1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2024-12-14 11:57:34 +00:00
Commit graph

1224 commits

Author SHA1 Message Date
Michael Hoang
a5d770b257
Merge pull request #1117 from Enzime/push-owuqqzqkrnpn
users: prevent deleting the user calling `darwin-rebuild`
2024-10-24 18:51:17 +11:00
Michael Hoang
b089e7e726 users: switch back to using dscl for deleting users
The previous default behaviour when nix-darwin deletes users is that
their home directories are left intact, however as the `-keepHome` flag
for `sysadminctl -deleteUser` is broken, we'll need to switch back for
now.
2024-10-24 18:33:05 +11:00
Philip Børgesen
f737259769 power,sleep: Add options to control restart and sleep behavior 2024-10-24 06:13:11 +02:00
Philip Børgesen
5907cbbb31 networking: Add wakeOnLan option 2024-10-24 06:13:07 +02:00
Michael Hoang
b702750226 users: ensure Full Disk Access is granted before trying to create users 2024-10-24 14:33:16 +11:00
Michael Hoang
2be05de06e users: add missing newlines for FDA prompt 2024-10-24 14:33:02 +11:00
Michael Hoang
467a0d3d0c users: prevent deleting the user calling darwin-rebuild
`sysadminctl -deleteUser` will only prevent you from deleting the
current user if it's not the last admin and not the last secure token
user, otherwise it will happily oblige.
2024-10-24 14:33:02 +11:00
Michael Hoang
bbe1917238 users: ensure users' shells are installed 2024-10-24 14:18:31 +11:00
Michael Hoang
5f05c2c3d2
Merge pull request #1106 from NickHu/aerospace
module: add aerospace service
2024-10-24 10:50:04 +11:00
Michael Hoang
8c02940d70 users: ensure Full Disk Access is granted before trying to delete users 2024-10-23 01:29:01 +11:00
Michael Hoang
0a686597fa users: don't allow name to be empty 2024-10-22 22:54:04 +11:00
Michael Hoang
11c777c719 users: change default description to null 2024-10-22 22:54:04 +11:00
Michael Hoang
ac7932f9de users: use lib.escapeShellArg for group description 2024-10-22 19:43:18 +11:00
Michael Hoang
ea7e178ad4 users: use lib.escapeShellArg for createhomedir 2024-10-22 16:02:21 +11:00
Michael Hoang
8451125cf8 users: use lib.escapeShellArg for dscl paths 2024-10-22 16:02:21 +11:00
Michael Hoang
7a3ec6459c networking: use lib.escapeShellArgs instead of custom version 2024-10-22 16:02:21 +11:00
Michael Hoang
7bb6366f40 users: use lib.escapeShellArgs instead of custom version 2024-10-22 16:02:21 +11:00
Michael Hoang
26f7e45fb1 users: use lib.escapeShellArgs for sysadminctl -addUser 2024-10-22 16:02:21 +11:00
Michael Hoang
cb2e5fa6c5 users: use lib.escapeShellArg for sysadminctl -deleteUser 2024-10-22 16:02:21 +11:00
Michael Hoang
9a6b12b9ef users: use lib.escapeShellArg for id -u 2024-10-22 16:02:21 +11:00
Michael Hoang
5b873c48ac users: set default for users.users.<user>.name 2024-10-22 16:02:21 +11:00
Andrew Lubawy
2788e4fa98 Use sysadminctl instead of dscl
Co-authored-by: Michael Hoang <enzime@users.noreply.github.com>
2024-10-22 16:02:21 +11:00
Michael Hoang
a001f44cfc
Merge pull request #992 from emmceemoore/software-update-fix
Use the correct file location for `SoftwareUpdate` plist.
2024-10-20 11:07:25 +11:00
Nick Hu
7ebf95a73e
style fixes 2024-10-19 10:49:55 +01:00
Nick Hu
72e93853c2
module: add aerospace service 2024-10-16 22:50:44 +01:00
Michael Hoang
6347a9dcd1 skhd: add skhd to PATH 2024-10-14 17:18:08 +11:00
Emily
ccf8cc56c9
Merge pull request #1101 from Enzime/quiet-pgrep
defaults: don't output Dock PID
2024-10-14 03:59:35 +01:00
Michael Hoang
fd0e3ed30b
Merge pull request #794 from fesplugas/patch-1
fix: postgresql service initdb
2024-10-13 08:39:35 +11:00
Michael Hoang
d32e6de094 defaults: don't output Dock PID 2024-10-09 21:57:33 +11:00
Michael Hoang
48b50b3b13
Merge pull request #1097 from isabelroses/bash/completions
programs/bash: move to completion.*
2024-10-08 22:10:05 +11:00
isabel
c9fd4820d5
programs/bash: move to completion.*
a port of https://github.com/NixOS/nixpkgs/pull/291552 for darwin
2024-10-08 10:05:26 +01:00
Michael Hoang
8c8388ade7
Merge pull request #1095 from aspauldingcode/master
jankyborders service option order above or below
2024-10-04 09:48:17 +10:00
Michael Hoang
c266b57bbe
Merge pull request #1077 from rsrohitsingh682/add-netadata
feat: add netdata service
2024-10-04 09:44:43 +10:00
Rohit Singh
239d802869 netdata: add netdata service in nix-darwin. 2024-10-03 23:42:10 +05:30
Alex S.
5cd9995215
Update modules/services/jankyborders/default.nix
Co-authored-by: Michael Hoang <Enzime@users.noreply.github.com>
2024-10-02 10:38:08 -06:00
aspauldingcode
af95f7b7ec add JankyBorders option order and set below by default (values: above/below) 2024-10-01 17:47:30 -06:00
isabel
a42623df7a
fix: remove deprecated lib.mdDoc 2024-09-30 15:12:13 +01:00
Michael Hoang
4b43b68281
Merge pull request #1094 from rogeruiz/rogeruiz/add-slow-motion-allowed-for-dock
Adding option for slow-motion-allowed
2024-09-29 20:08:41 +10:00
Roger Steve Ruiz
f9ee41a05d
Adding option for slow-motion-allowed;
This was inspired by a recent Daring Fireball post where I was reminded about
this feature and how it's missing from being able to configure it in Nix-Darwin.

