mirrors/nix-darwin
mirrors/nix-darwin
1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2025-03-16 13:28:16 +00:00
Code Activity

add activation-checks

Browse source
This commit is contained in:
Daiderd Jordan 2017-07-23 16:05:46 +02:00
parent b3a9587cfb
commit 8016f1e2fd
No known key found for this signature in database
GPG key ID: D02435D05B810C96
4 changed files with 280 additions and 268 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
default.nix
View file

@ -20,6 +20,7 @@ let
packages packages
./modules/alias.nix ./modules/alias.nix
./modules/system ./modules/system
./modules/system/activation-checks.nix
./modules/system/activation-scripts.nix ./modules/system/activation-scripts.nix
./modules/system/defaults-write.nix ./modules/system/defaults-write.nix
./modules/system/defaults/NSGlobalDomain.nix ./modules/system/defaults/NSGlobalDomain.nix

57
modules/nix/default.nix
View file

@ -3,9 +3,7 @@
with lib; with lib;
let let
cfg = config.nix; cfg = config.nix;
daemon = config.services.nix-daemon;
buildHook = if versionAtLeast (cfg.package.version or "<unknown>") "1.12pre" buildHook = if versionAtLeast (cfg.package.version or "<unknown>") "1.12pre"
then "build-remote" else "build-remote.pl"; then "build-remote" else "build-remote.pl";
@ -23,7 +21,7 @@ let
# WARNING: this file is generated from the nix.* options in # WARNING: this file is generated from the nix.* options in
# your NixOS configuration, typically # your NixOS configuration, typically
# /etc/nixos/configuration.nix. Do not edit it! # /etc/nixos/configuration.nix. Do not edit it!
${optionalString daemon.enable '' ${optionalString config.services.nix-daemon.enable ''
build-users-group = nixbld build-users-group = nixbld
''} ''}
build-max-jobs = ${toString cfg.maxJobs} build-max-jobs = ${toString cfg.maxJobs}
@ -43,15 +41,11 @@ let
$extraOptions $extraOptions
END END
''; '';
in in
{ {
options = { options = {
nix.package = mkOption {
nix = {
package = mkOption {
type = types.path; type = types.path;
default = "/nix/var/nix/profiles/default"; default = "/nix/var/nix/profiles/default";
example = "pkgs.nix"; example = "pkgs.nix";
@ -60,7 +54,7 @@ in
''; '';
}; };
maxJobs = mkOption { nix.maxJobs = mkOption {
type = types.int; type = types.int;
default = 1; default = 1;
example = 64; example = 64;
@ -72,7 +66,7 @@ in
''; '';
}; };
buildCores = mkOption { nix.buildCores = mkOption {
type = types.int; type = types.int;
default = 1; default = 1;
example = 64; example = 64;
@ -86,7 +80,7 @@ in
''; '';
}; };
useSandbox = mkOption { nix.useSandbox = mkOption {
type = types.either types.bool (types.enum ["relaxed"]); type = types.either types.bool (types.enum ["relaxed"]);
default = false; default = false;
description = " description = "
@ -97,7 +91,7 @@ in
"; ";
}; };
sandboxPaths = mkOption { nix.sandboxPaths = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [];
example = [ "/dev" "/proc" ]; example = [ "/dev" "/proc" ];
@ -108,7 +102,7 @@ in
''; '';
}; };
extraOptions = mkOption { nix.extraOptions = mkOption {
type = types.lines; type = types.lines;
default = ""; default = "";
example = '' example = ''
@ -118,7 +112,7 @@ in
description = "Additional text appended to <filename>nix.conf</filename>."; description = "Additional text appended to <filename>nix.conf</filename>.";
}; };
distributedBuilds = mkOption { nix.distributedBuilds = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = '' description = ''
@ -127,7 +121,7 @@ in
''; '';
}; };
daemonNiceLevel = mkOption { nix.daemonNiceLevel = mkOption {
type = types.int; type = types.int;
default = 0; default = 0;
description = '' description = ''
@ -136,7 +130,7 @@ in
''; '';
}; };
daemonIONice = mkOption { nix.daemonIONice = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = '' description = ''
@ -145,7 +139,7 @@ in
''; '';
}; };
buildMachines = mkOption { nix.buildMachines = mkOption {
type = types.listOf types.attrs; type = types.listOf types.attrs;
default = []; default = [];
example = [ example = [
@ -192,14 +186,14 @@ in
}; };
# Environment variables for running Nix. # Environment variables for running Nix.
envVars = mkOption { nix.envVars = mkOption {
type = types.attrs; type = types.attrs;
internal = true; internal = true;
default = {}; default = {};
description = "Environment variables used by Nix."; description = "Environment variables used by Nix.";
}; };
readOnlyStore = mkOption { nix.readOnlyStore = mkOption {
type = types.bool; type = types.bool;
default = true; default = true;
description = '' description = ''
@ -210,7 +204,7 @@ in
''; '';
}; };
binaryCaches = mkOption { nix.binaryCaches = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
example = [ https://cache.example.org/ ]; example = [ https://cache.example.org/ ];
description = '' description = ''
@ -219,7 +213,7 @@ in
''; '';
}; };
trustedBinaryCaches = mkOption { nix.trustedBinaryCaches = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ ]; default = [ ];
example = [ https://hydra.example.org/ ]; example = [ https://hydra.example.org/ ];
@ -231,7 +225,7 @@ in
''; '';
}; };
requireSignedBinaryCaches = mkOption { nix.requireSignedBinaryCaches = mkOption {
type = types.bool; type = types.bool;
default = true; default = true;
description = '' description = ''
@ -243,7 +237,7 @@ in
''; '';
}; };
binaryCachePublicKeys = mkOption { nix.binaryCachePublicKeys = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
example = [ "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ]; example = [ "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ];
description = '' description = ''
@ -256,7 +250,7 @@ in
''; '';
}; };
trustedUsers = mkOption { nix.trustedUsers = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ "root" ]; default = [ "root" ];
example = [ "root" "alice" "@wheel" ]; example = [ "root" "alice" "@wheel" ];
@ -271,7 +265,7 @@ in
''; '';
}; };
allowedUsers = mkOption { nix.allowedUsers = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ "*" ]; default = [ "*" ];
example = [ "@wheel" "@builders" "alice" "bob" ]; example = [ "@wheel" "@builders" "alice" "bob" ];
@ -286,7 +280,7 @@ in
''; '';
}; };
nixPath = mkOption { nix.nixPath = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = default =
[ # Incldue default paths for <darwin> and <darwin-config>. [ # Incldue default paths for <darwin> and <darwin-config>.
@ -301,9 +295,6 @@ in
(e.g. <literal>&lt;nixpkgs&gt;</literal>). (e.g. <literal>&lt;nixpkgs&gt;</literal>).
''; '';
}; };
};
}; };
config = { config = {
@ -361,13 +352,5 @@ in
fi fi
''; '';
system.activationScripts.nix-daemon.text = mkIf daemon.enable ''
buildUser=$(dscl . -read /Groups/nixbld 2>&1 | awk '/^GroupMembership: / {print $2}') || true
if [ -z $buildUser ]; then
echo "Using the nix-daemon requires build users, aborting activation" >&2
exit 2
fi
'';
}; };
} }

