From 8498968acc432550e28e10d81022c00687d1f577 Mon Sep 17 00:00:00 2001 From: Dave Gallant Date: Sun, 30 May 2021 08:33:09 -0400 Subject: [PATCH] Add support for darwin --- .gitignore | 1 + README.md | 24 ++++-- flake.lock | 39 +++++++--- flake.nix | 29 ++++++-- home/default.nix | 11 ++- machines/demeter/configuration.nix | 59 +++++++++++++++ machines/hermes/configuration.nix | 17 ----- machines/hermes/hardware.nix | 31 -------- main/packages.nix | 114 +++++++++++------------------ rebuild.sh | 19 ++++- 10 files changed, 195 insertions(+), 149 deletions(-) create mode 100644 machines/demeter/configuration.nix delete mode 100644 machines/hermes/configuration.nix delete mode 100644 machines/hermes/hardware.nix diff --git a/.gitignore b/.gitignore index e90b739..328fa96 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ .pre-commit-config.yaml +result diff --git a/README.md b/README.md index 5418fac..eafa717 100644 --- a/README.md +++ b/README.md @@ -2,24 +2,34 @@ [![built with nix](https://builtwithnix.org/badge.svg)](https://builtwithnix.org) -This repo stores nix to manage my machines running [NixOS](https://nixos.org/). The initial structure was inspired by [samuelgrf/nixos-config](https://gitlab.com/samuelgrf/nixos-config/-/tree/master/). +This repo stores nix to manage my machines running both [NixOS](https://nixos.org/) and macOS. The initial structure was inspired by [samuelgrf/nixos-config](https://gitlab.com/samuelgrf/nixos-config/-/tree/master/). The configuration is very specific to my own machines and setup, but it may be a useful reference for anyone else learning or experimenting with nix, whether it be on a desktop or a server. ## Setup -```console -$ git clone git@github.com:davegallant/nix-config.git -$ cd nix-config -$ sudo ./rebuild.sh switch +### NixOS + +```sh +sudo ./rebuild.sh switch +``` + +### macOS + +1. Install the latest unstable nix from https://github.com/numtide/nix-unstable-installer (to get nix flakes) +1. Install nix-darwin: https://github.com/LnL7/nix-darwin +1. Add home-manager channel: `nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager; nix-channel --update` (TODO: this requirement should be removed in the future) + +```sh +./rebuild.sh switch ``` ## Update To update nixpkgs defined in [flake.nix](./flake.nix), run: -```console -$ nix flake update +```sh +nix flake update ``` If there are updates, they should be reflected in [flake.lock](./flake.lock). diff --git a/flake.lock b/flake.lock index 06c6413..7c65efa 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,25 @@ { "nodes": { + "darwin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1622060422, + "narHash": "sha256-hPVlvrAyf6zL7tTx0lpK+tMxEfZeMiIZ/A2xaJ41WOY=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "007d700e644ac588ad6668e6439950a5b6e2ff64", + "type": "github" + }, + "original": { + "owner": "lnl7", + "repo": "nix-darwin", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -7,11 +27,11 @@ ] }, "locked": { - "lastModified": 1622014903, - "narHash": "sha256-tEXRBi5aMprNLbzMb6YmTy3cO9smvqC2udKyRo6rj2o=", + "lastModified": 1622317957, + "narHash": "sha256-F+8J8W8aBe5QwxDLnS/0PLuOueNqPcorZntlE7FJcy0=", "owner": "nix-community", "repo": "home-manager", - "rev": "b840707a87f6a35a5c24ea6edf8846741d924616", + "rev": "07ad6a4f76d9402ae8af1507b4158b52aa59fcea", "type": "github" }, "original": { @@ -22,11 +42,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1620983891, - "narHash": "sha256-E2OKVgGo/cUqDsrIeYGVx64b4cxgzd7+bX33NHL0rbA=", + "lastModified": 1622314052, + "narHash": "sha256-DwrLZ6NXPzKpQx3RTjdwdmlGDr6kHVx2gaeHCWCb09Q=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "c4399b921fa7ff5f93ee10b3521b56b722ed74d8", + "rev": "684ae160a6e76590eafa3fca8061b6ad57bcc9ad", "type": "github" }, "original": { @@ -38,11 +58,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1621840840, - "narHash": "sha256-o6h6+d5ZwrFmOTe+ma9s1Z9kyHsCW1C84IA8RZ9/fIU=", + "lastModified": 1622194753, + "narHash": "sha256-76qtvFp/vFEz46lz5iZMJ0mnsWQYmuGYlb0fHgKqqMg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ea7d4aa9b8225abd6147339f0d56675d6f1f0fd1", + "rev": "540dccb2aeaffa9dc69bfdc41c55abd7ccc6baa3", "type": "github" }, "original": { @@ -54,6 +74,7 @@ }, "root": { "inputs": { + "darwin": "darwin", "home-manager": "home-manager", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs" diff --git a/flake.nix b/flake.nix index f8d9172..ce51231 100644 --- a/flake.nix +++ b/flake.nix @@ -4,11 +4,15 @@ url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "/nixpkgs"; }; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + + darwin.url = "github:lnl7/nix-darwin"; + darwin.inputs.nixpkgs.follows = "nixpkgs"; }; - outputs = { self, home-manager, nixpkgs, nixos-hardware }: { + outputs = { self, darwin, home-manager, nixpkgs, nixos-hardware }: { nixosConfigurations = let defaultModules = [ home-manager.nixosModules.home-manager @@ -56,13 +60,24 @@ ./machines/hephaestus/hardware.nix ] ++ defaultModules; }; - hermes = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; + }; + darwinConfigurations = { + demeter = darwin.lib.darwinSystem { modules = [ - nixos-hardware.nixosModules.lenovo-thinkpad-t480s - ./machines/hermes/configuration.nix - ./machines/hermes/hardware.nix - ] ++ defaultModules; + ./machines/demeter/configuration.nix + ./main/packages.nix + + ({ config, ... }: { + config = { + nixpkgs.overlays = [ (import ./overlays) ]; + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + users.dave.imports = [ ./home/default.nix ]; + }; + }; + }) + ]; }; }; }; diff --git a/home/default.nix b/home/default.nix index 4eed011..59a5402 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ lib, pkgs, ... }: let vim-prettier = pkgs.vimUtils.buildVimPlugin { @@ -10,13 +10,14 @@ let sha256 = "sha256-FDeyGH5OPAYV7zePCfDujsj+nGd5AFnqySPStJYEY2E="; }; }; + inherit (pkgs) stdenv; in { home = { sessionVariables = { EDITOR = "vim"; }; }; services = { gpg-agent = { - enable = true; + enable = stdenv.isLinux; defaultCacheTtl = 3600; defaultCacheTtlSsh = 3600; enableSshSupport = true; @@ -112,14 +113,12 @@ in { initExtra = '' export PATH=$PATH:~/.cargo/bin export PATH=$PATH:~/.local/bin - export PATH=$PATH:~/.nodenv/bin export PATH=$PATH:~/go/bin export PAGER=less eval "$(direnv hook zsh)" eval "$(_RFD_COMPLETE=source_zsh rfd)" eval "$(jira --completion-script-zsh)" - eval "$(nodenv init -)" setopt noincappendhistory pfetch @@ -129,7 +128,6 @@ in { aws-azure-login = "docker run --rm -it -v ~/.aws:/root/.aws sportradar/aws-azure-login"; ".." = "cd .."; - e = "emacs -nw"; grep = "rg --smart-case"; k = "kubectl"; ls = "exa -la --git"; @@ -327,7 +325,8 @@ in { vscode = { enable = true; - extensions = with pkgs.vscode-extensions; [ ms-vsliveshare.vsliveshare ]; + extensions = with pkgs.vscode-extensions; + [ ] ++ lib.optionals stdenv.isLinux ([ ms-vsliveshare.vsliveshare ]); }; }; diff --git a/machines/demeter/configuration.nix b/machines/demeter/configuration.nix new file mode 100644 index 0000000..180794f --- /dev/null +++ b/machines/demeter/configuration.nix @@ -0,0 +1,59 @@ +{ pkgs, ... }: + +{ + imports = [ ]; + + nixpkgs.config.allowUnfree = true; + + environment = { variables = { LANG = "en_US.UTF-8"; }; }; + + networking = { hostName = "demeter"; }; + + system.defaults = { + NSGlobalDomain = { + AppleMeasurementUnits = "Centimeters"; + AppleMetricUnits = 1; + AppleShowScrollBars = "Automatic"; + AppleTemperatureUnit = "Celsius"; + AppleKeyboardUIMode = 3; + ApplePressAndHoldEnabled = false; + InitialKeyRepeat = 10; + KeyRepeat = 3; + _HIHideMenuBar = true; + }; + + dock = { + autohide = true; + mru-spaces = false; + tilesize = 512; + }; + + finder = { + AppleShowAllExtensions = true; + QuitMenuItem = true; + FXEnableExtensionChangeWarning = false; + }; + + trackpad = { + Clicking = true; + TrackpadThreeFingerDrag = true; + TrackpadRightClick = true; + }; + + # Login and lock screen + loginwindow = { GuestEnabled = false; }; + }; + + # Auto upgrade nix package and the daemon service. + services.nix-daemon.enable = true; + nix.package = pkgs.nixFlakes; + + programs.zsh = { + enable = true; + # https://github.com/nix-community/home-manager/issues/108#issuecomment-340397178 + enableCompletion = false; + }; + + # Used for backwards compatibility, please read the changelog before changing. + system.stateVersion = 4; +} diff --git a/machines/hermes/configuration.nix b/machines/hermes/configuration.nix deleted file mode 100644 index 7270a94..0000000 --- a/machines/hermes/configuration.