ogadra · ogadra · Jan 7, 2026 · Jan 7, 2026 · Jan 7, 2026 · Jan 7, 2026
diff --git a/CLAUDE.md b/CLAUDE.md
@@ -0,0 +1,95 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Overview
+
+This is a hybrid dotfiles system using:
+- **Nix Flakes + Home Manager** for NixOS (primary)
+- **Nix Flakes + nix-darwin + Home Manager** for macOS
+- **Chezmoi** for non-Nix systems (fallback)
+
+Machine profiles:
+- `bisharp` (x86_64-linux, KDE Plasma 6)
+- `latias` (x86_64-darwin, macOS)
+
+## Build Commands
+
+```bash
+make build    # Build configuration
+make switch   # Apply configuration
+```
+
+### Initial Darwin Setup
+```bash
+# Install Nix (if not installed)
+sh <(curl -L https://nixos.org/nix/install)
+
+# Enable flakes
+mkdir -p ~/.config/nix
+echo "experimental-features = nix-command flakes" >> ~/.config/nix/nix.conf
+
+# First-time bootstrap
+nix run nix-darwin -- switch --flake .#latias
+```
+
+### Chezmoi (fallback for non-Nix systems)
+```bash
+chezmoi init --apply ogadra  # Initial setup
+chezmoi diff                 # Preview changes
+chezmoi apply                # Apply changes
+```
+
+## Architecture
+
+```
+flake.nix                    # Nix flakes entry point
+├── nixos/
+│   ├── configuration.nix    # Base NixOS system config
+│   ├── default.nix          # System builder
+│   └── settings/            # Modular settings (desktop, nix-ld, security, shell)
+├── darwin/
+│   ├── configuration.nix    # Base darwin config (with Homebrew integration)
+│   └── default.nix          # System builder
+├── profiles/
+│   ├── bisharp/             # NixOS machine profile
+│   └── latias/              # Darwin machine profile
+├── home-manager/
+│   ├── default.nix          # Home Manager module config
+│   ├── common/              # Platform-independent configs
+│   │   ├── apps/            # GUI apps (wezterm, vscode, discord)
+│   │   └── cli/             # CLI tools (claude-code, fish, git, starship, etc.)
+│   ├── nixos/               # Linux-specific (kwin, clipboard, wofi)
+│   └── profiles/
+│       ├── bisharp/         # NixOS HM profile
+│       └── latias/          # Darwin HM profile
+├── private_dot_config/      # Chezmoi-managed configs
+├── data/                    # YAML config data (gitconfig, paths)
+└── init/                    # Initialization scripts (Brewfile, fonts)
+```
+
+## Key Patterns
+
+- Machine profiles are in `profiles/<hostname>/` and `home-manager/profiles/<hostname>/`
+- New CLI tools go in `home-manager/common/cli/<toolname>/default.nix`
+- New GUI apps go in `home-manager/common/apps/<category>/<appname>/`
+- Platform-specific configs go in `home-manager/nixos/` (Linux) or `home-manager/darwin/` (macOS)
+
+## Git Workflow
+
+- Pre-commit hook runs `gitleaks protect --staged -v` for secrets detection
+- Commits are auto-signed with SSH key (Ed25519)
+- Default branch: `main`
+
+## Claude Code Permissions (configured in repo)
+
+**Allowed:**
+- `git push origin:<branch>`, `git push -u origin:<branch>`
+
+**Denied:**
+- Recursive/force delete commands (`rm -rf`, `rm -r`, etc.)
+- Broad git operations (`git add .`, `git add -u`, `git commit --no-verify`)
+- Direct push to main/master/production
+- `sudo` commands
+
+When committing, add files individually rather than using `git add .` or `git add -u`.
diff --git a/Makefile b/Makefile
@@ -1,9 +1,29 @@
-HOST := $(shell hostname)
+HOST := $(shell hostname -s | tr '[:upper:]' '[:lower:]')
+UNAME := $(shell uname)
 
-.PHONY: build switch
+.PHONY: build switch ensure-nix
 
+ensure-nix:
+	@command -v nix >/dev/null 2>&1 || { \
+		echo "Nix not found. Installing..."; \
+		curl -L https://nixos.org/nix/install | sh; \
+		echo "Restarting shell and running make..."; \
+		exec fish -c "cd $(PWD) && make"; \
+	}
+	@command -v darwin-rebuild >/dev/null 2>&1 || { \
+		echo "darwin-rebuild not found. Bootstrapping nix-darwin..."; \
+		sudo nix --extra-experimental-features 'nix-command flakes' run nix-darwin -- switch --flake .#$(HOST); \
+	}
+
+ifeq ($(UNAME), Darwin)
+build: ensure-nix
+	darwin-rebuild build --flake .#$(HOST)
+switch: ensure-nix
+	sudo darwin-rebuild switch --flake .#$(HOST)
+else
 build:
 	nixos-rebuild build --flake .#$(HOST)
 