[https://daringfireball.net/linked/2024/09/28/hidden-pref-to-restore-slow-motion-dock-minimizing-on-macos]()
2024-09-28 23:28:34 -05:00
will
3d19b90fc7
fix: karabiner elements virtualhiddeviceclient
- command needed to be quoted
2024-09-28 15:13:31 +10:00
will
034c45dd0c
feat: use wait4path with script launchd option
addresses https://github.com/LnL7/nix-darwin/issues/1043

fix: use exec in launchd daemon config

fix: dont use a script thats in the nix store

fix: remove manual wait4path in linux-builder

fix: remove manual wait4path in karabiner elements

fix: remove manual wait4path in nix-daemon

fix: remove manual wait4path in nix-optimise

fix: remove manual wait4path in tailscaled

fix: autossh test

Revert "fix: remove manual wait4path in nix-daemon"

This reverts commit 6aec084fa5.

fix: remove bad exec

Reapply "fix: remove manual wait4path in nix-daemon"

This reverts commit c8f136ecc5.

fix: update autossh test

to reflect changes in f86e6133d9

fix: services-activate-system-changed-label-prefix test

fix: services-buildkite-agent test

fix: services-activate-system test

fix: escape ampersand

fix: services-lorri test

fix: services-nix-optimise test

fix: services-nix-gc test

refactor: use script rather than command in daemon

fix: use config.command for clarity

style: fix indentation

fix: use lib.getExe rather than directly pointing to file

revert: a87fc7bbbb

- mistaken refactor meant that service waited for nix store and not the relevant path
2024-09-22 15:30:21 +10:00
Michael Hoang
c03f85fa42
Merge pull request #1057 from niklasravnsborg/master
Some checks failed
Test / install-against-unstable (push) Has been cancelled
Test / test-stable (push) Has been cancelled
Test / test-unstable (push) Has been cancelled
Test / install-against-stable (push) Has been cancelled
Test / install-flake-against-stable (push) Has been cancelled
Test / install-flake-against-unstable (push) Has been cancelled
Update manual / update-manual (push) Has been cancelled
Adjust default options
2024-09-19 17:45:53 +07:00
Emily
6374cd7e50
Merge pull request #1084 from emilazy/push-xysppwqymotu
checks: show Sequoia migration commands for other installers
2024-09-18 00:44:40 +01:00
Emily
ef16775e43 checks: show Sequoia migration commands for other installers
This is hopefully largely cosmetic, but should increase user
confidence in the safety and effectiveness of the migration, and the
Determinate Systems and Lix installer commands will also update the
`/nix/receipt.json` files to match the changes made. They cannot
properly handle the format of each other’s receipts, so we need to
detect which was used.
2024-09-17 22:20:48 +01:00
Niklas Ravnsborg
2841f49631
fix description typo in dock.nix 2024-09-16 10:54:06 +02:00
Niklas Ravnsborg
3d48a9893a
add finder._FXSortFoldersFirst option 2024-09-16 10:54:05 +02:00
Niklas Ravnsborg
3b087efcbd
add NSGlobalDomain.AppleSpacesSwitchOnActivate option 2024-09-16 10:54:05 +02:00
Emily
21fe31f264
Merge pull request #1075 from emilazy/push-oszxxzpyppzm
version: make `system.stateVersion` mandatory
2024-09-13 01:53:33 +01:00
Emily
122ff62d68
Merge pull request #1072 from antoineco/zsh/no-nix-shell-check
Remove nix-shell early return in /etc/{zshenv,bashrc}
2024-09-12 20:16:27 +01:00
Antoine Cotten
953d02ba59
{bash,zsh}: remove nix-shell early return in /etc/{bashrc,zshenv}
The condition does not match the comment, and therefore not the original
intention. It currently returns early in *any* type of Nix shell, not
just pure ones, including 'nix develop'.

