Allow flaky installation with darwin-rebuild

2024-12-14 11:57:34 +00:00 · 2023-06-20 22:54:31 +10:00 · 2023-06-20 22:54:31 +10:00 · 5288a72354
commit 5288a72354
parent f70f90c422
11 changed files with 105 additions and 116 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -119,28 +119,18 @@ jobs:
      uses: cachix/install-nix-action@v22
      with:
        install_url: https://github.com/nix-community/nix-unstable-installer/releases/download/nix-2.10.0pre20220822_7c3ab57/install
        nix_path: nixpkgs=channel:${{ env.CURRENT_STABLE_CHANNEL }}
        extra_nix_config: |
          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-    - name: Install ${{ env.CURRENT_STABLE_CHANNEL }} channel
+    - name: Install nix-darwin
      run: |
-        nix-channel --add https://nixos.org/channels/${{ env.CURRENT_STABLE_CHANNEL }} nixpkgs
+        nix run .#darwin-rebuild -- \
-        nix-channel --update
+          switch --flake ./modules/examples/flake#simple \
-    - name: Install nix-darwin and test result
+          --override-input darwin . \
-      run: |
+          --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }}
-        export NIX_PATH=$HOME/.nix-defexpr/channels
+    - name: Rebuild and activate simple flake, but this time using nix-darwin's flake interface
        nix-shell -A installer
        nix-shell -A installer.check
    - name: Build simple flake configuration
      run: |
        nix build ./modules/examples/flake#darwinConfigurations.simple.system --override-input darwin .
    - name: Activate derivation of simple flake build
      run: |
        ./result/sw/bin/darwin-rebuild switch --flake ./modules/examples/flake#simple --override-input darwin .
    - name: Rebuild and activate simple flake, but this time using nix-darwins flake interface
      run: |
        . /etc/static/bashrc
-        darwin-rebuild build --flake ./modules/examples/flake#simple --override-input darwin .
+        darwin-rebuild build --flake ./modules/examples/flake#simple --override-input darwin . --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }}
    - name: Test git submodules
      run: |
        . /etc/static/bashrc
@ -175,6 +165,7 @@ jobs:
        darwin-rebuild build \
          --flake /tmp/test-nix-darwin-submodules#simple \
          --override-input darwin . \
          --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} \
          && {
            printf 'succeeded while expecting failure due to submodule\n' >/dev/stderr
            exit 1
@ -183,6 +174,7 @@ jobs:
        darwin-rebuild build \
          --flake /tmp/test-nix-darwin-submodules?submodules=0#simple \
          --override-input darwin . \
          --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} \
          && {
            printf 'succeeded while expecting failure due to submodule\n' >/dev/stderr
            exit 1
@ -191,7 +183,8 @@ jobs:
        # Should succeed
        darwin-rebuild build \
          --flake /tmp/test-nix-darwin-submodules?submodules=1#simple \
-          --override-input darwin .
+          --override-input darwin . \
          --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} \
  install-flake-against-unstable:
    runs-on: macos-12
@ -201,28 +194,18 @@ jobs:
    - name: Install nix from current unstable channel
      uses: cachix/install-nix-action@v22
      with:
        nix_path: nixpkgs=channel:nixpkgs-unstable
        extra_nix_config: |
          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-    - name: Install nixpkgs-unstable channel
+    - name: Install nix-darwin
      run: |
-        nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs
+        nix run .#darwin-rebuild -- \
-        nix-channel --update
+          switch --flake ./modules/examples/flake#simple \
-    - name: Install nix-darwin and test result
+          --override-input darwin . \
-      run: |
+          --override-input nixpkgs nixpkgs/nixpkgs-unstable
-        export NIX_PATH=$HOME/.nix-defexpr/channels
+    - name: Rebuild and activate simple flake, but this time using nix-darwin's flake interface
        nix-shell -A installer
        nix-shell -A installer.check
    - name: Build simple flake configuration
      run: |
        nix build ./modules/examples/flake#darwinConfigurations.simple.system --override-input darwin .
    - name: Activate derivation of simple flake build
      run: |
        ./result/sw/bin/darwin-rebuild switch --flake ./modules/examples/flake#simple --override-input darwin .
    - name: Rebuild and activate simple flake, but this time using nix-darwins flake interface
      run: |
        . /etc/static/bashrc
-        darwin-rebuild build --flake ./modules/examples/flake#simple --override-input darwin .
