From 9e70f144dde840fed8d8b485f9396638139ec310 Mon Sep 17 00:00:00 2001 From: Ryan Schanzenbacher Date: Sun, 14 Jun 2026 23:39:10 -0400 Subject: Initial Commit for mac testing --- hosts/RyanMac/configuration.nix | 212 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 212 insertions(+) create mode 100644 hosts/RyanMac/configuration.nix (limited to 'hosts') diff --git a/hosts/RyanMac/configuration.nix b/hosts/RyanMac/configuration.nix new file mode 100644 index 0000000..572c534 --- /dev/null +++ b/hosts/RyanMac/configuration.nix @@ -0,0 +1,212 @@ +{ pkgs, inputs, ... }: +let + username = "ryan"; + + defaultBrowser = "zen"; + + pinnedNixpkgs = pkgs.writeText "flake-registry.json" (builtins.toJSON { + version = 2; + flakes = [ + { + from = { type = "indirect"; id = "nixpkgs"; }; + to = { + type = "path"; + path = inputs.nixpkgs.outPath; + lastModified = inputs.nixpkgs.lastModified; + narHash = inputs.nixpkgs.narHash; + }; + } + ]; + }); + +in { + # Define the system's user and home dir location + users.users."${username}" = { + name = "${username}"; + home = "/Users/${username}"; + }; + + system.primaryUser = "${username}"; + + # Install the /etc/nix/flake-registry.json file we made above + environment.etc."nix/flake-registry.json".source = pinnedNixpkgs; + + # Install RyanCA Root + security.pki.certificateFiles = [ + ../../files/CACerts/RyanCA.crt + ]; + + # Need to disable native nix handling because of Determinate nix + determinateNix = { + enable = true; + customSettings = { + flake-registry = "/etc/nix/flake-registry.json"; + }; + }; + + # Determines the nix-darwin release compatibility + system.stateVersion = 6; + + # System profile programs + programs = { + zsh.enable = true; + }; + + # Install homebrew casks/apps + homebrew = { + enable = true; + + onActivation = { + cleanup = "zap"; + extraFlags = [ "--force-cleanup" ]; + }; + + casks = [ + "utm" + "ghostty" + "zen" + ]; + }; + + # Keyboard shortcuts using skhd + services.skhd = { + enable = true; + skhdConfig = '' + alt - d : osascript -e 'tell application "System Events" to key code 49 using {command down}' + alt - return : open -na /Applications/Ghostty.app + ''; + }; + + # System configuration + time.timeZone = "America/New_York"; + + system.defaults = { + NSGlobalDomain = { + # 24 hour time + AppleICUForce24HourTime = true; + + # Dark Mode + AppleInterfaceStyle = "Dark"; + + # Key repeat rate + KeyRepeat = 4; + InitialKeyRepeat = 30; + + # Swap F1-12 to be default + "com.apple.keyboard.fnState" = true; + + # Disable Keyboard bullcrap + NSAutomaticCapitalizationEnabled = false; + NSAutomaticDashSubstitutionEnabled = false; + NSAutomaticPeriodSubstitutionEnabled = false; + NSAutomaticQuoteSubstitutionEnabled = false; + NSAutomaticSpellingCorrectionEnabled = false; + ApplePressAndHoldEnabled = false; + }; + + # Control center stuff + controlcenter = { + BatteryShowPercentage = true; + }; + + # Clock settings + menuExtraClock = { + Show24Hour = true; + ShowDate = 1; # Always + ShowDayOfWeek = true; + ShowSeconds = true; + }; + + # Screen capture settings + screencapture = { + target = "clipboard"; + type = "png"; + }; + + # finder good settings + finder = { + AppleShowAllExtensions = true; + AppleShowAllFiles = true; + ShowPathbar = true; + FXEnableExtensionChangeWarning = false; + _FXShowPosixPathInTitle = true; + NewWindowTarget = "Home"; + ShowExternalHardDrivesOnDesktop = false; + ShowHardDrivesOnDesktop = false; + ShowMountedServersOnDesktop = false; + ShowRemovableMediaOnDesktop = false; + ShowStatusBar = true; + }; + + # Login Window Settings + loginwindow = { + GuestEnabled = false; + DisableConsoleAccess = true; + }; + + # dock settings + dock = { + magnification = true; + largesize = 96; + tilesize = 32; + minimize-to-application = false; + orientation = "bottom"; + autohide = true; + persistent-apps = [ + { app = "/Applications/Zen.app"; } + #{ app = "/System/Applications/Launchpad.app"; } + { app = "/System/Applications/Messages.app"; } + { app = "/System/Applications/Facetime.app"; } + { app = "/System/Applications/Calendar.app"; } + { app = "/System/Applications/App Store.app"; } + { app = "/System/Applications/System Settings.app"; } + { app = "/Applications/UTM.app"; } + ]; + persistent-others = [ + { folder = { path = "/Users/${username}/Downloads"; showas = "grid"; arrangement = "date-created"; }; } + { folder = { path = "/Applications"; showas = "grid"; arrangement = "name"; }; } + ]; + show-recents = false; + }; + + # Custom preferences + CustomUserPreferences = { + NSGlobalDomain = { + # Always show menu bar + AppleMenuBarVisibleInFullscreen = true; + }; + + "com.apple.symbolichotkeys" = { + AppleSymbolicHotKeys = { + "64" = { + enabled = true; # skhd needs this for its shortcut + }; + }; + }; + }; + }; + + # Post-Activation scripts + system.activationScripts.postActivation.text = '' + echo "Configuring NTP servers..." + systemsetup -setnetworktimeserver pool.ntp.org > /dev/null 2>&1 || true + systemsetup -setusingnetworktime on > /dev/null 2>&1 || true + + ryancasum="$(${pkgs.openssl}/bin/openssl x509 -in "${../../files/CACerts/RyanCA.crt}" -noout -fingerprint -sha1 | sed 's/.*=//; s/://g')" + if ! /usr/bin/security find-certificate -a -Z "/Library/Keychains/System.keychain" | tr -d ':' | grep -iq "$ryancasum"; then + echo "Installing RyanCA Certificate..." + /usr/bin/security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ${../../files/CACerts/RyanCA.crt} + fi + + echo "Reloading Preferences DB..." + /System/Library/PrivateFrameworks/SystemAdministration.framework/Resources/activateSettings -u + + echo "Setting default browser" + ${pkgs.defaultbrowser}/bin/defaultbrowser ${defaultBrowser} + + # this is fragile so it goes at the bottom + echo "Reloading skhd..." + sudo -iu ${username} ${pkgs.skhd}/bin/skhd -r + ''; + +} -- cgit v1.3