colonelpanic/dotfiles
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

darwin: update codex and home setup

Browse Source
This commit is contained in:
Kat Huang
2026-04-25 16:32:00 -07:00
committed by Ivan Anthony Malison
parent 4b97e6c5f1
commit aa035663e9
6 changed files with 214 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
dotfiles/claude/.gitignore vendored Normal file
View File

@@ -0,0 +1,6 @@
*
!.gitignore
!CLAUDE.md
!settings.json
!settings.local.json
!settings.local.json.example

16
dotfiles/codex/config.toml
View File

@@ -1,7 +1,9 @@
model = "gpt-5.5" model = "gpt-5.5"
model_reasoning_effort = "high" model_reasoning_effort = "high"
personality = "pragmatic" personality = "pragmatic"
notify = ["/Users/kat/.codex/plugins/cache/openai-bundled/computer-use/1.0.750/Codex Computer Use.app/Contents/SharedSupport/SkyComputerUseClient.app/Contents/MacOS/SkyComputerUseClient", "turn-ended"]
notify = ["/Users/kat/dotfiles/dotfiles/codex/plugins/cache/openai-bundled/computer-use/1.0.755/Codex Computer Use.app/Contents/SharedSupport/SkyComputerUseClient.app/Contents/MacOS/SkyComputerUseClient", "turn-ended"]
[projects."/home/imalison/Projects/nixpkgs"] [projects."/home/imalison/Projects/nixpkgs"]
trust_level = "trusted" trust_level = "trusted"
@@ -114,6 +116,12 @@ trust_level = "trusted"
[projects."/Users/kat"] [projects."/Users/kat"]
trust_level = "trusted" trust_level = "trusted"
[projects."/Users/kat/org"]
trust_level = "trusted"
[projects."/Users/kat/Documents/Codex/2026-04-25/do-you-see-the-sandisk-external"]
trust_level = "trusted"
[notice] [notice]
hide_gpt5_1_migration_prompt = true hide_gpt5_1_migration_prompt = true
"hide_gpt-5.1-codex-max_migration_prompt" = true "hide_gpt-5.1-codex-max_migration_prompt" = true
@@ -138,7 +146,7 @@ apps = true
steer = true steer = true
[marketplaces.openai-bundled] [marketplaces.openai-bundled]
last_updated = "2026-04-19T01:07:40Z" last_updated = "2026-04-21T17:43:57Z"
source_type = "local" source_type = "local"
source = "/Users/kat/.codex/.tmp/bundled-marketplaces/openai-bundled" source = "/Users/kat/.codex/.tmp/bundled-marketplaces/openai-bundled"
@@ -151,10 +159,10 @@ enabled = true
[plugins."google-drive@openai-curated"] [plugins."google-drive@openai-curated"]
enabled = true enabled = true
[plugins."computer-use@openai-bundled"] [plugins."github@openai-curated"]
enabled = true enabled = true
[plugins."github@openai-curated"] [plugins."computer-use@openai-bundled"]
enabled = true enabled = true
[tui.model_availability_nux] [tui.model_availability_nux]

4
dotfiles/gitconfig
View File

@@ -102,10 +102,10 @@
required = true required = true
[credential "https://github.com"] [credential "https://github.com"]
helper = helper =
helper = !/etc/profiles/per-user/imalison/bin/gh auth git-credential helper = !/run/current-system/sw/bin/gh auth git-credential
[credential "https://gist.github.com"] [credential "https://gist.github.com"]
helper = helper =
helper = !/etc/profiles/per-user/imalison/bin/gh auth git-credential helper = !/run/current-system/sw/bin/gh auth git-credential
[includeIf "gitdir:~/Projects/org-agenda-api/"] [includeIf "gitdir:~/Projects/org-agenda-api/"]
path = ~/.gitconfig.org-agenda-api path = ~/.gitconfig.org-agenda-api
[includeIf "gitdir:~/Projects/dotfiles/org-agenda-api/"] [includeIf "gitdir:~/Projects/dotfiles/org-agenda-api/"]

