1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2024-12-14 11:57:34 +00:00
Commit graph

1257 commits

Author SHA1 Message Date
Michael Hoang
ac5694a0b8
Merge pull request #1044 from Enzime/add/known-hash
etc: add known hash for DetSys installer 0.20.0+
2024-08-25 14:56:10 +10:00
Michael Hoang
2bd4949af3 etc: add known hash for DetSys installer 0.20.0+ 2024-08-25 14:36:37 +10:00
isabel
c06794de03
feat: system.disableInstallerTools 2024-08-21 14:29:54 +01:00
Michael Hoang
076b9a905a
Merge pull request #1026 from thecaralice/nochan
Allow disabling channels
2024-08-17 11:59:09 +10:00
Alice Carroll
5afa71b413
fix: respect user nixPath configuration 2024-08-17 02:51:01 +03:00
Alice Carroll
691a590bff
feat: allow disabling channels 2024-08-17 02:51:01 +03:00
Alice Carroll
d5dba1c6f5
refactor: rename environment.postBuild to environment.extraSetup 2024-08-17 02:50:56 +03:00
Maxime Daffis
636d1a09d8 (feature) Add swapLeftCtrlAndFn
Use this and never find yourself again hitting fn because of muscle
memory! (you can even physically swap the keycaps, at least on M series)

Keycodes have been pulled from https://hidutil-generator.netlify.app/
and the hex value has been converted to a base 10 int.
2024-08-05 13:00:32 +02:00
Maxime Daffis
3dd14e466c (feature) Add Stage Manager (com.apple.WindowManager) settings as system.defaults.windowmanager
All credits go to @AlexOwl. Their [PR](https://github.com/LnL7/nix-darwin/pull/505)
looked abandonned so I reported their changes and addressed the change
requests.
2024-08-02 01:17:45 +02:00
Jörg Thalheim
cf45edbf27 programs.ssh: add certificate authorities 2024-07-31 19:34:17 +02:00
Emily
7e08a9dd34
Merge pull request #1018 from Enzime/fix/github-runners-work-dir
github-runners: move `workDir` outside of `/run`
2024-07-31 18:00:20 +01:00
Emily
0413754b3c
Merge pull request #1012 from Enzime/fix/dock-not-running
defaults: only restart Dock when user is logged in
2024-07-27 13:17:26 +01:00
zowoq
e88eb66c2b mapAttrsFlatten -> mapAttrsToList
deprecated in 473e469d5a
2024-07-27 13:37:28 +10:00
Michael Hoang
dc8e1f4839 github-runners: move workDir outside of /run
As `/run` gets recreated every reboot and we can't specify dependencies
for launchd, creating the `workDir` every reboot will require extra
complexity with a separate daemon that runs as `root` otherwise it won't
have sufficient privileges.

As we clean the `workDir` when the service first starts anyway, it ends
up being the same.
2024-07-27 10:41:18 +10:00
Michael Hoang
a6903cf7e3 activation-scripts: add extra comment 2024-07-27 10:39:57 +10:00
Michael Hoang
5c8fb55182 Revert "github-runnners: fix workDir missing on reboot"
This reverts commit fe99aa9699.
2024-07-27 10:26:37 +10:00
Michael Hoang
a566238826 defaults: only restart Dock when user is logged in 2024-07-25 12:24:30 +10:00
347Online | Katie Janzen
be14a2add1 Add inline prediction option mirroring the capitalization option 2024-07-24 12:51:20 -05:00
Michael Hoang
fe99aa9699 github-runnners: fix workDir missing on reboot 2024-07-23 11:06:40 +10:00
Nikola Milojević
199cf34012
chore: removing deprecations for 25.05 nix 2024-07-22 13:37:17 +02:00
Emily
33bf7df5bb
Merge pull request #973 from amsynist/modules/services/jankyborders
module : `jankyborders` for window borders Configuration
2024-07-21 09:21:06 +01:00
Prav!n
fa0d64721f module: add jankyborders service
- Added the jankyborders service.
- Introduced changes for whitelist and blacklist options and assertions.
- emoved path reference from launchd argument.
- Corrected missing trailing newline in default.nix.
2024-07-21 02:54:45 +05:30
Michael Hoang
a3e4a7b8ff
Merge pull request #999 from Enzime/restart-dock
defaults: restart Dock when changing settings
2024-07-18 12:43:02 +10:00
Michael Hoang
ce130f4b20 defaults: restart Dock when changing settings 2024-07-16 11:28:20 +10:00
Michael Hoang
7522a30d32
Merge pull request #997 from thanegill/patch-3
Add `User` and  already generated `IdentityFile` to ssh_config for `nix.linux-builder`
2024-07-16 09:34:28 +10:00
Thane Gill
395e4d3794
Update modules/nix/linux-builder.nix
Co-authored-by: Michael Hoang <Enzime@users.noreply.github.com>
2024-07-12 09:50:57 -07:00
Emily
cf297a8d24
Merge pull request #976 from emilazy/openssh-use-links-for-authorized-keys
ssh: use symlinks for `authorizedKeys` options
2024-07-10 09:17:22 +01:00
Thane Gill
b34d1bee48 Add User and already generated IdentityFile to ssh_config for nix.linux-builder 2024-07-09 13:16:19 -07:00
Henrique Goncalves
e2a85731a0
nextdns: fix argument handling 2024-07-08 16:36:31 -03:00
Ian Chamberlain
b7e112cdf9
Add lix-installer to known files 2024-07-06 18:04:06 -04:00
Mike Moore
4054d5caea Use the correct file location for SoftwareUpdate plist. 2024-07-02 09:40:18 -07:00
Nikola Milojević
e00896468a
chore: remove mkpackageoptionmd deprecation 2024-07-01 16:24:41 +02:00
Samuel Tam
4141697ed2
checks.nix: disable verifyBuildUsers for auto-allocate-uids 2024-06-23 15:14:48 +08:00
Michael Hoang
29b3096a6e
Merge pull request #974 from nicknovitski/linux-builder-crossarch 2024-06-17 22:17:38 +00:00
Nick Novitski
d21ba5a487 linux-builder: make compatible with cross-arch builder package
Before this commit, aarch64 users building the following configuration
would end up with an aarch64-linux builder, while after it, they get the
x86_64-linux builder they expect:
```nix
 nix.linux-builder = {
  enable = true;
  package = pkgs.darwin.linux-builder-x86_64;
};
```

