Installing flake breaks nix on MacOS Sonoma completely

[jjpe]

Below is my flake. Installing it has broken all nix tooling completely on my MBP to the point that all nix CLI commands are now completely unavailable. I've done a factory reset because without nix I can't use nix to fix nix. After the factory reset, I tried to build my flake again, and again it COMPLETELY breaks nix! What's the fix here? And why does nix-darwin break my system in the first place?

EDIT: I just found out that running darwin-installer makes the nix tooling available again. But even then, I can't really build my flake as-is without breaking the system. So a fix is still necessary.

{
  description = "System Flake (cassio)";

  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
    nix-darwin.url = "github:LnL7/nix-darwin";
    nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
    home-manager.url = "github:nix-community/home-manager";
    home-manager.inputs.nixpkgs.follows = "nixpkgs";
  };

  outputs = inputs@{ self, nix-darwin, nixpkgs, home-manager }:
  let
    nixpkgsConfig = {
      config.allowUnfree = true;
    };
    configuration = { config, pkgs, ... }: {
      users.users.j = {
        name = "j";
        home = "/Users/j";
      };

      # List packages installed in system profile. To search by name, run:
      # $ nix-env -qaP | grep wget
      environment.systemPackages = with pkgs; [
   #     aspell
   #     bandwhich # Bandwidth monitor
   #     bat
   #     bottom # replacement for top
   #     broot # a filterable hierarchical file viewer with a tree-based TUI
   #     # cargo-apk
   #     # cargo-asm
   #     cargo-audit
   #     cargo-bloat
   #     cargo-edit
   #     cargo-crev
   #     cargo-criterion
   #     cargo-expand # Rust macro expansion utility
   #     cargo-outdated # Find outdated Rust crate dependencies
   #     cargo-make # build tool on top of cargo
   #     cargo-msrv # Find the Minimum Supported Rust Version for a crate
   #     cargo-ndk # Android build support for Rust
   #     cargo-watch # Execute commands when Rust project files change
   #     cargo-workspaces
   #     ## clang # TODO: poisons rust builds
   #     ## chromium # TODO: broken on MacOS, at least for now
   #     colmena
   #     diesel-cli
   #     ## discord  # TODO: broken on MacOS, at least for now
   #     dua
   #     dust
   #     # expect # A tool to automate interactice applications
   #     eza # nicer replacement for ls
   #     fd
   #     ffmpeg  # TODO: broken on MacOS, at least for now
   #     ## geeqie # SVG viewer with a niceish UX;   # TODO: broken on MacOS, at least for now
   #     git
   #     graphviz
   #     htop
   #     hyperfine
   #     lldb
   #     ## lshw # TODO: broken on MacOS, at least for now
   #     mplayer
   #     ## nextcloud-client TODO
   #     nixd
   #     nushell # A newfangled, more FP-oriented shell
   #     # powertop # TODO: broken on MacOS, at least for now
   #     resvg
   #     ripgrep
   #     rustup
   #     tokei
   #     vim
   #     # virtualbox
   #     ## vlc # TODO: broken on MacOS, at least for now
   #     wasm-pack # A tool to make WASM & Rust play nicely
   #     wezterm
   #     wget
   #     zellij
   #     # zulip
      ];

      #fonts.packages = with pkgs; [
      #  fira-code
      #  fira-code-symbols
      #  (nerdfonts.override {
      #    fonts = [
      #      "FiraCode"
      #      "DroidSansMono"
      #    ];
      #  })
      #  powerline-fonts
      #  powerline-symbols
      #  roboto-mono
      #];

      system.defaults = {
        dock.autohide = true;
        dock.mru-spaces = false;
        dock.show-recents = false; # Don't show recent applications in the Dock
        finder.AppleShowAllExtensions = true;
        finder.FXPreferredViewStyle = "Nlsv";
        finder.ShowPathbar = true;
        finder.ShowStatusBar = true;
        screencapture.location = "~/Screenshots";
        screensaver.askForPasswordDelay = 1; # Require a password in the screensaver after 1 second
        # universalaccess.reduceTransparency = true;
      };

      #nix.extraOptions = ''
      #  extra-platforms = x86_64-darwin aarch64-darwin
      #'';

      # Auto upgrade nix package and the daemon service.
      services.nix-daemon.enable = true;

      # nix.package = pkgs.nix;

      # Cross-compile GNU/Linux binaries, or even full GNU/Linux system images
      nix.linux-builder.enable = true;

      nix.settings.trusted-users = ["j"];

      # Necessary for using flakes on this system.
      nix.settings.experimental-features = "nix-command flakes";

      # Create /etc/zshrc that loads the nix-darwin environment.
      # programs.zsh = {
      #   enable = true; # default shell on catalina

      #   #enableBashCompletion = true;
      #   #enableSyntaxHighlighting = true;
      #   # loginShellInit = ''
      #   #   alias eza = "eza -ahl";
      #   #   # alias ls = "ls --color";
      #   #   # # Load SSH key
      #   #   # eval "$(ssh-agent -s)"                 > /dev/null
      #   #   # ssh-add ~/.ssh/id_ed25519.cassio.lan  2> /dev/null
      #   #   # # clear
      #   # '';

      # };

      # Enable sudo authentication using fingerprint biometrics
      security.pam.enableSudoTouchIdAuth = true;

      # Set Git commit hash for darwin-version.
      system.configurationRevision = self.rev or self.dirtyRev or null;

      # Used for backwards compatibility, please read the changelog before changing.
      # $ darwin-rebuild changelog
      system.stateVersion = 4;

      # The platform the configuration will be used on.
      nixpkgs.hostPlatform = "aarch64-darwin";
    };
  in
  {
    # Build darwin flake using:
    # $ darwin-rebuild build --flake .#cassio
    darwinConfigurations.cassio = nix-darwin.lib.darwinSystem {
      system = "aarch64-darwin";
      modules = [
        configuration

  #      # Build home-manager as a module of nix-darwin so that the
  #      # home-manager config will be deployed automatically when
  #      # the system is rebuilt using `nixos-rebuild switch`
  #      home-manager.darwinModules.home-manager

  #      { # enable home manager
  #        nixpkgs = nixpkgsConfig;
  #        home-manager.useGlobalPkgs = true;
  #        home-manager.useUserPackages = true;
  #        # home-manager.backupFileExtension = "hmbak";
  #        home-manager.users.j = import ./home.nix;
  #      }
      ];
    };

    # Expose the package set, including overlays, for convenience.
    darwinPackages = self.darwinConfigurations.cassio.pkgs;
  };
}

[jjpe]

I think I've found the issue:

# programs.zsh = {
      #   enable = true; # default shell on catalina
      #   other, less relevant zsh settings
# }

Because I'm using home-manager, I assumed that it would take over the entirety of zsh configuration. That appears not to be the case, and I don't recall seeing that in any documentation either.

So at the very least the docs are due for an update, with a LOUD warning that removing programs.zsh.enable = true; from your flake, even if you're using home-manager, WILL break your NIx system.