1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2024-12-14 11:57:34 +00:00
Commit graph

1930 commits

Author SHA1 Message Date
Michael Hoang
29b3096a6e
Merge pull request #974 from nicknovitski/linux-builder-crossarch 2024-06-17 22:17:38 +00:00
Nick Novitski
d21ba5a487 linux-builder: make compatible with cross-arch builder package
Before this commit, aarch64 users building the following configuration
would end up with an aarch64-linux builder, while after it, they get the
x86_64-linux builder they expect:
```nix
 nix.linux-builder = {
  enable = true;
  package = pkgs.darwin.linux-builder-x86_64;
};
```

Before, in order to get an x86_64-linux builder, they would have needed
to use this configuration instead:
```nix
 nix.linux-builder = {
  enable = true;
  config.nixpkgs.hostPlatform = "x86_64-linux";
  systems = ["x86_64-linux"];
};
```

The reason for this is that the linux-builder module calls `override` on
the package option, and the `linux-builder-x86_64` package is also
defined using override:
```nix
linux-builder-x86_64 = linux-builder.override {
  modules = [ { nixpkgs.hostPlatform = "x86_64-linux"; } ];
};
```

The module was effectively discarding the `nixpkgs.hostPlatform` option.

Example issue: https://github.com/NixOS/nixpkgs/issues/313784
2024-06-16 14:03:41 -07:00
Emily
36a15e8c6c write-text: remove support for copy
This is a huge anti‐declarative footgun; `copy` files cannot
distinguish if a previous version is managed by nix-darwin, so they
can’t check the hash, so they’re prone to destroying data, and
copied files are not deleted when they’re removed from the system
configuration, which led to a security bug. Nothing else in‐tree
was using this functionality, so let’s make sure it doesn’t
cause any more bugs.
2024-06-15 12:15:13 +01:00
Emily
b833d4a32d ssh: use symlinks for authorizedKeys options
As explained in the changelog and activation check, the previous
implementation had a nasty security bug that made removing a user’s
authorized keys effectively a no‐op.
2024-06-15 12:15:13 +01:00
Emily
58b905ea87
Merge pull request #716 from tmillr/fix-launchd-calendar-interval
fix(launchd): improve `StartCalendarInterval`
2024-06-15 09:40:58 +01:00
Emily
801f8ab2bc
Merge pull request #754 from emilazy/fonts-use-subdir
fonts: reimplement and rename to `fonts.packages`
2024-06-15 05:57:11 +01:00
Michael Hoang
ff988d78f2
Merge pull request #975 from emilazy/drop-old-compat
Drop compatibility for unsupported Nixpkgs versions
2024-06-14 16:16:52 +10:00
Emily
b2ee0b3c03
Merge pull request #842 from Enzime/linux-builder-trust
linux-builder: remove trusted user requirement
2024-06-13 19:58:05 +01:00
Emily
2406909d7a Reapply "eval-config: set class"
All supported Nixpkgs versions now support this.

This reverts commit a5b09580e2.
2024-06-13 14:35:20 +01:00
Emily
5399270903 treewide: remove shims for Nixpkgs ≤ 23.05
These deprecated versions were already made unsupported by #932.
2024-06-13 14:35:20 +01:00
Emily
cbde36ce62 readme: update stable Nixpkgs to 24.05 2024-06-13 14:35:20 +01:00
Emily
be18b76f8d flake.lock: update
With 23.05 support dropped, this was pinned to an unsupported version.
2024-06-13 14:33:45 +01:00
Emily
7d4f867210 fonts: remove fonts.fontDir.enable
As far as I can tell, this isn't required to get fonts to work on
NixOS, so we shouldn't require it on nix-darwin either, even if the
implementations are superficially similar.
2024-06-13 11:56:58 +01:00
Emily
adf578e398 fonts: reimplement and rename to fonts.packages
Fixes: #120
Fixes: #722
Fixes: #752
Closes: #692
2024-06-13 11:56:10 +01:00
Emily
27517d2d18 fonts: refactor system.build.fonts
Process substitution behaves better with variables and it's good
practice to use `lib.escapeShellArgs`.
2024-06-13 11:55:36 +01:00
Emily
09e72ff9b9 fonts: remove with lib 2024-06-13 11:54:58 +01:00
Emily
eb2f62d0de fonts: use non-standard path in test
Ensure that #665 works correctly.
2024-06-13 11:54:23 +01:00
Emily
139ea5dd92
Merge pull request #963 from elohmeier/launchd-lowpriobgio
launchd: add LowPriorityBackgroundIO config
2024-06-13 11:14:19 +01:00
Michael Hoang
315aa649ba
Merge pull request #965 from jonnyowenpowell/feat/screencapture-show-thumbnail-defaults-option
feat: add defaults screencapture show-thumbnail option
2024-06-10 09:49:55 +10:00
Tyler Miller
861af0fc94
fix(launchd): improve StartCalendarInterval
Stricter launchd -> StartCalendarInterval type:

- Verify that the integers passed to `Minute`, `Hour`, etc. are within
  range.

- When provided, the value for StartCalendarInterval must be a non-empty
  list of calendar intervals and must not contain duplicates entries
  (throw an error otherwise).

- For increased flexibility and backwards-compatibility, allow an
  attrset to be passed as well (which will be type-checked and is
  functionally equivalent to passing a singleton list). Allowing an
  attrset or list is precisely in-line with what `launchd.plist(5)`
  accepts for StartCalendarInterval.

Migrate `nix.gc.interval` and `nix.optimise.interval` over to use this
new type, and update their defaults to run weekly instead of daily.

Create `modules/launchd/types.nix` file for easier/modular use of
launchd types needed in multiple files.