Before, in order to get an x86_64-linux builder, they would have needed
to use this configuration instead:
```nix
 nix.linux-builder = {
  enable = true;
  config.nixpkgs.hostPlatform = "x86_64-linux";
  systems = ["x86_64-linux"];
};
```

The reason for this is that the linux-builder module calls `override` on
the package option, and the `linux-builder-x86_64` package is also
defined using override:
```nix
linux-builder-x86_64 = linux-builder.override {
  modules = [ { nixpkgs.hostPlatform = "x86_64-linux"; } ];
};
```

The module was effectively discarding the `nixpkgs.hostPlatform` option.

Example issue: https://github.com/NixOS/nixpkgs/issues/313784
2024-06-16 14:03:41 -07:00
Emily
36a15e8c6c write-text: remove support for copy
This is a huge anti‐declarative footgun; `copy` files cannot
distinguish if a previous version is managed by nix-darwin, so they
can’t check the hash, so they’re prone to destroying data, and
copied files are not deleted when they’re removed from the system
configuration, which led to a security bug. Nothing else in‐tree
was using this functionality, so let’s make sure it doesn’t
cause any more bugs.
2024-06-15 12:15:13 +01:00
Emily
b833d4a32d ssh: use symlinks for authorizedKeys options
As explained in the changelog and activation check, the previous
implementation had a nasty security bug that made removing a user’s
authorized keys effectively a no‐op.
2024-06-15 12:15:13 +01:00
Emily
58b905ea87
Merge pull request #716 from tmillr/fix-launchd-calendar-interval
fix(launchd): improve `StartCalendarInterval`
2024-06-15 09:40:58 +01:00
Emily
801f8ab2bc
Merge pull request #754 from emilazy/fonts-use-subdir
fonts: reimplement and rename to `fonts.packages`
2024-06-15 05:57:11 +01:00
Michael Hoang
ff988d78f2
Merge pull request #975 from emilazy/drop-old-compat
Drop compatibility for unsupported Nixpkgs versions
2024-06-14 16:16:52 +10:00
Emily
b2ee0b3c03
Merge pull request #842 from Enzime/linux-builder-trust
linux-builder: remove trusted user requirement
2024-06-13 19:58:05 +01:00
Emily
2406909d7a Reapply "eval-config: set class"
All supported Nixpkgs versions now support this.

This reverts commit a5b09580e2.
2024-06-13 14:35:20 +01:00
Emily
5399270903 treewide: remove shims for Nixpkgs ≤ 23.05
These deprecated versions were already made unsupported by #932.
2024-06-13 14:35:20 +01:00
Emily
7d4f867210 fonts: remove fonts.fontDir.enable
As far as I can tell, this isn't required to get fonts to work on
NixOS, so we shouldn't require it on nix-darwin either, even if the
implementations are superficially similar.
2024-06-13 11:56:58 +01:00
Emily
adf578e398 fonts: reimplement and rename to fonts.packages
Fixes: #120
Fixes: #722
Fixes: #752
Closes: #692
2024-06-13 11:56:10 +01:00
Emily
27517d2d18 fonts: refactor system.build.fonts
Process substitution behaves better with variables and it's good
practice to use `lib.escapeShellArgs`.
2024-06-13 11:55:36 +01:00
Emily
09e72ff9b9 fonts: remove with lib 2024-06-13 11:54:58 +01:00
Emily
139ea5dd92
Merge pull request #963 from elohmeier/launchd-lowpriobgio
launchd: add LowPriorityBackgroundIO config
2024-06-13 11:14:19 +01:00
Tyler Miller
861af0fc94
fix(launchd): improve StartCalendarInterval
Stricter launchd -> StartCalendarInterval type:

- Verify that the integers passed to `Minute`, `Hour`, etc. are within
  range.

- When provided, the value for StartCalendarInterval must be a non-empty
  list of calendar intervals and must not contain duplicates entries
  (throw an error otherwise).

- For increased flexibility and backwards-compatibility, allow an
  attrset to be passed as well (which will be type-checked and is
  functionally equivalent to passing a singleton list). Allowing an
  attrset or list is precisely in-line with what `launchd.plist(5)`
  accepts for StartCalendarInterval.

Migrate `nix.gc.interval` and `nix.optimise.interval` over to use this
new type, and update their defaults to run weekly instead of daily.

Create `modules/launchd/types.nix` file for easier/modular use of
launchd types needed in multiple files.

Documentation:

- Update and improve wording/documentation of launchd's
  `StartCalendarInterval`.

