Nix-darwin Flake for Conan Build

flake.nix

{
  description = "Meson nix-darwin system flake";

  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
    nix-darwin.url = "github:nix-darwin/nix-darwin/master";
    nix-darwin.inputs.nixpkgs.follows = "nixpkgs";

#    home-manager = {
#      url = "github:nix-community/home-manager/nixpkgs-unstable";
#      inputs.nixpkgs.follows = "nixpkgs";
#    };

    agenix.url = "github:ryantm/agenix";

    flake-parts.url = "github:hercules-ci/flake-parts";
    import-tree.url = "github:vic/import-tree";

    wrapper-modules.url = "github:BirdeeHub/nix-wrapper-modules";
  };

  outputs = inputs@{ self, nix-darwin, nixpkgs, agenix, flake-parts, home-manager, ... }:
  let
    configuration = { pkgs, config, ... }: {

      # --- System Packages ---
      environment.systemPackages = with pkgs; [

        # Build Tools & Compilers
        autoconf
        automake
        cmake
        ccache
        conan
        defaultbrowser
        gnumake
        gperf
        libtool
        ninja
        pkg-config
        ruby
        rubyPackages_3_4.activemodel
        rubyPackages_3_4.activesupport
        rubyPackages_3_4.nokogiri
        rubyPackages_3_4.os
        rubyPackages_3_4.rack
        rubyPackages_3_4.rspec
        rubyPackages_3_4.redis
        rubyPackages_3_4.rest-client
        rbenv
        libyaml # needed for psych gem
        go
        openssl

        # CLI Tools & Utilities
        ansible
        bat
        bash
        btop
        coreutils
        curl
        delta
        fzf
        eza
        fastfetch
        mkcert
        tldr
        wget
        xh
        zoxide

        # Documentation
        man-pages
        man-pages-posix

        # Productivity & Communication
        brave
        irssi
        raycast
        starship
        vault

        # System & macOS Integration
        mkalias
        vim
        
        # Terminals
        wezterm

      ];

      # --- Nix Settings ---
      nix.settings.experimental-features = [ "nix-command" "flakes" ];
      nix.enable = false;
      nixpkgs.config.allowUnfree = true;
      nixpkgs.config.allowUnsupportedSystem = false;

      # --- macOS System Configuration ---
      system.configurationRevision = self.rev or self.dirtyRev or null;
      system.stateVersion = 6;
      system.primaryUser = "jperrie";

      system.activationScripts = {
        postActivation.text = ''
          ${pkgs.defaultbrowser}/bin/defaultbrowser browser
        '';
      };

      # Enable TouchID for sudo authentication
      security.pam.services.sudo_local.touchIdAuth = true;

      system.defaults = {
        spaces.spans-displays = true;
        dock.mru-spaces = false;

        NSGlobalDomain = {
          "com.apple.swipescrolldirection" = false;
          AppleICUForce24HourTime = false;
          AppleInterfaceStyle = "Dark";
          AppleInterfaceStyleSwitchesAutomatically = false;
          AppleMeasurementUnits = "Inches";
          AppleMetricUnits = 1;
          AppleTemperatureUnit = "Fahrenheit";
          InitialKeyRepeat = 15;
          KeyRepeat = 2;
          NSAutomaticCapitalizationEnabled = false;
          NSAutomaticDashSubstitutionEnabled = false;
          NSAutomaticPeriodSubstitutionEnabled = false;
          NSAutomaticQuoteSubstitutionEnabled = false;
          NSAutomaticSpellingCorrectionEnabled = true;
          NSNavPanelExpandedStateForSaveMode = true;
          NSNavPanelExpandedStateForSaveMode2 = true;
          # Disable switching to Space with open windows when switching apps
          AppleSpacesSwitchOnActivate = false;
        };