+        darwin-rebuild build --flake ./modules/examples/flake#simple --override-input darwin . --override-input nixpkgs nixpkgs/nixpkgs-unstable
    - name: Test git submodules
      run: |
        . /etc/static/bashrc
@ -257,14 +240,17 @@ jobs:
        darwin-rebuild build \
          --flake /tmp/test-nix-darwin-submodules#simple \
          --override-input darwin . \
          --override-input nixpkgs nixpkgs/nixpkgs-unstable \
          && {
            printf 'succeeded while expecting failure due to submodule\n' >/dev/stderr
            exit 1
          }
        # Should also fail
        darwin-rebuild build \
          --flake /tmp/test-nix-darwin-submodules?submodules=0#simple \
          --override-input darwin . \
          --override-input nixpkgs nixpkgs/nixpkgs-unstable \
          && {
            printf 'succeeded while expecting failure due to submodule\n' >/dev/stderr
            exit 1
@ -273,8 +259,11 @@ jobs:
        # Should succeed
        darwin-rebuild build \
          --flake /tmp/test-nix-darwin-submodules?submodules=1#simple \
-          --override-input darwin .
+          --override-input darwin . \
          --override-input nixpkgs nixpkgs/nixpkgs-unstable
        # Should also succeed
        darwin-rebuild build \
          --flake git+file:///tmp/test-nix-darwin-submodules?submodules=1#simple \
-          --override-input darwin .
+          --override-input darwin . \
          --override-input nixpkgs nixpkgs/nixpkgs-unstable
--- a/README.md
+++ b/README.md
@ -123,13 +123,6 @@ nix build ~/.config/darwin\#darwinConfigurations.Johns-MacBook.system
 ## Manual Install
 ```bash
 # Before 10.15 Catalina
 sudo ln -s private/var/run /run
 # After 10.15 Catalina
 echo -e "run\tprivate/var/run" | sudo tee -a /etc/synthetic.conf
 /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -B
 /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -t
 # Configure the channel
 nix-channel --add https://github.com/LnL7/nix-darwin/archive/master.tar.gz darwin
 nix-channel --update
--- a/flake.nix
+++ b/flake.nix
@ -36,6 +36,12 @@
          });
    };
    overlays.default = final: prev: {
      inherit (prev.callPackage ./pkgs/nix-tools { }) darwin-rebuild darwin-option;
      darwin-uninstaller = prev.callPackage ./pkgs/darwin-uninstaller { nix-darwin = self; };
    };
    darwinModules.hydra = ./modules/examples/hydra.nix;
    darwinModules.lnl = ./modules/examples/lnl.nix;
    darwinModules.ofborg = ./modules/examples/ofborg.nix;
@ -63,20 +69,14 @@
    });
    packages = forAllSystems (system: let
-      pkgs = nixpkgs.legacyPackages.${system};
+      pkgs = import nixpkgs {
      darwin = self.lib.darwinSystem {
        inherit system;
-        modules = [ ];
+        overlays = [ self.overlays.default ];
      };
      nix-tools = pkgs.callPackage ./pkgs/nix-tools { inherit darwin; };
    in {
      default = self.packages.${system}.darwin-rebuild;
-      inherit (nix-tools) darwin-rebuild darwin-option;
+      inherit (pkgs) darwin-option darwin-rebuild darwin-uninstaller;
      darwin-uninstaller = pkgs.callPackage ./pkgs/darwin-uninstaller { nix-darwin = self; };
    });
  };
 }
--- a/modules/module-list.nix
+++ b/modules/module-list.nix
@ -8,6 +8,7 @@
  ./security/pki
  ./security/sandbox
  ./system
  ./system/base.nix
  ./system/checks.nix
  ./system/activation-scripts.nix
  ./system/applications.nix
--- a/modules/nix/nix-darwin.nix
+++ b/modules/nix/nix-darwin.nix
@ -1,31 +1,13 @@
-{ config, pkgs, lib, ... }:
+{ config, pkgs, ... }:
 let
-  inherit (pkgs) stdenv;
+  nix-tools = pkgs.callPackage ../../pkgs/nix-tools {
  extraPath = lib.makeBinPath [ config.nix.package pkgs.coreutils pkgs.jq pkgs.git ];
  writeProgram = name: env: src:
    pkgs.substituteAll ({
      inherit name src;
      dir = "bin";
      isExecutable = true;
    } // env);
  darwin-option = writeProgram "darwin-option"
    {
      inherit (stdenv) shell;
      path = "${extraPath}:${config.environment.systemPath}";
    }
    ../../pkgs/nix-tools/darwin-option.sh;
  darwin-rebuild = writeProgram "darwin-rebuild"
    {
    inherit (config.system) profile;
-      inherit (stdenv) shell;
+    inherit (config.environment) systemPath;
-      path = "${extraPath}:${config.environment.systemPath}";
+    nixPackage = config.nix.package;
-    }
+  };
-    ../../pkgs/nix-tools/darwin-rebuild.sh;
+
  inherit (nix-tools) darwin-option darwin-rebuild;
