mirrors/nix-darwin
mirrors/nix-darwin
1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2025-03-31 04:04:45 +00:00
Code Activity

Merge pull request #1326 from emilazy/push-kmnlnvvnortv

Browse source 
[24.11] nix: add `nix.enable` option to disable Nix management
This commit is contained in:
Emily 2025-02-11 19:30:49 +00:00 committed by GitHub
commit f81c16138a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
13 changed files with 149 additions and 269 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

230
README.md
View file

@ -1,231 +1,3 @@
[<img src="https://daiderd.com/nix-darwin/images/nix-darwin.png" width="200px" alt="logo" />](https://github.com/LnL7/nix-darwin)
# nix-darwin
[![Test](https://github.com/LnL7/nix-darwin/actions/workflows/test.yml/badge.svg)](https://github.com/LnL7/nix-darwin/actions/workflows/test.yml)
Nix modules for darwin, `/etc/nixos/configuration.nix` for macOS.
This project aims to bring the convenience of a declarative system approach to macOS.
nix-darwin is built up around [Nixpkgs](https://github.com/NixOS/nixpkgs), quite similar to [NixOS](https://nixos.org/).
## Prerequisites
The only prerequisite is a Nix implementation, both Nix and Lix are supported.
As the official Nix installer does not include an automated uninstaller, and manual uninstallation on macOS is a complex process, we recommend using one of the following installers instead:
- The [Nix installer from Determinate Systems](https://github.com/DeterminateSystems/nix-installer?tab=readme-ov-file#determinate-nix-installer) is only recommended for use with flake-based setups. **Make sure you use it without the `--determinate` flag**. The `--determinate` flag installs the Determinate Nix distribution which does not work out of the box with nix-darwin.
* The [Lix installer](https://lix.systems/install/#on-any-other-linuxmacos-system) supports both flake-based and channel-based setups.
## Getting started
Despite being an experimental feature in Nix currently, nix-darwin recommends that beginners use flakes to manage their nix-darwin configurations.
<details>
<summary>Flakes (Recommended for beginners)</summary>
### Step 1. Creating `flake.nix`
<details>
<summary>Getting started from scratch</summary>
<p></p>
If you don't have an existing `configuration.nix`, you can run the following commands to generate a basic `flake.nix` inside `~/.config/nix-darwin`:
```bash
mkdir -p ~/.config/nix-darwin
cd ~/.config/nix-darwin
# To use Nixpkgs unstable:
nix flake init -t nix-darwin/master
# To use Nixpkgs 24.11:
nix flake init -t nix-darwin/nix-darwin-24.11
sed -i '' "s/simple/$(scutil --get LocalHostName)/" flake.nix
```
Make sure to change `nixpkgs.hostPlatform` to `aarch64-darwin` if you are using Apple Silicon.
</details>
<details>
<summary>Migrating from an existing configuration.nix</summary>
<p></p>
Add the following to `flake.nix` in the same folder as `configuration.nix`:
```nix
{
description = "John's darwin system";
inputs = {
# Use `github:NixOS/nixpkgs/nixpkgs-24.11-darwin` to use Nixpkgs 24.11.
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
# Use `github:LnL7/nix-darwin/nix-darwin-24.11` to use Nixpkgs 24.11.
nix-darwin.url = "github:LnL7/nix-darwin/master";
nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = inputs@{ self, nix-darwin, nixpkgs }: {
darwinConfigurations."Johns-MacBook" = nix-darwin.lib.darwinSystem {
modules = [ ./configuration.nix ];
};
};
}
```
Make sure to replace `Johns-MacBook` with your hostname which you can find by running `scutil --get LocalHostName`.
Make sure to set `nixpkgs.hostPlatform` in your `configuration.nix` to either `x86_64-darwin` (Intel) or `aarch64-darwin` (Apple Silicon).
</details>
### Step 2. Installing `nix-darwin`
Unlike NixOS, `nix-darwin` does not have an installer, you can just run `darwin-rebuild switch` to install nix-darwin. As `darwin-rebuild` won't be installed in your `PATH` yet, you can use the following command:
```bash
nix run nix-darwin -- switch --flake ~/.config/nix-darwin
```
### Step 3. Using `nix-darwin`
After installing, you can run `darwin-rebuild` to apply changes to your system:
```bash
darwin-rebuild switch --flake ~/.config/nix-darwin
```
#### Using flake inputs
Inputs from the flake can also be passed into `darwinSystem`. These inputs are then
accessible as an argument `inputs`, similar to `pkgs` and `lib`, inside the configuration.
```nix
# in flake.nix
nix-darwin.lib.darwinSystem {
modules = [ ./configuration.nix ];
specialArgs = { inherit inputs; };
}
```
```nix
# in configuration.nix
{ pkgs, lib, inputs }:
# inputs.self, inputs.nix-darwin, and inputs.nixpkgs can be accessed here
```
</details>
<details>
<summary>Channels</summary>
### Step 1. Creating `configuration.nix`
Copy the [simple](./modules/examples/simple.nix) example to `~/.config/nix-darwin/configuration.nix`.
### Step 2. Adding `nix-darwin` channel
```bash
# If you use Nixpkgs unstable (the default):
sudo nix-channel --add https://github.com/LnL7/nix-darwin/archive/master.tar.gz darwin
# If you use Nixpkgs 24.11:
sudo nix-channel --add https://github.com/LnL7/nix-darwin/archive/nix-darwin-24.11.tar.gz darwin
sudo nix-channel --update
```
### Step 3. Installing `nix-darwin`
To install `nix-darwin`, you can just run `darwin-rebuild switch` to install nix-darwin. As `darwin-rebuild` won't be installed in your `PATH` yet, you can use the following command:
```bash
# If you use Nixpkgs unstable (the default):
nix-build https://github.com/LnL7/nix-darwin/archive/master.tar.gz -A darwin-rebuild
# If you use Nixpkgs 24.11:
nix-build https://github.com/LnL7/nix-darwin/archive/nix-darwin-24.11.tar.gz -A darwin-rebuild
./result/bin/darwin-rebuild switch -I darwin-config=$HOME/.config/nix-darwin/configuration.nix
```
### Step 4. Using `nix-darwin`
After installing, you can run `darwin-rebuild` to apply changes to your system:
```bash
darwin-rebuild switch
```
### Step 5. Updating `nix-darwin`
You can update Nixpkgs and `nix-darwin` using the following command:
```bash
sudo nix-channel --update
```
</details>
## Documentation
`darwin-help` will open up a local copy of the reference documentation, it can also be found online [here](https://daiderd.com/nix-darwin/manual/index.html).
The documentation is also available as manpages by running `man 5 configuration.nix`.
## Uninstalling
To run the latest version of the uninstaller, you can run the following command:
```
nix --extra-experimental-features "nix-command flakes" run nix-darwin#darwin-uninstaller
```
If that command doesn't work for you, you can try the locally installed uninstaller:
```
darwin-uninstaller
```
## Tests
There are basic tests that run sanity checks for some of the modules,
you can run them like this:
```bash
# run all tests
nix-build release.nix -A tests
# or just a subset
nix-build release.nix -A tests.environment-path
```
## Contributing
Let's make Nix on macOS awesome!
Don't hesitate to contribute modules or open an issue.
To build your configuration with local changes you can run this. This
flag can also be used to override darwin-config or nixpkgs, for more
information on the `-I` flag look at the nix-build [manpage](https://nixos.org/manual/nix/stable/command-ref/nix-build.html).
```bash
darwin-rebuild switch -I darwin=.
```
If you're adding a module, please add yourself to `meta.maintainers`, for example
```nix
meta.maintainers = [
lib.maintainers.alice or "alice"
];
options.services.alicebot = # ...
```
The `or` operator takes care of graceful degradation when `lib` from Nixpkgs
goes out of sync.
Also feel free to contact me if you have questions,
- Matrix - @daiderd:matrix.org, you can find me in [#macos:nixos.org](https://matrix.to/#/#macos:nixos.org)
- @LnL7 on twitter
This is the 24.11 release branch of nix-darwin. See [the main readme](https://github.com/LnL7/nix-darwin#readme) for documentation.