        SoftwareUpdate = {
          AutomaticallyInstallMacOSUpdates = false;
        };
        
        menuExtraClock = {
          ShowAMPM = null;
          ShowDate = 1; # Always
          ShowSeconds = null;
          Show24Hour = null;
        };

        CustomUserPreferences = {
          ".GlobalPreferences" = {
            "AppleAdHocServerMode" = true;
          };

          "com.apple.WindowManager" = {
            "EnableTilingDragToEdge" = false;
            "EnableTilingPadding" = false;
            "EnableStandardClickToShowDesktop" = false;
            "EnableTilingDragToMenuBar" = false;
            "EnableTilingShowPredefinedOutline" = false;

            # Disaable Stage Manager
            "GloballyEnabled" = false;

            # Hide widgets from Desktop
            "StandardHideWidgets" = true;
            "EnableTopTilingByEdgeDrag" = false;
            "EnableTilingByEdgeDrag" = false;
          };

          "com.apple.AdLib" = {
            allowApplePersonalizedAdvertising = false;
          };

          "com.apple.controlcenter" = {
            BatteryShowPercentage = true;
          };

          "com.apple.desktopservices" = {
            # Avoid creating .DS_Store files on network or USB volumes
            DSDontWriteNetworkStores = true;
            DSDontWriteUSBStores = true;
          };

          # Prevent Photos from opening automatically
          "com.apple.ImageCapture".disableHotPlug = true;
          "com.apple.screencapture" = {
            "disable-shadow" = true;
            location = "~/screenshots";
            type = "png";
          };

          "com.apple.TimeMachine".DoNotOfferNewDisksForBackup = true;
          # Turn on app auto-update
          "com.apple.commerce".AutoUpdate = true;

          "com.apple.dock" = {
            # Disables the Mission Control / Exposé trigger when dragging
            "autohide" = true;
            "mcx-expose-disabled" = true;
            "window-drag-top-is-mission-control" = false;
            "showMissionControlGestureEnabled" = false;
            "enterMissionControlByTopWindowDrag" = false;

            # 1 = Disabled / No Action
            "wvous-tl-corner" = 1; # Top Left
            "wvous-tr-corner" = 1; # Top Right
            "wvous-bl-corner" = 1; # Bottom Left
            "wvous-br-corner" = 1; # Bottom Right (Currently 14 on your system)
            
            show-recents = false;
            tilesize = 48;
            expose-animation-duration = 0.1; # Faster Mission Control animations
            expose-group-apps = false; # Don't group windows by application in Mission Control
          };

          "com.apple.finder" = {
            _FXSortFoldersFirst = true;
            FXDefaultSearchScope = "SCcf"; # Search current folder by default
            ShowExternalHardDrivesOnDesktop = true;
            ShowHardDrivesOnDesktop = false;
            ShowMountedServersOnDesktop = true;
            ShowRemovableMediaOnDesktop = true;
          };

          "com.apple.SoftwareUpdate" = {
            AutomaticCheckEnabled = true;
            # Check for software updates daily, not just once per week
            ScheduleFrequency = 1;
            # Download newly available updates in background
            AutomaticDownload = 0;
            # Install System data files & security updates
            CriticalUpdateInstall = 1;
          };

