home-manager/work/cryptography.nix b/modules/home-manager/work/cryptography.nix new file mode 100644 index 0000000..56a2175 --- /dev/null +++ b/modules/home-manager/work/cryptography.nix @@ -0,0 +1,7 @@ +{pkgs, ...}: +{ + home.packages = [ + pkgs.gnupg + pkgs.sops + ]; +} diff --git a/modules/home-manager/work/default.nix b/modules/home-manager/work/default.nix new file mode 100644 index 0000000..0fdb412 --- /dev/null +++ b/modules/home-manager/work/default.nix @@ -0,0 +1,17 @@ +{ + config, + lib, + ... +}: +let + cfg = config.nix-config.hypr; +in +{ + options = { + }; + + imports = [ + ./cryptography.nix + ./kluster.nix + ]; +} diff --git a/modules/home-manager/work/kluster.nix b/modules/home-manager/work/kluster.nix new file mode 100644 index 0000000..ce40c79 --- /dev/null +++ b/modules/home-manager/work/kluster.nix @@ -0,0 +1,9 @@ +{pkgs, ...}: +{ + home.packages = [ + pkgs.kubernetes-helm + pkgs.awscli + pkgs.aws-vault + pkgs.k9s + ]; +} diff --git a/modules/nixos/macos-tiling/default.nix b/modules/nixos/macos-tiling/default.nix new file mode 100644 index 0000000..5bf61ca --- /dev/null +++ b/modules/nixos/macos-tiling/default.nix @@ -0,0 +1,16 @@ +{ + config, + lib, + ... +}: +let + cfg = config.nix-config.macos; +in +{ + options = { + }; + + imports = [ + ./tiling.nix + ]; +} diff --git a/modules/nixos/macos-tiling/tiling.nix b/modules/nixos/macos-tiling/tiling.nix new file mode 100644 index 0000000..fa46dd5 --- /dev/null +++ b/modules/nixos/macos-tiling/tiling.nix @@ -0,0 +1,41 @@ +{pkgs, ...}: { + environment.systemPackages = with pkgs; [ + yabai + skhd + ]; + environment.variables.EDITOR = "code"; + + + # skhd service and config + services.skhd = { + enable = true; + skhdConfig = '' + # toggle window split type + alt - e : yabai -m window --toggle split + + # rotate tree + alt - r : yabai -m space --rotate 90 + ''; + }; + + # yabai service and config + services.yabai = { + enable = true; + package = pkgs.yabai; + enableScriptingAddition = true; + config = { + focus_follows_mouse = "autoraise"; + window_placement = "second_child"; + window_shadow = "on"; + window_opacity = "off"; + }; + extraConfig = '' + sudo yabai --load-sa + yabai -m signal --add event=dock_did_restart action="sudo yabai --load-sa" + yabai -m space 1 --label i + yabai -m space 2 --label ii + yabai -m space 3 --label iii + yabai -m space 4 --label iv + ''; + }; +} diff --git a/users/remy.nix b/users/remy.nix index 20b101f..77f8bfc 100644 --- a/users/remy.nix +++ b/users/remy.nix @@ -9,6 +9,7 @@ home.username = "remy"; home.homeDirectory = "/home/remy"; + ## Utils relevant to this user only programs.git = { enable = true; diff --git a/users/remy_macos/default.nix b/users/remy_macos/default.nix new file mode 100644 index 0000000..a4d1635 --- /dev/null +++ b/users/remy_macos/default.nix @@ -0,0 +1,32 @@ +{ config, pkgs, lib, ... }: +with lib.hm.gvariant; +{ + config = { + home.stateVersion = "24.05"; + programs.git = { + enable = true; + settings = { + user.name = "Remy Moll"; + user.email = "remy.moll@artidis.com"; + }; + }; + + }; + + + + imports = [ + + ../../modules/home-manager/browser.nix + ../../modules/home-manager/code.nix + + ../../modules/home-manager/dev.nix + ../../modules/home-manager/fish.nix + + ../../modules/home-manager/kubectl.nix + ../../modules/home-manager/nh.nix + ../../modules/home-manager/work + ]; + + +} diff --git a/users/remy_usb/default.nix b/users/remy_usb/default.nix index e519669..1658482 100644 --- a/users/remy_usb/default.nix +++ b/users/remy_usb/default.nix @@ -27,6 +27,7 @@ with lib.hm.gvariant; ../../modules/home-manager/kubectl.nix ../../modules/home-manager/obsidian.nix ../../modules/home-manager/owncloud-client.nix + ../../modules/home-manager/nh.nix ../../modules/home-manager/ssh.nix ../../modules/home-manager/stylix.nix ../../modules/home-manager/thunderbird.nix diff --git a/users/remy_yoga/default.nix b/users/remy_yoga/default.nix index 5eecacd..804bd0c 100644 --- a/users/remy_yoga/default.nix +++ b/users/remy_yoga/default.nix @@ -31,6 +31,7 @@ with lib.hm.gvariant; ../../modules/home-manager/kitty.nix ../../modules/home-manager/kubectl.nix ../../modules/home-manager/launcher.nix + ../../modules/home-manager/nh.nix ../../modules/home-manager/obsidian.nix ../../modules/home-manager/owncloud-client.nix ../../modules/home-manager/quickshell