Besides being unnecessary, this check prevents Nix shells from
functioning properly. For instance, it causes the initialization of the
Zsh fpath to be skipped, which is critical. The fact that the user is
unable to opt out of this behaviour makes this an ever bigger problem
since /etc/zshenv is being loaded unconditionally by Zsh.

For reference, NixOS does not perform such check, and apparently never
did.
2024-09-12 17:37:56 +00:00
Emily
04e3cfc822 version: make system.stateVersion mandatory
When testing the Sequoia UID change, I discovered that @mjm
didn’t have `system.stateVersion` set; I suspect this is not too
uncommon. Let’s make it required now, like NixOS is trying to,
to improve our backwards‐compatibility story in anticipation of
starting to cut release branches.
2024-09-12 18:35:10 +01:00
Emily
a0e362a5c9
Merge pull request #1067 from antoineco/module/nixpkgs-flake
Put nixpkgs in NIX_PATH and system registry for flake configs
2024-09-12 11:01:04 +01:00
Sebastian Reuße
6ad463a764
zsh: don't be noisy when scripts are run with -u
When a script specifies the shell option "nounset" as part of the
shebang (e.g., via "#!/usr/bin/env -S zsh -u"), our initialization
scripts would produce error messages of the form:

    __ETC_FOO_SOURCED: parameter not set

These messages could probably be confusing to users when running such
scripts. By providing a fall-back in the parameter expansion, we can
avoid them.

This patch does not address interactive shell start-up, where such
messages may (or may not) be less problematic.

NixOS/nixpkgs@7d84dbdf5b
2024-09-11 14:07:24 +02:00
Jörg Thalheim
7e6c548eef
zsh: let children shells set their fpath
Currently zshenv by default only sets fpath without exporting it. A
parent shell would also not set those variables usually as they are
shell local.

It also sources a file called set-environment but this is protected by
an environment variable called __NIX_DARWIN_SET_ENVIRONMENT_DONE. Hence
any modification done by the parent shell should persist as long as
__NIX_DARWIN_SET_ENVIRONMENT_DONE is not unset.

This behavior deviates from what we do in bashrc and breaks common
setups such as tmux/mosh or screen.

NixOS/nixpkgs@55819e6c86
2024-09-11 13:01:26 +02:00
Jade Lovelace
8714f9e285
flake: put nixpkgs in NIX_PATH and system registry for flake configs
Currently there are a bunch of really wacky hacks required to get
nixpkgs path correctly set up under flake configs such that `nix run
nixpkgs#hello` and `nix run -f '<nixpkgs>' hello` hit the nixpkgs that
the system was built with. In particular you have to use specialArgs or
an anonymous module, and everyone has to include this hack in their own
configs.

We can do this for users automatically.

NixOS/nixpkgs@e456032add

Co-authored-by: Antoine Cotten <hello@acotten.com>
2024-09-11 08:24:41 +02:00
Emily
88b97aa49c {ids,checks}: update for new builder UID/GID values 2024-09-11 01:17:01 +01:00
Emily
9c60c95008 checks: make oldBuildUsers check fail hard
Checking for the Sequoia stuff won’t work properly if a system is
still in this old state. Best to be loud about it to deal with any
straggler systems that haven’t yet dealt with this issue.
2024-09-11 00:37:08 +01:00
Emily
2af5f0fb9e checks: factor out nix.useDaemon check 2024-09-11 00:37:08 +01:00
Sebastian Reuße
15f64efcaf
zsh: prefer Nix completions these from Zsh package
Zsh ships some rudimentary completions for programs where upstream also
ships their own completions (e.g., curl). So as not to shadow those
completions, we need to prepend to the fpath instead of appending.