1
modules/networking/default.nix
View file

@ -118,7 +118,6 @@ in
echo "configuring networking..." >&2
${optionalString (cfg.computerName != null) ''
# shellcheck disable=SC1112
scutil --set ComputerName ${escapeShellArg cfg.computerName}
''}
${optionalString (cfg.hostName != null) ''

67
modules/nix/default.nix
View file

@ -134,6 +134,26 @@ let
namedPaths ++ searchPaths;
};
handleUnmanaged = managedConfig: mkMerge [
(mkIf cfg.enable managedConfig)
(mkIf (!cfg.enable) {
system.activationScripts.nix-daemon.text = ''
# Restore unmanaged Nix daemon if present
unmanagedNixProfile=/nix/var/nix/profiles/default
if [[
-e /run/current-system/Library/LaunchDaemons/org.nixos.nix-daemon.plist
&& -e $unmanagedNixProfile/Library/LaunchDaemons/org.nixos.nix-daemon.plist
]]; then
printf >&2 'restoring unmanaged Nix daemon...\n'
cp \
"$unmanagedNixProfile/Library/LaunchDaemons/org.nixos.nix-daemon.plist" \
/Library/LaunchDaemons
launchctl load -w /Library/LaunchDaemons/org.nixos.nix-daemon.plist
fi
'';
})
];
in
{
@ -144,7 +164,6 @@ in
in
[
# Only ever in NixOS
(mkRemovedOptionModule [ "nix" "enable" ] "No `nix-darwin` equivalent to this NixOS option.")
(mkRemovedOptionModule [ "nix" "daemonCPUSchedPolicy" ] (altOption "nix.daemonProcessType"))
(mkRemovedOptionModule [ "nix" "daemonIOSchedClass" ] (altOption "nix.daemonProcessType"))
(mkRemovedOptionModule [ "nix" "daemonIOSchedPriority" ] (altOption "nix.daemonIOLowPriority"))
@ -165,9 +184,36 @@ in
nix = {
enable = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Whether to enable Nix.
Disabling this will stop nix-darwin from managing the
installed version of Nix, the nix-daemon launchd daemon, and
the settings in {file}`/etc/nix/nix.conf`.
This allows you to use nix-darwin without it taking over your
system installation of Nix. Some nix-darwin functionality
that relies on managing the Nix installation, like the
`nix.*` options to adjust Nix settings or configure a Linux
builder, will be unavailable. You will also have to upgrade
Nix yourself, as nix-darwin will no longer do so.
::: {.warning}
If you have already removed your global system installation
of Nix, this will break nix-darwin and you will have to
reinstall Nix to fix it.
:::
'';
};
package = mkOption {
type = types.package;
default = pkgs.nix;
default = warnIf (!cfg.enable)
"nix.package: accessed when `nix.enable` is off; this is a bug"
pkgs.nix;
defaultText = literalExpression "pkgs.nix";
description = ''
This option specifies the Nix package instance to use throughout the system.
@ -177,7 +223,16 @@ in
# Not in NixOS module
useDaemon = mkOption {
type = types.bool;
default = false;
# We assume that unmanaged Nix installations use the daemon by
# default, to match the logic in nix-darwin 25.05. This is
# weird, but it matches the default behaviour in practice
# (since `services.nix-daemon.enable` is on by default and sets
# `nix.useDaemon` to true), and since `nix.enable` didnt
# previously exist, its not a backwardscompatibility concern;
# we can consequently avoid bifurcating the user experience
# across the release branches.
default = !config.nix.enable;
defaultText = literalExpression "!config.nix.enable";
description = ''
If set, Nix will use the daemon to perform operations.
Use this instead of services.nix-daemon.enable if you don't want the
@ -678,7 +733,7 @@ in
###### implementation
config = {
config = handleUnmanaged {
environment.systemPackages =
[
nixPackage
@ -759,7 +814,7 @@ in
# Not in NixOS module
{ assertion = elem "nixbld" config.users.knownGroups -> elem "nixbld" createdGroups; message = "refusing to delete group nixbld in users.knownGroups, this would break nix"; }
{ assertion = elem "_nixbld1" config.users.knownGroups -> elem "_nixbld1" createdUsers; message = "refusing to delete user _nixbld1 in users.knownUsers, this would break nix"; }
{ assertion = elem "_nixbld1" config.users.knownUsers -> elem "_nixbld1" createdUsers; message = "refusing to delete user _nixbld1 in users.knownUsers, this would break nix"; }
{ assertion = config.users.groups ? "nixbld" -> config.users.groups.nixbld.members != []; message = "refusing to remove all members from nixbld group, this would break nix"; }
{
@ -853,9 +908,7 @@ in
fi
done
if [[ ! $nixCustomConfIsKnown ]]; then
# shellcheck disable=SC2016
printf >&2 '\e[1;31merror: custom settings in `/etc/nix/nix.custom.conf`, aborting activation\e[0m\n'
# shellcheck disable=SC2016
printf >&2 'You will need to migrate these to nix-darwin `nix.*` settings if you\n'
printf >&2 'wish to keep them. Check the manual for the appropriate settings and\n'
printf >&2 'add them to your system configuration, then run:\n'

