feat: use wait4path with script launchd option

addresses https://github.com/LnL7/nix-darwin/issues/1043 fix: use exec in launchd daemon config fix: dont use a script thats in the nix store fix: remove manual wait4path in linux-builder fix: remove manual wait4path in karabiner elements fix: remove manual wait4path in nix-daemon fix: remove manual wait4path in nix-optimise fix: remove manual wait4path in tailscaled fix: autossh test Revert "fix: remove manual wait4path in nix-daemon" This reverts commit 6aec084fa5d095666e81676e78f7054c83703faa. fix: remove bad exec Reapply "fix: remove manual wait4path in nix-daemon" This reverts commit c8f136ecc555f803124af471324bc6ed1163d6dd. fix: update autossh test to reflect changes in f86e6133d957becb1958da638516b0860fbd7491 fix: services-activate-system-changed-label-prefix test fix: services-buildkite-agent test fix: services-activate-system test fix: escape ampersand fix: services-lorri test fix: services-nix-optimise test fix: services-nix-gc test refactor: use script rather than command in daemon fix: use config.command for clarity style: fix indentation fix: use lib.getExe rather than directly pointing to file revert: a87fc7bbbbdb7c25c5ad6721c93990ea035affdd - mistaken refactor meant that service waited for nix store and not the relevant path
author: will <will.bradshaw50@gmail.com> 2024-08-31 18:27:10 +1000
committer: will <will.bradshaw50@gmail.com> 2024-09-22 15:30:21 +1000
commit: 034c45dd0cac806b527e64c143020676e1070769 (patch)
tree: 68e15b7e10374383d9c2367c9d41756dd8f808a2 /modules
parent: c03f85fa42d68d1056ca1740f3113b04f3addff2 (diff)
6 files changed, 29 insertions, 48 deletions
diff --git a/modules/launchd/default.nix b/modules/launchd/default.nix
index ccb6cc6..64b6af7 100644
--- a/modules/launchd/default.nix
+++ b/modules/launchd/default.nix
@@ -20,7 +20,6 @@ let
     { config, name, ... }:
     let
 
-      cmd = config.command;
       env = config.environment // optionalAttrs (config.path != "") { PATH = config.path; };
 
     in
@@ -88,7 +87,11 @@ let
         '');
 
         serviceConfig.Label = mkDefault "${cfg.labelPrefix}.${name}";
-        serviceConfig.ProgramArguments = mkIf (cmd != "") [ "/bin/sh" "-c" "exec ${cmd}" ];
+        serviceConfig.ProgramArguments = mkIf (config.command != "") [
+          "/bin/sh"
+          "-c"
+          "/bin/wait4path /nix/store &amp;&amp; exec ${config.command}"
+        ];
         serviceConfig.EnvironmentVariables = mkIf (env != {}) env;
       };
     };
diff --git a/modules/nix/linux-builder.nix b/modules/nix/linux-builder.nix
index 9756fe4..2bcb62e 100644
--- a/modules/nix/linux-builder.nix
+++ b/modules/nix/linux-builder.nix
@@ -4,21 +4,6 @@ with lib;
 
 let
   cfg = config.nix.linux-builder;
-
-  # create-builder uses TMPDIR to share files with the builder, notably certs.
-  # macOS will clean up files in /tmp automatically that haven't been accessed in 3+ days.
-  # If we let it use /tmp, leaving the computer asleep for 3 days makes the certs vanish.
-  # So we'll use /run/org.nixos.linux-builder instead and clean it up ourselves.
-  script = pkgs.writeShellScript "linux-builder-start" ''
-    export TMPDIR=/run/org.nixos.linux-builder USE_TMPDIR=1
-    rm -rf $TMPDIR
-    mkdir -p $TMPDIR
-    trap "rm -rf $TMPDIR" EXIT
-    ${lib.optionalString cfg.ephemeral ''
-      rm -f ${cfg.workingDirectory}/${cfg.package.nixosConfig.networking.hostName}.qcow2
-    ''}
-    ${cfg.package}/bin/create-builder
-  '';
 in
 