NixOS/nixpkgs@8dad5a2239
2024-09-10 21:40:11 +02:00
Jan Malakhovski
4d59f660bc
zsh: move fpath init from /etc/zshrc to /etc/zshenv
We want these to be set even when /etc/zshrc loading is disabled.

NixOS/nixpkgs@f70e3f3738
2024-09-10 21:35:35 +02:00
natsukium
ec76c31dbd
checks.nix: fix typo 2024-09-10 22:20:22 +09:00
Sirio Balmelli
c334175319
nixos/github-runner: quote comma separators so as to pass shellcheck
Shellcheck complains:

       > args=(
       >      ^-- SC2054 (warning): Use spaces, not commas, to separate array elements.

Quote the --labels argument to resolve.

Signed-off-by: Sirio Balmelli <sirio@b-ad.ch>
2024-09-06 14:57:35 +02:00
Emily
97e0f72759 users: allow arbitrary group IDs
The upstream Nix UID/GID changes for Sequoia will require us to manage
a group with GID 350. That will require more work on our end to ensure
compatibility and a working migration path, but this is enough to
allow hacking around it locally in system configurations for now.
2024-09-05 10:39:01 +01:00
Michael Hoang
e1b6f307ec linux-builder: make package.nixosConfig accurate 2024-09-05 13:54:53 +10:00
Michael Hoang
7c4b53a7d9
Merge pull request #1051 from booxter/suppress-gpg-connect-agent-stderr
gpg: Suppress stderr from gpg-connect-agent on shell init
2024-09-01 21:15:02 +10:00
Ihar Hrachyshka
75d14c62cb gpg: Suppress stderr from gpg-connect-agent on shell init
In some scenarios, the command may fail, e.g. when the shell is executed
with a different $HOME from where gpg agent is configured to run from.

(E.g. this happens in kitty terminal test suite.)

This patch will suppress stderr errors on tty in this situation.

Note that zsh does not allow to suppress execution of /etc/zshenv on
startup, so it's impossible to skip it in the test suite environment.

An alternative would be to set IN_NIX_SHELL in the test suite, but this
was rejected in upstream:

https://github.com/kovidgoyal/kitty/pull/7800

There's also a kitty package specific fix posted here but this may be
unnecessary once nix-darwin is patched here:

https://github.com/NixOS/nixpkgs/pull/338070

Signed-off-by: Ihar Hrachyshka <ihar.hrachyshka@gmail.com>
2024-08-29 16:37:56 -04:00
Corey Jewett
544db3691c Add sha256 for DeterminateSystems Nix installer 0.22.0 2024-08-29 10:51:52 -07:00
Michael Hoang
ac5694a0b8
Merge pull request #1044 from Enzime/add/known-hash
etc: add known hash for DetSys installer 0.20.0+
2024-08-25 14:56:10 +10:00
Michael Hoang
2bd4949af3 etc: add known hash for DetSys installer 0.20.0+ 2024-08-25 14:36:37 +10:00
isabel
c06794de03
feat: system.disableInstallerTools 2024-08-21 14:29:54 +01:00
Michael Hoang
076b9a905a
Merge pull request #1026 from thecaralice/nochan
Allow disabling channels
2024-08-17 11:59:09 +10:00
Alice Carroll
5afa71b413
fix: respect user nixPath configuration 2024-08-17 02:51:01 +03:00
Alice Carroll
691a590bff
feat: allow disabling channels 2024-08-17 02:51:01 +03:00
Alice Carroll
d5dba1c6f5
refactor: rename environment.postBuild to environment.extraSetup 2024-08-17 02:50:56 +03:00
Maxime Daffis
636d1a09d8 (feature) Add swapLeftCtrlAndFn
Use this and never find yourself again hitting fn because of muscle
memory! (you can even physically swap the keycaps, at least on M series)