2
modules/nix/nix-darwin.nix
View file

@ -4,7 +4,7 @@ let
nix-tools = pkgs.callPackage ../../pkgs/nix-tools {
inherit (config.system) profile;
inherit (config.environment) systemPath;
nixPackage = config.nix.package;
nixPackage = if config.nix.enable then config.nix.package else null;
};
darwin-uninstaller = pkgs.callPackage ../../pkgs/darwin-uninstaller { };

2
modules/services/nix-daemon.nix
View file

@ -10,7 +10,7 @@ in
options = {
services.nix-daemon.enable = mkOption {
type = types.bool;
default = true;
default = config.nix.enable;
description = "Whether to enable the nix-daemon service.";
};

34
modules/system/activation-scripts.nix
View file

@ -13,6 +13,32 @@ let
mkTextDerivation = name: text: pkgs.writeScript "activate-${name}" text;
};
activationPath =
lib.makeBinPath [
pkgs.gnugrep
pkgs.coreutils
]
+ lib.optionalString (!config.nix.enable) ''
$(
# If `nix.enable` is off, there might be an unmanaged Nix
# installation (say in `/nix/var/nix/profiles/default`) that
# activation scripts (such as Home Manager) want to find on the
# `$PATH`. Search for it directly to avoid polluting the
# activation script environment with everything on the
# `environment.systemPath`.
if nixEnvPath=$(
PATH="${config.environment.systemPath}" command -v nix-env
); then
printf ':'
${lib.getExe' pkgs.coreutils "dirname"} -- "$(
${lib.getExe' pkgs.coreutils "readlink"} \
--canonicalize-missing \
-- "$nixEnvPath"
)"
fi
)''
+ ":@out@/sw/bin:/usr/bin:/bin:/usr/sbin:/sbin";
in
{
@ -40,7 +66,9 @@ in
#! ${stdenv.shell}
set -e
set -o pipefail
export PATH="${pkgs.gnugrep}/bin:${pkgs.coreutils}/bin:@out@/sw/bin:/usr/bin:/bin:/usr/sbin:/sbin"
PATH="${activationPath}"
export PATH
systemConfig=@out@
@ -91,7 +119,9 @@ in
#! ${stdenv.shell}
set -e
set -o pipefail
export PATH="${pkgs.gnugrep}/bin:${pkgs.coreutils}/bin:@out@/sw/bin:/usr/bin:/bin"
PATH="${activationPath}"
export PATH
systemConfig=@out@

