diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 623cb698e..92d06d4d4 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -55,7 +55,7 @@ jobs: nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1) /usr/bin/sed -i.bak \ - "s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ + "s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ ~/.nixpkgs/darwin-configuration.nix nix-shell -A installer @@ -103,7 +103,7 @@ jobs: nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1) /usr/bin/sed -i.bak \ - "s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ + "s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ ~/.nixpkgs/darwin-configuration.nix nix-shell -A installer @@ -145,7 +145,7 @@ jobs: nix flake init -t $darwin nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1) /usr/bin/sed -i.bak \ - "s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ + "s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ flake.nix popd nix run .#darwin-rebuild -- \ @@ -178,7 +178,7 @@ jobs: nix flake init -t $darwin nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1) /usr/bin/sed -i.bak \ - "s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ + "s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ flake.nix popd nix run .#darwin-rebuild -- \ diff --git a/README.md b/README.md index eb6228ca5..58bde7940 100644 --- a/README.md +++ b/README.md @@ -66,10 +66,6 @@ Configuration lives in `~/.nixpkgs/darwin-configuration.nix`. Check out environment.systemPackages = [ pkgs.vim ]; - - # Auto upgrade nix package and the daemon service. - services.nix-daemon.enable = true; - nix.package = pkgs.nix; } ``` diff --git a/modules/examples/flake/flake.nix b/modules/examples/flake/flake.nix index bd733bd98..dbcc420a1 100644 --- a/modules/examples/flake/flake.nix +++ b/modules/examples/flake/flake.nix @@ -16,10 +16,6 @@ [ pkgs.vim ]; - # Auto upgrade nix package and the daemon service. - services.nix-daemon.enable = true; - # nix.package = pkgs.nix; - # Necessary for using flakes on this system. nix.settings.experimental-features = "nix-command flakes"; diff --git a/modules/examples/hydra.nix b/modules/examples/hydra.nix index eb1c5d9b0..f87ed5d05 100644 --- a/modules/examples/hydra.nix +++ b/modules/examples/hydra.nix @@ -8,8 +8,6 @@ let in { - services.nix-daemon.enable = true; - nix.settings.substituters = [ "http://cache1" ]; nix.settings.trusted-public-keys = [ "cache.daiderd.com-1:R8KOWZ8lDaLojqD+v9dzXAqGn29gEzPTTbr/GIpCTrI=" ]; diff --git a/modules/examples/lnl.nix b/modules/examples/lnl.nix index dccae077a..2204c2fa8 100644 --- a/modules/examples/lnl.nix +++ b/modules/examples/lnl.nix @@ -77,7 +77,6 @@ # serviceConfig.ProcessType = "Background"; # }; - services.nix-daemon.enable = true; # services.nix-daemon.enableSocketListener = true; nix.extraOptions = '' diff --git a/modules/examples/simple.nix b/modules/examples/simple.nix index 5baf009f5..8d769a2c7 100644 --- a/modules/examples/simple.nix +++ b/modules/examples/simple.nix @@ -11,10 +11,6 @@ # $ darwin-rebuild switch -I darwin-config=$HOME/.config/nixpkgs/darwin/configuration.nix # environment.darwinConfig = "$HOME/.config/nixpkgs/darwin/configuration.nix"; - # Auto upgrade nix package and the daemon service. - # services.nix-daemon.enable = true; - # nix.package = pkgs.nix; - # Enable alternative shell support in nix-darwin. # programs.fish.enable = true; diff --git a/modules/nix/default.nix b/modules/nix/default.nix index 3751e8c4f..09e6e50de 100644 --- a/modules/nix/default.nix +++ b/modules/nix/default.nix @@ -191,9 +191,6 @@ in description = '' Whether to distribute builds to the machines listed in {option}`nix.buildMachines`. - - NOTE: This requires services.nix-daemon.enable