Keycodes have been pulled from https://hidutil-generator.netlify.app/
and the hex value has been converted to a base 10 int.
2024-08-05 13:00:32 +02:00
Maxime Daffis
3dd14e466c (feature) Add Stage Manager (com.apple.WindowManager) settings as system.defaults.windowmanager
All credits go to @AlexOwl. Their [PR](https://github.com/LnL7/nix-darwin/pull/505)
looked abandonned so I reported their changes and addressed the change
requests.
2024-08-02 01:17:45 +02:00
Jörg Thalheim
cf45edbf27 programs.ssh: add certificate authorities 2024-07-31 19:34:17 +02:00
Emily
7e08a9dd34
Merge pull request #1018 from Enzime/fix/github-runners-work-dir
github-runners: move `workDir` outside of `/run`
2024-07-31 18:00:20 +01:00
Emily
0413754b3c
Merge pull request #1012 from Enzime/fix/dock-not-running
defaults: only restart Dock when user is logged in
2024-07-27 13:17:26 +01:00
zowoq
e88eb66c2b mapAttrsFlatten -> mapAttrsToList
deprecated in 473e469d5a
2024-07-27 13:37:28 +10:00
Michael Hoang
dc8e1f4839 github-runners: move workDir outside of /run
As `/run` gets recreated every reboot and we can't specify dependencies
for launchd, creating the `workDir` every reboot will require extra
complexity with a separate daemon that runs as `root` otherwise it won't
have sufficient privileges.

As we clean the `workDir` when the service first starts anyway, it ends
up being the same.
2024-07-27 10:41:18 +10:00
Michael Hoang
a6903cf7e3 activation-scripts: add extra comment 2024-07-27 10:39:57 +10:00
Michael Hoang
5c8fb55182 Revert "github-runnners: fix workDir missing on reboot"
This reverts commit fe99aa9699.
2024-07-27 10:26:37 +10:00
Michael Hoang
a566238826 defaults: only restart Dock when user is logged in 2024-07-25 12:24:30 +10:00
347Online | Katie Janzen
be14a2add1 Add inline prediction option mirroring the capitalization option 2024-07-24 12:51:20 -05:00
Michael Hoang
fe99aa9699 github-runnners: fix workDir missing on reboot 2024-07-23 11:06:40 +10:00
Nikola Milojević
199cf34012
chore: removing deprecations for 25.05 nix 2024-07-22 13:37:17 +02:00
Emily
33bf7df5bb
Merge pull request #973 from amsynist/modules/services/jankyborders
module : `jankyborders` for window borders Configuration
2024-07-21 09:21:06 +01:00
Prav!n
fa0d64721f module: add jankyborders service
- Added the jankyborders service.
- Introduced changes for whitelist and blacklist options and assertions.
- emoved path reference from launchd argument.
- Corrected missing trailing newline in default.nix.
2024-07-21 02:54:45 +05:30
Michael Hoang
a3e4a7b8ff
Merge pull request #999 from Enzime/restart-dock
defaults: restart Dock when changing settings
2024-07-18 12:43:02 +10:00
Michael Hoang
ce130f4b20 defaults: restart Dock when changing settings 2024-07-16 11:28:20 +10:00
Michael Hoang
7522a30d32
Merge pull request #997 from thanegill/patch-3
Add `User` and  already generated `IdentityFile` to ssh_config for `nix.linux-builder`
2024-07-16 09:34:28 +10:00
Thane Gill
395e4d3794
Update modules/nix/linux-builder.nix
Co-authored-by: Michael Hoang <Enzime@users.noreply.github.com>
2024-07-12 09:50:57 -07:00
Emily
cf297a8d24
Merge pull request #976 from emilazy/openssh-use-links-for-authorized-keys
ssh: use symlinks for `authorizedKeys` options
2024-07-10 09:17:22 +01:00
Thane Gill
b34d1bee48 Add User and already generated IdentityFile to ssh_config for nix.linux-builder 2024-07-09 13:16:19 -07:00
Henrique Goncalves
e2a85731a0
nextdns: fix argument handling 2024-07-08 16:36:31 -03:00
Ian Chamberlain
b7e112cdf9
Add lix-installer to known files 2024-07-06 18:04:06 -04:00
Mike Moore
4054d5caea Use the correct file location for SoftwareUpdate plist. 2024-07-02 09:40:18 -07:00
Nikola Milojević
e00896468a
chore: remove mkpackageoptionmd deprecation 2024-07-01 16:24:41 +02:00
Samuel Tam
4141697ed2
checks.nix: disable verifyBuildUsers for auto-allocate-uids 2024-06-23 15:14:48 +08:00