add nix settings for darwin

platforms/home-manager/modules/nmasur/profiles/common.nix

@@ -35,7 +35,6 @@ in
         nixpkgs.enable = lib.mkDefault true;
       };
       services = {
-        nix.enable = lib.mkDefault true;
         loadkey.enable = lib.mkDefault true;
       };
     };

platforms/nix-darwin/modules/nmasur/presets/services/nix.nix

@@ -0,0 +1,60 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+
+let
+  inherit (config.nmasur.settings) username;
+  cfg = config.nmasur.presets.services.nix;
+in
+
+{
+
+  options.nmasur.presets.services.nix.enable = lib.mkEnableOption "Nix settings and presets";
+
+  config = lib.mkIf cfg.enable {
+
+    nix = {
+
+      # Set channel to flake packages, used for nix-shell commands
+      nixPath = [ "nixpkgs=${pkgs.path}" ];
+
+      # For security, only allow specific users
+      settings.allowed-users = [
+        "@wheel" # Anyone in the wheel group
+        username # The current user
+      ];
+
+      # Enable features in Nix commands
+      extraOptions = ''
+        experimental-features = nix-command flakes
+        warn-dirty = false
+      '';
+
+      # Set automatic generation cleanup for home-manager
+      gc = {
+        automatic = true;
+        options = "--delete-older-than 10d";
+      };
+
+      settings = {
+
+        # Trust users for messing with Nix stuff
+        trusted-users = [
+          "root"
+          "@wheel"
+          username
+        ];
+
+        # Scans and hard links identical files in the store
+        # Not working with macOS: https://github.com/NixOS/nix/issues/7273
+        auto-optimise-store = false;
+      };
+
+    };
+
+  };
+
+}

platforms/nixos/modules/nmasur/presets/services/nix.nix

@@ -6,6 +6,7 @@
 }:
 
 let
+  inherit (config.nmasur.settings) username;
   cfg = config.nmasur.presets.services.nix;
 in
 
@@ -23,7 +24,7 @@ in
       # For security, only allow specific users
       settings.allowed-users = [
         "@wheel" # Anyone in the wheel group
-        config.home.username # The current user
+        username # The current user
       ];
 
       # Enable features in Nix commands
@@ -44,21 +45,20 @@ in
         trusted-users = [
           "root"
           "@wheel"
+          username
         ];
 
         # Add community Cachix to binary cache
         # Don't use at work because blocked by corporate firewall
         builders-use-substitutes = true;
-        substituters = lib.mkIf (!config.nmasur.profiles.work.enable) [
+        substituters = [
           "https://nix-community.cachix.org"
         ];
-        trusted-public-keys = lib.mkIf (!config.nmasur.profiles.work.enable) [
+        trusted-public-keys = [
           "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
         ];
 
-        # Scans and hard links identical files in the store
-        # Not working with macOS: https://github.com/NixOS/nix/issues/7273
-        auto-optimise-store = lib.mkIf (!pkgs.stdenv.isDarwin) true;
+        auto-optimise-store = true;
       };
 
     };

platforms/nixos/modules/nmasur/profiles/base.nix

@@ -21,6 +21,9 @@ in
       programs = {
         doas.enable = lib.mkDefault true;
       };
+      services = {
+        nix.enable = lib.mkDefault true;
+      };
     };
 
     programs.fish.enable = lib.mkDefault config.home-manager.users.${username}.programs.fish.enable;