diff --git a/nix/home/packages.nix b/nix/home/packages.nix
index 8b7065a..3563604 100644
--- a/nix/home/packages.nix
+++ b/nix/home/packages.nix
@@ -15,6 +15,7 @@ let
       act
       bat
       bitwarden-cli
+      cachix
       cloudflared
       delta
       eza
@@ -28,6 +29,7 @@ let
       kubectl
       kubelogin-oidc
       mosh
+      nixd
       nixpkgs-fmt
       pandoc
       ripgrep
diff --git a/nix/overlays/lix.nix b/nix/overlays/lix.nix
index bde29b6..f44f23b 100644
--- a/nix/overlays/lix.nix
+++ b/nix/overlays/lix.nix
@@ -3,6 +3,10 @@
     postPatch = (oldAttrs.postPatch or "") + ''
       substituteInPlace src/libmain/shared.cc \
         --replace-fail "(Lix, like Nix)" "but for lesbians"
-      '';
+    '';
+
+    # WARNING: This greatly assumes that lix will never merge a CL that breaks
+    # the tests. But I choose to disable them anyway because the build time is faster
+    doCheck = false;
   });
 })
diff --git a/nix/system/default.nix b/nix/system/default.nix
index b5d51ba..018abe3 100644
--- a/nix/system/default.nix
+++ b/nix/system/default.nix
@@ -3,6 +3,12 @@
 {
   imports = importAll [] ./.;
 
+  networking = {
+    computerName = "Alyxia's MacBook Pro";
+    hostName = "alymac";
+    localHostName = "alymac";
+  };
+
   users.users.alyxia = {
     name = "alyxia";
     home = "/Users/alyxia";
diff --git a/nix/system/nix.nix b/nix/system/nix.nix
index 5bacbf3..43f97f2 100644
--- a/nix/system/nix.nix
+++ b/nix/system/nix.nix
@@ -1,19 +1,85 @@
-{ ... }:
+{ pkgs, ... }:
 
 {
   services.nix-daemon.enable = true;
 
   nix = {
-    settings.experimental-features = [ "nix-command" "flakes" ];
+    settings = {
+      # enable flakes and the `nix` command
+      experimental-features = [ "nix-command" "flakes" ];
+
+      # disable the flake registry since it worsens perf
+      flake-registry = pkgs.writers.writeJSON "flakes-empty.json" {
+        flakes = [ ];
+        version = 2;
+      };
+
+      # "apply the free optimisations"
+      auto-optimise-store = true;
+
+      # we need to create some trusted and allwed users so that we can use 
+      # some features like substituters
+      allowed-users = [
+        "@wheel" # allow sudo users to mark the following values as trusted
+        "root"
+        "alyxia"
+      ];
+      trusted-users = [
+        "@wheel" # allow sudo users to manage the nix store
+        "root"
+        "alyxia"
+      ];
+
+      # enable some extra darwin platforms
+      extra-platforms = [
+        "aarch64-darwin"
+        "x86-64-darwin"
+      ];
+
+      # logging stuff
+      log-lines = 50;
+      warn-dirty = false;
+
+      # continue building derivations even if one failed
+      keep-going = true;
+
+      # the more connections the better
+      http-connections = 0;
+
+      # whether to accept nix configuration from a flake without prompting. why the
+      # hell would you enable this?
+      accept-flake-config = false;
+
+      # caching setup
+      substituters = [
+        "https://cache.nixos.org/"
+        "https://nix-community.cachix.org"
+        "https://nixpkgs-unfree.cachix.org"
+        "https://lexisother.cachix.org"
+      ];
+      trusted-public-keys = [
+        "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+        "nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs="
+        "lexisother.cachix.org-1:/JtVjLzEue9SHlXK0O4ogtZpRpzeLqTwfZpfTIN/N2s="
+      ];
+    };
     gc = {
       automatic = true;
-      options = "--delete-older-than 8d";
+      options = "--delete-older-than 3d";
+      interval = {
+        Hour = 3;
+        Minute = 15;
+      };
     };
   };
 
   nixpkgs = {
     config = {
       allowUnfree = true;
+      allowUnfreePredicate = _: true;
+
+      allowBroken = false;
       permittedInsecurePackages = [ "python-2.7.18.8" ];
     };
   };
diff --git a/nix/system/preferences.nix b/nix/system/preferences.nix
new file mode 100644
index 0000000..7d52f4c
--- /dev/null
+++ b/nix/system/preferences.nix
@@ -0,0 +1,56 @@
+{ ... }:
+
+{
+  system.defaults = {
+    ActivityMonitor = {
+      IconType = 5;
+      OpenMainWindow = true;
+      SortColumn = "CPUUsage";
+      SortDirection = 0;
+    };
+
+    NSGlobalDomain = {
+      NSDocumentSaveNewDocumentsToCloud = false;
+      NSNavPanelExpandedStateForSaveMode = true;
+      NSNavPanelExpandedStateForSaveMode2 = true;
+
+      KeyRepeat = 1;
+      InitialKeyRepeat = 10;
+    };
+
+    LaunchServices.LSQuarantine = false;
+
+    finder = {
+      AppleShowAllFiles = true;
+      AppleShowAllExtensions = true;
+      ShowPathbar = true;
+      _FXShowPosixPathInTitle = true;
+    };
+
+    universalaccess = {
+      closeViewScrollWheelToggle = true;
+    };
+
+    CustomSystemPreferences = {
+      "com.apple.desktopservices" = {
+        # Don't create .DS_STORE files on network or external stores
+        DSDontWriteNetworkStores = true;
+        DSDontWriteUSBStores = true;
+      };
+      "com.apple.appstore" = {
+        WebKitDeveloperExtras = true;
+        ShowDebugMenu = true;
+      };
+      # Exists in system.defaults, but it's just one option...
+      "com.apple.SoftwareUpdate" = {
+        AutomaticCheckEnabled = true;
+        ScheduleFrequency = 1;
+        AutomaticDownload = 1;
+        CriticalUpdateInstall = 1;
+      };
+      "com.apple.commerce".AutoUpdate = true;
+
+      "org.x.X11".enable_test_extensions = true;
+    };
+  };
+}