furedea's macOS dotfiles — managed with Nix, nix-darwin, and home-manager.
| Layer | Tool | Role |
|---|---|---|
| System settings | nix-darwin | macOS defaults, Homebrew, activation scripts |
| User environment | home-manager | CLI tools, shell, git, editor config |
| Dotfiles | symlinks (mkOutOfStoreSymlink) |
Direct editable files in this repo |
| Language toolchains | Nix / rustup / uv | Node.js + pnpm + ni / Rust / Python |
- macOS (Apple Silicon)
- macOS username must be
kaito(hardcoded innix/darwin/default.nixandnix/home/default.nix). If different, update the following before running:flake.nix—home-manager.users.<name>nix/darwin/default.nix—users.users.<name>.home,system.primaryUsernix/home/default.nix—home.username,home.homeDirectory
-
Install Nix using the NixOS nix-installer. The
--enable-flakesflag turns on thenix-commandandflakesexperimental features so nix-darwin can be bootstrapped without extra arguments below:curl -sSfL https://artifacts.nixos.org/nix-installer | sh -s -- install --enable-flakesAfter the installer finishes, open a new shell so
nixis onPATH. -
Clone dotfiles:
git clone https://github.com/furedea/dotfiles ~/ghq/github.com/furedea/dotfiles -
Bootstrap nix-darwin:
sudo nix run nix-darwin -- switch --flake "$HOME/ghq/github.com/furedea/dotfiles/#mba"
Do not use the Determinate Systems installer (
install.determinate.systems/nix). Despite sharing a Rust codebase with the NixOS nix-installer above, current versions install Determinate Nix by default, whosedeterminate-nixddaemon conflicts with nix-darwin's native Nix management (nix.settings,nix.gc). If you need to recover from this, run/nix/nix-installer uninstalland reinstall using the command in step 1.
Subsequent system updates use
darwin-rebuilddirectly (installed by the step above):sudo darwin-rebuild switch --flake "$HOME/ghq/github.com/furedea/dotfiles/#mba"For user-environment updates only, use
home-managerdirectly:home-manager switch --flake "$HOME/ghq/github.com/furedea/dotfiles/#kaito"
home-managerCLI itself is installed by this config, so if it is not yet available on PATH, run onedarwin-rebuild switchfirst.
darwin-rebuild switch automatically:
- Installs all CLI tools via Nix
- Installs GUI apps via Homebrew Cask
- Applies all macOS system settings
- Generates
~/.config/zsh/nix-plugins.zsh(zsh plugin paths) - Runs
rustup toolchain install stable,uv python install - Symlinks dotfiles from this repo to
~
dotfiles/
├── flake.nix # Entry point — inputs and outputs
├── nix/
│ ├── darwin/default.nix # nix-darwin: system settings, Homebrew, activation scripts
│ └── home/default.nix # home-manager: packages, programs, symlinks
├── zsh/
│ ├── .zshrc
│ ├── .zshenv
│ └── .zprofile
├── nvim/ # Neovim config (lazy.nvim)
├── ghostty/ # Ghostty terminal config
├── tmux/ # tmux config (via home-manager programs.tmux)
├── starship/ # Starship prompt config
├── git/ # Global gitignore
├── karabiner/ # Karabiner-Elements key mapping
├── atuin/ # Shell history (via home-manager programs.atuin)
├── yazi/ # File manager (via home-manager programs.yazi)
├── jj/ # Jujutsu VCS root-level config
└── ...
| Category | Tools |
|---|---|
| Shell | bash-language-server, bats, carapace, shellcheck, shfmt, zoxide, zsh-abbr, zsh-autosuggestions, zsh-fast-syntax-highlighting |
| File ops | bat, dust, eza, fd, fzf, ripgrep |
| Dev | just, neovim, starship, tree-sitter |
| CI | actionlint |
| Formatters | autocorrect, dprint, prettierd (markdown only — see note) |
| VCS | git (programs.git), delta, jujutsu, gh |
| Language runtimes | nodejs, pnpm, ni, rustup (Rust), uv (Python) |
| AI / CLI | claude-code, codex |
| macOS | xcodes, dotenvx, marp-cli |
appcleaner, arc, bitwarden, chatgpt, claude, cmux, discord, firefox, font-jetbrains-mono, ghostty, google-chrome, karabiner-elements, mactex, nani, obsidian, orbstack, raycast, slack, steam, vimr, visual-studio-code, zoom
LINE is installed manually via the App Store app. Automated masApps management is not used because Apple hardened installd on macOS 15.7.2+ (CVE-2025-43411 mitigation), which makes mas install unable to run under the sudo darwin-rebuild root context — see mas-cli#1221.
