Add support for darwin

.gitignore

@@ -1 +1,2 @@
 .pre-commit-config.yaml
+result

README.md

@@ -2,24 +2,34 @@
 
 [![built with nix](https://builtwithnix.org/badge.svg)](https://builtwithnix.org)
 
-This repo stores nix to manage my machines running [NixOS](https://nixos.org/). The initial structure was inspired by [samuelgrf/nixos-config](https://gitlab.com/samuelgrf/nixos-config/-/tree/master/).
+This repo stores nix to manage my machines running both [NixOS](https://nixos.org/) and macOS. The initial structure was inspired by [samuelgrf/nixos-config](https://gitlab.com/samuelgrf/nixos-config/-/tree/master/).
 
 The configuration is very specific to my own machines and setup, but it may be a useful reference for anyone else learning or experimenting with nix, whether it be on a desktop or a server.
 
 ## Setup
 
-```console
-$ git clone git@github.com:davegallant/nix-config.git
-$ cd nix-config
-$ sudo ./rebuild.sh switch
+### NixOS
+
+```sh
+sudo ./rebuild.sh switch
+```
+
+### macOS
+
+1. Install the latest unstable nix from https://github.com/numtide/nix-unstable-installer (to get nix flakes)
+1. Install nix-darwin: https://github.com/LnL7/nix-darwin
+1. Add home-manager channel: `nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager; nix-channel --update` (TODO: this requirement should be removed in the future)
+
+```sh
+./rebuild.sh switch
 ```
 
 ## Update
 
 To update nixpkgs defined in [flake.nix](./flake.nix), run:
 
-```console
-$ nix flake update
+```sh
+nix flake update
 ```
 
 If there are updates, they should be reflected in [flake.lock](./flake.lock).

flake.lock

@@ -1,5 +1,25 @@
 {
   "nodes": {
+    "darwin": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1622060422,
+        "narHash": "sha256-hPVlvrAyf6zL7tTx0lpK+tMxEfZeMiIZ/A2xaJ41WOY=",
+        "owner": "lnl7",
+        "repo": "nix-darwin",
+        "rev": "007d700e644ac588ad6668e6439950a5b6e2ff64",
+        "type": "github"
+      },
+      "original": {
+        "owner": "lnl7",
+        "repo": "nix-darwin",
+        "type": "github"
+      }
+    },
     "home-manager": {
       "inputs": {
         "nixpkgs": [
@@ -7,11 +27,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1622014903,
-        "narHash": "sha256-tEXRBi5aMprNLbzMb6YmTy3cO9smvqC2udKyRo6rj2o=",
+        "lastModified": 1622317957,
+        "narHash": "sha256-F+8J8W8aBe5QwxDLnS/0PLuOueNqPcorZntlE7FJcy0=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "b840707a87f6a35a5c24ea6edf8846741d924616",
+        "rev": "07ad6a4f76d9402ae8af1507b4158b52aa59fcea",
         "type": "github"
       },
       "original": {
@@ -22,11 +42,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1620983891,
-        "narHash": "sha256-E2OKVgGo/cUqDsrIeYGVx64b4cxgzd7+bX33NHL0rbA=",
+        "lastModified": 1622314052,
+        "narHash": "sha256-DwrLZ6NXPzKpQx3RTjdwdmlGDr6kHVx2gaeHCWCb09Q=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "c4399b921fa7ff5f93ee10b3521b56b722ed74d8",
+        "rev": "684ae160a6e76590eafa3fca8061b6ad57bcc9ad",
         "type": "github"
       },
       "original": {
@@ -38,11 +58,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1621840840,
-        "narHash": "sha256-o6h6+d5ZwrFmOTe+ma9s1Z9kyHsCW1C84IA8RZ9/fIU=",
+        "lastModified": 1622194753,
+        "narHash": "sha256-76qtvFp/vFEz46lz5iZMJ0mnsWQYmuGYlb0fHgKqqMg=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "ea7d4aa9b8225abd6147339f0d56675d6f1f0fd1",
+        "rev": "540dccb2aeaffa9dc69bfdc41c55abd7ccc6baa3",
         "type": "github"
       },
       "original": {
@@ -54,6 +74,7 @@
     },
     "root": {
       "inputs": {
+        "darwin": "darwin",
         "home-manager": "home-manager",
         "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs"

