mirrors/nix-darwin
1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2024-12-14 11:57:34 +00:00
Code Activity

add activation-checks

Browse source
This commit is contained in:
Daiderd Jordan 2017-07-23 16:05:46 +02:00
parent b3a9587cfb
commit 8016f1e2fd
No known key found for this signature in database
GPG key ID: D02435D05B810C96
4 changed files with 280 additions and 268 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
default.nix
View file

@ -20,6 +20,7 @@ let
packages
./modules/alias.nix
./modules/system
./modules/system/activation-checks.nix
./modules/system/activation-scripts.nix
./modules/system/defaults-write.nix
./modules/system/defaults/NSGlobalDomain.nix

57
modules/nix/default.nix
View file

@ -3,9 +3,7 @@
with lib;
let
cfg = config.nix;
daemon = config.services.nix-daemon;
buildHook = if versionAtLeast (cfg.package.version or "<unknown>") "1.12pre"
then "build-remote" else "build-remote.pl";
@ -23,7 +21,7 @@ let
# WARNING: this file is generated from the nix.* options in
# your NixOS configuration, typically
# /etc/nixos/configuration.nix. Do not edit it!
${optionalString daemon.enable ''
${optionalString config.services.nix-daemon.enable ''
build-users-group = nixbld
''}
build-max-jobs = ${toString cfg.maxJobs}
@ -43,15 +41,11 @@ let
$extraOptions
END
'';
in
{
options = {
nix = {
package = mkOption {
nix.package = mkOption {
type = types.path;
default = "/nix/var/nix/profiles/default";
example = "pkgs.nix";
@ -60,7 +54,7 @@ in
'';
};
maxJobs = mkOption {
nix.maxJobs = mkOption {
type = types.int;
default = 1;
example = 64;
@ -72,7 +66,7 @@ in
'';
};
buildCores = mkOption {
nix.buildCores = mkOption {
type = types.int;
default = 1;
example = 64;
@ -86,7 +80,7 @@ in
'';
};
useSandbox = mkOption {
nix.useSandbox = mkOption {
type = types.either types.bool (types.enum ["relaxed"]);
default = false;
description = "
@ -97,7 +91,7 @@ in
";
};
sandboxPaths = mkOption {
nix.sandboxPaths = mkOption {
type = types.listOf types.str;
default = [];
example = [ "/dev" "/proc" ];
@ -108,7 +102,7 @@ in
'';
};
extraOptions = mkOption {
nix.extraOptions = mkOption {
type = types.lines;
default = "";
example = ''
@ -118,7 +112,7 @@ in
description = "Additional text appended to <filename>nix.conf</filename>.";
};
distributedBuilds = mkOption {
nix.distributedBuilds = mkOption {
type = types.bool;
default = false;
description = ''
@ -127,7 +121,7 @@ in
'';
};
daemonNiceLevel = mkOption {
nix.daemonNiceLevel = mkOption {
type = types.int;
default = 0;
description = ''
@ -136,7 +130,7 @@ in
'';
};
daemonIONice = mkOption {
nix.daemonIONice = mkOption {
type = types.bool;
default = false;
description = ''
@ -145,7 +139,7 @@ in
'';
};
buildMachines = mkOption {
nix.buildMachines = mkOption {
type = types.listOf types.attrs;
default = [];
example = [
@ -192,14 +186,14 @@ in
};
# Environment variables for running Nix.
envVars = mkOption {
nix.envVars = mkOption {
type = types.attrs;
internal = true;
default = {};
description = "Environment variables used by Nix.";
};
readOnlyStore = mkOption {
nix.readOnlyStore = mkOption {
type = types.bool;
default = true;
description = ''
@ -210,7 +204,7 @@ in
'';
};
binaryCaches = mkOption {
nix.binaryCaches = mkOption {
type = types.listOf types.str;
example = [ https://cache.example.org/ ];
description = ''
@ -219,7 +213,7 @@ in
'';
};
trustedBinaryCaches = mkOption {
nix.trustedBinaryCaches = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ https://hydra.example.org/ ];
@ -231,7 +225,7 @@ in
'';
};
requireSignedBinaryCaches = mkOption {
nix.requireSignedBinaryCaches = mkOption {
type = types.bool;
default = true;
description = ''
@ -243,7 +237,7 @@ in
'';
};
binaryCachePublicKeys = mkOption {
nix.binaryCachePublicKeys = mkOption {
type = types.listOf types.str;
example = [ "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ];
description = ''
@ -256,7 +250,7 @@ in
'';
};
trustedUsers = mkOption {
nix.trustedUsers = mkOption {
type = types.listOf types.str;
default = [ "root" ];
example = [ "root" "alice" "@wheel" ];
@ -271,7 +265,7 @@ in
'';
};
allowedUsers = mkOption {
nix.allowedUsers = mkOption {
type = types.listOf types.str;
default = [ "*" ];
example = [ "@wheel" "@builders" "alice" "bob" ];
@ -286,7 +280,7 @@ in
'';
};
nixPath = mkOption {
nix.nixPath = mkOption {
type = types.listOf types.str;
default =
[ # Incldue default paths for <darwin> and <darwin-config>.
@ -301,9 +295,6 @@ in
(e.g. <literal>&lt;nixpkgs&gt;</literal>).
'';
};
};
};
config = {
@ -361,13 +352,5 @@ in
fi
'';
system.activationScripts.nix-daemon.text = mkIf daemon.enable ''
buildUser=$(dscl . -read /Groups/nixbld 2>&1 | awk '/^GroupMembership: / {print $2}') || true
if [ -z $buildUser ]; then
echo "Using the nix-daemon requires build users, aborting activation" >&2
exit 2
fi
'';
};
}

28
modules/system/activation-checks.nix Normal file
View file

@ -0,0 +1,28 @@
{ config, lib, pkgs, ... }:
with lib;
let
buildUsers = optionalString config.services.nix-daemon.enable ''
buildUser=$(dscl . -read /Groups/nixbld GroupMembership 2>&1 | awk '/^GroupMembership: / {print $2}')
if [ -z $buildUser ]; then
echo "Using the nix-daemon requires build users, aborting activation" >&2
exit 2
fi
'';
in
{
options = {
};
config = {
system.activationScripts.checks.text = ''
set +e
${buildUsers}
set -e
'';
};
}

4
modules/system/activation-scripts.nix
View file

@ -52,9 +52,7 @@ in
${cfg.activationScripts.extraActivation.text}
${cfg.activationScripts.nix-daemon.text}
${cfg.activationScripts.nix.text}
${cfg.activationScripts.accessibility.text}
${cfg.activationScripts.applications.text}
${cfg.activationScripts.etc.text}
@ -88,6 +86,8 @@ in
# Ensure a consistent umask.
umask 0022
${cfg.activationScripts.checks.text}
${cfg.activationScripts.extraUserActivation.text}
${cfg.activationScripts.defaults.text}