          # --- Brave / Chromium Enterprise Policies ---
          "com.brave.Browser" = {
            # Privacy & Security
            AIModeSettings = 1;
            AlternateErrorPagesEnabled = false;
            AutomaticallySendAnalytics = false;
            AutofillCreditCardEnabled = false;
            BrowserSignin = 0;
            BuiltInDnsClientEnabled = false;
            CaptureSpecificTabModeAllowed = false;
            CloudReportingEnabled = false;
            DefaultBrowserSettingEnabled = false;
            DefaultGeolocationSetting = 2;
            DefaultLocalFontsSetting = 2;
            DefaultNotificationsSetting = 2;
            DefaultSensorsSetting = 2;
            DefaultSerialGuardSetting = 2;
            DnsOverHttpsMode = "automatic";
            DriveDisabled = true;
            ExtensionManifestV2Availability = 2;
            HttpsOnlyMode = "force_enabled";
            LocalNetworkAccessBlockUpsamplingService = true;
            MediaRouterCastAllowAllIPs = false;
            MetricsReportingEnabled = false;
            PasswordLeakDetectionEnabled = false;
            PasswordManagerEnabled = false;
            PasswordSharingEnabled = false;
            PrivacySandboxAdMeasurementEnabled = false;
            PrivacySandboxAdTopicsEnabled = false;
            PrivacySandboxSiteEnabledAdsEnabled = false;
            SafeBrowseDeepScanningEnabled = false;
            SafeBrowseExtendedReportingEnabled = false;
            SafeBrowseSurveysEnabled = false;
            TabFreezingEnabled = true;
            NewTabPageLocation = null;
            ZstdContentEncodingEnabled = true;

            # AI Specific
            GenAiDefaultSettings = 2;
            SearchContentSharingSettings = 1;
            GeminiActOnWebSettings = 1;
            LensDesktopNTPSearchEnabled = false;

            # Brave Specific Features
            BraveAIChatEnabled = false;
            BraveExperimentalAdblockEnabled = true;
            BraveNewsDisabled = true;
            BraveP3AEnabled = false;
            BravePlaylistEnabled = false;
            BraveRewardsDisabled = true;
            BraveRewardsIconHidden = true;
            BraveSpeedreaderEnabled = false;
            BraveStatsPingEnabled = false;
            BraveSyncEnabled = false;
            BraveTalkDisabled = true;
            BraveVPNDisabled = true;
            BraveWalletDisabled = true;
            BraveWaybackMachineEnabled = false;
            BraveWebDiscoveryEnabled = true;
            BraveSyncUrl = "";

            # Performance & UI
            BackgroundModeEnabled = false;
            BookmarksBarEnabled = true;
            HardwareAccelerationModeEnabled = true;
            MemorySaverEnabled = true;
            ShowFullURLs = true;
            WideAddressBar = true;
            SpellcheckEnabled = true;
            SpellcheckLanguage = [ "en-US" ];

            # Search Engine
            DefaultSearchProviderEnabled = true;
            DefaultSearchProviderName = "Google";
            DefaultSearchProviderSearchURL = "https://www.google.com/search?q={searchTerms}";

            # Telemetry & Reporting
            DeviceActivityHeartbeatEnabled = false;
            DeviceMetricsReportingEnabled = false;
            HeartbeatEnabled = false;
            LogUploadEnabled = false;
            ParcelTrackingEnabled = false;
            RelatedWebsiteSetsEnabled = false;
            ReportAppInventory = [];
            ReportDeviceActivityTimes = false;
            ReportDeviceAppInfo = false;
            ReportDeviceSystemInfo = false;
            ReportDeviceUsers = false;
            ReportWebsiteTelemetry = [];
            ShoppingListEnabled = false;
            SyncDisabled = true;
            TorDisabled = true;

            # Extensions Note:
            # 'extensions' cannot be managed easily via CustomUserPreferences.
            # You usually have to install them manually or via Homebrew Casks if they support it.
          };
        };
      };

      nixpkgs.hostPlatform = "aarch64-darwin";
    };
  in
  {
    darwinConfigurations.meson = nix-darwin.lib.darwinSystem {
      modules = [
        configuration
        {

          # This puts ascp needs to be in the non-interactive ssh path
          environment.extraInit = ''
            export PATH="$PATH:/Library/Aspera/bin"
          '';

          programs.bash = {
            enable = true;
          };
          
          programs.man.enable = true;
          
          documentation = {
            enable = true;
            info.enable = true;

            man = {
              enable = true;
            };
          };
        }
        ({config, ...}: {
#          security.pki.certificateFiles = [
#            /opt/vault/etc/server.crt
#          ];

        })
      ];
    };
  };
}