danieldaum.net / nix
my nix setup
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

init: create inital nix config

daniel daum 071c9002

+424
+106
flake.lock
··· 1 + { 2 + "nodes": { 3 + "brew-src": { 4 + "flake": false, 5 + "locked": { 6 + "lastModified": 1774235677, 7 + "narHash": "sha256-0ryNYmzDAeRlrzPTAgmzGH/Cgc8iv/LBN6jWGUANvIk=", 8 + "owner": "Homebrew", 9 + "repo": "brew", 10 + "rev": "894a3d23ac0c8aaf561b9874b528b9cb2e839201", 11 + "type": "github" 12 + }, 13 + "original": { 14 + "owner": "Homebrew", 15 + "ref": "5.1.1", 16 + "repo": "brew", 17 + "type": "github" 18 + } 19 + }, 20 + "home-manager": { 21 + "inputs": { 22 + "nixpkgs": [ 23 + "nixpkgs" 24 + ] 25 + }, 26 + "locked": { 27 + "lastModified": 1775661044, 28 + "narHash": "sha256-HlvLj+wE5ELaU+u2cY2nBFUJHdrob1V7qydk9lBx7oE=", 29 + "owner": "nix-community", 30 + "repo": "home-manager", 31 + "rev": "4ac0a4fd1537325d769377d574dccd10b97c28a2", 32 + "type": "github" 33 + }, 34 + "original": { 35 + "owner": "nix-community", 36 + "repo": "home-manager", 37 + "type": "github" 38 + } 39 + }, 40 + "nix-darwin": { 41 + "inputs": { 42 + "nixpkgs": [ 43 + "nixpkgs" 44 + ] 45 + }, 46 + "locked": { 47 + "lastModified": 1775037210, 48 + "narHash": "sha256-KM2WYj6EA7M/FVZVCl3rqWY+TFV5QzSyyGE2gQxeODU=", 49 + "owner": "nix-darwin", 50 + "repo": "nix-darwin", 51 + "rev": "06648f4902343228ce2de79f291dd5a58ee12146", 52 + "type": "github" 53 + }, 54 + "original": { 55 + "owner": "nix-darwin", 56 + "ref": "master", 57 + "repo": "nix-darwin", 58 + "type": "github" 59 + } 60 + }, 61 + "nix-homebrew": { 62 + "inputs": { 63 + "brew-src": "brew-src" 64 + }, 65 + "locked": { 66 + "lastModified": 1774720267, 67 + "narHash": "sha256-YYftFe8jyfpQI649yfr0E+dqEXE2jznZNcYvy/lKV1U=", 68 + "owner": "zhaofengli", 69 + "repo": "nix-homebrew", 70 + "rev": "a7760a3a83f7609f742861afb5732210fdc437ed", 71 + "type": "github" 72 + }, 73 + "original": { 74 + "owner": "zhaofengli", 75 + "repo": "nix-homebrew", 76 + "type": "github" 77 + } 78 + }, 79 + "nixpkgs": { 80 + "locked": { 81 + "lastModified": 1775639890, 82 + "narHash": "sha256-9O9gNidrdzcb7vgKGtff7QiLtr0IsVaCi0pAXm8anhQ=", 83 + "owner": "NixOS", 84 + "repo": "nixpkgs", 85 + "rev": "456e8a9468b9d46bd8c9524425026c00745bc4d2", 86 + "type": "github" 87 + }, 88 + "original": { 89 + "owner": "NixOS", 90 + "ref": "nixpkgs-unstable", 91 + "repo": "nixpkgs", 92 + "type": "github" 93 + } 94 + }, 95 + "root": { 96 + "inputs": { 97 + "home-manager": "home-manager", 98 + "nix-darwin": "nix-darwin", 99 + "nix-homebrew": "nix-homebrew", 100 + "nixpkgs": "nixpkgs" 101 + } 102 + } 103 + }, 104 + "root": "root", 105 + "version": 7 106 + }
+59
flake.nix
··· 1 + { 2 + description = "my system config"; 3 + 4 + inputs = { 5 + nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; 6 + 7 + nix-darwin = { 8 + url = "github:nix-darwin/nix-darwin/master"; 9 + inputs.nixpkgs.follows = "nixpkgs"; 10 + }; 11 + 12 + home-manager = { 13 + url = "github:nix-community/home-manager"; 14 + inputs.nixpkgs.follows = "nixpkgs"; 15 + }; 16 + nix-homebrew.url = "github:zhaofengli/nix-homebrew"; 17 + }; 18 + 19 + outputs = { self, nixpkgs, nix-darwin, home-manager, nix-homebrew, ... }: { 20 + darwinConfigurations."coruscant" = nix-darwin.lib.darwinSystem { 21 + system = "aarch64-darwin"; 22 + modules = [ 23 + ./hosts/coruscant.nix 24 + home-manager.darwinModules.home-manager 25 + nix-homebrew.darwinModules.nix-homebrew 26 + { 27 + home-manager.useGlobalPkgs = true; 28 + home-manager.useUserPackages = true; 29 + home-manager.users.daniel = import ./home/common.nix; 30 + nix-homebrew = { 31 + enable = true; 32 + enableRosetta = true; 33 + user = "daniel"; 34 + autoMigrate = true; # migrates your existing brew install 35 + }; 36 + } 37 + ]; 38 + }; 39 + darwinConfigurations."kashyyk" = nix-darwin.lib.darwinSystem { 40 + system = "aarch64-darwin"; 41 + modules = [ 42 + ./hosts/kashyyk.nix 43 + home-manager.darwinModules.home-manager 44 + nix-homebrew.darwinModules.nix-homebrew 45 + { 46 + home-manager.useGlobalPkgs = true; 47 + home-manager.useUserPackages = true; 48 + home-manager.users.daniel = import ./home/common.nix; 49 + nix-homebrew = { 50 + enable = true; 51 + enableRosetta = true; 52 + user = "daniel"; 53 + autoMigrate = true; # migrates your existing brew install 54 + }; 55 + } 56 + ]; 57 + }; 58 + }; 59 + }
+147
home/common.nix
··· 1 + { pkgs, ... }: { 2 + home.username = "daniel"; 3 + home.homeDirectory = "/Users/daniel"; 4 + home.stateVersion = "24.11"; 5 + 6 + home.packages = with pkgs; [ 7 + eza 8 + bat 9 + jujutsu 10 + helix 11 + delta 12 + difftastic 13 + jjui 14 + ]; 15 + 16 + programs.zsh = { 17 + enable = true; 18 + profileExtra = '' 19 + eval "$(/opt/homebrew/bin/brew shellenv)" 20 + export SSH_AUTH_SOCK="$HOME/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh" 21 + ''; 22 + initExtra = '' 23 + source $(brew --prefix)/share/antidote/antidote.zsh 24 + antidote load 25 + ZSH_THEME="robbyrussell" 26 + alias ll="eza -al --group-directories-first --icons --git --color=auto --long --header --classify" 27 + alias cat='bat' 28 + ''; 29 + }; 30 + 31 + home.file.".zsh_plugins.txt".text = '' 32 + getantidote/use-omz 33 + ohmyzsh/ohmyzsh path:themes/robbyrussell.zsh-theme 34 + ''; 35 + programs.git = { 36 + enable = true; 37 + userName = "daniel daum"; 38 + userEmail = "daniel@danieldaum.net"; 39 + extraConfig = { 40 + push.autoSetupRemote = true; 41 + commit.gpgsign = true; 42 + gpg.format = "ssh"; 43 + "gpg \"ssh\"".allowedSignersFile = "~/.gitallowedsigners"; 44 + tag.gpgSign = true; 45 + core.pager = "delta"; 46 + interactive.diffFilter = "delta --color-only"; 47 + delta = { 48 + navigate = true; 49 + dark = true; 50 + }; 51 + merge.conflictStyle = "zdiff3"; 52 + diff.tool = "difftastic"; 53 + "difftool \"difftastic\"".cmd = "difft \"$LOCAL\" \"$REMOTE\""; 54 + difftool.prompt = false; 55 + pager.difftool = "less -R"; 56 + include.path = "~/.gitconfig.local"; 57 + }; 58 + aliases = { 59 + st = "status --short --branch"; 60 + a = "add"; 61 + ap = "add --patch"; 62 + c = "commit"; 63 + cm = "commit --message"; 64 + pl = "pull --rebase"; 65 + ps = "push"; 66 + fp = "fetch --prune"; 67 + sweep = "!git branch --merged | grep -v '\\*\\|main\\|master' | xargs -n 1 git branch -d"; 68 + }; 69 + }; 70 + 71 + home.file.".config/jj/config.toml".text = '' 72 + [user] 73 + name = "daniel daum" 74 + email = "daniel@danieldaum.net" 75 + 76 + [ui] 77 + pager = "delta" 78 + diff.format = "git" 79 + diff.tool = "difftastic" 80 + default-command = "log" 81 + 82 + [git] 83 + write-change-id-header = true 84 + sign-on-push = true 85 + 86 + [signing] 87 + behavior = "drop" 88 + backend = "ssh" 89 + key = "" 90 + 91 + [signing.backends.ssh] 92 + allowed-signers = "/Users/daniel/.gitallowedsigners" 93 + 94 + [template-aliases] 95 + "format_timestamp(timestamp)" = "timestamp.ago()" 96 + 97 + [aliases] 98 + init = ["git", "init"] 99 + push = ["git", "push"] 100 + pull = ["git", "fetch"] 101 + clone = ["git", "clone"] 102 + tug = ["bookmark", "move", "--from", "heads(::@- & bookmarks())", "--to", "@-"] 103 + 104 + [templates] 105 + log = """ 106 + if(root, 107 + format_root_commit(self), 108 + label(if(current_working_copy, "working_copy"), 109 + concat( 110 + separate(" ", 111 + change_id.short(), 112 + if(empty, label("empty", "(empty)")), 113 + if(description, 114 + description.first_line(), 115 + label(if(empty, "empty"), description_placeholder), 116 + ), 117 + bookmarks, 118 + if(conflict, label("conflict", "conflict")), 119 + ) ++ "\\n", 120 + ), 121 + ) 122 + ) 123 + """ 124 + 125 + [merge-tools.difftastic] 126 + program = "difft" 127 + diff-args = ["--color=always", "--display=side-by-side", "$left", "$right"] 128 + ''; 129 + 130 + programs.ssh = { 131 + enable = true; 132 + extraConfig = '' 133 + Include ~/.orbstack/ssh/config 134 + ''; 135 + matchBlocks = { 136 + "*" = { 137 + identityAgent = "/Users/daniel/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh"; 138 + }; 139 + "ziost" = { 140 + identityAgent = "/Users/daniel/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh"; 141 + hostname = "ziost.swordfish-magellanic.ts.net"; 142 + user = "maliciouspickle"; 143 + port = 2222; 144 + }; 145 + }; 146 + }; 147 + }
+7
hosts/common.nix
··· 1 + { pkgs, ... }: { 2 + nixpkgs.hostPlatform = "aarch64-darwin"; 3 + system.stateVersion = 6; 4 + users.users.daniel.home = "/Users/daniel"; 5 + system.primaryUser = "daniel"; 6 + nix.enable = false; 7 + }
+4
hosts/coruscant.nix
··· 1 + { ... }: { 2 + imports = [ ./common.nix ./homebrew.nix]; 3 + networking.hostName = "coruscant"; 4 + }
+50
hosts/homebrew.nix
··· 1 + { ... }: { 2 + homebrew = { 3 + enable = true; 4 + onActivation.cleanup = "none"; 5 + brews = [ "mas" ]; 6 + casks = [ 7 + "alt-tab" 8 + "anytype" 9 + "bloom" 10 + "bruno" 11 + "calibre" 12 + "cork" 13 + "cryptomator" 14 + "daisydisk" 15 + "dbngin" 16 + "font-geist-mono" 17 + "fuse-t" 18 + "fuse-t-sshfs" 19 + "iina" 20 + "little-snitch" 21 + "mac-mouse-fix" 22 + "orbstack" 23 + "proton-mail" 24 + "proton-pass" 25 + "raycast" 26 + "rectangle" 27 + "secretive" 28 + "tailscale-app" 29 + "warp" 30 + "yubico-authenticator" 31 + "zed" 32 + ]; 33 + masApps = { 34 + "Brother iPrint&Scan" = 1193539993; 35 + "Developer" = 640199958; 36 + "Dropover" = 1355679052; 37 + "Kagi for Safari" = 1622835804; 38 + "Keynote" = 361285480; 39 + "LiquidFetch" = 6757637185; 40 + "Numbers" = 361304891; 41 + "Pages" = 361309726; 42 + "Panels" = 1236567663; 43 + "Pixelmator Pro" = 1289583905; 44 + "Scrap Paper" = 1448441317; 45 + "SnippetsLab" = 1006087419; 46 + "TestFlight" = 899247664; 47 + "Wipr" = 1662217862; 48 + }; 49 + }; 50 + }
+4
hosts/kashyyk.nix
··· 1 + { ... }: { 2 + imports = [ ./common.nix ./homebrew.nix ]; 3 + networking.hostName = "kashyyk"; 4 + }
+47
init.txt
··· 1 + ===== 2 + Step 1: Install Xcode CLI tools 3 + ===== 4 + xcode-select --install 5 + 6 + ===== 7 + Step 2: Install Rosetta 8 + ===== 9 + softwareupdate --install-rosetta 10 + 11 + ===== 12 + Step 3: Install Determinate Nix 13 + ===== 14 + curl --proto '=https' --tlsv1.2 -sSf -L \ 15 + https://install.determinate.systems/nix | sh -s -- install 16 + 17 + ===== 18 + Step 4: Install Determinate Nix 19 + ===== 20 + git clone https://tangled.org/danieldaum.net/nix ~/.config/nix 21 + 22 + ===== 23 + Step 5: Make Nix profile directory 24 + ===== 25 + mkdir -p ~/.local/state/nix/profiles 26 + 27 + 28 + ===== 29 + Step 6: First darwin rebuild 30 + ===== 31 + cd ~/.config/nix && sudo nix run nix-darwin/master#darwin-rebuild -- switch --flake . 32 + 33 + ===== 34 + Step 7: create .gitconfig.local 35 + ===== 36 + echo '[user] 37 + signingkey = /Users/daniel/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/PublicKeys/<key-hash>.pub' > ~/.gitconfig.local 38 + 39 + ===== 40 + Step 8: create .gitallowedsigners 41 + ===== 42 + echo 'daniel@danieldaum.net ecdsa-sha2-nistp256 <public-key> <machine-name>@secretive.<hostname>.local' > ~/.gitallowedsigners 43 + 44 + ===== 45 + Step 9: Add key to JJ 46 + ===== 47 + jj config set --user signing.key "ecdsa-sha2-nistp256 <public-key>"