mirrors/nix-darwin
1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2024-12-14 11:57:34 +00:00
Code Activity

feat: use wait4path with script launchd option

Browse source 
addresses https://github.com/LnL7/nix-darwin/issues/1043

fix: use exec in launchd daemon config

fix: dont use a script thats in the nix store

fix: remove manual wait4path in linux-builder

fix: remove manual wait4path in karabiner elements

fix: remove manual wait4path in nix-daemon

fix: remove manual wait4path in nix-optimise

fix: remove manual wait4path in tailscaled

fix: autossh test

Revert "fix: remove manual wait4path in nix-daemon"

This reverts commit 6aec084fa5.

fix: remove bad exec

Reapply "fix: remove manual wait4path in nix-daemon"

This reverts commit c8f136ecc5.

fix: update autossh test

to reflect changes in f86e6133d9

fix: services-activate-system-changed-label-prefix test

fix: services-buildkite-agent test

fix: services-activate-system test

fix: escape ampersand

fix: services-lorri test

fix: services-nix-optimise test

fix: services-nix-gc test

refactor: use script rather than command in daemon

fix: use config.command for clarity

style: fix indentation

fix: use lib.getExe rather than directly pointing to file

revert: a87fc7bbbb

- mistaken refactor meant that service waited for nix store and not the relevant path
This commit is contained in:
will 2024-08-31 18:27:10 +10:00
parent c03f85fa42
commit 034c45dd0c
No known key found for this signature in database
13 changed files with 66 additions and 68 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
modules/launchd/default.nix
View file

@ -20,7 +20,6 @@ let
{ config, name, ... }: { config, name, ... }:
let let
cmd = config.command;
env = config.environment // optionalAttrs (config.path != "") { PATH = config.path; }; env = config.environment // optionalAttrs (config.path != "") { PATH = config.path; };
in in
@ -88,7 +87,11 @@ let
''); '');
serviceConfig.Label = mkDefault "${cfg.labelPrefix}.${name}"; serviceConfig.Label = mkDefault "${cfg.labelPrefix}.${name}";
serviceConfig.ProgramArguments = mkIf (cmd != "") [ "/bin/sh" "-c" "exec ${cmd}" ]; serviceConfig.ProgramArguments = mkIf (config.command != "") [
"/bin/sh"
"-c"
"/bin/wait4path /nix/store && exec ${config.command}"
];
serviceConfig.EnvironmentVariables = mkIf (env != {}) env; serviceConfig.EnvironmentVariables = mkIf (env != {}) env;
}; };
}; };

35
modules/nix/linux-builder.nix
View file

@ -4,21 +4,6 @@ with lib;
let let
cfg = config.nix.linux-builder; cfg = config.nix.linux-builder;
# create-builder uses TMPDIR to share files with the builder, notably certs.
# macOS will clean up files in /tmp automatically that haven't been accessed in 3+ days.
# If we let it use /tmp, leaving the computer asleep for 3 days makes the certs vanish.
# So we'll use /run/org.nixos.linux-builder instead and clean it up ourselves.
script = pkgs.writeShellScript "linux-builder-start" ''
export TMPDIR=/run/org.nixos.linux-builder USE_TMPDIR=1
rm -rf $TMPDIR
mkdir -p $TMPDIR
trap "rm -rf $TMPDIR" EXIT
${lib.optionalString cfg.ephemeral ''
rm -f ${cfg.workingDirectory}/${cfg.package.nixosConfig.networking.hostName}.qcow2
''}
${cfg.package}/bin/create-builder
'';
in in
{ {
@ -176,11 +161,23 @@ in
environment = { environment = {
inherit (config.environment.variables) NIX_SSL_CERT_FILE; inherit (config.environment.variables) NIX_SSL_CERT_FILE;
}; };
# create-builder uses TMPDIR to share files with the builder, notably certs.
# macOS will clean up files in /tmp automatically that haven't been accessed in 3+ days.
# If we let it use /tmp, leaving the computer asleep for 3 days makes the certs vanish.
# So we'll use /run/org.nixos.linux-builder instead and clean it up ourselves.
script = ''
export TMPDIR=/run/org.nixos.linux-builder USE_TMPDIR=1
rm -rf $TMPDIR
mkdir -p $TMPDIR
trap "rm -rf $TMPDIR" EXIT
${lib.optionalString cfg.ephemeral ''
rm -f ${cfg.workingDirectory}/${cfg.package.nixosConfig.networking.hostName}.qcow2
''}
${cfg.package}/bin/create-builder
'';
serviceConfig = { serviceConfig = {
ProgramArguments = [
"/bin/sh" "-c"
"/bin/wait4path /nix/store && exec ${script}"
];
KeepAlive = true; KeepAlive = true;
RunAtLoad = true; RunAtLoad = true;
WorkingDirectory = cfg.workingDirectory; WorkingDirectory = cfg.workingDirectory;