Documentation:

- Update and improve wording/documentation of launchd's
  `StartCalendarInterval`.

- Improve wording/documentation of `nix.gc.interval` and
  `nix.optimise.interval` ("time interval" can be misleading as it's
  actually a "calendar interval"; e.g. `{ Hour = 3; Minute = 15;}`
  runs daily, not every 3.25 hours).
2024-06-09 11:20:15 -07:00
jonny
cb198382c2
feat: add defaults screencapture show-thumbnail option 2024-06-06 17:40:24 +01:00
Enno Richter
9ed6009b21 launchd: add LowPriorityBackgroundIO config 2024-06-05 06:40:05 +02:00
Trevor Opiyo
44c88484c4 add warning for enabling syntax highlighting and fast syntax highlighting 2024-05-29 12:24:11 -05:00
Trevor Opiyo
2839ef54aa Add support for zsh-fast-syntax-highlighting 2024-05-29 12:24:11 -05:00
Michael Hoang
c0d5b8c54d
Merge pull request #958 from kamushadenes/master
Add support for trackpad force click
2024-05-30 00:41:28 +10:00
Henrique Goncalves
9639c5509b
Update modules/system/defaults/NSGlobalDomain.nix
Co-authored-by: Michael Hoang <Enzime@users.noreply.github.com>
2024-05-25 03:14:18 -03:00
Michael Hoang
0bea8222f6
Merge pull request #956 from amarshall/systempath-order
environment: Adjust systemPath order to allow injecting in the middle
2024-05-24 10:37:35 +10:00
Henrique Goncalves
2e0f9a9e50
Update NSGlobalDomain.nix 2024-05-23 16:56:43 -03:00
Henrique Goncalves
0e5fc0028b
Update NSGlobalDomain.nix 2024-05-23 16:50:15 -03:00
Henrique Goncalves
120e085d1a
Update NSGlobalDomain.nix 2024-05-23 16:42:31 -03:00
Henrique Goncalves
6cbe6bc2da
Update trackpad.nix 2024-05-23 16:40:17 -03:00
Andrew Marshall
7f897008d4 environment: Adjust systemPath order to allow injecting in the middle
Previously, it was not possible to inject PATH entries between profiles
and the “default system” PATH entries. This confounds adding, e.g.
Homebrew on aarch64’s non-standard prefix as higher priority than the
builtin system paths, but lower than Nix profiles.

This is a backwards-incompatible change for some users, but should only
be so in the case a user used `mkOrder` with a value between 1000 (the
default priority) and 1200. Value of 1200 chosen as the same delta from
the default as just below in `environment.profiles` (which uses 800),
and mkAfter is 1500 so will still go after this.
2024-05-23 09:55:35 -04:00
Andrew Marshall
bd0ed8599f environment: Test how order of systemPath and profiles manifests 2024-05-23 09:55:35 -04:00
Andrew Marshall
9b6f77200f environment: Rework test to assert against full $PATH
It’s deterministic after all, so test against the full thing for greater
flexibility in testing and confidence in lack of unexpected changes to
previously-untested parts of the default $PATH.

Do this in a subshell to avoid polluting the test script’s environment.
2024-05-23 09:55:35 -04:00
Michael Hoang
eac4f25028
Merge pull request #955 from qowoz/hercules-security
hercules-ci-agent: fix crash calling `security`
2024-05-22 08:15:35 +10:00
zowoq
251eaabfa0 hercules-ci-agent: fix crash calling security
this applies the same fix that was used for the cachix agent in e043606b50
2024-05-21 23:16:46 +10:00
Michael Hoang
8bf083c992
Merge pull request #950 from rmgpinto/persistent-others-file-directory-tile
Add file or directory tile to Dock persistent others
2024-05-21 07:21:31 +10:00
Michael Hoang
e1cacc63e6
Merge pull request #926 from Rubikoid/rubikoid/offline-flag
Add offline and substituters flags
2024-05-20 21:25:19 +10:00
Michael Hoang
a2d8796ce9
Merge pull request #954 from thegleich/change-zsh-default-prompt
Change zsh default prompt
2024-05-20 21:17:27 +10:00
Dominik Gleich
c8a8faedbc
Change zsh default prompt 2024-05-20 09:48:03 +02:00
Rubikoid
24f7a3fdf4
Move --offline to group of same behaviour flags 2024-05-18 16:25:53 +03:00
Michael Hoang
ffc01182f9
Merge pull request #953 from techknowlogick/patch-1
remove final lib.mddoc
2024-05-17 09:25:37 +10:00
techknowlogick
de20ea4882
remove final lib.mddoc 2024-05-16 12:48:56 -04:00
Domen Kožar
cb02884fa1
Merge pull request #952 from sandydoo/fix-924
cachix-agent: fix crash calling `security`
2024-05-16 16:58:05 +02:00
Sander
e043606b50
cachix-agent: fix crash calling security
One of cachix-agent's dependencies, `hs-certificate`, makes calls to
`security`. This lives in `/usr/bin`, which isn't available from
launchd. This commit makes the system paths available to cachix-agent.

Fixes #924.
2024-05-16 18:04:33 +04:00
Ricardo Pinto
93913d14a3
Add file or directory tile to Dock persistent others 2024-05-15 07:49:00 +01:00
Michael Hoang
de8b0d60d6
Merge pull request #928 from rmgpinto/persistent-others
Add persistent others to dock
2024-05-14 12:22:58 +10:00
Ricardo Pinto
457a5d9952
Add persistent others to dock 2024-05-13 13:46:54 +01:00
Rubikoid
2a2a311fca
Fix help 2024-05-07 16:02:26 +03:00
Rubikoid
3524643c3d
Fix --offline
Add --substituters flag
2024-05-07 16:02:26 +03:00