A declarative macOS system configuration using Nix Darwin and Home Manager.
- System Configuration: macOS system settings, security, and defaults
- Application Management: Homebrew integration for GUI applications
- Development Environment: Shell configuration, development tools, and programming languages
- Dotfiles Management: Centralized configuration for CLI tools and applications
- Profile Support: Easily add new profiles for different machines
- Install macOS dependencies
xcode-select --install/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"- Install Determinate Nix using the Determinate Nix Installer
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | \
sh -s -- installImportant
When prompted, choose to install Determinate Nix, not the regular Nix.
Then start a new shell session for nix to become available in $PATH.
- Clone this repository
git clone https://github.com/ryanmalonzo/dotfiles ~/dotfiles && \
cd ~/dotfiles- Apply the configuration
For the first time setup:
sudo nix run nix-darwin -- switch --flake .Or specify a specific profile with:
sudo nix run nix-darwin -- switch --flake .#<profile_name>Note
After the initial setup, subsequent configuration updates must be run with sudo privileges.
For subsequent updates:
# Update and apply configuration (requires sudo)
sudo darwin-rebuild switch --flake .#<profile_name># Delete old generations
nix-collect-garbage -d
# Update all flake inputs
nix flake update
# Update specific input
nix flake lock --update-input nixpkgs
nix flake lock --update-input home-manager
# Update to a new Nix version (e.g., 25.05 to 25.11)
# 1. Update version numbers in flake.nix (e.g., nixos-25.05 -> nixos-25.11)
# 2. Fetch new dependency versions
nix flake update
# 3. Apply the updated configuration
sudo nix run nix-darwin -- switch --flake .#<profile_name>If you encounter permission errors during cleanup operations (like uninstalling applications), you may need to:
- Enable Full Disk Access for your terminal application
- Go to System Settings → Privacy & Security → Full Disk Access
- Add your terminal application (Terminal.app, iTerm2, etc.)
After applying configuration changes, you may need to:
- Restart your terminal application, or
- Run
source ~/.zshrcto reload environment variables
Some changes (like npm configuration) may require a new shell session to take effect.
- Add an entry to the
profilesattrset inflake.nix:
work = {
username = "your.username";
homeDirectory = "/Users/your.username";
hostConfigPath = ./hosts/work.nix;
homeConfigPath = ./home/work.nix;
};- Create
hosts/work.nixfor host-level overrides (packages, hostname, Homebrew casks):
{ pkgs, ... }:
{
config = {
networking.computerName = "your-machine-name";
environment.systemPackages = with pkgs; [
# profile-specific packages
];
};
}- Create
home/work.nixfor home-manager overrides (username, git signing key):
{ ... }:
{
home.username = "your.username";
home.homeDirectory = "/Users/your.username";
imports = [
./common.nix
../programs/git/work.nix
];
}- Create
programs/git/work.nixwith the SSH signing key for that machine:
{ ... }:
{
imports = [ ./common.nix ];
programs.git.signing.key = "/Users/your.username/.ssh/git.pub";
}- Apply:
sudo darwin-rebuild switch --flake .#work