No description
  • Shell 54.6%
  • Nix 41.1%
  • Lua 4.3%
Find a file
Viktor Hedefalk f43aff878e
Move heavy casks off Pro14 and drop Air15 host
Pro14 (m4pro) is short on disk space. Move arduino-ide, digikam,
geekbench, gimp, librewolf, mockoon, rawtherapee, tor-browser,
ultimaker-cura and the wez/wezterm tap out of the shared darwin
profile and into the Air and Studio host files. Pro14 no longer
gets them.

Also remove the Air15 host file and machines.nix entry — that
machine is gone.
2026-05-21 13:32:26 +02:00
docs Bump kanata-switcher to 83a72fa7 and document kanata setup 2026-04-19 16:10:57 +02:00
dots cleanup 2026-05-12 21:19:17 +02:00
home feat: sync pi agent models config across machines via dotfiles 2026-05-12 19:58:59 +02:00
hosts Move heavy casks off Pro14 and drop Air15 host 2026-05-21 13:32:26 +02:00
lib Silence darwin-rebuild evaluation warnings 2026-05-12 10:50:52 +02:00
profiles Move heavy casks off Pro14 and drop Air15 host 2026-05-21 13:32:26 +02:00
stow uptodate on m4 air 2025-09-05 23:04:27 +02:00
.gitignore Add .gitignore for local Claude settings 2026-04-07 11:29:58 +02:00
flake.lock flake.lock 2026-05-11 09:54:32 +02:00
flake.nix Add kanata-switcher menu bar app as flake input 2026-04-18 19:08:28 +02:00
machines.nix Move heavy casks off Pro14 and drop Air15 host 2026-05-21 13:32:26 +02:00
README.md New Mac 14" 2026-01-19 09:53:13 +01:00

New Mac?

Prerequisites

Install nix and homebrew. Homebrew is managed by nix-darwin, but it still needs to be installed. Also need Rosetta for just a couple of things (adobe-digital-editions for library books). Not gonna chase it since I need Rosetta for container stuff anyways.

sh <(curl -L https://nixos.org/nix/install)
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
sudo softwareupdate --install-rosetta

Use this repo

  1. Clone the repo

     git clone https://github.com/hedefalk/dotfiles.git
     cd dotfiles
    
  2. Add a machine config in the main flake.nix and match it with the LocalHostName or any other means. I'm using LocalHostName like this:

     sudo scutil --set HostName "MyNewMac"
    
     nix --extra-experimental-features "nix-command flakes" run nix-darwin/nix-darwin-25.05#darwin-rebuild -- switch --flake path:$HOME/dotfiles/#$(scutil --get LocalHostName)
    

LocalHostName is a main entry in flake.nix.

  1. Still need to

     chsh -s /run/current-system/sw/bin/fish
    

With that run I have access to all my cli tools as well as almost all ui apps via homebrew casks.

  1. Create a gpg key

    gpg --full-generate-key

    Do not fill out "comment" because git wont match then, it matches verbatim:

       [user]
          	name = Viktor Hedefalk
           email = hedefalk@gmail.com
    

    Probably can fix that if I want specific named/commented gpg keys, but I'm ok with the same name.

  2. Push this public key up to github as a signing key

     gh auth login // no ssh keys
     gh auth refresh -h github.com -s admin:gpg_key
    
     set KEY_ID (gpg --list-secret-keys --keyid-format=long | grep sec | head -n 1 | string replace -r '.*\/([A-F0-9]+) .*' '$1'); and \
           gpg --armor --export $KEY_ID > /tmp/github_gpg_key.asc; and \
           gh api --method POST \
             -H "Accept: application/vnd.github+json" \
             /user/gpg_keys \
             -F "armored_public_key=@/tmp/github_gpg_key.asc"; and \
           rm /tmp/github_gpg_key.asc
    
     git remote set-url origin git@github.com:hedefalk/dotfiles.git
     git push
    
     // Still not working ? ^
    

TODO: ^: ssh-add -L should work?

For github I just: ssh-add -L | glab ssh-key add --title "GPG-derived SSH Key"

  1. Also need to add an auth subkey and then push that up to github as an SSH key for authentication:

    gpg --expert --edit-key YOUR_KEY_ID

Choose (8), remove signing and encryption and just enable authentication, quit, choose 4096 bits and save.

Upload to github:

gpg --export-ssh-key $(gpg --list-secret-keys --with-colons | awk -F: '/^ssb.*a/ {print $5}' | head -1) | gh ssh-key add - --title "M4 Air GPG SSH Key"

Will need to authorize the cli to do this with the browser so could of course opt to not to it directly with browser.

Push SSH key to remote server via local network

On new Mac: printf "Serving at: %s:9999\n" "$(ipconfig getifaddr en0)" && ssh-add -L | nc -l 9999

On Mac with existing server access: nc 9999 | ssh user@server "cat >> ~/.ssh/authorized_keys"

TODO:

Vaultwarden

bitwarden-cli intstalled via brew temporarily since nix derivation broken.

bw config server https://vaultwarden.woodenstake.se

Is this ^ a dotfile to be added here?