| Category | Settings |
|---|---|
| Keyboard | KeyRepeat=2, InitialKeyRepeat=15, F1-F12 as function keys |
| Text input | All auto-corrections disabled (caps, spelling, quotes, dashes, period) |
| Appearance | Dark mode, always show extensions, always show scroll bars |
| Trackpad | Tap to click, right-click, momentum scroll, pinch, rotate, Force Click |
| Trackpad speed | 3.0 (fastest) |
| Mouse speed | 3 (fastest) |
| Finder | Show hidden files, path bar, status bar, column view, folders first |
| Dock | Auto-hide, bottom, size 128, no recents, minimize to app icon |
| Hot corners | TL=Desktop, TR=Notification Center, BL=Lock Screen, BR=Quick Note |
| Dock apps | cmux, Raycast, Arc, Obsidian, OrbStack, Slack, Discord, LINE, System Settings, Nani |
| Screenshot | Save to ~/Pictures as file |
| Lock screen | Require password immediately after sleep |
| Menu bar clock | 24h, seconds, date, day of week |
| Stage Manager | Disabled |
| iCloud default save | Disabled (save locally by default) |
| .DS_Store on network | Disabled |
| Spotlight | Disabled (use Raycast instead) |
| Apple Music auto-launch | Disabled |
| Display sleep | 5 min on battery / never on charger |
| Software Update | Auto-download and auto-install disabled |
| Timezone | Asia/Tokyo |
Files that are frequently edited (shell config, Neovim, etc.) are symlinked directly from this repo using mkOutOfStoreSymlink. Editing files in ~/ghq/github.com/furedea/dotfiles/ takes effect immediately without running darwin-rebuild.
Files generated by Nix (e.g. zsh plugin paths) are written as home.file.*.text so Nix expands Nix store paths at evaluation time.
| File/Dir | Strategy |
|---|---|
.zshrc, .zshenv, .zprofile |
symlink → zsh/ |
.config/nvim |
symlink → nvim/ |
.config/ghostty/config |
symlink → ghostty/ |
.config/starship.toml |
symlink → starship/ |
.config/karabiner/karabiner.json |
symlink → karabiner/ |
.config/zsh/nix-plugins.zsh |
generated by Nix (zsh plugin source paths) |
programs.tmux |
fully managed by home-manager |
programs.git |
fully managed by home-manager |
programs.atuin |
fully managed by home-manager |
programs.yazi |
fully managed by home-manager |
Some directories are kept as plain copies for backup/reference only. They are not symlinked into ~ and are not applied automatically by darwin-rebuild.
| Dir | Source | Notes |
|---|---|---|
kawasemi4/ |
~/Library/Mobile Documents/com~apple~CloudDocs/Kawasemi4/ |
Kawasemi4 key settings and dictionary. Synced via iCloud on new Mac; copy here is for version control backup. Update manually when settings change. |
templates/ |
— | Small starter snippets (e.g. pyproject_pyright.toml) copied manually into new projects. Full project scaffolds live separately in ~/dev/templates/template-*. |
github/ |
— | Standard GitHub repo settings, branch ruleset, and setup_repo.sh applier. See github/README.md. |
Claude Code and Codex configuration is delegated to the
furedea/agent-harness flake.
This dotfiles repo only enables the Home Manager module in
nix/home/default.nix:
agent-harness = {
enable = true;
package = agent-harness.packages.${system}.default;
source = agent-harness;
};The separate harness repository owns provider-shared instructions, hooks, permissions, protected paths, skills, and their tests. This keeps dotfiles focused on local machine composition while the reusable agent runtime can be installed on non-Nix machines and remote servers.
dprint-plugin-markdown hardcodes list indent to 2 spaces (CommonMark minimum) with no configuration option. prettierd is used instead with tabWidth: 4 in ~/.prettierrc to get 4-space list nesting matching Obsidian.
TODO: switch back to dprint once dprint-plugin-markdown#176 merges.
actionlint is installed via Nix and integrated with Neovim through nvim-lint. It only runs for files under .github/workflows/*.yml and .github/workflows/*.yaml by assigning those paths the compound filetype yaml.ghaction.
Starter workflows for new projects come from project scaffolds in
furedea/template-{minimal,python,typescript,rust,tex} and are instantiated
with github/create_repo.sh --template. Each ships with ci.yml
(language-specific jobs plus an all-green aggregator), codeql.yml,
dependency_review.yml, and gha_lint.yml (actionlint + zizmor).
Standard repo settings and the main branch ruleset live in github/ and are applied via github/setup_repo.sh <owner>/<repo>. The ruleset requires a status check named all-green, which the project scaffolds satisfy via the aggregator job in ci.yml. See github/README.md for the contract and the caveat on which repos to apply it to.
Run these after darwin-rebuild switch if needed.
Update dprint plugin checksums (first time only, or after changing plugin versions):
dprint config updateThese settings cannot be automated:
| Setting | Where |
|---|---|
| Night Shift | System Settings > Displays > Night Shift |
| True Tone | System Settings > Displays > True Tone |
| Display resolution | brew install displayplacer && displayplacer list → update activation script |
| Accessibility (reduceMotion/Transparency) | System Settings > Accessibility > Display |
| Input Sources (Kawasemi4) | System Settings > Keyboard > Input Sources |
| Kawasemi4 settings | Kawasemi4 app preferences |
| iCloud sign-in | System Settings > Apple ID (syncs user dict, Focus, etc.) |
| Touch ID | System Settings > Touch ID |
| Apple Pay | System Settings > Wallet & Apple Pay |
| Wi-Fi / Bluetooth | System Settings > Wi-Fi / Bluetooth |
| Notifications (per-app) | System Settings > Notifications |
Update all packages and apply system + user changes:
sudo darwin-rebuild switch --flake "$HOME/ghq/github.com/furedea/dotfiles/#mba"Update user packages and home-manager config only:
home-manager switch --flake "$HOME/ghq/github.com/furedea/dotfiles/#kaito"Update Codex CLI from codex-cli-nix, then apply only home-manager changes:
nix flake update codex-cli-nix
home-manager switch --flake "$HOME/ghq/github.com/furedea/dotfiles/#kaito"