20
modules/services/karabiner-elements/default.nix
View file

@ -38,14 +38,11 @@ in
# the system extension is activated, so we can call activate from the manager # the system extension is activated, so we can call activate from the manager
# which will block until the system extension is activated. # which will block until the system extension is activated.
launchd.daemons.start_karabiner_daemons = { launchd.daemons.start_karabiner_daemons = {
serviceConfig.ProgramArguments = [ script = ''
"/bin/sh" "-c"
"/bin/wait4path /nix/store && ${pkgs.writeScript "start_karabiner_daemons" ''
${parentAppDir}/.Karabiner-VirtualHIDDevice-Manager.app/Contents/MacOS/Karabiner-VirtualHIDDevice-Manager activate ${parentAppDir}/.Karabiner-VirtualHIDDevice-Manager.app/Contents/MacOS/Karabiner-VirtualHIDDevice-Manager activate
launchctl kickstart system/org.pqrs.karabiner.karabiner_grabber launchctl kickstart system/org.pqrs.karabiner.karabiner_grabber
launchctl kickstart system/org.pqrs.karabiner.karabiner_observer launchctl kickstart system/org.pqrs.karabiner.karabiner_observer
''}" '';
];
serviceConfig.Label = "org.nixos.start_karabiner_daemons"; serviceConfig.Label = "org.nixos.start_karabiner_daemons";
serviceConfig.RunAtLoad = true; serviceConfig.RunAtLoad = true;
}; };
@ -73,11 +70,7 @@ in
}; };
launchd.daemons.Karabiner-DriverKit-VirtualHIDDeviceClient = { launchd.daemons.Karabiner-DriverKit-VirtualHIDDeviceClient = {
serviceConfig.ProgramArguments = [ command = "${pkgs.karabiner-elements.driver}/Library/Application Support/org.pqrs/Karabiner-DriverKit-VirtualHIDDevice/Applications/Karabiner-DriverKit-VirtualHIDDeviceClient.app/Contents/MacOS/Karabiner-DriverKit-VirtualHIDDeviceClient";
"/bin/sh" "-c"
# For unknown reasons this daemon will fail if VirtualHIDDeviceClient is not exec'd.
"/bin/wait4path /nix/store && exec \"${pkgs.karabiner-elements.driver}/Library/Application Support/org.pqrs/Karabiner-DriverKit-VirtualHIDDevice/Applications/Karabiner-DriverKit-VirtualHIDDeviceClient.app/Contents/MacOS/Karabiner-DriverKit-VirtualHIDDeviceClient\""
];
serviceConfig.ProcessType = "Interactive"; serviceConfig.ProcessType = "Interactive";
serviceConfig.Label = "org.pqrs.Karabiner-DriverKit-VirtualHIDDeviceClient"; serviceConfig.Label = "org.pqrs.Karabiner-DriverKit-VirtualHIDDeviceClient";
serviceConfig.KeepAlive = true; serviceConfig.KeepAlive = true;
@ -95,14 +88,11 @@ in
# We need this to run every reboot as /run gets nuked so we can't put this # We need this to run every reboot as /run gets nuked so we can't put this
# inside the preActivation script as it only gets run on darwin-rebuild switch. # inside the preActivation script as it only gets run on darwin-rebuild switch.
launchd.daemons.setsuid_karabiner_session_monitor = { launchd.daemons.setsuid_karabiner_session_monitor = {
serviceConfig.ProgramArguments = [ script = ''
"/bin/sh" "-c"
"/bin/wait4path /nix/store && ${pkgs.writeScript "setsuid_karabiner_session_monitor" ''
rm -rf /run/wrappers rm -rf /run/wrappers
mkdir -p /run/wrappers/bin mkdir -p /run/wrappers/bin
install -m4555 "${pkgs.karabiner-elements}/Library/Application Support/org.pqrs/Karabiner-Elements/bin/karabiner_session_monitor" /run/wrappers/bin install -m4555 "${pkgs.karabiner-elements}/Library/Application Support/org.pqrs/Karabiner-Elements/bin/karabiner_session_monitor" /run/wrappers/bin
''}" '';
];
serviceConfig.RunAtLoad = true; serviceConfig.RunAtLoad = true;
serviceConfig.KeepAlive.SuccessfulExit = false; serviceConfig.KeepAlive.SuccessfulExit = false;
}; };