 switch:
 	sudo nixos-rebuild switch --flake .#$(HOST)
+endif
diff --git a/darwin/configuration.nix b/darwin/configuration.nix
@@ -0,0 +1,76 @@
+{
+  config,
+  pkgs,
+  username,
+  ...
+}:
+{
+  # Nix settings
+  nix = {
+    settings = {
+      experimental-features = [ "nix-command" "flakes" ];
+    };
+  };
+
+  # Allow unfree packages
+  nixpkgs.config.allowUnfree = true;
+
+  # Shell configuration
+  programs.zsh.enable = true;
+  programs.fish.enable = true;
+  environment.shells = [ pkgs.fish ];
+  users.users.${username}.shell = pkgs.fish;
+
+  # macOS system defaults
+  system.defaults = {
+    NSGlobalDomain = {
+      AppleShowAllExtensions = true;
+      InitialKeyRepeat = 15;
+      KeyRepeat = 2;
+    };
+    dock = {
+      autohide = true;
+      show-recents = false;
+    };
+    finder = {
+      AppleShowAllFiles = true;
+      FXPreferredViewStyle = "Nlsv";
+    };
+  };
+
+  # Homebrew integration (declarative management)
+  homebrew = {
+    enable = true;
+    onActivation = {
+      autoUpdate = true;
+      cleanup = "zap";
+      upgrade = true;
+    };
+
+    brews = [
+      "gitleaks"
+      "gomi"
+      "lefthook"
+      "mise"
+    ];
+
+    casks = [
+      # Add GUI apps here as needed
+    ];
+  };
+
+  # Fonts
+  fonts.packages = with pkgs; [
+    noto-fonts-cjk-sans
+    noto-fonts-cjk-serif
+    noto-fonts-color-emoji
+    nerd-fonts.jetbrains-mono
+    nerd-fonts.droid-sans-mono
+  ];
+
+  # Primary user for darwin-rebuild
+  system.primaryUser = username;
+
+  # State version
+  system.stateVersion = 5;
+}
diff --git a/darwin/default.nix b/darwin/default.nix
@@ -0,0 +1,49 @@
+{
+  inputs,
+  profile,
+  system,
+  username,
+  ...
+}:
+let
+  baseModules = [
+    ./configuration.nix
+    ../profiles/${profile}
+  ];
+
+  homeManagerModules = [
+    inputs.home-manager.darwinModules.home-manager
+    ({ lib, ... }: {
+      home-manager = {
+        useGlobalPkgs = true;
+        useUserPackages = true;
+        users.${username} = {
+          imports = [ ../home-manager/profiles/${profile} ];
+          home.username = username;
+          home.homeDirectory = lib.mkForce "/Users/${username}";
+        };
+        extraSpecialArgs = {
+          inherit username inputs;
+        };
+      };
+    })
+  ];
+
+  allModules =
+    baseModules
+    ++ homeManagerModules
+    ;
+in
+{
+  inherit system;
+
+  specialArgs = {
+    inherit
+      inputs
+      profile
+      username
+      ;
+  };
+
+  modules = allModules;
+}
diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -2,6 +2,10 @@
   description = "ogadra's Nix Configuration";
   inputs = {
     nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+    nix-darwin = {
+      url = "github:LnL7/nix-darwin";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
     home-manager = {
       url = "github:nix-community/home-manager";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -24,6 +28,7 @@
   {
     self,
     nixpkgs,
+    nix-darwin,
     home-manager,
     ...
   }@inputs:
@@ -42,7 +47,24 @@
             username
             ;
         };
+
+      darwinSystemArgs =
+        {
+          system,
+          profile,
+          username,
+        }:
+        import ./darwin {
+          inherit
+            inputs
+            profile
+            system
+            username
+            ;
+        };
+
       inherit (nixpkgs.lib) nixosSystem;
+      inherit (nix-darwin.lib) darwinSystem;
     in
     {
       nixosConfigurations = {
@@ -52,5 +74,18 @@
           username = "ogadra";
         });
       };
+
+      darwinConfigurations = {
+        latias = darwinSystem (darwinSystemArgs {
+          system   = "x86_64-darwin";
+          profile  = "latias";
+          username = "ogadra";
+        });
+        latios = darwinSystem (darwinSystemArgs {
+          system   = "aarch64-darwin";
+          profile  = "latios";
+          username = "ogadra";
+        });
+      };
     };
 }
diff --git a/home-manager/profiles/latias/default.nix b/home-manager/profiles/latias/default.nix
@@ -0,0 +1,29 @@
+{ ... }:
+let
+  # GUI Applications (cross-platform)
+  appConfigs = [
+    ../../common/apps/editor
+    ../../common/apps/terminal
+  ];
+
+  # CLI tools (cross-platform)
+  commonConfigs = [
+    ../../common/cli/direnv
+    ../../common/cli/git
+    ../../common/cli/gh
+    ../../common/cli/ghq
+    ../../common/cli/gnumake
+    ../../common/cli/claude-code
+    ../../common/cli/fish
+    ../../common/cli/fzf
+    ../../common/cli/mpv
+    ../../common/cli/starship
+  ];
+in
+{
+  home.stateVersion = "25.11";
+  imports =
+    appConfigs
+    ++ commonConfigs
+    ;
+}