{"id":18118412,"url":"https://github.com/michaelbrusegard/dotfiles","last_synced_at":"2025-07-29T16:37:04.463Z","repository":{"id":192936683,"uuid":"685337693","full_name":"michaelbrusegard/dotfiles","owner":"michaelbrusegard","description":"Personal dotfiles for personal computers and servers running GNU/Linux, Darwin and Windows managed with Nix","archived":false,"fork":false,"pushed_at":"2025-07-01T06:49:29.000Z","size":54493,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-01T07:42:30.252Z","etag":null,"topics":["gitconfig","homebrew","hyprland","lua","macos-defaults","neovim","nix","nix-darwin","nixos","wezterm","yabai","yazi","zshrc"],"latest_commit_sha":null,"homepage":"","language":"Nix","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/michaelbrusegard.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-08-31T02:30:43.000Z","updated_at":"2025-07-01T06:49:32.000Z","dependencies_parsed_at":null,"dependency_job_id":"cf29be4f-52f7-4def-a85d-83bd374bffc1","html_url":"https://github.com/michaelbrusegard/dotfiles","commit_stats":{"total_commits":194,"total_committers":2,"mean_commits":97.0,"dds":0.005154639175257714,"last_synced_commit":"eb05344cdfb3b86680d72379e467c054f8561328"},"previous_names":["michaelbrusegard/dotfiles"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/michaelbrusegard/dotfiles","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michaelbrusegard%2Fdotfiles","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michaelbrusegard%2Fdotfiles/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michaelbrusegard%2Fdotfiles/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michaelbrusegard%2Fdotfiles/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/michaelbrusegard","download_url":"https://codeload.github.com/michaelbrusegard/dotfiles/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michaelbrusegard%2Fdotfiles/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267718379,"owners_count":24133453,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-29T02:00:12.549Z","response_time":2574,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["gitconfig","homebrew","hyprland","lua","macos-defaults","neovim","nix","nix-darwin","nixos","wezterm","yabai","yazi","zshrc"],"created_at":"2024-11-01T05:11:17.588Z","updated_at":"2025-07-29T16:37:04.448Z","avatar_url":"https://github.com/michaelbrusegard.png","language":"Nix","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Dotfiles\n\nThis is primarily a guide for myself on how to setup my own systems, feel free to copy any of the dotfiles, but do not expect a direct copy of everything to work for you.\n\nMake sure to follow the guide for each system step by step and to move over an SSH key for GitHub to get started with cloning the repository.\nThen, clone the repository into `~/Developer/dotfiles` using SSH:\n\n```zsh\ngit clone git@github.com:michaelbrusegard/dotfiles.git ~/Developer/dotfiles\n```\n\n\u003e [!NOTE]\n\u003e I also maintain a private repository with soft and hard secrets that is added into the repository as a Nix flake. Directly copying the dotfiles will therefore most likely fail since it will fail to fetch the private repository.\n\nHard secrets are encrypted further inside the private repository using sops. To include them in the build, add the age keys to `~/.config/sops/age/keys.txt` and then do a rebuild.\n\n## Reference links\n\n### Package Repositories\n\n- [Nixpkgs](https://search.nixos.org/packages)\n- [Homebrew](https://brew.sh/)\n- [WinGet](https://winget.ragerworks.com/)\n\n### Nix Options\n\n- [nixos](https://mynixos.com/nixpkgs/options)\n- [nix-darwin](https://mynixos.com/nix-darwin/options)\n- [home-manager](https://mynixos.com/home-manager/options)\n\n## Desktop (NixOS)\n\nCreate an installer by downloading the graphical ISO image from [here](https://nixos.org/download/#nixos-iso) and flashing it to a USB drive using the following command:\n\n```sh\nsudo dd if=~/Downloads/YYY.iso of=/dev/XXX bs=4M status=progress oflag=sync\n```\n\nReplace `YYY.iso` with the name of the downloaded ISO file and `/dev/XXX` with the path to your USB drive.