Michael Hoang
8b27551e09
users: warn users to use pkgs.bashInteractive
instead of pkgs.bash
2024-11-11 15:24:19 +11:00
Michael Hoang
5eb88645f7
users: assert that programs.<shell>.enable = true;
for users' shells
...
Backport of https://github.com/NixOS/nixpkgs/pull/211603 and 093f354a17
2024-11-11 15:19:41 +11:00
Michael Hoang
c2c88ae983
users: remove lib.
2024-11-11 15:10:46 +11:00
Michael Hoang
534ca06930
docs: use nix-darwin
instead of Darwin
2024-11-09 21:51:15 +11:00
Michael Hoang
3224bb2f7c
Merge pull request #1154 from Samasaur1/zshenv-rcs
...
zsh: only run shell initialization in /etc/zshenv when RCs are enabled
2024-11-09 08:22:06 +00:00
Sam
5fbb7b7637
zsh: only run shell initialization in /etc/zshenv when RCs are enabled
2024-11-07 20:29:35 -08:00
Michael Hoang
f0a1269297
nix: don't allow using auto-optimise-store
as it can corrupt the store
2024-11-08 12:48:15 +11:00
Yuriy Taraday
110d49af63
github-runner: Fix labels for different nixpkgs versions
...
Changes to escapeShellArg introduced in
https://github.com/NixOS/nixpkgs/pull/333744 made different versions of
nixpkgs behave differently. If current nix-darwin is used with nixpkgs
before that change, labels end up having labels quoted twice
(see https://github.com/LnL7/nix-darwin/issues/1085 ), but without
changes from https://github.com/LnL7/nix-darwin/pull/1055 , with new
nixpkgs, labels end up not quoted at all, and ShellCheck ends up
complaining that commas might have been used as array item separator
(see https://www.shellcheck.net/wiki/SC2054 ).
Use the old version of escapeShellArg to always escape the list of
labels and make nix-darwin work with both old and new versions of
nixpkgs.
Fixes https://github.com/LnL7/nix-darwin/issues/1085
2024-11-07 11:46:08 +01:00
Michael Hoang
79608947e2
buildkit-agents: don't use mkdir -p -m
...
As `cfg.dataDir` will be the `home` of the Buildkite Agent user, it is
guaranted to exist so we don't need to use the `-p` flag.
2024-11-07 17:31:22 +11:00
Michael Hoang
3b738c765d
github-runner: replace mkdir -p -m
with umask
...
`mkdir -p -m` only applies the mode on the deepest directory which could
be a security issue so we use umask to be more careful.
2024-11-07 17:31:22 +11:00
Michael Hoang
cf130aa957
users: don't generate ensurePerms
when no users to manage
2024-11-07 17:20:00 +11:00
Michael Hoang
32814a6eb1
users: replace runtime check to prevent deleting root
with assertion
...
This fixes SC2050 as `${name} == "root"` will be generated as a constant
expression.
2024-11-07 17:20:00 +11:00
Michael Hoang
fd510a7122
system: replace for f in $(ls ...)
with for f in .../*
...
Fixes SC2045 but has one quirk which is if the bash glob doesn't match
anything it'll treat it as a string and run the loop once with
`f=.../*` so we need to check that `$f` actually exists.
2024-11-07 17:20:00 +11:00
Michael Hoang
041996803a
treewide: fix shellcheck warnings and errors
2024-11-07 17:20:00 +11:00
Michael Hoang
9afef9950f
checks: move manual /run
instructions to activation
2024-11-07 17:15:22 +11:00
Michael Hoang
3ea1144938
system: run shellcheck
on activate
and activate-user
scripts
2024-11-07 17:15:22 +11:00
Michael Hoang
2af06b0862
examples: clean up
2024-11-07 15:26:53 +11:00
Michael Hoang
c13549d7a6
examples: drop ofborg
example
...
We decided to drop this example as the package is not available in
Nixpkgs and we won't be able to import it easily and keep this example
evaluating as a useful smoke test. The code in this example is already
documented under `services.ofborg.*` so any interested users can still
find out how to set up `ofborg`.
2024-11-07 15:24:16 +11:00
Michael Hoang
569153467b
ofborg: automatically add ofborg
to known{Users,Groups}
2024-11-07 11:41:51 +11:00
Michael Hoang
dd48cbd776
examples: fix evaluation
2024-11-07 11:41:51 +11:00
Michael Hoang
98e7dba872
Merge pull request #909 from motheki/fast-syntax-highlighting-support
...