- Improve wording/documentation of `nix.gc.interval` and
  `nix.optimise.interval` ("time interval" can be misleading as it's
  actually a "calendar interval"; e.g. `{ Hour = 3; Minute = 15;}`
  runs daily, not every 3.25 hours).
2024-06-09 11:20:15 -07:00
jonny
cb198382c2
feat: add defaults screencapture show-thumbnail option 2024-06-06 17:40:24 +01:00
Enno Richter
9ed6009b21 launchd: add LowPriorityBackgroundIO config 2024-06-05 06:40:05 +02:00
Trevor Opiyo
44c88484c4 add warning for enabling syntax highlighting and fast syntax highlighting 2024-05-29 12:24:11 -05:00
Trevor Opiyo
2839ef54aa Add support for zsh-fast-syntax-highlighting 2024-05-29 12:24:11 -05:00
Michael Hoang
c0d5b8c54d
Merge pull request #958 from kamushadenes/master
Add support for trackpad force click
2024-05-30 00:41:28 +10:00
Henrique Goncalves
9639c5509b
Update modules/system/defaults/NSGlobalDomain.nix
Co-authored-by: Michael Hoang <Enzime@users.noreply.github.com>
2024-05-25 03:14:18 -03:00
Henrique Goncalves
2e0f9a9e50
Update NSGlobalDomain.nix 2024-05-23 16:56:43 -03:00
Henrique Goncalves
0e5fc0028b
Update NSGlobalDomain.nix 2024-05-23 16:50:15 -03:00
Henrique Goncalves
120e085d1a
Update NSGlobalDomain.nix 2024-05-23 16:42:31 -03:00
Henrique Goncalves
6cbe6bc2da
Update trackpad.nix 2024-05-23 16:40:17 -03:00
Andrew Marshall
7f897008d4 environment: Adjust systemPath order to allow injecting in the middle
Previously, it was not possible to inject PATH entries between profiles
and the “default system” PATH entries. This confounds adding, e.g.
Homebrew on aarch64’s non-standard prefix as higher priority than the
builtin system paths, but lower than Nix profiles.

This is a backwards-incompatible change for some users, but should only
be so in the case a user used `mkOrder` with a value between 1000 (the
default priority) and 1200. Value of 1200 chosen as the same delta from
the default as just below in `environment.profiles` (which uses 800),
and mkAfter is 1500 so will still go after this.
2024-05-23 09:55:35 -04:00
Michael Hoang
eac4f25028
Merge pull request #955 from qowoz/hercules-security
hercules-ci-agent: fix crash calling `security`
2024-05-22 08:15:35 +10:00
zowoq
251eaabfa0 hercules-ci-agent: fix crash calling security
this applies the same fix that was used for the cachix agent in e043606b50
2024-05-21 23:16:46 +10:00
techknowlogick
de20ea4882
remove final lib.mddoc 2024-05-16 12:48:56 -04:00
Sander
e043606b50
cachix-agent: fix crash calling security
One of cachix-agent's dependencies, `hs-certificate`, makes calls to
`security`. This lives in `/usr/bin`, which isn't available from
launchd. This commit makes the system paths available to cachix-agent.

Fixes #924.
2024-05-16 18:04:33 +04:00
Ricardo Pinto
93913d14a3
Add file or directory tile to Dock persistent others 2024-05-15 07:49:00 +01:00
Dominik Gleich
c8a8faedbc
Change zsh default prompt 2024-05-20 09:48:03 +02:00
Ricardo Pinto
457a5d9952
Add persistent others to dock 2024-05-13 13:46:54 +01:00
zowoq
ec06ea8837 nix-daemon: increase SoftResourceLimits.NumberOfFiles
1048576 matches the nixos/nix plist

e3a4e40a35/misc/launchd/org.nixos.nix-daemon.plist.in (L29)
2024-04-24 16:03:49 +10:00
Michael Hoang
9e7c20ffd0
Merge pull request #932 from wegank/mddoc-remove
treewide: remove lib.mdDoc
2024-04-20 02:24:36 +10:00
Weijia Wang
def1e23be8 treewide: remove lib.mdDoc 2024-04-19 04:05:50 +02:00
Jefferson Bledsoe
81f7aab5ed
Update ShowDate in menuExtraClock 2024-04-18 13:53:30 +00:00
Michael Hoang
36524adc31
Merge pull request #915 from malob/add-nix-optimise-module
Add `nix.optimise` module
2024-03-30 12:48:46 +11:00
Malo Bourgon
398510f601 Add nix.optimise module 2024-03-27 12:50:04 -07:00
Hyunggyu Jang
83a9a41f1b Use valid maintainer 2024-03-26 13:58:02 +09:00
Michael Hoang
c7ae5dc969
Merge pull request #725 from mitchmindtree/trezord 2024-03-13 02:00:15 +11:00
Dylan Frankland
5c65cfb656 Add support for persistent-apps in dock 2024-03-03 21:32:17 -08:00
Michael Hoang
e7d7a7f0c5
Merge pull request #821 from qowoz/users
users: fix `forceRecreate` bash comparison
2024-03-04 16:25:51 +11:00
Michael Hoang
1032f0963f
Merge pull request #767 from jmmaloney4/master
a few fixes for ipfs module
2024-03-04 16:23:30 +11:00
Michael Hoang
530f265072
Merge pull request #897 from dfrankland/fix-writing-values-with-containers
fix writing values with containers
2024-03-04 16:16:05 +11:00
Dylan Frankland
b620e32a76 fix writing values with containers
Complex container values like `-array` have their own DSL which does not
allow specifying all data types. Instead of using the DSL use plist
fragments instead.
2024-03-02 22:29:56 -08:00
Mark Sisson
3397ab3b77
feat(nix): adapt nix.conf validation for different Nix versions
This commit updates the nix.conf validation logic to accommodate
different versions of Nix. It introduces a conditional assignment
of the `showCommand` variable, which determines the appropriate
command to use based on the Nix version. For versions at least
"2.20pre", it uses "config show"; otherwise, it falls back to
"show-config". This change ensures compatibility across various
Nix releases.
2024-03-02 18:51:25 -06:00
Michael Hoang
8a15cb36ff
Merge pull request #892 from Samasaur1/startup-chime
`system.startup.chime`: init
2024-03-02 13:57:42 +11:00
Domen Kožar
70d162d468
Merge pull request #891 from mattpolzin/nix-direnv
nix-darwin/programs.direnv: init
2024-03-01 18:23:36 +07:00
Sam
ee53e5785c
system.startup.chime: init 2024-02-29 22:23:40 -08:00
Sam
0363c18c37
system.nvram: init (internal) 2024-02-29 22:20:04 -08:00
Moritz Rumpf
ad98aebc0f Fix doc render problem
This fixes:
```
RuntimeError: can't render html in the presence of docbook
```
2024-02-29 08:45:54 +01:00
Moritz Rumpf
2ffb75f942 defaults: Add options for dragOnGesture feature
This is just a rebased version of https://github.com/LnL7/nix-darwin/pull/513

