nix/bootstrap-macos.sh

#!/bin/bash
set -euo pipefail

DOTFILES_REPO="${1:-https://git.meatbag.se/varl/dotfiles.git}"
CHEZMOI_BIN="/tmp/chezmoi-bootstrap"

info() { printf '\033[1;34m==> %s\033[0m\n' "$*"; }
err()  { printf '\033[1;31m==> %s\033[0m\n' "$*" >&2; exit 1; }

[[ "$(uname)" == "Darwin" ]] || err "this script is for macOS"

# 1. standalone chezmoi
info "installing standalone chezmoi"
sh -c "$(curl -fsLS get.chezmoi.io)" -- -b "$(dirname "$CHEZMOI_BIN")"
mv "$(dirname "$CHEZMOI_BIN")/chezmoi" "$CHEZMOI_BIN"

# 2. chezmoi init + apply (lays down all dotfiles, prompts for keys/tokens)
info "running chezmoi init --apply"
"$CHEZMOI_BIN" init --apply "$DOTFILES_REPO"

# 3. install nix
if ! command -v nix &>/dev/null; then
    info "installing nix"
    sh <(curl --proto '=https' --tlsv1.2 -L https://nixos.org/nix/install)
fi

# 4. source nix so it's available in this script
if [[ -f '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]]; then
    source '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi

command -v nix &>/dev/null || err "nix not found after install — restart your shell and re-run"

# 5. add trusted-users if missing
info "checking trusted-users in /etc/nix/nix.conf"
user="$(whoami)"
if ! grep -q "trusted-users.*$user" /etc/nix/nix.conf 2>/dev/null; then
    info "adding $user to trusted-users (requires sudo)"
    echo "trusted-users = $user root" | sudo tee -a /etc/nix/nix.conf >/dev/null
    info "restarting nix-daemon"
    sudo launchctl stop org.nixos.nix-daemon
    sudo launchctl start org.nixos.nix-daemon
fi

# 6. install nix packages (includes chezmoi, direnv, git, vim, etc.)
info "installing user-macos nix profile"
nix-env -ir user-macos

# 7. switch chezmoi remote to ssh
info "switching chezmoi remote to ssh"
chezmoi git remote set-url origin git@git.meatbag.se:varl/dotfiles.git

# 8. clean up standalone chezmoi
info "removing standalone chezmoi"
rm -f "$CHEZMOI_BIN"

info "done — open a new terminal to pick up the full environment"