Add support for zsh-fast-syntax-highlighting
2024-11-06 07:31:39 +00:00
Trevor Opiyo
48e5c8de1a
Update modules/programs/zsh/default.nix
...
Changes added by Enzime
Co-authored-by: Michael Hoang <Enzime@users.noreply.github.com>
2024-11-06 01:10:24 -06:00
Trevor Opiyo
897fc37c47
Update default.nix
...
Co-authored-by: Michael Hoang <Enzime@users.noreply.github.com>
2024-11-05 08:16:35 -06:00
Emily
84d14d4043
prometheus-node-exporter: fix log permissions
...
The daemon won’t start as the assigned user doesn’t have
permissions to create the log file.
2024-11-05 03:00:55 +00:00
Michael Hoang
2f05a81019
Merge pull request #1145 from qowoz/shellcheck-timezone
...
time: shellcheck fix
2024-11-05 01:54:14 +00:00
zowoq
6ff3a49ceb
time: shellcheck fix
...
https://www.shellcheck.net/wiki/SC2143
2024-11-05 11:12:21 +10:00
Emily
189d2d422c
Merge pull request #1129 from mweinelt/node-exporter
...
module: add prometheus-node-exporter service
2024-11-04 05:40:01 +00:00
Michael Hoang
146629a543
Merge pull request #1125 from aschleck/new-window-path
...
Configure the folder that new Finder windows open
2024-11-03 10:19:55 +11:00
Michael Hoang
446e1ef8e1
Merge pull request #1130 from aschleck/fn-key
...
Allow configuring the fn key action
2024-11-03 10:17:21 +11:00
Emily
f203352cc0
Merge pull request #1135 from Enzime/push-lxwqqpssklyn
...
environment: remove misleading `environment.loginShell` option
2024-11-02 22:23:10 +00:00
April Schleck
21809c4261
Allow configuring the fn key action
2024-11-02 09:04:53 -07:00
April Schleck
0dacfdea63
Configure the folder that new Finder windows open
2024-11-02 08:53:08 -07:00
Michael Hoang
318df382e6
users: don't check home directory is correct before creating user
2024-11-02 10:33:31 +11:00
Michael Hoang
683d0c4cd1
Merge pull request #1133 from bew/patch-1
...
karabiner-elements: allow use of custom package
2024-11-01 19:07:54 +11:00
Benoît de Chezelles
331fd8d3b5
karabiner-elements: allow use of custom package
2024-10-31 16:51:05 +01:00
Michael Hoang
63f4d40e55
tmux: remove programs.tmux.defaultCommand
2024-10-31 16:00:03 +11:00
Michael Hoang
1588cb2e99
environment: remove misleading environment.loginShell
option
2024-10-31 16:00:03 +11:00
Michael Hoang
470f87c182
zsh: enable by default as zsh is the default shell on macOS
...
Historically this was a footgun because users would not always have this
enabled leading to `darwin-rebuild` and other programs not being found.
2024-10-31 15:09:11 +11:00
Martin Weinelt
6c8d45fb20
module: add prometheus-node-exporter service
2024-10-31 02:08:34 +01:00
Michael Hoang
f380194f3d
users: create users with home directory /var/empty
by default
2024-10-28 11:05:35 +11:00
Michael Hoang
c908607e8a
users: remove users.forceRecreate
option
2024-10-28 11:01:14 +11:00
Michael Hoang
a15a3d9f1f
users: fix unclosed string
2024-10-28 10:51:09 +11:00
Michael Hoang
febc3b3f51
users: remove with lib;
2024-10-28 00:38:39 +11:00
Michael Hoang
32f0cf2140
users: replace FDA check with more fine grained permissions check
2024-10-28 00:38:39 +11:00
Michael Hoang
9cd3976486
users: ensure all users' home directories in the config are correct
2024-10-27 21:52:41 +11:00
Michael Hoang
55be3e1a5f
users: move checks to system.checks
2024-10-27 21:52:41 +11:00
Michael Hoang
dc6f754fe5
users: allow shell
to be managed by macOS
2024-10-27 21:52:41 +11:00
Michael Hoang
3712ff78cc
users: change default shell to /usr/bin/false
to match macOS
2024-10-27 21:26:19 +11:00
Michael Hoang
bd161d61d6
users: allow home
to be managed by macOS
2024-10-27 21:26:19 +11:00
Michael Hoang
c9af5c2d13
users: update properties on known users
2024-10-27 21:26:19 +11:00