Credit to @2gn
2024-02-29 08:45:54 +01:00
Domen Kožar
283d59778e
Merge pull request #893 from yaxitech/github-runner-2
github-runners: adapt to NixOS module
2024-02-28 16:35:25 +07:00
Vincent Haupert
06f5dab065 github-runners: adapt to NixOS module
While #859 added basic support for configuring GitHub runners through
nix-darwin, it did not yet support all of the options the NixOS module
offers.

I am aware that this is a rather big overhaul. I think, however, that
it's worth it:

- Copies the `options.nix` from the [NixOS module] with only minor
  adaptations. This should help to keep track of any changes to it.
- Respect the `workDir` config option. So far, the implementation didn't
  even read the value of the option.
- Allow configuring a custom user and group.
  If both are `null`, nix-darwin manages the `_github-runner` user
  shared among all instances. Take care of creating your own users if
  that's not what you want.
- Also creates the necessary directories for state, logs and the working
  directory (unless `workDir != null`). It uses the following locations:
    * state: `/var/lib/github-runners/${name}`
    * logs: `/var/log/github-runners/${name}`
    * work: The value of `workDir` or `/var/run/github-runners/${name}`
            if (`workDir == null`).
  We have to create the logs directory before starting the service since
  launchd expects that the `Standard{Error,Out}Path` exist. We do this
  by prepending to [`system.activationScripts.launchd.text`].
  All directories belong to the configured `user` and `group`.
- Warn if a `tokenFile` points to the Nix store.

[NixOS module]: https://github.com/NixOS/nixpkgs/blob/3c30c56/nixos/modules/services/continuous-integration/github-runner/options.nix
[`system.activationScripts.launchd.text`]: https://github.com/LnL7/nix-darwin/blob/bbde06b/modules/system/launchd.nix#L99-L123
2024-02-28 09:40:25 +01:00
Mathew Polzin
9090c6f897 nix-darwin/programs.direnv: init 2024-02-27 08:38:36 -06:00
Sam
44888312de
security.sudo.extraConfig: fix default behavior 2024-02-26 18:21:48 -08:00
Evan Petousis
f1a0d68a8f
etc: add known hash for /etc/zshenv and /etc/nix/nix.conf
Adds support for DeterminateSystems installer 0.16.0 and later. Fixes #880.
2024-02-23 18:45:24 +11:00
Logan Barnett
27e6a022f2
apply feedback, fix merge goof 2024-02-21 10:44:30 -08:00
Logan Barnett
9f4fbed460
Merge remote-tracking branch 'ethnt/linux-builder-systems-config' into linux-builder-big-config-take-2 2024-02-21 09:29:40 -08:00
Logan Barnett
208cd70d04
Merge remote-tracking branch 'stv0g/linux-runner-options' into linux-builder-big-config-take-2 2024-02-21 09:27:02 -08:00
Logan Barnett
61c5879b5a
linux-builder: default pass through protocol to nix.buildMachines
This commit adds a protocol option for the `linux-builder` and defaults
it to `ssh-ng`.  I have observed it needing this with the following:

``` sh
$ nix store ping --store ssh://linux-builder
Store URL: ssh://linux-builder

$ nix store ping --store ssh-ng://linux-builder
Store URL: ssh-ng://linux-builder
Version: 2.18.1
Trusted: 0
```