\n\n### Screenshot\n\n![Screenshot 2025-04-26 at 15 07 56](https://github.com/user-attachments/assets/cd56268b-93b1-4bfd-9c1f-2a999428dd6e)\n\n### Initial build\n\nAfter the installation we need a few things to get started to install the flake configuration:\n\n- Add `git` to system packages in `/etc/nixos/configuration.nix` and rebuild the system `sudo nixos-rebuild switch`.\n- Add both the SSH key and the age key to the system, so that we can clone the repository and decrypt secrets.\n- Verify that the dotfiles configuration has the same hardware configuration as the `/etc/nixos/hardware-configuration.nix`. Specifically, device file paths and partition UUIDs.\n- Create initial secure keys `nix shell nixpkgs#sbctl --command sudo sbctl create-keys`. For the rest of the secure boot setup read [here](https://github.com/nix-community/lanzaboote/blob/master/docs/QUICK_START.md). In short, reboot and clear the secure boot keys in the UEFI settings, then enroll the keys using `sbctl enroll-keys --microsoft` and reboot the system.\n\nThen we can install the flake configuration by running the following command:\n\n```sh\nsudo nixos-rebuild switch --flake $HOME/Developer/dotfiles#desktop\n```\n\nAfterwards delete the old NixOS configuration files:\n\n```sh\nsudo rm -rf /etc/nixos\n```\n\nAnd reboot the system:\n\n```sh\nsudo reboot now\n```\n\n## Darwin systems (Nix-darwin)\n\nFirst install macOS normally by following the default installation guide on the mac. To access the installer hold the power button during boot to access recovery options. Then go through all the sections below for the initial setup.\n\n### Screenshot\n\n![Screenshot 2025-05-02 at 15 03 38](https://github.com/user-attachments/assets/381c8dce-f0d0-4a91-b38f-544c30a3209a)\n\n### Disabling SIP\n\nSystem Integrity Protection (SIP) needs to be partially disabled for the [yabai](https://github.com/koekeishiya/yabai/wiki/Disabling-System-Integrity-Protection) tiling window manager to work correctly.\n\n1. Turn off the mac, then press and hold the power button until \"Loading startup options\" appears.\n   Click Options, then click Continue.\n\n2. In the menu bar, choose `Utilities`, then `Terminal`\n\n3. Run this:\n\n```sh\ncsrutil enable --without fs --without debug --without nvram\n```\n\nAfter rebooting run this:\n\n```sh\nsudo nvram boot-args=-arm64e_preview_abi\n```\n\nThen reboot again.\n\n### Command line tools\n\nInstall Xcode command line tools:\n\n```sh\nxcode-select --install\n```\n\n### Install Rosetta\n\n```sh\nsoftwareupdate --install-rosetta --agree-to-license\n```\n\n### Install Nix\n\nRun the following command to install Nix:\n\n```sh\ncurl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | \\\n  sh -s -- install\n```\n\nWhen prompted to install `Determinate Nix`, explicitly say `no`.\n\n### Initial build\n\nBuild the system the first time using the following command:\n\n```sh\nnix run nix-darwin -- switch --flake $HOME/Developer/dotfiles\n```\n\nLater rebuilds can use the `rebuild` alias.\n\n### Keyboard daemon for kanata\n\nDownload the [Karabiner-DriverKit-VirtualHIDDevice](https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/tree/main/dist) manually and install the package. Afterwards make sure it is enabled in System Settings, General -\u003e Login Items \u0026 Extensions -\u003e Driver Extensions (At the bottom).\n\nAlso make sure that `/run/current-system/sw/bin/kanata` is added as an allowed application under Security \u0026 Privacy -\u003e Input Monitoring. If `kanata` is already added, remove it and try again.\n\nLastly, go to Keyboard -\u003e Keyboard Shortcuts... -\u003e Modifier Keys, and make sure the Karabiner DriverKit VirtualHIDDevice is selected as the keyboard.