 {
@@ -176,11 +161,23 @@ in
       environment = {
         inherit (config.environment.variables) NIX_SSL_CERT_FILE;
       };
+
+      # create-builder uses TMPDIR to share files with the builder, notably certs.
+      # macOS will clean up files in /tmp automatically that haven't been accessed in 3+ days.
+      # If we let it use /tmp, leaving the computer asleep for 3 days makes the certs vanish.
+      # So we'll use /run/org.nixos.linux-builder instead and clean it up ourselves.
+      script = ''
+        export TMPDIR=/run/org.nixos.linux-builder USE_TMPDIR=1
+        rm -rf $TMPDIR
+        mkdir -p $TMPDIR
+        trap "rm -rf $TMPDIR" EXIT
+        ${lib.optionalString cfg.ephemeral ''
+          rm -f ${cfg.workingDirectory}/${cfg.package.nixosConfig.networking.hostName}.qcow2
+        ''}
+        ${cfg.package}/bin/create-builder
+      '';
+
       serviceConfig = {
-        ProgramArguments = [
-          "/bin/sh" "-c"
-          "/bin/wait4path /nix/store &amp;&amp; exec ${script}"
-        ];
         KeepAlive = true;
         RunAtLoad = true;
         WorkingDirectory = cfg.workingDirectory;
diff --git a/modules/services/karabiner-elements/default.nix b/modules/services/karabiner-elements/default.nix
index 2f415b2..0e2bb43 100644
--- a/modules/services/karabiner-elements/default.nix
+++ b/modules/services/karabiner-elements/default.nix
@@ -38,14 +38,11 @@ in
     # the system extension is activated, so we can call activate from the manager
     # which will block until the system extension is activated.
     launchd.daemons.start_karabiner_daemons = {
-      serviceConfig.ProgramArguments = [
-        "/bin/sh" "-c"
-        "/bin/wait4path /nix/store &amp;&amp; ${pkgs.writeScript "start_karabiner_daemons" ''
+      script = ''
           ${parentAppDir}/.Karabiner-VirtualHIDDevice-Manager.app/Contents/MacOS/Karabiner-VirtualHIDDevice-Manager activate
           launchctl kickstart system/org.pqrs.karabiner.karabiner_grabber
           launchctl kickstart system/org.pqrs.karabiner.karabiner_observer
-        ''}"
-      ];
+      '';
       serviceConfig.Label = "org.nixos.start_karabiner_daemons";
       serviceConfig.RunAtLoad = true;
     };
@@ -73,11 +70,7 @@ in
     };
 
     launchd.daemons.Karabiner-DriverKit-VirtualHIDDeviceClient = {
-      serviceConfig.ProgramArguments = [
-        "/bin/sh" "-c"
-        # For unknown reasons this daemon will fail if VirtualHIDDeviceClient is not exec'd.
-        "/bin/wait4path /nix/store &amp;&amp; exec \"${pkgs.karabiner-elements.driver}/Library/Application Support/org.pqrs/Karabiner-DriverKit-VirtualHIDDevice/Applications/Karabiner-DriverKit-VirtualHIDDeviceClient.app/Contents/MacOS/Karabiner-DriverKit-VirtualHIDDeviceClient\""
-      ];
+      command = "${pkgs.karabiner-elements.driver}/Library/Application Support/org.pqrs/Karabiner-DriverKit-VirtualHIDDevice/Applications/Karabiner-DriverKit-VirtualHIDDeviceClient.app/Contents/MacOS/Karabiner-DriverKit-VirtualHIDDeviceClient";
       serviceConfig.ProcessType = "Interactive";
       serviceConfig.Label = "org.pqrs.Karabiner-DriverKit-VirtualHIDDeviceClient";
       serviceConfig.KeepAlive = true;
@@ -95,14 +88,11 @@ in
     # We need this to run every reboot as /run gets nuked so we can't put this
     # inside the preActivation script as it only gets run on darwin-rebuild switch.
     launchd.daemons.setsuid_karabiner_session_monitor = {
-      serviceConfig.ProgramArguments = [
-        "/bin/sh" "-c"
-        "/bin/wait4path /nix/store &amp;&amp; ${pkgs.writeScript "setsuid_karabiner_session_monitor" ''
+      script = ''
           rm -rf /run/wrappers
           mkdir -p /run/wrappers/bin
           install -m4555 "${pkgs.karabiner-elements}/Library/Application Support/org.pqrs/Karabiner-Elements/bin/karabiner_session_monitor" /run/wrappers/bin
-        ''}"
-      ];
+      '';
       serviceConfig.RunAtLoad = true;
       serviceConfig.KeepAlive.SuccessfulExit = false;
     };
diff --git a/modules/services/nix-daemon.nix b/modules/services/nix-daemon.nix
index 42d31c9..6718ac0 100644
--- a/modules/services/nix-daemon.nix
+++ b/modules/services/nix-daemon.nix
@@ -44,10 +44,7 @@ in
     nix.useDaemon = true;
 