flake.nix

@@ -4,11 +4,15 @@
       url = "github:nix-community/home-manager";
       inputs.nixpkgs.follows = "/nixpkgs";
     };
+
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
     nixos-hardware.url = "github:NixOS/nixos-hardware/master";
+
+    darwin.url = "github:lnl7/nix-darwin";
+    darwin.inputs.nixpkgs.follows = "nixpkgs";
   };
 
-  outputs = { self, home-manager, nixpkgs, nixos-hardware }: {
+  outputs = { self, darwin, home-manager, nixpkgs, nixos-hardware }: {
     nixosConfigurations = let
       defaultModules = [
         home-manager.nixosModules.home-manager
@@ -56,13 +60,24 @@
           ./machines/hephaestus/hardware.nix
         ] ++ defaultModules;
       };
-      hermes = nixpkgs.lib.nixosSystem {
-        system = "x86_64-linux";
+    };
+    darwinConfigurations = {
+      demeter = darwin.lib.darwinSystem {
         modules = [
-          nixos-hardware.nixosModules.lenovo-thinkpad-t480s
-          ./machines/hermes/configuration.nix
-          ./machines/hermes/hardware.nix
-        ] ++ defaultModules;
+          ./machines/demeter/configuration.nix
+          ./main/packages.nix
+
+          ({ config, ... }: {
+            config = {
+              nixpkgs.overlays = [ (import ./overlays) ];
+              home-manager = {
+                useGlobalPkgs = true;
+                useUserPackages = true;
+                users.dave.imports = [ ./home/default.nix ];
+              };
+            };
+          })
+        ];
       };
     };
   };

home/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ lib, pkgs, ... }:
 
 let
   vim-prettier = pkgs.vimUtils.buildVimPlugin {
@@ -10,13 +10,14 @@ let
       sha256 = "sha256-FDeyGH5OPAYV7zePCfDujsj+nGd5AFnqySPStJYEY2E=";
     };
   };
+  inherit (pkgs) stdenv;
 in {
 
   home = { sessionVariables = { EDITOR = "vim"; }; };
 
   services = {
     gpg-agent = {
-      enable = true;
+      enable = stdenv.isLinux;
       defaultCacheTtl = 3600;
       defaultCacheTtlSsh = 3600;
       enableSshSupport = true;
@@ -112,14 +113,12 @@ in {
       initExtra = ''
         export PATH=$PATH:~/.cargo/bin
         export PATH=$PATH:~/.local/bin
-        export PATH=$PATH:~/.nodenv/bin
         export PATH=$PATH:~/go/bin
         export PAGER=less
 
         eval "$(direnv hook zsh)"
         eval "$(_RFD_COMPLETE=source_zsh rfd)"
         eval "$(jira --completion-script-zsh)"
-        eval "$(nodenv init -)"
 
         setopt noincappendhistory
         pfetch
@@ -129,7 +128,6 @@ in {
         aws-azure-login =
           "docker run --rm -it -v ~/.aws:/root/.aws sportradar/aws-azure-login";
         ".." = "cd ..";
-        e = "emacs -nw";
         grep = "rg --smart-case";
         k = "kubectl";
         ls = "exa -la --git";
@@ -327,7 +325,8 @@ in {
 
     vscode = {
       enable = true;
-      extensions = with pkgs.vscode-extensions; [ ms-vsliveshare.vsliveshare ];
+      extensions = with pkgs.vscode-extensions;
+        [ ] ++ lib.optionals stdenv.isLinux ([ ms-vsliveshare.vsliveshare ]);
     };
 