5
modules/services/nix-daemon.nix
View file

@ -44,10 +44,7 @@ in
nix.useDaemon = true; nix.useDaemon = true;
launchd.daemons.nix-daemon = { launchd.daemons.nix-daemon = {
serviceConfig.ProgramArguments = [ command = lib.getExe' config.nix.package "nix-daemon";
"/bin/sh" "-c"
"/bin/wait4path ${config.nix.package}/bin/nix-daemon && exec ${config.nix.package}/bin/nix-daemon"
];
serviceConfig.ProcessType = config.nix.daemonProcessType; serviceConfig.ProcessType = config.nix.daemonProcessType;
serviceConfig.LowPriorityIO = config.nix.daemonIOLowPriority; serviceConfig.LowPriorityIO = config.nix.daemonIOLowPriority;
serviceConfig.Label = "org.nixos.nix-daemon"; # must match daemon installed by Nix regardless of the launchd label Prefix serviceConfig.Label = "org.nixos.nix-daemon"; # must match daemon installed by Nix regardless of the launchd label Prefix

5
modules/services/nix-optimise/default.nix
View file

@ -62,11 +62,8 @@ in
launchd.daemons.nix-optimise = { launchd.daemons.nix-optimise = {
environment.NIX_REMOTE = optionalString config.nix.useDaemon "daemon"; environment.NIX_REMOTE = optionalString config.nix.useDaemon "daemon";
command = "${lib.getExe' config.nix.package "nix-store"} --optimise";
serviceConfig = { serviceConfig = {
ProgramArguments = [
"/bin/sh" "-c"
"/bin/wait4path ${config.nix.package} && exec ${config.nix.package}/bin/nix-store --optimise"
];
RunAtLoad = false; RunAtLoad = false;
StartCalendarInterval = cfg.interval; StartCalendarInterval = cfg.interval;
UserName = cfg.user; UserName = cfg.user;

5
modules/services/tailscale.nix
View file

@ -54,12 +54,9 @@ in
launchd.daemons.tailscaled = { launchd.daemons.tailscaled = {
# derived from # derived from
# https://github.com/tailscale/tailscale/blob/main/cmd/tailscaled/install_darwin.go#L30 # https://github.com/tailscale/tailscale/blob/main/cmd/tailscaled/install_darwin.go#L30
command = lib.getExe' cfg.package "tailscaled";
serviceConfig = { serviceConfig = {
Label = "com.tailscale.tailscaled"; Label = "com.tailscale.tailscaled";
ProgramArguments = [
"/bin/sh" "-c"
"/bin/wait4path ${cfg.package} && ${cfg.package}/bin/tailscaled"
];
RunAtLoad = true; RunAtLoad = true;
}; };
}; };

16
tests/autossh.nix
View file

@ -1,17 +1,19 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
services.autossh.sessions = [ { services.autossh.sessions = [
name = "foo"; {
user = "jfelice"; name = "foo";
extraArguments = "-i /some/key -T -N bar.eraserhead.net"; user = "jfelice";
} ]; extraArguments = "-i /some/key -T -N bar.eraserhead.net";
}
];
test = '' test = ''
plist=${config.out}/Library/LaunchDaemons/org.nixos.autossh-foo.plist plist=${config.out}/Library/LaunchDaemons/org.nixos.autossh-foo.plist
test -f $plist test -f $plist
grep '<string>exec /nix/store/.*/bin/autossh ' $plist grep '<string>/bin/wait4path /nix/store &amp;&amp; exec /nix/store/.*/bin/autossh ' $plist
grep '<string>exec.*-i /some/key ' $plist grep '<string>/bin/wait4path /nix/store &amp;&amp; exec.*-i /some/key ' $plist
tr -d '\n\t ' <$plist |grep '<key>KeepAlive</key><true */>' tr -d '\n\t ' <$plist |grep '<key>KeepAlive</key><true */>'
''; '';
} }

