| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
Before this commit, aarch64 users building the following configuration
would end up with an aarch64-linux builder, while after it, they get the
x86_64-linux builder they expect:
```nix
nix.linux-builder = {
enable = true;
package = pkgs.darwin.linux-builder-x86_64;
};
```
Before, in order to get an x86_64-linux builder, they would have needed
to use this configuration instead:
```nix
nix.linux-builder = {
enable = true;
config.nixpkgs.hostPlatform = "x86_64-linux";
systems = ["x86_64-linux"];
};
```
The reason for this is that the linux-builder module calls `override` on
the package option, and the `linux-builder-x86_64` package is also
defined using override:
```nix
linux-builder-x86_64 = linux-builder.override {
modules = [ { nixpkgs.hostPlatform = "x86_64-linux"; } ];
};
```
The module was effectively discarding the `nixpkgs.hostPlatform` option.
Example issue: https://github.com/NixOS/nixpkgs/issues/313784
|
|
This is a huge anti‐declarative footgun; `copy` files cannot
distinguish if a previous version is managed by nix-darwin, so they
can’t check the hash, so they’re prone to destroying data, and
copied files are not deleted when they’re removed from the system
configuration, which led to a security bug. Nothing else in‐tree
was using this functionality, so let’s make sure it doesn’t
cause any more bugs.
|
|
As explained in the changelog and activation check, the previous
implementation had a nasty security bug that made removing a user’s
authorized keys effectively a no‐op.
|
|
fix(launchd): improve `StartCalendarInterval`
|
|
fonts: reimplement and rename to `fonts.packages`
|
|
Drop compatibility for unsupported Nixpkgs versions
|
|
linux-builder: remove trusted user requirement
|
|
All supported Nixpkgs versions now support this.
This reverts commit a5b09580e2d0bbc52b338afe4f1f1d46178e6bbf.
|
|
These deprecated versions were already made unsupported by #932.
|
|
As far as I can tell, this isn't required to get fonts to work on
NixOS, so we shouldn't require it on nix-darwin either, even if the
implementations are superficially similar.
|
|
Fixes: #120
Fixes: #722
Fixes: #752
Closes: #692
|
|
Process substitution behaves better with variables and it's good
practice to use `lib.escapeShellArgs`.
|
|
|
|
launchd: add LowPriorityBackgroundIO config
|
|
Stricter launchd -> StartCalendarInterval type:
- Verify that the integers passed to `Minute`, `Hour`, etc. are within
range.
- When provided, the value for StartCalendarInterval must be a non-empty
list of calendar intervals and must not contain duplicates entries
(throw an error otherwise).
- For increased flexibility and backwards-compatibility, allow an
attrset to be passed as well (which will be type-checked and is
functionally equivalent to passing a singleton list). Allowing an
attrset or list is precisely in-line with what `launchd.plist(5)`
accepts for StartCalendarInterval.
Migrate `nix.gc.interval` and `nix.optimise.interval` over to use this
new type, and update their defaults to run weekly instead of daily.
Create `modules/launchd/types.nix` file for easier/modular use of
launchd types needed in multiple files.
Documentation:
- Update and improve wording/documentation of launchd's
`StartCalendarInterval`.
- Improve wording/documentation of `nix.gc.interval` and
`nix.optimise.interval` ("time interval" can be misleading as it's
actually a "calendar interval"; e.g. `{ Hour = 3; Minute = 15;}`
runs daily, not every 3.25 hours).
|
|
|
|
|
|
|
|
|
|
Add support for trackpad force click
|
|
Co-authored-by: Michael Hoang <Enzime@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
Previously, it was not possible to inject PATH entries between profiles
and the “default system” PATH entries. This confounds adding, e.g.
Homebrew on aarch64’s non-standard prefix as higher priority than the
builtin system paths, but lower than Nix profiles.
This is a backwards-incompatible change for some users, but should only
be so in the case a user used `mkOrder` with a value between 1000 (the
default priority) and 1200. Value of 1200 chosen as the same delta from
the default as just below in `environment.profiles` (which uses 800),
and mkAfter is 1500 so will still go after this.
|
|
hercules-ci-agent: fix crash calling `security`
|
|
this applies the same fix that was used for the cachix agent in e043606b50526f4b9eb14d983f406acec9548962
|
|
|
|
One of cachix-agent's dependencies, `hs-certificate`, makes calls to
`security`. This lives in `/usr/bin`, which isn't available from
launchd. This commit makes the system paths available to cachix-agent.
Fixes #924.
|
|
|
|
|
|
|
|
1048576 matches the nixos/nix plist
https://github.com/NixOS/nix/blob/e3a4e40a354e1c2d177541d24d6a86a001fa87c7/misc/launchd/org.nixos.nix-daemon.plist.in#L29
|
|
treewide: remove lib.mdDoc
|
|
|
|
|
|
|
|
Add `nix.optimise` module
|
|
|
|
|
|
|
|
|
|
users: fix `forceRecreate` bash comparison
|
|
a few fixes for ipfs module
|
|
fix writing values with containers
|