This seems to make the difference on whether or not Nix picks up
`linux-builder` as an available builder.
2024-02-20 13:10:24 -08:00
Steffen Vogel
94558e7e8b linux-builder: Pass through more options to nix.buildMachines
This commit passes more options to  nix.buildMachines. Namely the mandatoryFeatures and speedFactor settings have been missing.
2024-02-18 13:25:01 +01:00
Domen Kožar
0e6857fa1d
Merge pull request #859 from yaxitech/github-runner
github-runners: init module
2024-02-18 04:48:38 +00:00
Sam
37eb625dd4
security.sudo.extraConfig: init 2024-02-11 14:16:23 -08:00
Nikodem Rabuliński
4363d3b42f
services/yabai: Remove IFD
enableScriptingAddition no longer triggers IFD
by using runCommand to generate sudoers.d/yabai,
instead of builtins.hashFile and interpolating the string in nix.
2024-02-01 23:06:13 +01:00
Michael Hoang
91b9daf672
Merge pull request #780 from kalbasit/update_yabai_sa_script
services/yabai: Remove --check-sa and --install-sa flags
2024-01-30 12:32:45 +10:00
Michael Hoang
00538eecf2
Merge pull request #861 from thanegill/darwin-rebuild-completions
Add zsh completions to darwin-rebuld by default
2024-01-29 13:03:01 +10:00
Thane Gill
0f0478efa6 Add zsh completions to darwin-rebuld by default 2024-01-27 19:37:27 -08:00
Thane Gill
3a9755f98d Use nixpkgs generators.toPlist for launchd service generation.
Fixes #93
2024-01-27 17:09:41 -08:00
Michael Hoang
1e706ef323
Merge pull request #857 from thanegill/patch-2
Allow launchd serivceConfig.LimitLoadToSessionType to be a list
2024-01-22 19:29:28 +10:00
Vincent Haupert
21b92addaf github-runners: init module
Adds a new module which allows to configure multiple GitHub self-hosted
runners on Darwin. The module is heavily inspired by the nixpkgs NixOS
module. Its implementation differs in some ways:

- There's currently no way to configure the user/group which runs the
  runner. All configured runners share the same user and group.
- No automatic cleanup.
- No advanced sandboxing apart from user/group isolation
2024-01-22 10:27:11 +01:00
Jōshin
a3be68d105
Add option to disable zsh global compinit
Fixes #855.
2024-01-21 03:24:00 -05:00
Michael Hoang
3ac7acd32d
Merge pull request #854 from kallisti-dev/fix/network-names-shell-escapes
fix shell escaping in networking config
2024-01-21 10:14:09 +10:00
Hraban Luyat
f1d47fc2dd fix: set shell for new users, and only known ones 2024-01-20 11:03:15 -05:00
Hraban Luyat
888533c35f fix: user shell path handling
Properly detect the binary name (not just /nix/store/...-bash, but include the
.../bin/bash), and use the symlinked name which also appears in /etc/shells.
2024-01-20 11:03:15 -05:00
Thane Gill
6b27542e86 Allow launchd serivceConfig.LimitLoadToSessionType to be a list
Per: https://developer.apple.com/library/archive/technotes/tn2083/_index.html#:~:text=If%20you%20want%20to%20run%20in%20more%20than%20one%20session%20type%2C%20you%20can%20set%20LimitLoadToSessionType%20to%20an%20array%2C%20where%20each%20element%20is%20a%20session%20type%20string.

LimitLoadToSessionType can also be an array if more than one session type is desired.
2024-01-19 15:45:52 -08:00
Adam Curtis
5cec74dae1 fix shell escaping in networking config 2024-01-19 12:16:32 -05:00
XMLHexagram
4051e3027d
Add type definition on fonts.fontDir.enable 2024-01-16 21:07:41 +08:00
Jacek Galowicz
c4ea346d0f Dedupe the WorkingDirectory path of the linux-builder 2024-01-15 13:51:34 +01:00
Michael Hoang
0dd382b70c
Merge pull request #820 from mhumeSF/reduce-motion
Add `universalaccess.reduceMotion` option
2024-01-03 10:28:40 +00:00
Michael Hoang
dbbcad8b9b linux-builder: remove trusted user requirement
If you set up a signing key for the `linux-builder` and add that as
trusted public key on your machine, you won't need to be a trusted user
at all.
2023-12-31 14:00:39 +11:00
Carl Thomé
59bef44059
Fix type error
```
error: A definition for option `launchd.user.agents.[...].serviceConfig.StartCalendarInterval' is not of type `null or (list of (submodule))'. Definition values:
       - In `<unknown-file>':
           {
             Hour = 0;
             Minute = 0;
           }
```
2023-12-30 23:47:20 +01:00
Austin Horstman
f6cf46f7bc
GlobalPreferences: fix mouse scaling example 2023-12-29 14:09:38 -06:00
fortuneteller2k
9acb5b1adc Use native floats for mouse scaling 2023-12-27 11:30:04 +08:00
Michael Hoang
850eabce44 etc: add known hash for /etc/shells 2023-12-23 22:41:58 +11:00
zowoq
0b638a97c0 users: fix forceRecreate bash comparison 2023-12-04 10:31:36 +10:00
Mike Hume
6c40798934 Adding reduce motion option 2023-12-01 15:10:10 -05:00
Michael Hoang
4b9b83d5a9
Merge pull request #806 from DeterminateSystems/easier-uninstall
Install darwin-uninstall by default, which includes the 'empty' config it switches to
2023-11-24 14:11:34 +11:00
Domen Kožar
c465a67a54
Merge pull request #809 from Enzime/more-hashes
etc: add more known hashes
2023-11-23 10:46:16 +01:00
Ethan Turkeltaub
72dd60bfc9
Add default system to systems option 2023-11-22 20:43:29 -05:00
Ethan Turkeltaub
6a3a683d43
Use nix.buildMachines.*.systems instead of nix.buildMachines.*.system 2023-11-22 20:43:28 -05:00
Ethan Turkeltaub
a5812ff83c
Add nix.linux-builder.systems option to set corresponding nix.buildMachines.*.systems option 2023-11-22 20:43:27 -05:00
Francesc Esplugas
b2dff2033d fix: initdb missing data area directory
Use `PGDATA` environment variable instead of `-D` to maintain
consistency with NixOS module.