142
nix-darwin/flake.lock generated
View File

@@ -31,7 +31,7 @@
"railbird-secrets", "railbird-secrets",
"nixpkgs" "nixpkgs"
], ],
"systems": "systems_5" "systems": "systems_6"
}, },
"locked": { "locked": {
"lastModified": 1770165109, "lastModified": 1770165109,
@@ -72,11 +72,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1776370363, "lastModified": 1777126457,
"narHash": "sha256-Ul2mJIH6irPdJLiVFDUcSbc7rv7ULWutGjIv7IHOvyI=", "narHash": "sha256-jE5KMGZc9p2H86gCi38o2H3loV/OwICJVa8YbDmpDyg=",
"owner": "sadjow", "owner": "sadjow",
"repo": "claude-code-nix", "repo": "claude-code-nix",
"rev": "9e198808ce7466eceb5bbd341936d6c410f9c664", "rev": "002de6e1b2d10f4646c68af360d9dc92b89a6be9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -93,11 +93,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1776288174, "lastModified": 1777054843,
"narHash": "sha256-kCvsC6JxJtcpLLPrrjptgmBlV7Zmz0NWdLfoP15+jOc=", "narHash": "sha256-aiuiKK6xJu5inj/RTmSl9S3jDC6RzNsKfNJ700MRPNY=",
"owner": "sadjow", "owner": "sadjow",
"repo": "codex-cli-nix", "repo": "codex-cli-nix",
"rev": "7c050fa951b5ca20a4754b42ec5242231edda35f", "rev": "fc382bef14dcb9873769bdcb4d3b943ef2606489",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -252,7 +252,25 @@
}, },
"flake-utils_4": { "flake-utils_4": {
"inputs": { "inputs": {
"systems": "systems_6" "systems": "systems_5"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_5": {
"inputs": {
"systems": "systems_7"
}, },
"locked": { "locked": {
"lastModified": 1709126324, "lastModified": 1709126324,
@@ -292,6 +310,28 @@
"type": "github" "type": "github"
} }
}, },
"git-sync-rs": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1777159280,
"narHash": "sha256-Ee14+tYJi5uKL912+99acc/ouWVhpHzrOjZuBQOGTmY=",
"owner": "colonelpanic8",
"repo": "git-sync-rs",
"rev": "45ffa4301f740fa0193ecd5bc493ef1ffb4feb05",
"type": "github"
},
"original": {
"owner": "colonelpanic8",
"repo": "git-sync-rs",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -320,11 +360,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1776454077, "lastModified": 1777151655,
"narHash": "sha256-7zSUFWsU0+jlD7WB3YAxQ84Z/iJurA5hKPm8EfEyGJk=", "narHash": "sha256-Th3a5OZyEy4kCoyLfefnt+2dwRIrFQqYgMsayF9qzFw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "565e5349208fe7d0831ef959103c9bafbeac0681", "rev": "6f59831b23d03bbf4fbd13ad167ae25da294cc14",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -358,11 +398,11 @@
"homebrew-cask": { "homebrew-cask": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1776455667, "lastModified": 1777159046,
"narHash": "sha256-OKDV1G6pwELUesgrywURqPIROI6F1lm0mWCVY2ytd9Q=", "narHash": "sha256-/3NNjeudK+0vc4ZyCIyIf80gbhDyXWjJzLUuMaPilMI=",
"owner": "homebrew", "owner": "homebrew",
"repo": "homebrew-cask", "repo": "homebrew-cask",
"rev": "4bcd1598f14109e9edd27f4dc9d81fde8caa7174", "rev": "191adc33f03f399c8d97c438c8a1a9acea173f0b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -374,11 +414,11 @@
"homebrew-core": { "homebrew-core": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1776452660, "lastModified": 1777157463,
"narHash": "sha256-4my3q2B6l0/m6UlyrKHGpdtZi+2FO7gVbDzUPQVbtGg=", "narHash": "sha256-SM5CtkgezWUgd2zmIQVBcRtWpSE3VVgj5dP6nnQ5sBo=",
