Merge pull request #1164 from Enzime/push-yyusnrnkwkxu

nix-daemon: enable by default

12 files changed, 37 insertions, 46 deletions

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 623cb69..92d06d4 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -55,7 +55,7 @@ jobs:
 
         nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1)
         /usr/bin/sed -i.bak \
-          "s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
+          "s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
           ~/.nixpkgs/darwin-configuration.nix
 
         nix-shell -A installer
@@ -103,7 +103,7 @@ jobs:
 
         nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1)
         /usr/bin/sed -i.bak \
-          "s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
+          "s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
           ~/.nixpkgs/darwin-configuration.nix
 
         nix-shell -A installer
@@ -145,7 +145,7 @@ jobs:
           nix flake init -t $darwin
           nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1)
           /usr/bin/sed -i.bak \
-            "s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
+            "s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
             flake.nix
         popd
         nix run .#darwin-rebuild -- \
@@ -178,7 +178,7 @@ jobs:
           nix flake init -t $darwin
           nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1)
           /usr/bin/sed -i.bak \
-            "s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
+            "s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
             flake.nix
         popd
         nix run .#darwin-rebuild -- \
diff --git a/README.md b/README.md
index eb6228c..58bde79 100644
--- a/README.md
+++ b/README.md
@@ -66,10 +66,6 @@ Configuration lives in `~/.nixpkgs/darwin-configuration.nix`. Check out
   environment.systemPackages =
     [ pkgs.vim
     ];
-
-  # Auto upgrade nix package and the daemon service.
-  services.nix-daemon.enable = true;
-  nix.package = pkgs.nix;
 }
 ```
 
diff --git a/modules/examples/flake/flake.nix b/modules/examples/flake/flake.nix
index bd733bd..dbcc420 100644
--- a/modules/examples/flake/flake.nix
+++ b/modules/examples/flake/flake.nix
@@ -16,10 +16,6 @@
         [ pkgs.vim
         ];
 
-      # Auto upgrade nix package and the daemon service.
-      services.nix-daemon.enable = true;
-      # nix.package = pkgs.nix;
-
       # Necessary for using flakes on this system.
       nix.settings.experimental-features = "nix-command flakes";
 
diff --git a/modules/examples/hydra.nix b/modules/examples/hydra.nix
index eb1c5d9..f87ed5d 100644
--- a/modules/examples/hydra.nix
+++ b/modules/examples/hydra.nix
@@ -8,8 +8,6 @@ let
 in
 
 {
-  services.nix-daemon.enable = true;
-
   nix.settings.substituters = [ "http://cache1" ];
   nix.settings.trusted-public-keys = [ "cache.daiderd.com-1:R8KOWZ8lDaLojqD+v9dzXAqGn29gEzPTTbr/GIpCTrI=" ];
 
diff --git a/modules/examples/lnl.nix b/modules/examples/lnl.nix
index dccae07..2204c2f 100644
--- a/modules/examples/lnl.nix
+++ b/modules/examples/lnl.nix
@@ -77,7 +77,6 @@
   #   serviceConfig.ProcessType = "Background";
   # };
 
-  services.nix-daemon.enable = true;
   # services.nix-daemon.enableSocketListener = true;
 
   nix.extraOptions = ''
diff --git a/modules/examples/simple.nix b/modules/examples/simple.nix
index 5baf009..8d769a2 100644
--- a/modules/examples/simple.nix
+++ b/modules/examples/simple.nix
@@ -11,10 +11,6 @@
   # $ darwin-rebuild switch -I darwin-config=$HOME/.config/nixpkgs/darwin/configuration.nix
   # environment.darwinConfig = "$HOME/.config/nixpkgs/darwin/configuration.nix";
 
-  # Auto upgrade nix package and the daemon service.
-  # services.nix-daemon.enable = true;
-  # nix.package = pkgs.nix;
-
   # Enable alternative shell support in nix-darwin.
   # programs.fish.enable = true;
 
diff --git a/modules/nix/default.nix b/modules/nix/default.nix
index 3751e8c..09e6e50 100644
--- a/modules/nix/default.nix
+++ b/modules/nix/default.nix
@@ -191,9 +191,6 @@ in
         description = ''
           Whether to distribute builds to the machines listed in
           {option}`nix.buildMachines`.
-
-          NOTE: This requires services.nix-daemon.enable for a
-          multi-user install.
         '';
       };
 
diff --git a/modules/services/nix-daemon.nix b/modules/services/nix-daemon.nix
index 6718ac0..ffc7e65 100644
--- a/modules/services/nix-daemon.nix
+++ b/modules/services/nix-daemon.nix
@@ -1,16 +1,16 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
+{ config, lib, ... }:
 
 let
   cfg = config.services.nix-daemon;
+
+  inherit (lib) mkDefault mkIf mkMerge mkOption types;
