From 319c5a4b5b7f2562f30b777310c4f31b76053896 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=AErekc=C3=A4H=20nitraM=E2=80=AE?= Date: Sat, 22 Mar 2025 14:05:41 +0100 Subject: [PATCH 1/3] Switch to modern nix formatting --- modules/system/applications.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/modules/system/applications.nix b/modules/system/applications.nix index 9dd87665..041cb2cb 100644 --- a/modules/system/applications.nix +++ b/modules/system/applications.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: with lib; From 26ac636ec8d694cfffb03c3eadcb7ac9a796da30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=AErekc=C3=A4H=20nitraM=E2=80=AE?= Date: Sat, 22 Mar 2025 17:49:53 +0100 Subject: [PATCH 2/3] Remove unused with statement --- modules/system/applications.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/modules/system/applications.nix b/modules/system/applications.nix index 041cb2cb..3cd60c6d 100644 --- a/modules/system/applications.nix +++ b/modules/system/applications.nix @@ -5,12 +5,8 @@ ... }: -with lib; - let - cfg = config.system; - in { From 1a8be22860dcd3313ccdd9688405d361af9c1a56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=AErekc=C3=A4H=20nitraM=E2=80=AE?= Date: Sat, 22 Mar 2025 14:20:10 +0100 Subject: [PATCH 3/3] Copy applications instead of linking them to make macOS happy All existing attempts fell short. So we fall back to plain old copying applications over. Problems with alternatives: - Symlinking: Spotlight doesn't index symlinks. Therefore one cannot use Spotlight to find or open the apps. Also they don't show up in LaunchPad. - Trampolines: Apples Security & Privacy doesn't get the concept and shows them with the wrong name. Having an app open during an update will also make it show up twice in the Dock. - Aliasses: Require either AppleScript (a permission we don't want to have, as it easily bypasses Apples TCC) or extra tools (that would be ok), but also Aliasses are not categorized as 'Application' by SpotLight. - Directory Hardlinks are not supported by APFS - but also wouldn't work cross volume. - clonefile also doesn't work cross-volume. Which all leads us back to Don Copine and Pastone. *sigh* --- modules/system/applications.nix | 31 ++++++++++++++++++++++++++----- 1 file changed, 26 insertions(+), 5 deletions(-) diff --git a/modules/system/applications.nix b/modules/system/applications.nix index 3cd60c6d..84be7ba3 100644 --- a/modules/system/applications.nix +++ b/modules/system/applications.nix @@ -38,12 +38,33 @@ in rm ~/Applications/'Nix Apps' fi - if [ ! -e '/Applications/Nix Apps' ] \ - || ourLink '/Applications/Nix Apps'; then - ln -sfn ${cfg.build.applications}/Applications '/Applications/Nix Apps' - else - echo "warning: /Applications/Nix Apps is not owned by nix-darwin, skipping App linking..." >&2 + targetFolder='/Applications/Nix Apps' + + # Clean up old style symlink to nix store + if [ -e "$targetFolder" ] && ourLink "$targetFolder"; then + rm "$targetFolder" fi + + mkdir -p "$targetFolder" + + rsyncFlags=( + # mtime is standardized in the nix store, which would leave only file size to distinguish files. + # Thus we need checksums, despite the speed penalty. + --checksum + # Converts all symlinks pointing outside of the copied tree (thus unsafe) into real files and directories. + # This neatly converts all the symlinks pointing to application bundles in the nix store into + # real directories, without breaking any relative symlinks inside of application bundles. + # This is good enough, because the make-symlinks-relative.sh setup hook converts all $out internal + # symlinks to relative ones. + --copy-unsafe-links + --archive + --delete + --chmod=-w + --no-group + --no-owner + ) + + ${lib.getExe pkgs.rsync} "''${rsyncFlags[@]}" ${cfg.build.applications}/Applications/ "$targetFolder" ''; };