     launchd.daemons.nix-daemon = {
-      serviceConfig.ProgramArguments = [
-        "/bin/sh" "-c"
-        "/bin/wait4path ${config.nix.package}/bin/nix-daemon &amp;&amp; exec ${config.nix.package}/bin/nix-daemon"
-      ];
+      command = lib.getExe' config.nix.package "nix-daemon";
       serviceConfig.ProcessType = config.nix.daemonProcessType;
       serviceConfig.LowPriorityIO = config.nix.daemonIOLowPriority;
       serviceConfig.Label = "org.nixos.nix-daemon"; # must match daemon installed by Nix regardless of the launchd label Prefix
diff --git a/modules/services/nix-optimise/default.nix b/modules/services/nix-optimise/default.nix
index d8dc401..c0ee0a3 100644
--- a/modules/services/nix-optimise/default.nix
+++ b/modules/services/nix-optimise/default.nix
@@ -62,11 +62,8 @@ in
 
     launchd.daemons.nix-optimise = {
       environment.NIX_REMOTE = optionalString config.nix.useDaemon "daemon";
+      command = "${lib.getExe' config.nix.package "nix-store"} --optimise";
       serviceConfig = {
-        ProgramArguments = [
-          "/bin/sh" "-c"
-          "/bin/wait4path ${config.nix.package} &amp;&amp; exec ${config.nix.package}/bin/nix-store --optimise"
-        ];
         RunAtLoad = false;
         StartCalendarInterval = cfg.interval;
         UserName = cfg.user;
diff --git a/modules/services/tailscale.nix b/modules/services/tailscale.nix
index 3c826cf..e7d6b0d 100644
--- a/modules/services/tailscale.nix
+++ b/modules/services/tailscale.nix
@@ -54,12 +54,9 @@ in
     launchd.daemons.tailscaled = {
       # derived from
       # https://github.com/tailscale/tailscale/blob/main/cmd/tailscaled/install_darwin.go#L30
+      command = lib.getExe' cfg.package "tailscaled";
       serviceConfig = {
         Label = "com.tailscale.tailscaled";
-        ProgramArguments = [
-          "/bin/sh" "-c"
-          "/bin/wait4path ${cfg.package} &amp;&amp; ${cfg.package}/bin/tailscaled"
-        ];
         RunAtLoad = true;
       };
     };
author	will <will.bradshaw50@gmail.com>	2024-08-31 18:27:10 +1000
committer	will <will.bradshaw50@gmail.com>	2024-09-22 15:30:21 +1000
commit	034c45dd0cac806b527e64c143020676e1070769 (patch)
tree	68e15b7e10374383d9c2367c9d41756dd8f808a2 /modules
parent	c03f85fa42d68d1056ca1740f3113b04f3addff2 (diff)