"owner": "homebrew", "owner": "homebrew",
"repo": "homebrew-core", "repo": "homebrew-core",
"rev": "8f3e1320b037c2d774334de9d9afe75e043916b5", "rev": "8a0c7637b90ce943cd9f4520c8a1d13df81ee276",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -398,11 +438,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1776369368, "lastModified": 1777109987,
"narHash": "sha256-5jnqHK2pOCr6Tp8FSyDIizWhiwdfhjQwwYjiKCzfdI0=", "narHash": "sha256-8obD0vLqaPIhu5q6guZ3XN70+9OGzA2GWKQC4/PNcVo=",
"owner": "colonelpanic8", "owner": "colonelpanic8",
"repo": "keepbook", "repo": "keepbook",
"rev": "4c573ac7343b588d0fff8e3cf83c100fbf272544", "rev": "a130c6592f215e8e5727e9fd6eafd234f09f9341",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -451,11 +491,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1776255774, "lastModified": 1744536153,
"narHash": "sha256-psVTpH6PK3q1htMJpmdz1hLF5pQgEshu7gQWgKO6t6Y=", "narHash": "sha256-awS2zRgF4uTwrOKwwiJcByDzDOdo3Q1rPZbiHQg/N38=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "566acc07c54dc807f91625bb286cb9b321b5f42a", "rev": "18dd725c29603f582cf1900e0d25f9f1063dbf11",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -466,6 +506,22 @@
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1776949667,
"narHash": "sha256-GMSVw35Q+294GlrTUKlx087E31z7KurReQ1YHSKp5iw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "01fbdeef22b76df85ea168fbfe1bfd9e63681b30",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1774709303, "lastModified": 1774709303,
"narHash": "sha256-D3Q07BbIA2KnTcSXIqqu9P586uWxN74zNoCH3h2ESHg=", "narHash": "sha256-D3Q07BbIA2KnTcSXIqqu9P586uWxN74zNoCH3h2ESHg=",
@@ -484,8 +540,8 @@
"railbird-secrets": { "railbird-secrets": {
"inputs": { "inputs": {
"agenix": "agenix_2", "agenix": "agenix_2",
"flake-utils": "flake-utils_4", "flake-utils": "flake-utils_5",
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {
"lastModified": 1775003480, "lastModified": 1775003480,
@@ -508,13 +564,14 @@
"codex-cli-nix": "codex-cli-nix", "codex-cli-nix": "codex-cli-nix",
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_3",
"git-blame-rank": "git-blame-rank", "git-blame-rank": "git-blame-rank",
"git-sync-rs": "git-sync-rs",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"homebrew-cask": "homebrew-cask", "homebrew-cask": "homebrew-cask",
"homebrew-core": "homebrew-core", "homebrew-core": "homebrew-core",
"keepbook": "keepbook", "keepbook": "keepbook",
"nix-darwin": "nix-darwin", "nix-darwin": "nix-darwin",
"nix-homebrew": "nix-homebrew", "nix-homebrew": "nix-homebrew",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs_2",
"railbird-secrets": "railbird-secrets" "railbird-secrets": "railbird-secrets"
} }
}, },
@@ -552,6 +609,24 @@
"type": "github" "type": "github"
} }
}, },
"rust-overlay": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1755311859,
"narHash": "sha256-NspGtm0ZpihxlFD628pvh5ZEhL/Q6/Z9XBpe3n6ZtEw=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "07619500e5937cc4669f24fec355d18a8fec0165",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
@@ -641,6 +716,21 @@
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
},
"systems_7": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