33
modules/system/checks.nix
View file

@ -31,6 +31,23 @@ let
fi
'';
determinate = ''
if [[ -e /usr/local/bin/determinate-nixd ]]; then
printf >&2 '\e[1;31merror: Determinate detected, aborting activation\e[0m\n'
printf >&2 'Determinate uses its own daemon to manage the Nix installation that\n'
printf >&2 'conflicts with nix-darwins native Nix management.\n'
printf >&2 '\n'
printf >&2 'To turn off nix-darwins management of the Nix installation, set:\n'
printf >&2 '\n'
printf >&2 ' nix.enable = false;\n'
printf >&2 '\n'
printf >&2 'This will allow you to use nix-darwin with Determinate. Some nix-darwin\n'
printf >&2 'functionality that relies on managing the Nix installation, like the\n'
printf >&2 '`nix.*` options to adjust Nix settings or configure a Linux builder,\n'
printf >&2 'will be unavailable.\n'
exit 2
fi
'';
oldBuildUsers = ''
if dscl . -list /Users | grep -q '^nixbld'; then
@ -118,7 +135,6 @@ let
printf >&2 'Possible causes include setting up a new Nix installation with an\n'
printf >&2 'existing nix-darwin configuration, setting up a new nix-darwin\n'
printf >&2 'installation with an existing Nix installation, or manually increasing\n'
# shellcheck disable=SC2016
printf >&2 'your `system.stateVersion` setting.\n'
printf >&2 '\n'
printf >&2 'You can set the configured group ID to match the actual value:\n'
@ -139,7 +155,6 @@ let
printf >&2 '\n'
printf >&2 ' services.nix-daemon.enable = false;\n'
printf >&2 '\n'
# shellcheck disable=SC2016
printf >&2 'and remove `nix.useDaemon` from your configuration if it is present.\n'
printf >&2 '\n'
exit 2
@ -279,7 +294,6 @@ let
if [[ -d /etc/ssh/authorized_keys.d ]]; then
printf >&2 '\e[1;31merror: /etc/ssh/authorized_keys.d exists, aborting activation\e[0m\n'
printf >&2 'SECURITY NOTICE: The previous implementation of the\n'
# shellcheck disable=SC2016
printf >&2 '`users.users.<name>.openssh.authorizedKeys.*` options would not delete\n'
printf >&2 'authorized keys files when the setting for a given user was removed.\n'
printf >&2 '\n'
@ -302,7 +316,6 @@ let
echo "Homebrew doesn't seem to be installed. Please install homebrew separately." >&2
echo "You can install homebrew using the following command:" >&2
echo >&2
# shellcheck disable=SC2016
echo ' /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"' >&2
echo >&2
exit 2
@ -323,21 +336,22 @@ in
options = {
system.checks.verifyNixPath = mkOption {
type = types.bool;
default = true;
default = config.nix.enable;
description = "Whether to run the NIX_PATH validation checks.";
};
system.checks.verifyNixChannels = mkOption {
type = types.bool;
default = config.nix.channel.enable;
default = config.nix.enable && config.nix.channel.enable;
description = "Whether to run the nix-channels validation checks.";
};
system.checks.verifyBuildUsers = mkOption {
type = types.bool;
default =
(config.nix.useDaemon && !(config.nix.settings.auto-allocate-uids or false))
|| config.nix.configureBuildUsers;
config.nix.enable &&
((config.nix.useDaemon && !(config.nix.settings.auto-allocate-uids or false))
|| config.nix.configureBuildUsers);
description = "Whether to run the Nix build users validation checks.";
};
@ -353,11 +367,12 @@ in
system.checks.text = mkMerge [
darwinChanges
runLink
(mkIf config.nix.enable determinate)
(mkIf (cfg.verifyBuildUsers && !config.nix.configureBuildUsers) oldBuildUsers)
(mkIf cfg.verifyBuildUsers buildUsers)
(mkIf cfg.verifyBuildUsers preSequoiaBuildUsers)
(mkIf config.nix.configureBuildUsers buildGroupID)
nixDaemon
(mkIf config.nix.enable nixDaemon)
nixStore
(mkIf (config.nix.gc.automatic && config.nix.gc.user == null) nixGarbageCollector)
(mkIf (config.nix.optimise.automatic && config.nix.optimise.user == null) nixStoreOptimiser)