Co-Authored-By: Michael Hoang <enzime@users.noreply.github.com>
2023-11-23 11:00:33 +11:00
Richard Huang
892482250c
[yabai] Configure scripting addition
Allow admins to execute `yabai --load-sa` as the root user without
having to enter a password
2023-11-18 21:01:01 -08:00
Graham Christensen
09284ab00b Install darwin-uninstall by default, which includes the 'empty' config it switches to
Co-Authored-By: Michael Hoang <enzime@users.noreply.github.com>
2023-11-16 17:47:24 +11:00
Michael Hoang
d4efdb7f88 etc: add more known hashes
This should be less of an issue as of DetSys' nix-installer 0.15.0 which
no longer includes the version number in `nix.conf`.
2023-11-16 14:26:25 +11:00
Michael Hoang
e67f2bf515
Merge pull request #803 from felixscheinost/fix-unbound-variable-etcProblems
Fix unbound variable `etcProblems`
2023-11-13 20:32:58 +11:00
Yacine Hmito
4fa7b5cdd1 Add security.pki.installCACerts config
Made is possible to disable the management of
/etc/ssl/certs/ca-certificates.crt by Nix darwin.
2023-11-11 12:36:28 +01:00
Felix Scheinost
39a412d47d Fix unbound variable etcProblems
I have another activationScript which traps errors. Currently `etcProblems` can be unbound.
2023-11-09 12:44:10 +01:00
Domen Kožar
eb2b9b6423
Merge pull request #785 from Enzime/deferred-modules
linux-builder: change from `modules` to `config`
2023-11-08 09:58:53 +00:00
Michael Hoang
afe83cbc2e
Merge pull request #791 from lilyball/linux-builder-tmpdir
linux-builder: avoid /tmp for certs
2023-10-27 19:55:34 +02:00
Alexis Destrez
e621b5aea7 Provide 'supportedFeatures' option to the linux builder module 2023-10-18 17:47:27 +02:00
Lily Ballard
160eb3d99d linux-builder: avoid /tmp for certs
Fixes #768
2023-10-09 16:09:11 -07:00
Michael Hoang
70af808347 linux-builder: change from modules to config
Using the type `deferredModule` fixes `pkgs` not being accessible as a
module argument (apart from `config._module.args.pkgs`).
2023-09-29 12:38:39 +01:00
Michael Hoang
e236a1e598
Merge pull request #187 from kalbasit/known-hosts-only-if-set
programs.ssh: write ssh known_hosts only if there are any set
2023-09-26 01:05:13 +01:00
Domen Kožar
8caf3af927
Create $out/darwin-version
This fixes backwards compatibility with code that expects it.
2023-09-19 09:54:27 +01:00
Chris Montgomery
c8f0bc5c29
time: bury useless systemsetup -settimezone output
Fixes #359
2023-09-15 15:59:14 -04:00
Wael M. Nasreddine
e58bcb921b
programs.ssh: write ssh known_hosts only if there are any set 2023-09-15 08:24:20 -07:00
Wael M. Nasreddine
30311b6f90
services/yabai: Remove --check-sa and --install-sa flags
The --check-sa and --install-sa flags were removed in favor of
--load-sa as of version 5.0.0 of Yabai.

ee0137f37d/CHANGELOG.md (L83)
2023-09-14 09:01:04 -07:00
Michael Hoang
4496ab2662
Merge pull request #771 from Benjamin-L/support-dfont-fonts
Add support for dfont to the fonts module
2023-09-12 07:50:42 +02:00
Malo Bourgon
0625792671 Add homebrew.onActivation.extraFlags option 2023-09-11 11:22:23 -07:00
Benjamin Lee
ba92c4d307
add support for dfont to the fonts module 2023-09-08 15:43:25 -07:00
Jack Maloney
8e102a9991
a few fixes for ipfs module 2023-08-30 09:15:29 -05:00
run
ffccbdf7d8
add progress to homebrew package installations 2023-08-17 10:00:39 +05:30
zowoq
b671517f28 finder: types.string -> types.str
`string` was changed from deprecation warning to error in c59c6b1c57
2023-08-10 13:46:47 +10:00
Emily
e2187d633c fish: simplify babelfishTranslate 2023-08-05 22:57:44 +01:00
Emily
e65825ca9e fish: add default for babelfishPackage
This option should probably be dropped but I'd prefer to batch that
with using Babelfish by default (or unconditionally, as Home Manager
does) so as to avoid multiple independent breaking changes.

