diff --git a/config.nix b/config.nix
index 395bf51a..841ce4ab 100644
--- a/config.nix
+++ b/config.nix
@@ -36,17 +36,21 @@ let
           pkgs.nox
         ];
 
-      launchd.daemons.nix-daemon =
-        { serviceConfig.Program = "${pkgs.nix}/bin/nix-daemon";
-          serviceConfig.KeepAlive = true;
+      launchd.agents.activate-system =
+        { serviceConfig.Program = "${config.system.build.activate}";
           serviceConfig.RunAtLoad = true;
+        };
+
+      launchd.daemons.nix-daemon =
+        { serviceConfig.Program = "/nix/var/nix/profiles/default/bin/nix-daemon";
+          serviceConfig.KeepAlive = true;
           serviceConfig.ProcessType = "Background";
           serviceConfig.SoftResourceLimits.NumberOfFiles = 4096;
+          serviceConfig.EnvironmentVariables.TMPDIR = "/nix/tmp";
+          serviceConfig.EnvironmentVariables.SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt";
           serviceConfig.EnvironmentVariables.NIX_BUILD_HOOK="/nix/var/nix/profiles/default/libexec/nix/build-remote.pl";
           serviceConfig.EnvironmentVariables.NIX_CURRENT_LOAD="/nix/tmp/current-load";
           serviceConfig.EnvironmentVariables.NIX_REMOTE_SYSTEMS="/etc/nix/machines";
-          serviceConfig.EnvironmentVariables.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
-          serviceConfig.EnvironmentVariables.TMPDIR = "/nix/tmp";
         };
 
       system.defaults.global.InitialKeyRepeat = 10;
@@ -114,7 +118,7 @@ let
           shift
 
           case $cmd in
-            'build')   nix-build --no-out-link '<nixpkgs>' -A nixdarwin.toplevel "$@" ;;
+            'build')   nix-build '<nixpkgs>' -A nixdarwin.toplevel "$@" ;;
             'repl')    nix-repl "$HOME/.nixpkgs/config.nix" "$@" ;;
             'shell')   nix-shell '<nixpkgs>' -p nixdarwin.toplevel --run '${pkgs.lnl.zsh}/bin/zsh -l' "$@" ;;
             'switch')  sudo nix-env --profile /nix/var/nix/profiles/system --set $(nix-build --no-out-link '<nixpkgs>' -A nixdarwin.toplevel) && nix-shell '<nixpkgs>' -A nixdarwin.toplevel --run 'sudo $out/activate' && exec ${pkgs.lnl.zsh}/bin/zsh -l ;;
diff --git a/modules/system/activation-scripts.nix b/modules/system/activation-scripts.nix
index fda882f0..f32e1dee 100644
--- a/modules/system/activation-scripts.nix
+++ b/modules/system/activation-scripts.nix
@@ -34,6 +34,19 @@ in
 
   config = {
 
+    system.build.activate = pkgs.writeText "activate-system" ''
+      #! ${pkgs.stdenv.shell}
+
+      # Make this configuration the current configuration.
+      # The readlink is there to ensure that when $systemConfig = /system
+      # (which is a symlink to the store), /run/current-system is still
+      # used as a garbage collection root.
+      ln -sfn $(cat /nix/var/nix/profiles/system/systemConfig) /run/current-system
+
+      # Prevent the current configuration from being garbage-collected.
+      ln -sfn /run/current-system /nix/var/nix/gcroots/current-system
+    '';
+
     system.activationScripts.script.text = ''
       #! ${pkgs.stdenv.shell}
 
diff --git a/modules/system/default.nix b/modules/system/default.nix
index 7689e42e..9cf190e6 100644
--- a/modules/system/default.nix
+++ b/modules/system/default.nix
@@ -46,6 +46,8 @@ in
       buildCommand = ''
         mkdir $out
 
+        systemConfig=$out
+
         ln -s ${cfg.build.etc}/etc $out/etc
         ln -s ${cfg.path} $out/sw
 
@@ -57,6 +59,8 @@ in
         chmod u+x $out/activate
         unset activationScript
 
+        echo -n "$systemConfig" > $out/systemConfig
+
         echo -n "$nixdarwinLabel" > $out/nixdarwin-version
         echo -n "$system" > $out/system
       '';