Setting a new Apple Device with my Nix config
·1 min
Install Nix via Determinate System Installer #
curl \
--proto '=https' \
--tlsv1.2 \
-sSf \
-L https://install.determinate.systems/nix \
| sh -s -- install
Answer no when prompted to “Install Determinate Nix”.
Install macOS Developer Tools #
xcode-select --install
Setup Agenix/Age/Strongbox Identity #
TODO: Invetigate using YubiKey
-
Download SOPS’ AGE Key from 1Password place in
$HOME/.config/sops/age/keys.txt -
Link Strongbox identity
ln -sf "$HOME/.config/sops/age/keys.txt" \ "$HOME/.strongbox_identity"
Get Nix Config on the new System #
mkdir -p "$HOME/src/me/"
git clone https://github.com/hurricanehrndz/nixcfg "$HOME/src/me/nixcfg"
Start development shell #
cd $HOME/src/me/nixcfg
nix develop
Smudge encrypted content #
rm {file}
git checkout --force -- {file}
Create system ssh keys #
sudo /usr/libexec/sshd-keygen-wrapper
Wait a couple of seconds and then cancel and/or kill the process
Update system secrets.nix with new key #
cat /etc/ssh/ssh_host_ed25519_key.pub | pbcopy
vi secrets/secrets.nix
In secrets/secrets.nix either update the key for existing hostname or added it accordingly. Then proceed to re-keying:
pushd secrets
agenix --rekey
popd
Build Darwin system and switch #
Before proceeding ensure terminal has been granted full disk access. Then proceed to building the system definition:
mkdir $HOME/.config/zsh
mkdir $HOME/.config/mods
nrb .