Fixes: #632
2023-08-05 21:36:54 +01:00
Lily Ballard
97e978626e linux-builder: add maxJobs option
Fixes #751
2023-08-02 12:33:34 -07:00
Emily Trau
588303a21f fix: correct description of services.ofborg.logFile 2023-07-27 14:05:53 +10:00
Jakub Janczak
6a00d1b59b Update modules/programs/bash/default.nix
Co-authored-by: Michael Hoang <Enzime@users.noreply.github.com>
2023-07-26 09:19:33 +02:00
Jakub Janczak
e21b70da3f Don't run static bashrc only for pure nix-shell 2023-07-26 09:19:33 +02:00
Michael Hoang
1c1dd8b070
Merge pull request #595 from azuwis/sketchybar
sketchybar: init
2023-07-26 09:50:15 +10:00
Michael Hoang
a96987cef4
Merge pull request #713 from pik694/master
Dock icon magnification settings
2023-07-26 09:44:43 +10:00
Piotr Żelazko
7ff10017ed
chore: apply CR suggestions 2023-07-25 18:40:30 +02:00
Zhong Jianxin
56f56c80ef sketchybar: init
Fix #581
2023-07-25 18:58:56 +08:00
ryane
9f8bc612c8
eternal-terminal: enable keep alive
See https://github.com/LnL7/nix-darwin/pull/745#discussion_r1272806159
2023-07-24 20:44:49 -04:00
Emily
a5b09580e2
Revert "eval-config: set class" 2023-07-24 23:24:20 +01:00
Emily
8f0e02cfc8
Merge pull request #744 from emilazy/set-module-class
eval-config: set `class`
2023-07-24 23:10:33 +01:00
ryane
c4a1a1c458
eternal-terminal: change launchd agent config
- don't daemonize program
- disable keep alive

these settings are consistent with the configuration in the project
repository:
1d9cd2be9d/init/launchd/homebrew.mxcl.et.plist
2023-07-24 17:50:26 -04:00
Piotr Żelazko
640331dfba docs: add magnification values range 2023-07-24 21:16:04 +02:00
ryane
6adc4c680b
eternal-terminal: add module
Adds an eternal-terminal module. Much of the implementation is borrowed
from the corresponding nixos module:
https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/networking/eternal-terminal.nix
2023-07-23 08:20:28 -04:00
Michael Hoang
0f9058e739
Merge pull request #733 from Enzime/version
Add `darwin-version` command
2023-07-23 18:16:13 +10:00
Emily
ced9f58f87
Merge pull request #743 from emilazy/fix-enable-option-docs
treewide: fix `mkEnableOption` docs
2023-07-23 04:50:08 +01:00
Emily
5fd8914dac treewide: fix mkEnableOption docs
`mkEnableOption` wraps its argument in a complete sentence with a
terminating full stop; an additional newline will add an incorrect
space before the end of the sentence in the rendered documentation,
and any additional verbiage that doesn't fit into the form "Whether to
enable [...]." is also incorrect. In the latter case, the description
can be overridden manually.
2023-07-21 21:17:59 +01:00
Emily
0d3ad9e7ff documentation: use eval-config.nix
Avoid letting the module evaluation for the documentation drift out
of sync with how system configurations are evaluated.
2023-07-21 09:22:21 +01:00
Quentin Smith
f1a206c960
Merge remote-tracking branch 'origin/master' into fonts 2023-07-19 17:04:42 -04:00
Emily
61662a63bf
Merge pull request #731 from emilazy/etc-checks
etc: check for existing files during checks stage
2023-07-16 15:16:07 +01:00
Emily
4eb1c549a9 etc: check for existing files during checks stage
This ensures that activation fails early if there are any `/etc` files
with unexpected state, rather than leaving the system half-activated.
2023-07-16 12:15:07 +01:00
Emily
c91c351943 etc: rename activation script variables 2023-07-16 12:13:27 +01:00
Michael Hoang
0dafe2170d Add darwin-version command 2023-07-14 23:06:46 +10:00
Yusef Napora
fbc47b7bbc use types.lines for yabai.extraConfig option
This allows setting the option definition in multiple locations.
The final value will be all definitions concatenated with `\n`.
2023-07-13 14:53:24 -04:00
Emily
2ad716c278
Merge pull request #732 from Enzime/use-nix-darwin
flake: use `nix-darwin` instead of `darwin`
2023-07-12 19:57:23 +01:00
Domen Kožar
c80294ef26
Update modules/services/cachix-agent.nix
Co-authored-by: Michael Hoang <Enzime@users.noreply.github.com>
2023-07-12 16:46:02 +01:00
Domen Kožar
adc6a88ff1
cachix-agent: clarify what should be in the token file 2023-07-12 15:11:49 +01:00
Michael Hoang
4511c29a72 flake: use nix-darwin instead of darwin 2023-07-12 10:36:14 +10:00
Michael Hoang
63af129cb5 etc: use .before-nix-darwin instead of .orig 2023-07-12 08:35:36 +10:00
Michael Hoang
cad8954f75 etc: fail if we can't add a file
Fixes #598
2023-07-11 18:59:05 +10:00
Michael Hoang
4b90ea84e4 doc: store a copy of known files 2023-07-11 18:59:05 +10:00
Michael Hoang
22620845fe readme: update with new flaky instructions 2023-07-11 18:59:05 +10:00
Michael Hoang
5288a72354 Allow flaky installation with darwin-rebuild 2023-07-11 18:59:05 +10:00
Michael Hoang
f70f90c422 flake: add packages.darwin-{option,rebuild} 2023-07-11 18:59:05 +10:00
Marco Rebhan
b70656affa Add system.systemBuilderCommands and systemBuilderArgs
These are the equivalents of the
NixOS options with the same name, introduced in
d3ac0938a7.
Allows running extra commands while building the system configuration
output, for example to add extra files into the output directory,
and passing arguments to the system builder's mkDerivation.
2023-07-10 16:05:55 +02:00
Andrew Marshall
591446ca94 nix: Remove readOnlyStore option as it has no effect
This being under `nix` in upstream is misleading as it is only used in
the NixOS boot stage, not as configuration for the Nix daemon.
2023-07-10 08:30:38 -04:00
Andrew Marshall
4a7da05c1e Fix spelling 2023-07-10 08:30:15 -04:00
mitchmindtree
66f85cb9db trezord: Add launchd user agent service module for configuring trezord
This adds a small module for configuring the trezor-bridge service,
trezord. This service enables users to interact with their Trezor
hardware wallet through the trezor suite web interface, or to use the
device for U2F auth, SSH login, GPG or password mgmt.
https://trezor.io/learn/a/what-is-trezor-bridge

The options were copied directly from the nixos service module here:
9d6e454b85/nixos/modules/services/hardware/trezord.nix (L16)

The implementation was adapted from the nixos module's systemd service
to a launchd user agent.