2
tests/services-activate-system-changed-label-prefix.nix
View file

@ -9,7 +9,7 @@
grep "org.nix-darwin.activate-system" ${config.out}/Library/LaunchDaemons/org.nix-darwin.activate-system.plist grep "org.nix-darwin.activate-system" ${config.out}/Library/LaunchDaemons/org.nix-darwin.activate-system.plist
echo checking activation of /run/current-system >&2 echo checking activation of /run/current-system >&2
script=$(cat ${config.out}/Library/LaunchDaemons/org.nix-darwin.activate-system.plist | awk -F'[< ]' '$3 ~ "^/nix/store/.*" {print $3}') script=$(cat ${config.out}/Library/LaunchDaemons/org.nix-darwin.activate-system.plist | awk -F'[< ]' '$6 ~ "^/nix/store/.*" {print $6}')
grep "ln -sfn .* /run/current-system" "$script" grep "ln -sfn .* /run/current-system" "$script"
''; '';
} }

2
tests/services-activate-system.nix
View file

@ -8,7 +8,7 @@
grep "org.nixos.activate-system" ${config.out}/Library/LaunchDaemons/org.nixos.activate-system.plist grep "org.nixos.activate-system" ${config.out}/Library/LaunchDaemons/org.nixos.activate-system.plist
echo checking activation of /run/current-system >&2 echo checking activation of /run/current-system >&2
script=$(cat ${config.out}/Library/LaunchDaemons/org.nixos.activate-system.plist | awk -F'[< ]' '$3 ~ "^/nix/store/.*" {print $3}') script=$(cat ${config.out}/Library/LaunchDaemons/org.nixos.activate-system.plist | awk -F'[< ]' '$6 ~ "^/nix/store/.*" {print $6}')
grep "ln -sfn .* /run/current-system" "$script" grep "ln -sfn .* /run/current-system" "$script"
''; '';
} }

4
tests/services-buildkite-agent.nix
View file

@ -1,7 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
buildkite-agent = pkgs.runCommand "buildkite-agent-0.0.0" {} "mkdir $out"; buildkite-agent = pkgs.runCommand "buildkite-agent-0.0.0" { } "mkdir $out";
tokenPath = pkgs.writeText "buildkite_token" "TEST_TOKEN"; tokenPath = pkgs.writeText "buildkite_token" "TEST_TOKEN";
in in
@ -20,7 +20,7 @@ in
grep "org.nixos.buildkite-agent-test" ${config.out}/Library/LaunchDaemons/org.nixos.buildkite-agent-test.plist grep "org.nixos.buildkite-agent-test" ${config.out}/Library/LaunchDaemons/org.nixos.buildkite-agent-test.plist
echo "checking creation of buildkite-agent service config" >&2 echo "checking creation of buildkite-agent service config" >&2
script=$(cat ${config.out}/Library/LaunchDaemons/org.nixos.buildkite-agent-test.plist | awk -F'[< ]' '$3 ~ "^/nix/store/.*" {print $3}') script=$(cat ${config.out}/Library/LaunchDaemons/org.nixos.buildkite-agent-test.plist | awk -F'[< ]' '$6 ~ "^/nix/store/.*" {print $6}')
grep "yolo=1" "$script" grep "yolo=1" "$script"
grep "${tokenPath}" "$script" grep "${tokenPath}" "$script"

