My NixOS, nix-darwin and Home Manager configurations.
I use NixOS inside of a OrbStack on a M3 Mac running macOS. In addition to this, I use nix-darwin to configure macOS with nix-darwin. Both of these setups also use Home Manager. These configurations share the same modules/ and home-modules/.
There are two kinds of modules:
modules/, which define NixOS or nix-darwin level options.home-modules/, which define Home Manager options on both NixOS and macOS.
The modules mentioned above are imported inside of two configuration generation functions:
./nixos.nix, this function generates anixosConfiguration./darwin.nix, this function generates adarwinConfiguration
These fucntions are used in ./flake.nix's nixosConfigurations and darwinConfigurations
NOTE: These instructions are out of date
- Do a project-wide search of my username,
corand replace it withyour_username. Be careful not to replace things that are not my username, such as "core". - In
./nixos.nix, replace the value ofhashedPasswordwith one you've generated withmkpasswd -m sha-512See here for more info. - In
./programs/git.nix, changeuserNameandextraConfig.github.userto your GitHub username. Also changesigning.keyto the public GPG key you use for your GitHub account.
NOTE: macOS Nix config is not required for setting up the NixOS VM. For instructions on this, check the next section
Make sure not to install Homebrew or Xcode Command Line Tools!
- Do a clean install macOS, deny analytics.
- Install
Nixon macOS with the installer - In ~, execute
nix-shell -p git --command "git clone https://github.com/cor/nixos-config" - Install
nix-darwinwith the nix-darwin installer. - Restart Terminal.app
sudo mv /etc/nix/nix.conf /etc/nix/nix.conf.original- In
~/nixos-config, executenix-shell --no-sandbox -p cmake --command "make switch-darwin" - Download 1Password and browser extension
- From 1Password, download SSH keys:
id_ed25519andid_ed25519.pub. Move them to~/.ssh~ - From 1Password, download GPG keys:
secret-key-backup.asc. Import them with:gpg --import ./secret-key-backup.asc. Afterwards, runrm ./secret-key-backup.asc - From 1Password, download GPG
trust-db-backup.txt. Import them with:gpg --import-ownertrust < ./trustdb-backup.txt, Afterwards, runrm ./trustdb-backup.txt - Open Safari, go to
Settings > Search > Search Engine. Select DuckDuckGo. Go toSettings > Advanced > Smart Search Field, click "Show full ewbsite address". Go toSettings > Advanced, at the bottom click "Show Develop menu in menu bar" - Open Settings.app, Go to
Desktop & Dock > Show recent applications in Dockand disable it - Remove all apps from dock, turn hide dock on
- Install UTM from the Mac App Store
- Download a minimal 64-bit ARM ISO from the NixOS download page.
- Open UTM, Create a new Linux VM, Use Apple Virutalization & Enable Rosetta
- Select your
nixos-minimal-...-aarch64-linux.iso - Hardware:
- CPU: 8 cores
- RAM: 22528 MB
- configure login
sudo supasswd(set toroot)
- get machine ip:
ip -brief address
- Install Parallels Desktop.
- Download a minimal 64-bit ARM ISO from the NixOS download page.
- In parallels: click "Install Windows or another OS from a DVD or image file"
- Select your
nixos-minimal-...-aarch64-linux.iso - Select "Other Linux"
- In Name, type "NixOS"
- Click "Customize settings before installation"
- Go to "Hardware"
- CPU & Memory:
- Processors:
N - 2cores whereNis your core count (I have 10, so I pick 8) - Memory
N - 8GB whereNis your GB count (I have 32, so I pick 24)
- Processors:
- Graphics:
- Resolution: More Space
- Advanced > Ensure "Enable 3D acceleration" is enabled.
- Mouse & Keyboard:
- Click "Open Shortcuts Preferences" and uncheck all shortcuts.
- Click "macOS System Shortcuts" in the sidebar, and change "Send macOS system shortcuts" to "always"
- Shared Printers: uncheck "share mac printers with other linux"
- Network: Source: Shared Network (Should be selected by default)
- Hard Disk: Click
Advanced > Properties. Select Size 256 GB. (More if you can, but I currently have just 1TB of storage)
- Boot the VM, you may have to re-attach the ISO by clicking the CD icon and rebooting.
- In the VM, type
sudo su, thenpasswd, and typeroottwice. - In the VM, type
ip -brief addressin order to see your VM's IP. - On your Mac in this repository, type
export NIXADDR=10.211.55.3(replace the IP with the IP you found in step 11). - On your Mac, in the same shell, type
make vm/bootstrap0When prompted for the root password, typeroot - Your VM will reboot automtaically by this
- On your Mac, in the same shell, type
make vm/bootstrap. (note that there's no 0 at the end this time) - On your Mac, in the same shell, type
make vm/secrets. - Reboot your VM by typing
reboot. - Log into your VM
- In
~, rungit clone git@github.com:cor/nixos-config - Enter your SSH password (stored in 1Password)
- Run
cd nixos-config && make switch reboot- Open
chromium, go tochrome://settings/cookies, and disable "Clear cookies and site data when you close all windows" - Go to
chrome://settings/searchand set search engine to "DuckDuckGo"
You now have your VM fully set up! To make changes to the config, just edit the contenst ~/nixos-config, and run make switch
To bootstrap the SD card:
- Enter orbstack
nix build '.#nixosConfigurations.raspberry-pi.config.system.build.sdImage'cp ./result/sd-image/nixos-...-linux.img.zst /Users/cor/Desktop- On macOS, download rpi-imager
- Insert SD card into MacBook
- Flash the
.img.zstfrom your Desktop to the rPi's sd card. - Insert sd card into raspberry pi and click the power button
Your Raspberry Pi should now be bootstrapped and you should be able to SSH into it.
To udpate the pi from the pi itself
- clone this repo on the pi
sudo nixos-rebuild switch --flake .#raspberry-pi
Config is partially based on https://github.com/mitchellh/nixos-config