\n\nThe nix configuration should handle the rest, for any problems check out [this discussion](https://github.com/jtroo/kanata/discussions/1537) in the kanata repository.\n\n## Windows\n\nTo create the installation ISO for Windows, we use Chris Titus Tech's Windows Utility to create a clean telemetry-free ISO that does not require a Microsoft account (This has to be run on a Windows machine). The commands require administrator privileges, so make sure to run PowerShell as administrator.\n\nFirst, enable execution of scripts in PowerShell:\n\n```sh\nSet-ExecutionPolicy RemoteSigned -Scope CurrentUser\n```\n\nThen load the tool:\n\n```sh\nirm \"https://christitus.com/win\" | iex\n```\n\nIn the tool we can download an ISO image from Microsoft and then modify it to remove telemetry and other unwanted features. When we have the MicroWin ISO we can flash a USB drive using Rufus.\n\n\u003e [!INFO]\n\u003e The current desktop setup uses the AMD RAID driver to run the two NVMe drives in RAID 0. This is not supported by the Windows installer, so we need to add the driver manually. It can be installed from the Motherboard's website. A guide for adding the driver can be found [here](https://www.amd.com/content/dam/amd/en/documents/processor-tech-docs/user-guides/56268_1_11.pdf). It can be found [here](https://rog.asus.com/motherboards/rog-crosshair/rog-crosshair-viii-impact-model/helpdesk_download/). Here\n\nAfter installation go to Windows Update and run it to make sure the system is updated.\n\nAlso make sure to install updated drivers for the system, the download pages for the current system can be found below:\n\n- [Chipset and Motherboard](https://rog.asus.com/motherboards/rog-crosshair/rog-crosshair-viii-impact-model/helpdesk_download/)\n- [Processor and Graphics](https://www.amd.com/en/support/download/drivers.html)\n\n### Screenshot\n\n![Screenshot 2025-06-14 at 19 55 23](https://github.com/user-attachments/assets/c56e99a1-d473-4817-b2ee-eaad579ac415)\n\n### NixOS WSL\n\nFirst we need to build the NixOS WSL tarball. This can be done by running the following command in the dotfiles directory on a nix machine:\n\n```sh\nsudo nix run .#nixosConfigurations.wsl.config.system.build.tarballBuilder\n```\n\nPut this on a flash drive and copy it to the Windows machine.\n\nThen start by installing Windows Subsystem for Linux (WSL) on Windows:\n\n```sh\nwsl --install --no-distribution\n```\n\nThen reboot the computer and install the NixOS WSL tarball by running the following command (You have to move the tarball to the current directory first from the flash drive):\n\n```sh\nwsl --install --from-file nixos.wsl\n```\n\nTo enter the WSL environment, run:\n\n```sh\nwsl\n```\n\nNow clone the dotfiles repository, add the age keys and rebuild.\n\n### Applying system preferences and installing packages\n\nFirst rerun the WinUtil tool:\n\n```sh\nirm \"https://christitus.com/win\" | iex\n```\n\nIn the Tweaks tab, enable the Standard tweaks plus the following:\n\n- Disable Recall\n- Disable Background Apps\n- Disable Microsoft Copilot\n- Disable Intel MM\n- Disable Notification Tray/Calendar\n- Disable Windows Plaform Binary Table\n- Set Display for Performance\n- Set Classic Right-Click Menu\n- Set Time to UTC\n- Remove Microsoft Edge\n- Remove Home and Gallery from explorer\n- Remove OneDrive\n\nThen set the DNS to Cloudflare.\n\nUnder Performance Plan click \"Add and Activate Ultimate Performance Profile\".\n\nIn the Updates tab select \"Security Settings\" to prevent Windows Updates from automatically installing updates at the worst times.\n\nThen run the `setup.ps1` script to install packages and apply registry tweaks:\n\n```sh\npowershell -ExecutionPolicy Bypass -File \\\\wsl.localhost\\NixOS\\home\\michaelbrusegard\\Developer\\dotfiles\\windows\\setup.ps1\n```\n\n### Keyboard\n\nThe custom keyboard layout is set up like the default US layout, but with mac like behaviour for special characters when holding AltGr (This helps with typing Norwegian characters like æøå when using the US layout). It is configured with [MSKLC](https://www.microsoft.com/en-us/download/details.aspx?id=102134) and the configuration can be imported into the app to be edited via `keyboard.klc`.