5
modules/system/default.nix
View file

@ -135,7 +135,10 @@ in
chmod u+x $out/activate-user
unset activationUserScript
shellcheck $out/activate $out/activate-user
# We exclude the warnings for `…` in singlequote strings and
# nonASCII quotation marks as they are noisy and lead to a lot
# of false positives in our userfacing output:
shellcheck --exclude=SC2016,SC1112 $out/activate $out/activate-user
echo -n "$systemConfig" > $out/systemConfig

5
modules/users/default.nix
View file

@ -149,7 +149,6 @@ in
if ! sudo dscl . -change /Users/nobody NFSHomeDirectory "$homeDirectory" "$homeDirectory" &> /dev/null; then
if [[ -n "$SSH_CONNECTION" ]]; then
printf >&2 '\e[1;31merror: users cannot be %s over SSH without Full Disk Access, aborting activation\e[0m\n' "$2"
# shellcheck disable=SC2016
printf >&2 'The user %s could not be %s as `darwin-rebuild` was not executed with Full Disk Access over SSH.\n' "$1" "$2"
printf >&2 'You can either:\n'
printf >&2 '\n'
@ -157,7 +156,6 @@ in
printf >&2 '\n'
printf >&2 'or\n'
printf >&2 '\n'
# shellcheck disable=SC2016
printf >&2 ' run `darwin-rebuild` in a graphical session.\n'
printf >&2 '\n'
printf >&2 'The option "Allow full disk access for remote users" can be found by\n'
@ -171,11 +169,9 @@ in
if ! sudo dscl . -change /Users/nobody NFSHomeDirectory "$homeDirectory" "$homeDirectory" &> /dev/null; then
printf >&2 '\e[1;31merror: permission denied when trying to %s user %s, aborting activation\e[0m\n' "$2" "$1"
# shellcheck disable=SC2016
printf >&2 '`darwin-rebuild` requires permissions to administrate your computer,\n'
printf >&2 'please accept the dialog that pops up.\n'
printf >&2 '\n'
# shellcheck disable=SC2016
printf >&2 'If you do not wish to be prompted every time `darwin-rebuild updates your users,\n'
printf >&2 'you can grant Full Disk Access to your terminal emulator in System Settings.\n'
printf >&2 '\n'
@ -224,7 +220,6 @@ in
if [ "$u" -gt 501 ]; then
# TODO: add `darwin.primaryUser` as well
if [[ ${name} == "$USER" ]]; then
# shellcheck disable=SC2016
printf >&2 '\e[1;31merror: refusing to delete the user calling `darwin-rebuild` (%s), aborting activation\e[0m\n', ${name}
exit 1
fi

