nix-home
This repository is a declarative macOS configuration using nix
, nix-darwin
,
and home-manager
.
Installation
1. Install Dependencies
1.1. Install Nix
Install Nix using nix-installer. Read more about it in the Get Nix running on your system guide.
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
1.2. Install Homebrew
We need to install Homebrew manually because
nix-darwin
won't handle Homebrew installation itself.
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
Note: Restart the machine if you experience issues with downloading Homebrew.
2. Clone Repository
Clone this repository using HTTPS (because, at this point, we can't expect the new machine to have SSH set up).
git clone https://github.com/zainfathoni/nix-home.git
3. Build Nix stores
nix build .#darwinConfigurations.zain.system
nix.conf
file
3.1. Backup the existing Before continuing, backup the existing /etc/nix/nix.conf
file from the initial
Nix installation by running these commands.
cd /etc/nix
sudo mv nix.conf nix.conf.before-nix-darwin
4. Switch to the built Nix stores
Running the build result would also run the brew bundle
command, which will
install Brew packages defined in this repository.
./result/sw/bin/darwin-rebuild switch --flake .#zain
5. Import GPG Keys
Import GPG Keys from my password manager.
- Open the GPG Keychain application.
- Copy the private key block to the clipboard.
- The GPG Keychain will detect the private keys automatically.
6. Decrypt secrets
Once yadm
is installed using the command above, we can use yadm
to decrypt
the secrets.
yadm clone https://github.com/zainfathoni/yadm-home.git
yadm decrypt
# enter the passphrase (if prompted)
Updates
Here's how to update the Nix registry to the latest versions.
1. Find the latest stable version of Nix
Visit Nix official website and find the latest stable version on the home page. Once you find the latest version, update all versions in flake.nix and default.nix files accordingly.
2. Update flake.lock file
If you change nix dependencies, it's better to update the flake.lock
file
accordingly. You can do it by using either of these commands:
$ nix flake update # run this when you're inside the root directory of this nix-home repository
Additional Scripts
Fetch packages from GitHub
Get rev
& sha256
values for packages fetched from GitHub.
$ nix-prefetch-git <github-repository-url>