\n\nTo apply the custom keyboard layout copy the `keyboard.zip` file from WSL:\n\n```sh\ncp \\\\wsl.localhost\\NixOS\\home\\michaelbrusegard\\Developer\\dotfiles\\windows\\keyboard.zip C:\\Users\\michaelbrusegard\\Downloads\\\n```\n\nThen extract the file and open the keyboard directory. From there run the `setup.exe` file to install the custom keyboard layout. Make sure to set it as the default keyboard layout in the Windows settings.\n\n### Run GlazeWM on startup\n\nCreate a shortcut for the executable by right-clicking on the GlazeWM executable -\u003e Create shortcut. Put the shortcut in your startup folder, which you can get to by entering shell:startup in the top bar in File Explorer.\n\n### Fonts\n\nTo make the SFMono Nerd Font work in WezTerm, each `.otf` font file needs to be manually downloaded and installed from [here](https://github.com/epk/SF-Mono-Nerd-Font/releases/tag/v18.0d1e1.0).\n\n### BitLocker\n\nLastly remember to enable BitLocker on the system drive to encrypt the system drive. This is done by going to Settings -\u003e Privacy \u0026 Security -\u003e Device Encryption and enabling it. If you have a TPM chip, it will be used to store the encryption keys securely.\n\n## Leggero (Raspberry Pi NixOS Mini Apartment Server)\n\nBuild the SD image on a machine with `nix` using the following command:\n\n```sh\nnix build .#leggero\n```\n\nThe resulting image can be found in `result/sd-image/`. It is a compressed Zstandard archive that can be flashed to an SD card.\n\n## Flashing the SD Card\n\nWe need to plug in the SD card and find out what the device path is for the SD card.\n\nOn linux:\n\n```sh\nlsblk\n```\n\nOn darwin:\n\n```sh\ndiskutil list\n```\n\nOn linux it is usually `/dev/sdX` where `X` is a letter, for example `/dev/sdb`. On darwin it is usually `/dev/diskX` where `X` is a number for example `/dev/disk6`.\n\nTo flash the image to the SD card you can use the following command, make sure to replace `/dev/XXX` with the correct device path for your SD card:\n\n```sh\nzstd -dc result/sd-image/*.zst | sudo dd of=/dev/XXX bs=4M status=progress oflag=sync\n```\n\n## Espresso (Ubuntu Home Server)\n\n### Installing packages\n\n```sh\nsh ~/dotfiles/espresso/scripts/apt.sh\n```\n\n### Setting up symlinks\n\n```sh\ncd ~/dotfiles/espresso \u0026\u0026 stow --adopt -t ~ home \u0026\u0026 sudo stow --adopt -t /etc etc \u0026\u0026 stow --adopt -t /data data \u0026\u0026 git restore .\n```\n\n### Setup login items\n\n```sh\nsh ~/dotfiles/espresso/scripts/login.sh\n```\n\n## Inspiration…\n\n- LGUG2Z'z [nix-wsl-starter](https://github.com/LGUG2Z/nixos-wsl-starter)\n- Andrey0189's [Nix Hyprland configuration](https://github.com/Andrey0189/nixos-config-reborn/tree/master/home-manager/modules/hyprland)\n- Notusknot's [nix-dotfiles](https://github.com/notusknot/dotfiles-nix)\n- Mathias Bynens and his [macOS defaults](https://github.com/mathiasbynens/dotfiles/blob/main/.macos)\n- Dries Vints and his [SSH script](https://github.com/driesvints/dotfiles/blob/main/ssh.sh)\n- Antione Martin and his [GPG script](https://github.com/antoinemartin/create-gpg-key/blob/main/create_gpg_key.sh)\n- Elliot's fast and beautiful [.zshrc prompt](https://github.com/dreamsofautonomy/zensh/blob/main/.zshrc)\n- Michael Bao's [dotfiles](https://github.com/tcmmichaelb139/.dotfiles)\n- Josean Martinez's [dev environment files](https://github.com/josean-dev/dev-environment-files)\n- TheBlueRuby's [awesome Arch Linux setup](https://github.com/TheBlueRuby/dotfiles-arch)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichaelbrusegard%2Fdotfiles","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmichaelbrusegard%2Fdotfiles","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichaelbrusegard%2Fdotfiles/lists"}