12
pkgs/darwin-uninstaller/configuration.nix
View file

@ -12,8 +12,8 @@ with lib;
launchd.daemons = mkForce {};
launchd.user.agents = mkForce {};
# Don't try to reload `nix-daemon`
nix.useDaemon = mkForce false;
# Restore any unmanaged `nix-daemon`.
nix.enable = false;
system.activationScripts.postUserActivation.text = mkAfter ''
if [[ -L ~/.nix-defexpr/channels/darwin ]]; then
@ -30,14 +30,6 @@ with lib;
rm /etc/static
fi
# If the Nix Store is owned by root then we're on a multi-user system
if [[ -O /nix/store ]]; then
if [[ -e /nix/var/nix/profiles/default/Library/LaunchDaemons/org.nixos.nix-daemon.plist ]]; then
sudo cp /nix/var/nix/profiles/default/Library/LaunchDaemons/org.nixos.nix-daemon.plist /Library/LaunchDaemons/org.nixos.nix-daemon.plist
sudo launchctl load -w /Library/LaunchDaemons/org.nixos.nix-daemon.plist
fi
fi
# grep will return 1 when no lines matched which makes this line fail with `set -eo pipefail`
dscl . -list /Users UserShell | { grep "\s/run/" || true; } | awk '{print $1}' | while read -r user; do
shell=$(dscl . -read /Users/"$user" UserShell)

9
pkgs/darwin-uninstaller/default.nix
View file

@ -31,8 +31,11 @@ in writeShellApplication {
echo >&2 " - remove /Applications/Nix Apps symlink"
echo >&2 " - cleanup static /etc files"
echo >&2 " - disable and remove all launchd services managed by nix-darwin"
if [[ $(stat -f '%Su' /nix/store) == "root" ]]; then
echo >&2 " - restore nix-daemon service from nix installer as this is a multi-user install"
if [[
-e /run/current-system/Library/LaunchDaemons/org.nixos.nix-daemon.plist
&& -e /nix/var/nix/profiles/default/Library/LaunchDaemons/org.nixos.nix-daemon.plist
]]; then
echo >&2 " - restore nix-daemon service from the Nix installer"
fi
echo >&2
@ -88,7 +91,7 @@ in writeShellApplication {
launchctl print system/org.nixos.nix-daemon
pgrep -l nix-daemon
test -e /Library/LaunchDaemons/org.nixos.nix-daemon.plist
[[ "$(shasum -a 256 /Library/LaunchDaemons/org.nixos.nix-daemon.plist | awk '{print $1}')" == "$(shasum -a 256 /Library/LaunchDaemons/org.nixos.nix-daemon.plist | awk '{print $1}')" ]]
[[ "$(shasum -a 256 /Library/LaunchDaemons/org.nixos.nix-daemon.plist | awk '{print $1}')" == "$(shasum -a 256 /nix/var/nix/profiles/default/Library/LaunchDaemons/org.nixos.nix-daemon.plist | awk '{print $1}')" ]]
nix-store --store daemon -q --hash ${stdenv.shell}
fi
echo >&2 ok

1
release.nix
View file

@ -88,6 +88,7 @@ in {
tests.launchd-setenv = makeTest ./tests/launchd-setenv.nix;
tests.networking-hostname = makeTest ./tests/networking-hostname.nix;
tests.networking-networkservices = makeTest ./tests/networking-networkservices.nix;
tests.nix-enable = makeTest ./tests/nix-enable.nix;
tests.nixpkgs-overlays = makeTest ./tests/nixpkgs-overlays.nix;
tests.programs-ssh = makeTest ./tests/programs-ssh.nix;
tests.programs-tmux = makeTest ./tests/programs-tmux.nix;

17
tests/nix-enable.nix Normal file
View file

@ -0,0 +1,17 @@
{ config, ... }:
{
nix.enable = false;
nix.package = throw "`nix.package` used when `nix.enable` is turned off";
test = ''
printf >&2 'checking for unexpected Nix binary in /sw/bin\n'
[[ -e ${config.out}/sw/bin/nix-env ]] && exit 1
printf >&2 'checking for unexpected nix-daemon plist in /Library/LaunchDaemons\n'
[[ -e ${config.out}/Library/LaunchDaemons/org.nixos.nix-daemon.plist ]] && exit 1
printf >&2 'checking for latebound Nix lookup in /activate\n'
grep nixEnvPath= ${config.out}/activate
'';
}