   };

machines/demeter/configuration.nix

@@ -0,0 +1,59 @@
+{ pkgs, ... }:
+
+{
+  imports = [ <home-manager/nix-darwin> ];
+
+  nixpkgs.config.allowUnfree = true;
+
+  environment = { variables = { LANG = "en_US.UTF-8"; }; };
+
+  networking = { hostName = "demeter"; };
+
+  system.defaults = {
+    NSGlobalDomain = {
+      AppleMeasurementUnits = "Centimeters";
+      AppleMetricUnits = 1;
+      AppleShowScrollBars = "Automatic";
+      AppleTemperatureUnit = "Celsius";
+      AppleKeyboardUIMode = 3;
+      ApplePressAndHoldEnabled = false;
+      InitialKeyRepeat = 10;
+      KeyRepeat = 3;
+      _HIHideMenuBar = true;
+    };
+
+    dock = {
+      autohide = true;
+      mru-spaces = false;
+      tilesize = 512;
+    };
+
+    finder = {
+      AppleShowAllExtensions = true;
+      QuitMenuItem = true;
+      FXEnableExtensionChangeWarning = false;
+    };
+
+    trackpad = {
+      Clicking = true;
+      TrackpadThreeFingerDrag = true;
+      TrackpadRightClick = true;
+    };
+
+    # Login and lock screen
+    loginwindow = { GuestEnabled = false; };
+  };
+
+  # Auto upgrade nix package and the daemon service.
+  services.nix-daemon.enable = true;
+  nix.package = pkgs.nixFlakes;
+
+  programs.zsh = {
+    enable = true;
+    # https://github.com/nix-community/home-manager/issues/108#issuecomment-340397178
+    enableCompletion = false;
+  };
+
+  # Used for backwards compatibility, please read the changelog before changing.
+  system.stateVersion = 4;
+}

machines/hermes/configuration.nix

@@ -1,17 +0,0 @@
-{ config, pkgs, ... }:
-
-{
-  imports = [ ./hardware.nix ];
-
-  # Use the systemd-boot EFI boot loader.
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  networking.hostName = "hermes";
-
-  networking.interfaces.wlp61s0.useDHCP = true;
-
-  services.power-profiles-daemon.enable = false;
-
-}
-

machines/hermes/hardware.nix

@@ -1,31 +0,0 @@
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
-
-  boot.initrd.availableKernelModules =
-    [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ];
-  boot.initrd.kernelModules = [ "dm-snapshot" ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  boot.initrd.luks.devices.luksroot = {
-    device = "/dev/disk/by-uuid/4b886807-3e19-437c-84bb-c2dd766fc19b";
-    allowDiscards = true;
-  };
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/48d2e958-00a0-47fa-8c32-9aec031f6098";
-    fsType = "ext4";
-  };
-
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/D387-B640";
-    fsType = "vfat";
-  };
-
-  swapDevices =
-    [{ device = "/dev/disk/by-uuid/92c35fa7-2d2e-4172-abaf-4c81599782f1"; }];
-
-  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-}

main/packages.nix

@@ -1,20 +1,18 @@
 { config, lib, pkgs, ... }:
 
-{
+let inherit (pkgs) stdenv;
+in {
   # System-wide packages to install.
   environment.systemPackages = with pkgs;
     let
       common = [
         # utils
         curl
-        glibcLocales
+        gnupg
         imagemagick
         pfetch
-        rpi-imager
-        strace
         tree
         unzip
-        usbutils
         xdg_utils
         yq-go
         zip
@@ -35,7 +33,6 @@
         tokei
 
         # productivity
-        albert
         bat
         colordiff
         direnv
@@ -61,10 +58,13 @@
         netdata
         procs
 
+        # databases
+        postgresql
+
         # password managers
+        _1password
         bitwarden-cli
         gopass
-        lpass
 
