harivansh-afk/nix
1
1
Fork 0
mirror of https://github.com/harivansh-afk/nix.git synced 2026-04-15 12:03:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
my nix config
19 commits 71 branches 0 tags 4.7 MiB
Find a file
Harivansh Rathi 550fca2383 cleanup
2026-03-13 16:44:38 -04:00
config cleanup 2026-03-13 16:44:38 -04:00
docs cleanup 2026-03-13 16:44:38 -04:00
home cleanup 2026-03-13 16:44:38 -04:00
hosts/hari-macbook-pro config 2026-03-12 18:38:43 -04:00
modules cleanup 2026-03-13 16:44:38 -04:00
.gitignore cleanup 2026-03-13 16:44:38 -04:00
flake.lock cluade sep 2026-03-13 16:05:58 -04:00
flake.nix cluade sep 2026-03-13 16:05:58 -04:00
justfile cleanup 2026-03-13 16:44:38 -04:00
README.md cleanup 2026-03-13 16:44:38 -04:00

README.md

Nix Config

Approach

This repo is the source of truth for the machine's reproducible developer environment:

  • home/ contains the Home Manager modules for user-facing tools
  • config/ contains the repo-owned config trees copied from your daily setup
  • modules/ contains host-level nix-darwin policy and package layers
  • modules/homebrew.nix is intentionally narrow and only exists for GUI apps that are still easier to keep in Brew on macOS
  • home/migration.nix contains one-time ownership handoff logic from ~/dots into Home Manager so the steady-state modules can stay focused on real config

Layout

  • flake.nix: top-level flake and host wiring
  • hosts/hari-macbook-pro/default.nix: this machine's host config
  • modules/base.nix: Nix settings and core packages
  • modules/macos.nix: macOS defaults and host-level settings
  • modules/packages.nix: system packages and fonts
  • modules/homebrew.nix: the remaining Homebrew-managed GUI apps
  • home/: Home Manager modules for shell, editor, CLI tools, and app config
  • home/migration.nix: transitional cleanup for old ~/dots symlinks
  • config/: repo-owned config files consumed by Home Manager

Ownership Boundaries

  • Nix owns packages, dotfiles, shell/editor config, launchd services, and selected macOS defaults
  • Homebrew is retained only for a narrow GUI cask boundary
  • Keychain items, TCC/privacy permissions, browser history, and most ~/Library/Application Support state are intentionally outside declarative Nix ownership

Dedicated Inputs

Most tools come from nixpkgs. Fast-moving CLIs that you want to update on their own cadence are pinned as dedicated flake inputs:

  • googleworkspace-cli
  • codex
  • claudeCode

Commands

First switch:

nix run github:LnL7/nix-darwin/master#darwin-rebuild -- switch --flake .#hari-macbook-pro

After the first successful switch:

just switch
just build
just check

Update everything pinned by the flake:

nix flake update
just switch

Update only Codex or Claude:

nix flake lock --update-input codex
nix flake lock --update-input claudeCode
just switch

What Still Needs Manual Handling

  • Secrets and tokens under ~/.secrets, ~/.npmrc, ~/.config/gcloud, ~/.config/gh, and similar paths
  • App state under ~/Library/Application Support
  • Anything that depends on local credentials, keychains, or encrypted stores
  • Manual cleanup of old non-Nix installs that are no longer wanted

Current Homebrew Scope

The current Homebrew boundary is only:

  • cap
  • raycast
  • riptide-dev
  • thebrowsercompany-dia
  • wispr-flow

Homebrew activation is currently cleanup = "uninstall", so anything outside that list is treated as drift and removed on darwin-rebuild switch.