25
tests/services-lorri.nix
View file

@ -1,14 +1,29 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
let let
plistPath = "${config.out}/user/Library/LaunchAgents/org.nixos.lorri.plist"; plistPath = "${config.out}/user/Library/LaunchAgents/org.nixos.lorri.plist";
expectedPath = "${lib.makeBinPath [config.nix.package pkgs.git pkgs.gnutar pkgs.gzip]}"; expectedPath = "${lib.makeBinPath [
expectedNixPath = "${"nixpkgs="+ toString pkgs.path}"; config.nix.package
pkgs.git
pkgs.gnutar
pkgs.gzip
]}";
expectedNixPath = "${"nixpkgs=" + toString pkgs.path}";
in in
{ {
services.lorri.enable = true; services.lorri.enable = true;
test = '' test = ''
PATH=${lib.makeBinPath [ pkgs.xcbuild pkgs.jq ]}:$PATH PATH=${
lib.makeBinPath [
pkgs.xcbuild
pkgs.jq
]
}:$PATH
plutil -lint ${plistPath} plutil -lint ${plistPath}
plutil -convert json -o service.json ${plistPath} plutil -convert json -o service.json ${plistPath}
@ -21,7 +36,7 @@ in
<service.json jq -e ".ProgramArguments|length == 3" <service.json jq -e ".ProgramArguments|length == 3"
<service.json jq -e ".ProgramArguments[0] == \"/bin/sh\"" <service.json jq -e ".ProgramArguments[0] == \"/bin/sh\""
<service.json jq -e ".ProgramArguments[1] == \"-c\"" <service.json jq -e ".ProgramArguments[1] == \"-c\""
<service.json jq -e ".ProgramArguments[2] == \"exec ${pkgs.lorri}/bin/lorri daemon\"" <service.json jq -e ".ProgramArguments[2] == \"/bin/wait4path /nix/store && exec ${pkgs.lorri}/bin/lorri daemon\""
<service.json jq -e ".RunAtLoad == true" <service.json jq -e ".RunAtLoad == true"
''; '';
} }

4
tests/services-nix-gc.nix
View file

@ -1,7 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
nix = pkgs.runCommand "nix-2.2" {} "mkdir -p $out"; nix = pkgs.runCommand "nix-2.2" { } "mkdir -p $out";
in in
{ {
@ -13,7 +13,7 @@ in
test = '' test = ''
echo checking nix-gc service in /Library/LaunchDaemons >&2 echo checking nix-gc service in /Library/LaunchDaemons >&2
grep "<string>org.nixos.nix-gc</string>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-gc.plist grep "<string>org.nixos.nix-gc</string>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-gc.plist
grep "<string>exec ${nix}/bin/nix-collect-garbage --delete-older-than 30d</string>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-gc.plist grep "<string>/bin/wait4path /nix/store &amp;&amp; exec ${nix}/bin/nix-collect-garbage --delete-older-than 30d</string>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-gc.plist
grep "<key>UserName</key>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-gc.plist grep "<key>UserName</key>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-gc.plist
grep "<string>nixuser</string>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-gc.plist grep "<string>nixuser</string>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-gc.plist

4
tests/services-nix-optimise.nix
View file

@ -1,7 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
nix = pkgs.runCommand "nix-2.2" {} "mkdir -p $out"; nix = pkgs.runCommand "nix-2.2" { } "mkdir -p $out";
in in
{ {
@ -13,7 +13,7 @@ in
echo checking nix-optimise service in /Library/LaunchDaemons >&2 echo checking nix-optimise service in /Library/LaunchDaemons >&2
grep "<string>org.nixos.nix-optimise</string>" \ grep "<string>org.nixos.nix-optimise</string>" \
${config.out}/Library/LaunchDaemons/org.nixos.nix-optimise.plist ${config.out}/Library/LaunchDaemons/org.nixos.nix-optimise.plist
grep "<string>/bin/wait4path ${nix} &amp;&amp; exec ${nix}/bin/nix-store --optimise</string>" \ grep "<string>/bin/wait4path /nix/store &amp;&amp; exec ${nix}/bin/nix-store --optimise</string>" \
${config.out}/Library/LaunchDaemons/org.nixos.nix-optimise.plist ${config.out}/Library/LaunchDaemons/org.nixos.nix-optimise.plist
grep "<key>UserName</key>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-optimise.plist grep "<key>UserName</key>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-optimise.plist
grep "<string>nixuser</string>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-optimise.plist grep "<string>nixuser</string>" ${config.out}/Library/LaunchDaemons/org.nixos.nix-optimise.plist