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ ./hardware.nix ]; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - networking.hostName = "hermes"; - - networking.interfaces.wlp61s0.useDHCP = true; - - services.power-profiles-daemon.enable = false; - -} - diff --git a/machines/hermes/hardware.nix b/machines/hermes/hardware.nix deleted file mode 100644 index 2cbf948..0000000 --- a/machines/hermes/hardware.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - boot.initrd.availableKernelModules = - [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ "dm-snapshot" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - boot.initrd.luks.devices.luksroot = { - device = "/dev/disk/by-uuid/4b886807-3e19-437c-84bb-c2dd766fc19b"; - allowDiscards = true; - }; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/48d2e958-00a0-47fa-8c32-9aec031f6098"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/D387-B640"; - fsType = "vfat"; - }; - - swapDevices = - [{ device = "/dev/disk/by-uuid/92c35fa7-2d2e-4172-abaf-4c81599782f1"; }]; - - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; -} diff --git a/main/packages.nix b/main/packages.nix index 72a0caf..ebacd82 100644 --- a/main/packages.nix +++ b/main/packages.nix @@ -1,20 +1,18 @@ { config, lib, pkgs, ... }: -{ +let inherit (pkgs) stdenv; +in { # System-wide packages to install. environment.systemPackages = with pkgs; let common = [ # utils curl - glibcLocales + gnupg imagemagick pfetch - rpi-imager - strace tree unzip - usbutils xdg_utils yq-go zip @@ -35,7 +33,6 @@ tokei # productivity - albert bat colordiff direnv @@ -61,10 +58,13 @@ netdata procs + # databases + postgresql + # password managers + _1password bitwarden-cli gopass - lpass # golang golangci-lint @@ -91,32 +91,16 @@ gifsicle gimp - # office - calibre - libreoffice - - # audio - audio-recorder - pulseeffects-pw - spotify - # video - guvcview - kazam - vlc youtube-dl # network arp-scan - bandwhich - deluge dnsutils nmap openssl openvpn - postman sshfs - tailscale vpngate whois wireshark @@ -124,10 +108,6 @@ # backup restic - # virtualization - qemu - virtmanager - # terraform terraform-ls terraform_0_14 @@ -137,28 +117,12 @@ # gcp google-cloud-sdk - # jvm - jdk11 - gradle - groovy - maven - - # disk - cryptsetup - gptfdisk - - # browser - brave - firefox - # docker docker docker-compose # k8s - k3s kubectl - kubernetes-helm # nix cachix @@ -168,20 +132,9 @@ nixpkgs-fmt nixpkgs-review rnix-lsp - # steam-run # can run unpatched binaries - - # games - steam - minecraft - # yuzu # communication - discord element-desktop - signal-desktop - slack - teams - zoom-us ## aws aws-connect @@ -189,7 +142,6 @@ ssm-session-manager-plugin # python - pipenv python39 python39Packages.black python39Packages.ipython @@ -201,27 +153,47 @@ # ruby rbenv - # databases - postgresql - - # gnome - gnome3.gnome-tweaks - gnomeExtensions.appindicator - networkmanager-openvpn - # news srv - changedetection.io - ]; + ] ++ lib.optionals stdenv.isLinux ([ + usbutils + glibcLocales + strace + albert + audio-recorder + pulseeffects-pw + guvcview + kazam + calibre + spotify + libreoffice + vlc + qemu + virtmanager + cryptsetup + gptfdisk + gnome3.gnome-tweaks + gnomeExtensions.appindicator + networkmanager-openvpn + # Unsupported on darwin but likely should be: + bandwhich + brave + deluge + discord + firefox + minecraft + postman + signal-desktop + slack + steam + tailscale + teams + yuzu + zoom-us + ]); in common; - # Don't install optional default packages. - environment.defaultPackages = [ ]; - - # Install ADB and fastboot. - programs.adb.enable = true; - # Install GnuPG agent. programs.gnupg.agent.enable = true; } diff --git a/rebuild.sh b/rebuild.sh index ced4a71..2405ebc 100755 --- a/rebuild.sh +++ b/rebuild.sh @@ -1,3 +1,20 @@ #!/usr/bin/env bash + cd "$(dirname "$0")" || exit -exec nixos-rebuild -I nixos-config="machines/$(hostname)/configuration.nix" "$@" --flake '.#' + +uname="$(uname -s)" +case "${uname}" in + Linux*) machine=linux;; + Darwin*) machine=mac;; + *) machine="unknown" +esac + +if [[ "$machine" == "linux" ]]; then + exec nixos-rebuild -I nixos-config="machines/$(hostname)/configuration.nix" "$@" --flake '.#' +elif [[ "$machine" == "mac" ]]; then + exec darwin-rebuild "$@" --flake . --impure # TODO: What is causing this impurity? +else + echo 'Unsupported OS.' + echo 'Exiting...' + exit 1 +fi