28
modules/system/activation-checks.nix Normal file
View file

@ -0,0 +1,28 @@
{ config, lib, pkgs, ... }:
with lib;
let
buildUsers = optionalString config.services.nix-daemon.enable ''
buildUser=$(dscl . -read /Groups/nixbld GroupMembership 2>&1 | awk '/^GroupMembership: / {print $2}')
if [ -z $buildUser ]; then
echo "Using the nix-daemon requires build users, aborting activation" >&2
exit 2
fi
'';
in
{
options = {
};
config = {
system.activationScripts.checks.text = ''
set +e
${buildUsers}
set -e
'';
};
}

4
modules/system/activation-scripts.nix
View file

@ -52,9 +52,7 @@ in
${cfg.activationScripts.extraActivation.text} ${cfg.activationScripts.extraActivation.text}
${cfg.activationScripts.nix-daemon.text}
${cfg.activationScripts.nix.text} ${cfg.activationScripts.nix.text}
${cfg.activationScripts.accessibility.text} ${cfg.activationScripts.accessibility.text}
${cfg.activationScripts.applications.text} ${cfg.activationScripts.applications.text}
${cfg.activationScripts.etc.text} ${cfg.activationScripts.etc.text}
@ -88,6 +86,8 @@ in
# Ensure a consistent umask. # Ensure a consistent umask.
umask 0022 umask 0022
${cfg.activationScripts.checks.text}
${cfg.activationScripts.extraUserActivation.text} ${cfg.activationScripts.extraUserActivation.text}
${cfg.activationScripts.defaults.text} ${cfg.activationScripts.defaults.text}