 in
 {
--- a/modules/system/activation-scripts.nix
+++ b/modules/system/activation-scripts.nix
@ -69,11 +69,6 @@ in
      ${cfg.activationScripts.postActivation.text}
      # Ensure /run exists.
      if [ ! -e /run ]; then
        ln -sfn private/var/run /run
      fi
      # Make this configuration the current configuration.
      # The readlink is there to ensure that when $systemConfig = /system
      # (which is a symlink to the store), /run/current-system is still
@ -102,6 +97,7 @@ in
      ${cfg.activationScripts.preUserActivation.text}
      ${cfg.activationScripts.createRun.text}
      ${cfg.activationScripts.checks.text}
      ${cfg.activationScripts.extraUserActivation.text}
      ${cfg.activationScripts.userDefaults.text}
--- a/modules/system/base.nix
+++ b/modules/system/base.nix
@ -0,0 +1,24 @@
 { ... }:
 {
  system.activationScripts.createRun.text = ''
    if ! test -L /run; then
      if ! grep -q '^run\b' /etc/synthetic.conf 2>/dev/null; then
          echo "setting up /run via /etc/synthetic.conf..."
          echo -e "run\tprivate/var/run" | sudo tee -a /etc/synthetic.conf >/dev/null
          sudo /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -B &>/dev/null || true
          sudo /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -t &>/dev/null || true
          if ! test -L /run; then
            echo "warning: apfs.util failed to symlink /run"
          fi
      fi
      if ! test -L /run; then
          echo "setting up /run..."
          sudo ln -sfn private/var/run /run
      fi
      if ! test -L /run; then
        echo "warning: failed to symlink /run"
      fi
    fi
  '';
 }
--- a/modules/system/checks.nix
+++ b/modules/system/checks.nix
@ -28,8 +28,8 @@ let
        if test -e /etc/synthetic.conf; then
            echo >&2
            echo "$ printf 'run\tprivate/var/run\n' | sudo tee -a /etc/synthetic.conf" >&2
-            echo "$ /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -B # For Catalina" >&2
+            echo "$ sudo /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -B # For Catalina" >&2
-            echo "$ /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -t # For Big Sur and later" >&2
+            echo "$ sudo /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -t # For Big Sur and later" >&2
            echo >&2
            echo "The current contents of /etc/synthetic.conf is:" >&2
            echo >&2
--- a/pkgs/darwin-installer/configuration.nix
+++ b/pkgs/darwin-installer/configuration.nix
@ -6,5 +6,4 @@ with lib;
  imports = [ <user-darwin-config> ./installer.nix ];
  nix.configureBuildUsers = true;
  users.knownGroups = [ "nixbld" ];
 }
--- a/pkgs/darwin-installer/installer.nix
+++ b/pkgs/darwin-installer/installer.nix
@ -30,31 +30,5 @@ with lib;
                ;;
        esac
    fi
    if ! test -L /run; then
      if test -t 1; then
          read -p "Would you like to create /run? [y/n] " i
      fi
      case "$i" in
          y|Y)
              if ! grep -q '^run\b' /etc/synthetic.conf 2>/dev/null; then
                  echo "setting up /run via /etc/synthetic.conf..."
                  echo -e "run\tprivate/var/run" | sudo tee -a /etc/synthetic.conf >/dev/null
                  sudo /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -B &>/dev/null || true
                  sudo /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -t &>/dev/null || true
                  if ! test -L /run; then
                    echo "warning: apfs.util failed to symlink /run"
                  fi
              fi
              if ! test -L /run; then
                  echo "setting up /run..."
                  sudo ln -sfn private/var/run /run
              fi
              if ! test -L /run; then
                echo "warning: failed to symlink /run"
              fi
              ;;
      esac
    fi
  '';
 }
--- a/pkgs/nix-tools/default.nix
+++ b/pkgs/nix-tools/default.nix
@ -1,7 +1,38 @@
-{ darwin }:
+{ lib
 , coreutils
 , jq
 , git
 , substituteAll
 , stdenv
 , profile ? "/nix/var/nix/profiles/system"
 , nixPackage ? "/nix/var/nix/profiles/default"
 , systemPath ? "$HOME/.nix-profile/bin:/etc/profiles/per-user/$USER/bin:/run/current-system/sw/bin:/nix/var/nix/profiles/default/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
 }:
 let
-  inherit (darwin) config;
+  extraPath = lib.makeBinPath [ nixPackage coreutils jq git ];
-in {
+
-  inherit (config.system.build) darwin-option darwin-rebuild;
+  writeProgram = name: env: src:
    substituteAll ({
      inherit name src;
      dir = "bin";
      isExecutable = true;
    } // env);
  path = "${extraPath}:${systemPath}";
 in
 {
  darwin-option = writeProgram "darwin-option"
    {
      inherit path;
      inherit (stdenv) shell;
    }
    ./darwin-option.sh;
  darwin-rebuild = writeProgram "darwin-rebuild"
    {
      inherit path profile;
      inherit (stdenv) shell;
    }
    ./darwin-rebuild.sh;
 }