From 90fd9f54a724d8771ed79ac1ddc40275afe5262d Mon Sep 17 00:00:00 2001
From: Noah Masur <7386960+nmasur@users.noreply.github.com>
Date: Mon, 10 Mar 2025 02:43:31 +0000
Subject: [PATCH] add nix settings for darwin

---
 .../modules/nmasur/presets/services/nix.nix   | 60 +++++++++++++++++++
 .../modules/nmasur/presets/services/nix.nix   |  5 +-
 2 files changed, 62 insertions(+), 3 deletions(-)
 create mode 100644 platforms/nix-darwin/modules/nmasur/presets/services/nix.nix

diff --git a/platforms/nix-darwin/modules/nmasur/presets/services/nix.nix b/platforms/nix-darwin/modules/nmasur/presets/services/nix.nix
new file mode 100644
index 0000000..0cd0077
--- /dev/null
+++ b/platforms/nix-darwin/modules/nmasur/presets/services/nix.nix
@@ -0,0 +1,60 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+
+let
+  inherit (config.nmasur.settings) username;
+  cfg = config.nmasur.presets.services.nix;
+in
+
+{
+
+  options.nmasur.presets.services.nix.enable = lib.mkEnableOption "Nix settings and presets";
+
+  config = lib.mkIf cfg.enable {
+
+    nix = {
+
+      # Set channel to flake packages, used for nix-shell commands
+      nixPath = [ "nixpkgs=${pkgs.path}" ];
+
+      # For security, only allow specific users
+      settings.allowed-users = [
+        "@wheel" # Anyone in the wheel group
+        username # The current user
+      ];
+
+      # Enable features in Nix commands
+      extraOptions = ''
+        experimental-features = nix-command flakes
+        warn-dirty = false
+      '';
+
+      # Set automatic generation cleanup for home-manager
+      gc = {
+        automatic = true;
+        options = "--delete-older-than 10d";
+      };
+
+      settings = {
+
+        # Trust users for messing with Nix stuff
+        trusted-users = [
+          "root"
+          "@wheel"
+          username
+        ];
+
+        # Scans and hard links identical files in the store
+        # Not working with macOS: https://github.com/NixOS/nix/issues/7273
+        auto-optimise-store = false;
+      };
+
+    };
+
+  };
+
+}
diff --git a/platforms/nixos/modules/nmasur/presets/services/nix.nix b/platforms/nixos/modules/nmasur/presets/services/nix.nix
index b5ac9c4..49faf25 100644
--- a/platforms/nixos/modules/nmasur/presets/services/nix.nix
+++ b/platforms/nixos/modules/nmasur/presets/services/nix.nix
@@ -45,6 +45,7 @@ in
         trusted-users = [
           "root"
           "@wheel"
+          username
         ];
 
         # Add community Cachix to binary cache
@@ -57,9 +58,7 @@ in
           "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
         ];
 
-        # Scans and hard links identical files in the store
-        # Not working with macOS: https://github.com/NixOS/nix/issues/7273
-        auto-optimise-store = lib.mkIf (!pkgs.stdenv.isDarwin) true;
+        auto-optimise-store = true;
       };
 
     };