mdy/nix-config
1
0
Fork 0
Code Pull Requests Activity
Files
007a104ef390e8664ac306e572c970ffb799e8bd
nix-config/modules/darwin/default.nix
T

111 lines
2.6 KiB
Nix
Raw Blame History

{
pkgs,
username,
sshKeys,
...
}:
{
system.primaryUser = username;
# ── 免密 sudo ────────────────────────────────────────
security.sudo.extraConfig = ''
${username} ALL=(ALL) NOPASSWD:ALL
'';
users.knownUsers = [ username ];
users.users.${username} = {
home = "/Users/${username}";
shell = pkgs.fish;
uid = 501;
openssh.authorizedKeys.keys = sshKeys;
};
# ── macOS 系统偏好设置 ────────────────────────────────
system.defaults = {
LaunchServices.LSQuarantine = false;
dock = {
autohide = true;
autohide-delay = 0.0;
autohide-time-modifier = 0.15;
show-recents = false;
mru-spaces = false;
wvous-tl-corner = 1;
wvous-tr-corner = 1;
wvous-bl-corner = 1;
wvous-br-corner = 1;
};
finder.FXPreferredViewStyle = "clmv";
NSGlobalDomain = {
AppleShowAllExtensions = true;
InitialKeyRepeat = 15;
KeyRepeat = 2;
};
CustomUserPreferences."ch.sudo.cyberduck" = {
# 永久禁用捐赠提示(日期设为遥远的未来)
"donate.reminder.date" = 253402300799000;
};
};
# ── Homebrew ───────────────────────────────────────
homebrew = {
enable = true;
greedyCasks = true; # 即使 cask 自动更新也始终升级
# 已废弃:Homebrew 将于 2026-09 后移除 --no-quarantine
# 待所有 cask 通过 Gatekeeper(签名且公证)后移除此项
caskArgs.no_quarantine = true;
taps = [
"goooler/repo"
];
brews = [
"mole"
];
# GUI 应用
casks = [
"1password"
"brave-browser"
"cherry-studio"
"cyberduck"
"dbeaver-community"
"discord"
"feishu"
"goooler/repo/fl-clash"
"ghostty"
"tailscale-app"
"keka"
"logitech-g-hub"
"mos"
"movist-pro"
"orbstack"
"qq"
"raycast"
"spotify"
"telegram-desktop"
"tencent-meeting"
"termius"
"visual-studio-code"
"wechat"
"winbox"
];
# Mac App Store
masApps = {
"iPreview" = 1519213509;
"Microsoft Word" = 462054704;
"Microsoft Excel" = 462058435;
"Microsoft PowerPoint" = 462062816;
"Windows App" = 1295203466;
"Xnip" = 1221250572;
};
onActivation = {
autoUpdate = true;
upgrade = true;
cleanup = "zap"; # 移除所有未声明的内容
};
};
}
View Git Blame Copy Permalink