 in
 
 {
   options = {
     services.nix-daemon.enable = mkOption {
       type = types.bool;
-      default = false;
+      default = true;
       description = "Whether to enable the nix-daemon service.";
     };
 
diff --git a/modules/system/checks.nix b/modules/system/checks.nix
index ab6ea19..949a28e 100644
--- a/modules/system/checks.nix
+++ b/modules/system/checks.nix
@@ -129,18 +129,26 @@ let
     fi
   '';
 
-  singleUser = ''
-    if grep -q 'build-users-group =' /etc/nix/nix.conf; then
-        echo "error: The daemon is not enabled but this is a multi-user install, aborting activation" >&2
-        echo "Enable the nix-daemon service:" >&2
-        echo >&2
-        echo "    services.nix-daemon.enable = true;" >&2
-        echo >&2
-        echo "or set" >&2
-        echo >&2
-        echo "    nix.useDaemon = true;" >&2
-        echo >&2
-        exit 2
+  nixDaemon = if config.nix.useDaemon then ''
+    if ! dscl . -read /Groups/nixbld PrimaryGroupID &> /dev/null; then
+      printf >&2 'error: The daemon should not be enabled for single-user installs, aborting activation\n'
+      printf >&2 'Disable the nix-daemon service:\n'
+      printf >&2 '\n'
+      printf >&2 '    services.nix-daemon.enable = false;\n'
+      printf >&2 '\n'
+      # shellcheck disable=SC2016
+      printf >&2 'and remove `nix.useDaemon` from your configuration if it is present.\n'
+      printf >&2 '\n'
+      exit 2
+    fi
+  '' else ''
+    if dscl . -read /Groups/nixbld PrimaryGroupID &> /dev/null; then
+      printf >&2 'error: The daemon should be enabled for multi-user installs, aborting activation\n'
+      printf >&2 'Enable the nix-daemon service:\n'
+      printf >&2 '\n'
+      printf >&2 '    services.nix-daemon.enable = true;\n'
+      printf >&2 '\n'
+      exit 2
     fi
   '';
 
@@ -337,7 +345,7 @@ in
       (mkIf cfg.verifyBuildUsers buildUsers)
       (mkIf cfg.verifyBuildUsers preSequoiaBuildUsers)
       (mkIf config.nix.configureBuildUsers buildGroupID)
-      (mkIf (!config.nix.useDaemon) singleUser)
+      nixDaemon
       nixStore
       (mkIf (config.nix.gc.automatic && config.nix.gc.user == null) nixGarbageCollector)
       (mkIf (config.nix.optimise.automatic && config.nix.optimise.user == null) nixStoreOptimiser)
diff --git a/pkgs/darwin-installer/default.nix b/pkgs/darwin-installer/default.nix
index 5c6d801..78ca3c8 100644
--- a/pkgs/darwin-installer/default.nix
+++ b/pkgs/darwin-installer/default.nix
@@ -53,11 +53,6 @@ stdenv.mkDerivation {
         mkdir -p "$HOME/.nixpkgs"
         cp "${../../modules/examples/simple.nix}" "$config"
         chmod u+w "$config"
-
-        # Enable nix-daemon service for multi-user installs.
-        if [ ! -w /nix/var/nix/db ]; then
-            sed -i 's/# services.nix-daemon.enable/services.nix-daemon.enable/' "$config"
-        fi
     fi
 
     # Skip when stdin is not a tty, eg.
diff --git a/pkgs/darwin-uninstaller/configuration.nix b/pkgs/darwin-uninstaller/configuration.nix
index 75d1cac..295477a 100644
--- a/pkgs/darwin-uninstaller/configuration.nix
+++ b/pkgs/darwin-uninstaller/configuration.nix
@@ -12,6 +12,9 @@ with lib;
   launchd.daemons = mkForce {};
   launchd.user.agents = mkForce {};
 
+  # Don't try to reload `nix-daemon`
+  nix.useDaemon = mkForce false;
+
   system.activationScripts.postUserActivation.text = mkAfter ''
     if [[ -L ~/.nix-defexpr/channels/darwin ]]; then
         nix-channel --remove darwin || true
diff --git a/pkgs/darwin-uninstaller/default.nix b/pkgs/darwin-uninstaller/default.nix
index 17c0a46..da58682 100644
--- a/pkgs/darwin-uninstaller/default.nix
+++ b/pkgs/darwin-uninstaller/default.nix
@@ -31,7 +31,9 @@ in writeShellApplication {
     echo >&2 "    - remove /Applications/Nix Apps symlink"
     echo >&2 "    - cleanup static /etc files"
     echo >&2 "    - disable and remove all launchd services managed by nix-darwin"
-    echo >&2 "    - restore daemon service from nix installer (only when this is a multi-user install)"
+    if [[ $(stat -f '%Su' /nix/store) == "root" ]]; then
+      echo >&2 "    - restore nix-daemon service from nix installer as this is a multi-user install"
+    fi
     echo >&2
 
     if [[ -t 0 ]]; then
@@ -87,8 +89,9 @@ in writeShellApplication {
         pgrep -l nix-daemon
         test -e /Library/LaunchDaemons/org.nixos.nix-daemon.plist
         [[ "$(shasum -a 256 /Library/LaunchDaemons/org.nixos.nix-daemon.plist | awk '{print $1}')" == "$(shasum -a 256 /Library/LaunchDaemons/org.nixos.nix-daemon.plist | awk '{print $1}')" ]]
-        echo >&2 ok
+        nix-store --store daemon -q --hash ${stdenv.shell}
       fi
+      echo >&2 ok
     '';
   };
 }