lyrathorpe/nixfiles
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(darwin): declarative macOS defaults + Touch-ID sudo

Browse Source 
Touch ID now authorises sudo (via sudo_local, update-safe). Adds the
standard system.defaults blocks — dock autohide / no-recents, Finder
extensions + path bar + list view, dark mode, fast key repeat, trackpad
tap-to-click — so the Mac's UI is managed declaratively too.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Emma Thorpe
2026-06-10 16:44:53 +01:00
parent 318c64a371
commit 8c058632ef
1 changed files with 32 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
system/machine/Darwin/configuration.nix
+32
View File
@@ -151,6 +151,38 @@
}; };
}; };
# Touch ID authorises sudo (and darwin-rebuild's sudo prompt) instead of a
# typed password. sudo_local keeps the change in /etc/pam.d/sudo_local so it
# survives macOS updates.
security.pam.services.sudo_local.touchIdAuth = true;
# Declarative macOS UI defaults -- the main reason to run nix-darwin beyond
# package management. Applied on activation; all reversible.
system.defaults = {
dock = {
autohide = true;
show-recents = false;
mru-spaces = false; # don't reorder spaces by use
tilesize = 48;
};
finder = {
AppleShowAllExtensions = true;
ShowPathbar = true;
FXPreferredViewStyle = "Nlsv"; # list view
_FXShowPosixPathInTitle = true;
};
NSGlobalDomain = {
AppleInterfaceStyle = "Dark";
ApplePressAndHoldEnabled = false; # key-repeat instead of the accent popup
InitialKeyRepeat = 15;
KeyRepeat = 2;
};
trackpad = {
Clicking = true; # tap to click
TrackpadThreeFingerDrag = true;
};
};
# Used for backwards compatibility; read `darwin-rebuild changelog` before changing. # Used for backwards compatibility; read `darwin-rebuild changelog` before changing.
system.stateVersion = 5; system.stateVersion = 5;
} }