15
nix-darwin/flake.nix
View File

@@ -27,6 +27,11 @@
home-manager.url = "github:nix-community/home-manager"; home-manager.url = "github:nix-community/home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager.inputs.nixpkgs.follows = "nixpkgs";
git-sync-rs = {
url = "github:colonelpanic8/git-sync-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
codex-cli-nix = { codex-cli-nix = {
# Default branch is `main` on GitHub (not `master`). # Default branch is `main` on GitHub (not `master`).
url = "github:sadjow/codex-cli-nix/main"; url = "github:sadjow/codex-cli-nix/main";
@@ -54,6 +59,7 @@
outputs = inputs @ { outputs = inputs @ {
self, self,
agenix, agenix,
git-sync-rs,
nix-darwin, nix-darwin,
nixpkgs, nixpkgs,
home-manager, home-manager,
@@ -179,9 +185,15 @@
(final: prev: { (final: prev: {
codex = inputs.codex-cli-nix.packages.${prev.stdenv.hostPlatform.system}.default; codex = inputs.codex-cli-nix.packages.${prev.stdenv.hostPlatform.system}.default;
claude-code = inputs.claude-code-nix.packages.${prev.stdenv.hostPlatform.system}.default; claude-code = inputs.claude-code-nix.packages.${prev.stdenv.hostPlatform.system}.default;
git-sync-rs = git-sync-rs.packages.${prev.stdenv.hostPlatform.system}.default;
}) })
]; ];
environment.systemPackages = essentialPkgs ++ [pkgs.spotify]; environment.systemPackages =
essentialPkgs
++ [
pkgs.gnupg
pkgs.spotify
];
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
@@ -196,6 +208,7 @@
casks = [ casks = [
"codex-app" "codex-app"
"ghostty" "ghostty"
"raycast"
]; ];
masApps = { masApps = {
Xcode = 497799835; Xcode = 497799835;

