mirrors/nix-darwin
mirrors/nix-darwin
1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2025-03-06 16:57:08 +00:00
Code Activity
891 commits 4 branches 0 tags 12 MiB
Commit graph

611 commits

Author SHA1 Message Date
Daiderd Jordan
1464d9efd3
lnl: sandbox fetch-nixpkgs-updates service 2019-02-16 17:47:29 +01:00
Daiderd Jordan
1e67f6a2bc
sandbox: add module for sandbox profiles 
This could be used outside of nix-darwin, but this is mainly useful for
services since all of the inputs are known there.

	{
	  # $ /usr/bin/sandbox-exec -f $profile $coreutils/bin/ls /
	  # ls: cannot access '/': Operation not permitted
	  security.sandbox.profiles.example.closure = [ pkgs.coreutils ];
	}
 2019-02-16 16:55:07 +01:00
Daiderd Jordan
10c34f1277
lnl: add tmp and var/tmp to sandbox paths 2019-02-12 23:23:04 +01:00
Daiderd Jordan
e61dcc1024
lnl: (re)enable sandboxing with extra-sandbox-paths 
There are still some problems with frameworks, this opens up the sandbox
enough by default to work around that and make it work like expected in
most cases.
 2019-02-12 20:25:29 +01:00
Andrew Childs
349a4837cf system-version: get version information from channels 2019-01-19 15:02:55 +09:00
Daiderd Jordan
629fa53498
nix-daemon: use system NIX_SSL_CERT_FILE 
Otherwise the daemon wouldn't honor extra certificates from the
security.pki options.
 2019-01-16 22:47:19 +01:00
Daiderd Jordan
655b66975f
lnl: disable cachix 2019-01-16 22:38:54 +01:00
Daiderd Jordan
2e525a93da
security.pki: add module to configure ca certificates 
This makes NIX_SSL_CERT_FILE configurable and makes
/etc/ssl/certs/ca-certificates.crt available like nixos.
 2019-01-15 21:55:08 +01:00
Daiderd Jordan
61e30229cc
lnl: cleanup and configure nixbld users 2019-01-07 20:18:03 +01:00
Kirill Elagin
644d6acb7a
zsh: Add vendor-completions to fpath 2019-01-04 15:50:48 +03:00
Daiderd Jordan
458d09882e
checks: actually fix gc condition 
Introduced in 28710738a3, the check should
_only_ run if the user is not configured not the other way around.
 2019-01-04 00:40:10 +01:00
Daiderd Jordan
aedd304983
nix-gc: fix evaluation 2019-01-03 20:59:23 +01:00
Daiderd Jordan
28710738a3
checks: fix gc condition 
Don't fail if the user is configured properly.
 2019-01-03 19:29:49 +01:00
Daiderd Jordan
8a6c783616
checks: generalize and make them more configurable 
All the checks are now aggregated in system.checks.text making it easy
to allow certain checks to be disabled as well as disabling them
alltogether if desired. eg.

    # Disable all checks.
    system.checks.text = mkForce "";

Fixes #117
 2019-01-02 21:13:45 +01:00
Daiderd Jordan
72b3648fa0
nix-gc: add check for nix.gc.automatic 
This hopefully avoids problems for people that try to enable the service
with a single-user install.

Fixes #118
 2019-01-02 20:46:39 +01:00
Daiderd Jordan
f5116b0f4d
nix-gc: add user option 
This configures the user that runs the garbage collector, particularly
useful for single-user installs.  Otherwise it runs as root resulting in
permission issues afterwards.
 2019-01-02 20:24:00 +01:00
Daiderd Jordan
0a8741be9c
Merge pull request #97 from peel/patch-1 
[services.emacs] use `fg-daemon` flag for service
 2019-01-02 20:02:27 +01:00
Daiderd Jordan
7f4a9ecb4d
lnl: add nix-daemon objc workaround 2018-12-18 23:32:18 +01:00
Daiderd Jordan
5f7c0b6f56
lnl: fix reexec aliases 2018-12-18 23:21:21 +01:00
Daiderd Jordan
bd1ad9fd60
lnl: enable gnupg agent 2018-12-18 23:21:20 +01:00
Daiderd Jordan
255da174c8
lnl: add awscli 2018-12-18 23:21:18 +01:00
Andrew Childs
676ef10377 Unify environment configuration and don't run in child shells 
This should enable `nix run` to work under shells like fish and zsh,
as well as making child shells not needlessly reset any environment
that should be inherited.