         # golang
         golangci-lint
@@ -91,32 +91,16 @@
         gifsicle
         gimp
 
-        # office
-        calibre
-        libreoffice
-
-        # audio
-        audio-recorder
-        pulseeffects-pw
-        spotify
-
         # video
-        guvcview
-        kazam
-        vlc
         youtube-dl
 
         # network
         arp-scan
-        bandwhich
-        deluge
         dnsutils
         nmap
         openssl
         openvpn
-        postman
         sshfs
-        tailscale
         vpngate
         whois
         wireshark
@@ -124,10 +108,6 @@
         # backup
         restic
 
-        # virtualization
-        qemu
-        virtmanager
-
         # terraform
         terraform-ls
         terraform_0_14
@@ -137,28 +117,12 @@
         # gcp
         google-cloud-sdk
 
-        # jvm
-        jdk11
-        gradle
-        groovy
-        maven
-
-        # disk
-        cryptsetup
-        gptfdisk
-
-        # browser
-        brave
-        firefox
-
         # docker
         docker
         docker-compose
 
         # k8s
-        k3s
         kubectl
-        kubernetes-helm
 
         # nix
         cachix
@@ -168,20 +132,9 @@
         nixpkgs-fmt
         nixpkgs-review
         rnix-lsp
-        # steam-run # can run unpatched binaries
-
-        # games
-        steam
-        minecraft
-        # yuzu
 
         # communication
-        discord
         element-desktop
-        signal-desktop
-        slack
-        teams
-        zoom-us
 
         ## aws
         aws-connect
@@ -189,7 +142,6 @@
         ssm-session-manager-plugin
 
         # python
-        pipenv
         python39
         python39Packages.black
         python39Packages.ipython
@@ -201,27 +153,47 @@
         # ruby
         rbenv
 
-        # databases
-        postgresql
-
-        # gnome
-        gnome3.gnome-tweaks
-        gnomeExtensions.appindicator
-        networkmanager-openvpn
-
         # news
         srv
 
-        changedetection.io
-      ];
+      ] ++ lib.optionals stdenv.isLinux ([
+        usbutils
+        glibcLocales
+        strace
+        albert
+        audio-recorder
+        pulseeffects-pw
+        guvcview
+        kazam
+        calibre
+        spotify
+        libreoffice
+        vlc
+        qemu
+        virtmanager
+        cryptsetup
+        gptfdisk
+        gnome3.gnome-tweaks
+        gnomeExtensions.appindicator
+        networkmanager-openvpn
+        # Unsupported on darwin but likely should be:
+        bandwhich
+        brave
+        deluge
+        discord
+        firefox
+        minecraft
+        postman
+        signal-desktop
+        slack
+        steam
+        tailscale
+        teams
+        yuzu
+        zoom-us
+      ]);
     in common;
 
-  # Don't install optional default packages.
-  environment.defaultPackages = [ ];
-
-  # Install ADB and fastboot.
-  programs.adb.enable = true;
-
   # Install GnuPG agent.
   programs.gnupg.agent.enable = true;
 }

rebuild.sh

@@ -1,3 +1,20 @@
 #!/usr/bin/env bash
+
 cd "$(dirname "$0")" || exit
-exec nixos-rebuild -I nixos-config="machines/$(hostname)/configuration.nix" "$@" --flake '.#'
+
+uname="$(uname -s)"
+case "${uname}" in
+    Linux*)     machine=linux;;
+    Darwin*)    machine=mac;;
+    *)          machine="unknown"
+esac
+
+if [[ "$machine" ==  "linux" ]]; then
+    exec nixos-rebuild -I nixos-config="machines/$(hostname)/configuration.nix" "$@" --flake '.#'
+elif [[ "$machine" ==  "mac" ]]; then
+    exec darwin-rebuild "$@" --flake . --impure # TODO: What is causing this impurity?
+else 
+    echo 'Unsupported OS.'
+    echo 'Exiting...'
+    exit 1
+fi