81
nix-darwin/home/common.nix
View File

@@ -11,6 +11,16 @@
replaceRuntimeDir = builtins.replaceStrings ["$XDG_RUNTIME_DIR"] ["\${XDG_RUNTIME_DIR}"]; replaceRuntimeDir = builtins.replaceStrings ["$XDG_RUNTIME_DIR"] ["\${XDG_RUNTIME_DIR}"];
gpgKeyPath = replaceRuntimeDir config.age.secrets.gpg-keys.path; gpgKeyPath = replaceRuntimeDir config.age.secrets.gpg-keys.path;
gpgPassphrasePath = replaceRuntimeDir config.age.secrets.gpg-passphrase.path; gpgPassphrasePath = replaceRuntimeDir config.age.secrets.gpg-passphrase.path;
raycastPath = lib.concatStringsSep ":" [
"${config.home.homeDirectory}/.nix-profile/bin"
"/run/current-system/sw/bin"
"/opt/homebrew/bin"
"/usr/local/bin"
"/usr/bin"
"/bin"
"/usr/sbin"
"/sbin"
];
importGpgKeyScript = pkgs.writeShellScript "import-gpg-key" '' importGpgKeyScript = pkgs.writeShellScript "import-gpg-key" ''
set -eu set -eu
@@ -57,13 +67,7 @@
''; '';
excludedTopLevelEntries = [ excludedTopLevelEntries = [
"agents"
"claude"
"codex"
"config" "config"
"emacs.d"
"zshenv"
"zshrc"
]; ];
excludedConfigEntries = [ excludedConfigEntries = [
@@ -86,31 +90,52 @@
}; };
}) (lib.subtractLists excludedConfigEntries (builtins.attrNames (builtins.readDir "${dotfilesDir}/config")))); }) (lib.subtractLists excludedConfigEntries (builtins.attrNames (builtins.readDir "${dotfilesDir}/config"))));
in { in {
programs.home-manager.enable = true;
imports = [ imports = [
inputs.agenix.homeManagerModules.default inputs.agenix.homeManagerModules.default
../../home-manager/codex-generated-skills.nix ../../home-manager/codex-generated-skills.nix
]; ];
programs.home-manager.enable = true;
age.identityPaths = ["${config.home.homeDirectory}/.ssh/id_ed25519"]; age.identityPaths = ["${config.home.homeDirectory}/.ssh/id_ed25519"];
age.secrets.gpg-keys.file = ../../nixos/secrets/gpg-keys.age; age.secrets.gpg-keys.file = ../../nixos/secrets/gpg-keys.age;
age.secrets.gpg-passphrase.file = ../../nixos/secrets/gpg-passphrase.age; age.secrets.gpg-passphrase.file = ../../nixos/secrets/gpg-passphrase.age;
home.file = dotfilesLinks; home.file = dotfilesLinks;
myModules.codexGeneratedSkills.enable = true; myModules.codexGeneratedSkills.enable = true;
home.activation.linkEmacsDotdir = lib.hm.dag.entryAfter ["writeBoundary"] '' home.packages = [
live_emacs_dir="$HOME/dotfiles/dotfiles/emacs.d" pkgs.gnupg
target_emacs_dir="${dotfilesDir}/emacs.d" (pkgs.pass.withExtensions (ext: [ext.pass-otp]))
if [ -d "$live_emacs_dir" ]; then ];
target_emacs_dir="$live_emacs_dir"
home.activation.repairGpgHomeAndImportKey = lib.hm.dag.entryAfter ["writeBoundary"] ''
gnupg_dir="$HOME/.gnupg"
password_store_gpg_id="$HOME/.password-store/.gpg-id"
/bin/mkdir -p "$gnupg_dir"
/bin/chmod 700 "$gnupg_dir"
if [ -r "$password_store_gpg_id" ]; then
needs_import=0
while IFS= read -r recipient; do
case "$recipient" in
""|\#*)
continue
;;
esac
if ! ${pkgs.gnupg}/bin/gpg --batch --list-secret-keys --with-colons "$recipient" 2>/dev/null | /usr/bin/grep -q '^sec:'; then
needs_import=1
break
fi
done < "$password_store_gpg_id"
if [ "$needs_import" -eq 1 ]; then
${importGpgKeyScript}
fi fi
if [ -L "$HOME/.emacs.d" ] || [ ! -e "$HOME/.emacs.d" ]; then
rm -f "$HOME/.emacs.d"
ln -s "$target_emacs_dir" "$HOME/.emacs.d"
else
echo "Skipping ~/.emacs.d relink because it is not a symlink" >&2
fi fi
''; '';
@@ -148,6 +173,7 @@ in {
defaultCacheTtl = 8 * 60 * 60; defaultCacheTtl = 8 * 60 * 60;
maxCacheTtl = 8 * 60 * 60; maxCacheTtl = 8 * 60 * 60;
enableSshSupport = true; enableSshSupport = true;
pinentry.package = lib.mkIf pkgs.stdenv.isDarwin pkgs.pinentry_mac;
extraConfig = '' extraConfig = ''
allow-emacs-pinentry allow-emacs-pinentry
allow-loopback-pinentry allow-loopback-pinentry
@@ -169,6 +195,25 @@ in {
}; };
}; };
launchd.agents.raycast = lib.mkIf pkgs.stdenv.isDarwin {
enable = true;
config = {
EnvironmentVariables = {
PATH = raycastPath;
};
ProgramArguments = [
"/usr/bin/open"
"-a"
"Raycast"
];
KeepAlive = false;
ProcessType = "Interactive";
RunAtLoad = true;
StandardOutPath = "${config.home.homeDirectory}/Library/Logs/raycast-launchd.log";
StandardErrorPath = "${config.home.homeDirectory}/Library/Logs/raycast-launchd.err.log";
};
};
programs.starship = { programs.starship = {
enable = true; enable = true;
}; };