Implementation adapted from NixOS.
 2018-10-25 01:00:52 +09:00
Mario Rodas
1a786eb088 bash: place bashrc early non-interactive return below system setup 
Setting PATH and environment setup is required in non-interactive shells
 2018-10-16 19:54:07 -05:00
Mario Rodas
dff88ee954 bash: do not evaluate completions on dumb terminals 2018-10-14 10:38:48 -05:00
Mario Rodas
b82bc64a0e bash: do not evaluate /etc/bashrc on non-interactive shells 2018-10-14 10:38:40 -05:00
Daiderd Jordan
9a04aea8ea
tmux: remove reattach-to-user-namespace 
It's not been needed anymore for a few macOS releases now.
 2018-10-12 21:59:41 +02:00
Daiderd Jordan
9a192471bb
Merge pull request #108 from thefloweringash/dock-show-recents 
system.defaults.dock: add `show-recents` option
 2018-10-11 19:29:04 +02:00
Daiderd Jordan
166560ca76
Merge pull request #102 from peel/f-fonts-module 
initialise fonts module
 2018-10-11 19:10:42 +02:00
Andrew Childs
4cfb4b084e system.defaults.dock: add show-recents option 2018-10-11 11:58:17 +09:00
Piotr Limanowski
00cd92968e skip buildEnv and create a package with /share/fonts 2018-10-06 20:38:01 +02:00
Piotr Limanowski
2a53ac278f fonts: adds enableFontDir flag 
For NixOS compatibility reasons we're using enableFontDir flag that
in turn enables/disables font management in /Library/Fonts directory.
 2018-10-05 22:27:29 +02:00
Piotr Limanowski
da886d015c fonts: extracts helpers to top-level let expr 2018-10-05 19:17:43 +02:00
Piotr Limanowski
c2d7870587 adds info on automatic removal of manually-added fonts 2018-10-04 20:40:19 +02:00
Piotr Limanowski
397d2637e9 looks for fonts with both otf and ttf extensions 2018-10-04 13:48:57 +02:00
Piotr Limanowski
8fe33a584e adds recursive font searching 2018-10-04 13:14:45 +02:00
Piotr Limanowski
6d0cf2d842 add tests for fonts 2018-10-02 19:59:23 +02:00
Luigy Leon
a15b59594f Fix quoting for nixPath check 2018-09-30 10:56:32 -04:00
Piotr Limanowski
b10e114e33 re-add fonts on every rebuild 2018-09-30 14:53:16 +02:00
Piotr Limanowski
7a7cbdc165 initialise fonts module 2018-09-30 13:22:24 +02:00
Daiderd Jordan
b2d62a6f44
lnl: move gitconfig to dotfiles 2018-09-21 20:14:02 +02:00
Mario Rodas
5d272ddaf2 synapse-bt: add synapse-bt service 2018-09-15 15:37:22 -05:00
Daiderd Jordan
c49311408b
Merge pull request #99 from Enzime/add/synergy-service 
synergy: Add module for client and server
 2018-09-14 22:57:51 +02:00
Daiderd Jordan
48f3ed6301
nix: only set NIX_REMOTE for nix 1.11 
This isn't needed anymore, nix 2.0 figures this out automatically now.
 2018-09-14 21:40:19 +02:00
Michael Hoang
6d013ea166 synergy: Add module for client and server 2018-09-14 20:48:23 +10:00
Daiderd Jordan
9347dc05d1
lnl: make git commit verbose by default 
Having the diff context for both commit and rebase -i is really useful
while writing commit messages.
 2018-09-13 22:57:56 +02:00
Daiderd Jordan
add86e33a2
lnl: add system packages 2018-09-05 22:49:54 +02:00
Piotr Limanowski
3fabc3d842
use fg-daemon flag for emacs service 
As the default package is now emacs 26.1 and --daemon flag falls back to forking behaviour the recommended way is to use fg-daemon, see: lists.gnu.org/archive/html/emacs-devel/2016-11/msg00383.html, lists.gnu.org/archive/html/emacs-devel/2017-05/msg00861.html
 2018-09-03 19:54:56 +02:00
Daiderd Jordan
7750896cc7
checks: update and improve darwin-config message 
Now that environment.darwinConfig exists it's a better choice otherwise
multiple NIX_PATH entries need to be added.
 2018-08-26 14:47:40 +02:00
Daiderd Jordan
e57ac2ee71
simple: add environment.darwinConfig example 2018-08-26 14:33:40 +02:00
Daiderd Jordan
f473b21c9f
environment: add darwinConfig option to set darwin-config in NIX_PATH 
This simplifies using a non default configuration.nix without requiring
a symlink or redefining NIX_PATH.

The nix.nixPath option only defines a default which means defining a value
will drop all of the defaults. This is because correct merge behaviour
isn't very clear for named entries.
 2018-08-26 14:09:01 +02:00