feat: Darwin configuration for persephone

nikitawootten · May 16, 2024 · 57996a0 · 57996a0
1 parent 29f250d
commit 57996a0
Show file tree

Hide file tree

Showing 11 changed files with 95 additions and 10 deletions.
diff --git a/Makefile b/Makefile
@@ -40,6 +40,10 @@ switch-nixos: ## Switch local NixOS config
 build-nixos: ## Build local NixOS config
 	sudo $(NIX_CMD) develop --command nixos-rebuild dry-activate --flake .#
 
+.PHONY: switch-darwin
+switch-darwin:
+	$(NIX_CMD) run nix-darwin -- switch --flake .#
+
 # Default to connecting to the host directly
 TARGET=$(HOST)
 # Default to using the local machine as the builder

diff --git a/darwinHosts/default.nix b/darwinHosts/default.nix
@@ -0,0 +1,6 @@
+{ darwin, specialArgs }: {
+  persephone = darwin.lib.darwinSystem {
+    modules = [ ./persephone ];
+    inherit specialArgs;
+  };
+}
diff --git a/darwinHosts/persephone/default.nix b/darwinHosts/persephone/default.nix
@@ -0,0 +1,13 @@
+{ pkgs, self, inputs, keys, ... }: {
+  imports = [ self.darwinModules.personal ];
+
+  home-manager.users.nikita = import ./nikita.nix;
+  nixpkgs.hostPlatform = "aarch64-darwin";
+
+  users.users.nikita = {
+    name = "nikita";
+    home = "/Users/nikita";
+  };
+
+  networking.hostName = "persephone";
+}
diff --git a/darwinHosts/persephone/nikita.nix b/darwinHosts/persephone/nikita.nix
@@ -0,0 +1,10 @@
+{ self, lib, config, pkgs, keys, ... }: {
+  imports = [ self.homeModules.personal ];
+
+  personal.vscode.enable = true;
+  personal.cluster-admin.enable = true;
+
+  home.stateVersion = "23.11";
+
+  personal.git.signingKey = keys.nikita_persephone;
+}
diff --git a/darwinModules/default.nix b/darwinModules/default.nix
@@ -0,0 +1 @@
+{ personal = ./personal; }
diff --git a/darwinModules/personal/default.nix b/darwinModules/personal/default.nix
@@ -0,0 +1,15 @@
+{ self, inputs, keys, ... }: {
+  imports = [ inputs.home-manager.darwinModules.home-manager ];
+
+  home-manager.useGlobalPkgs = true;
+  home-manager.useUserPackages = true;
+  home-manager.extraSpecialArgs = { inherit self inputs keys; };
+
+  nix.settings.experimental-features = "nix-command flakes";
+  programs.zsh.enable = true;
+
+  nixpkgs.config.allowUnfree = true;
+  system.stateVersion = 4;
+  services.nix-daemon.enable = true;
+  system.configurationRevision = self.rev or self.dirtyRev or null;
+}
diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -8,6 +8,10 @@
       url = "github:nix-community/home-manager";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    darwin = {
+      url = "github:LnL7/nix-darwin";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
     # Provides hardware-specific NixOS modules
     nixos-hardware.url = "github:NixOS/nixos-hardware/master";
     flake-utils.url = "github:numtide/flake-utils";
@@ -28,6 +32,7 @@
       url = "github:ryantm/agenix";
       inputs.nixpkgs.follows = "nixpkgs";
       inputs.home-manager.follows = "home-manager";
+      inputs.darwin.follows = "darwin";
     };
     # Create VM/images/containers off of NixOS modules
     nixos-generators = {
@@ -55,8 +60,8 @@
     };
   };
 
-  outputs =
-    { self, nixpkgs, home-manager, flake-utils, pre-commit-hooks, ... }@inputs:
+  outputs = { self, nixpkgs, home-manager, darwin, flake-utils, pre-commit-hooks
+    , ... }@inputs:
     let
       secrets = import ./secrets;
       keys = import ./keys.nix;
@@ -81,6 +86,11 @@
         lib = self.lib;
         homeConfigs = homes.nixosHomeModules;
       };
+
+      darwinConfigurations =
+        import ./darwinHosts { inherit darwin specialArgs; };
+
+      darwinModules = import ./darwinModules;
     } // flake-utils.lib.eachDefaultSystem (system: rec {
       pkgs = import nixpkgs {
         inherit system;
@@ -130,6 +140,7 @@
             pwgen
             jq
             graphviz
+            helix
           ] ++ [
             inputs.home-manager.packages.${system}.default
             inputs.agenix.packages.${system}.default

diff --git a/homeModules/personal/darwin.nix b/homeModules/personal/darwin.nix
@@ -0,0 +1,21 @@
+{ pkgs, lib, config, ... }: {
+  config = lib.mkIf pkgs.stdenv.isDarwin {
+    home.activation = {
+      aliasHomeManagerApplications =
+        lib.hm.dag.entryAfter [ "writeBoundary" ] ''
+          app_folder="${config.home.homeDirectory}/Applications/Home Manager Trampolines"
+          rm -rf "$app_folder"
+          mkdir -p "$app_folder"
+          find "$genProfilePath/home-path/Applications" -type l -print | while read -r app; do
+            app_target="$app_folder/$(basename "$app")"
+            real_app="$(readlink "$app")"
+            echo "mkalias \"$real_app\" \"$app_target\"" >&2
+            $DRY_RUN_CMD ${pkgs.mkalias}/bin/mkalias "$real_app" "$app_target"
+          done
+        '';
+    };
+
+    # Disabling for now due to lack of SSH resident key support in MacOS's packaged SSH agent
+    programs.git.extraConfig.commit.gpgsig = lib.mkForce false;
+  };
+}
diff --git a/homeModules/personal/default.nix b/homeModules/personal/default.nix
@@ -3,6 +3,7 @@
     ./gnome
     ./allowUnfreeRegexes.nix
     ./cluster-admin.nix
+    ./darwin.nix
     ./direnv.nix
     ./editor.nix
     ./firefox-gnome-theme.nix

diff --git a/keys.nix b/keys.nix
@@ -6,6 +6,8 @@ rec {
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyxV6Jx53eFSFkl8z1yHOe0GYuG5SNCgf0s3nfJg/Ih";
   nikita_cochrane =
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK//BoiABsGP0THb282KhGU0hLqUM2biGCK6qRcbZcMB";
+  nikita_persephone =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHkzbA1xpyYLvsOcfabO+MZiWIjWTI6FYXBKdNud7js5";
 
   # Trusted users for decrypting agenix secrets
   trusted_users = [ nikita_voyager ];