Tested successfully locally on an Air M2.
2023-07-10 19:21:10 +10:00
Cuichen Li
8364529fc4 fix zsh eating output without new line ending 2023-07-10 15:00:02 +08:00
Daiderd Jordan
66a3047fa8
Merge pull request #723 from emilazy/rationalize-nixpkgs-handling
Rationalize handling of Nixpkgs
2023-07-09 12:34:19 +02:00
Emily
f9724c4543 eval-config: rationalize handling of Nixpkgs
This is a big change that disentangles a lot of mistaken assumptions
about mixing multiple versions of Nixpkgs, treating external flake
inputs as gospel for the source of Nixpkgs and nix-darwin, etc.;
the end result should be much simpler conceptually, but it will be a
breaking change for anyone using `eval-config.nix` directly. Hopefully
that shouldn't be a big issue, as it is more of an internal API and
it's quite likely that existing uses may have been broken in the same
way the internal ones were.

It was previously easy to get into a state where your `lib` comes
from nix-darwin's `nixpkgs` input or a global channel and your
`pkgs` comes from another major version of Nixpkgs. This is pretty
fundamentally broken due to the coupling of `pkgs` to its corresponding
`lib`, but the brokenness was hidden much of the time until something
surfaced it. Now there is exactly one mandatory `lib` input to system
evaluation, and the handling of various additional options like `pkgs`
and `system` can be done modularly; maintaining backwards compatibility
with the previous calling convention is punted to the `default.nix`
and `lib.darwinSystem` entry points. `inputs` is no longer read by
nix-darwin or special in any way, merely a convention for user code,
and the argument is retained in the entry points only for backwards
compatibility.

All correct invocations of the entry points should keep working
after this change, and some previously-broken ones should be fixed
too. The documentation and template have been adjusted to show the
newly-recommended modular way of specifying various things, but no
deprecation warnings have been introduced yet by this change.

There is one potential, mostly cosmetic regression:
`system.nixpkgsRevision` and related options are less likely to be
set than before, in cases where it is not possible to determine the
origin of the package set. Setting `nixpkgs.source` explicitly will
make this work again, and I hope to look into sending changes upstream
to Nixpkgs to make `lib.trivial.revisionWithDefault` behave properly
under flakes, which would fix this regression and potentially allow
reducing some of the complexity.

Fixes: #669
2023-07-09 11:21:40 +01:00
Emily
51ba5e614a version: rewrite Git revision logic
We trust the version information from `nixpkgs.source` when `pkgs` was
constructed by the `nixpkgs` module or `nixpkgs.source` was explicitly
set by the configuration. Otherwise, we rely on Nixpkgs to report its
own version, which handles the same cases as the old logic and opens
the door to Nixpkgs automatically reporting the correct revision when
using flakes.
2023-07-09 07:26:23 +01:00
Emily
72b7e8668c version: default Git revision options to null
This allows for more uniform handling in the documentation generator,
and avoids lying about the Git reference being `master` internally.
2023-07-09 07:26:00 +01:00
Michael Hoang
d9e825f121 linux-builder: fix evaluation errors
- `modules` cannot be a nested list
- `nix.settings.extra-trusted-users` might not be set
2023-07-09 13:55:22 +10:00
Emily
e25eeff158 nixpkgs: rebase module on latest NixOS
This is based on the current NixOS `nixpkgs` module, adjusted for the
nix-darwin context and without adding the options due for deprecation
in NixOS.

This gives us the ability to set the package set modularly through
`nixpkgs.pkgs` and builds up infrastructure for handling user-specified
Nixpkgs instantiations more robustly.

The cross-compilation options are currently not very useful due to
even Darwin->Darwin cross-compilation not being wholly functional
yet, but it looks feasible to build an `aarch64-darwin` system from
`x86_64-darwin` with some patching and it should be possible to make
cross-compilation more widely supported after the Darwin SDK situation
in Nixpkgs improves.

One casualty is the error for setting `nixpkgs.*` options when
overriding the package set. That could be ported over to this new
scheme, but it'd increase divergence with the NixOS module and reduce
cross-compatibility of configurations, so I lean towards adding it
upstream to NixOS if anything. (But if people want to keep it I can add
it back.)
2023-07-08 22:39:19 +01:00
Emily
2d20e86111 documentation: use feature test for docs generator
This should be less brittle than the version-based check, although
arguably this kind of `lib.version` mismatch should break as early
as possible...

Fixes: #718
2023-07-08 21:04:34 +01:00
Michael Hoang
d2b01ab455 nix/linux-builder: init 2023-07-08 14:05:37 +10:00
Domen Kožar
b06bab83bd
Merge pull request #711 from Enzime/fix/magicdns
tailscale: improve MagicDNS setup
2023-07-02 15:17:20 +01:00