for a - multi-user install. ''; }; diff --git a/modules/services/nix-daemon.nix b/modules/services/nix-daemon.nix index 6718ac051..ffc7e651b 100644 --- a/modules/services/nix-daemon.nix +++ b/modules/services/nix-daemon.nix @@ -1,16 +1,16 @@ -{ config, lib, pkgs, ... }: - -with lib; +{ config, lib, ... }: let cfg = config.services.nix-daemon; + + inherit (lib) mkDefault mkIf mkMerge mkOption types; in { options = { services.nix-daemon.enable = mkOption { type = types.bool; - default = false; + default = true; description = "Whether to enable the nix-daemon service."; }; diff --git a/modules/system/checks.nix b/modules/system/checks.nix index ab6ea19d8..949a28ea9 100644 --- a/modules/system/checks.nix +++ b/modules/system/checks.nix @@ -129,18 +129,26 @@ let fi ''; - singleUser = '' - if grep -q 'build-users-group =' /etc/nix/nix.conf; then - echo "error: The daemon is not enabled but this is a multi-user install, aborting activation" >&2 - echo "Enable the nix-daemon service:" >&2 - echo >&2 - echo " services.nix-daemon.enable = true;" >&2 - echo >&2 - echo "or set" >&2 - echo >&2 - echo " nix.useDaemon = true;" >&2 - echo >&2 - exit 2 + nixDaemon = if config.nix.useDaemon then '' + if ! dscl . -read /Groups/nixbld PrimaryGroupID &> /dev/null; then + printf >&2 'error: The daemon should not be enabled for single-user installs, aborting activation\n' + printf >&2 'Disable the nix-daemon service:\n' + printf >&2 '\n' + printf >&2 ' services.nix-daemon.enable = false;\n' + printf >&2 '\n' + # shellcheck disable=SC2016 + printf >&2 'and remove `nix.useDaemon` from your configuration if it is present.\n' + printf >&2 '\n' + exit 2 + fi + '' else '' + if dscl . -read /Groups/nixbld PrimaryGroupID &> /dev/null; then + printf >&2 'error: The daemon should be enabled for multi-user installs, aborting activation\n' + printf >&2 'Enable the nix-daemon service:\n' + printf >&2 '\n' + printf >&2 ' services.nix-daemon.enable = true;\n' + printf >&2 '\n' + exit 2 fi ''; @@ -337,7 +345,7 @@ in (mkIf cfg.verifyBuildUsers buildUsers) (mkIf cfg.verifyBuildUsers preSequoiaBuildUsers) (mkIf config.nix.configureBuildUsers buildGroupID) - (mkIf (!config.nix.useDaemon) singleUser) + nixDaemon nixStore (mkIf (config.nix.gc.automatic && config.nix.gc.user == null) nixGarbageCollector) (mkIf (config.nix.optimise.automatic && config.nix.optimise.user == null) nixStoreOptimiser) diff --git a/pkgs/darwin-installer/default.nix b/pkgs/darwin-installer/default.nix index 5c6d801e5..78ca3c889 100644 --- a/pkgs/darwin-installer/default.nix +++ b/pkgs/darwin-installer/default.nix @@ -53,11 +53,6 @@ stdenv.mkDerivation { mkdir -p "$HOME/.nixpkgs" cp "${../../modules/examples/simple.nix}" "$config" chmod u+w "$config" - - # Enable nix-daemon service for multi-user installs. - if [ ! -w /nix/var/nix/db ]; then - sed -i 's/# services.nix-daemon.enable/services.nix-daemon.enable/' "$config" - fi fi # Skip when stdin is not a tty, eg. diff --git a/pkgs/darwin-uninstaller/configuration.nix b/pkgs/darwin-uninstaller/configuration.nix index 75d1cacfa..295477a68 100644 --- a/pkgs/darwin-uninstaller/configuration.nix +++ b/pkgs/darwin-uninstaller/configuration.nix @@ -12,6 +12,9 @@ with lib; launchd.daemons = mkForce {}; launchd.user.agents = mkForce {}; + # Don't try to reload `nix-daemon` + nix.useDaemon = mkForce false; + system.activationScripts.postUserActivation.text = mkAfter '' if [[ -L ~/.nix-defexpr/channels/darwin ]]; then nix-channel --remove darwin || true diff --git a/pkgs/darwin-uninstaller/default.nix b/pkgs/darwin-uninstaller/default.nix index 17c0a460b..da58682e3 100644 --- a/pkgs/darwin-uninstaller/default.nix +++ b/pkgs/darwin-uninstaller/default.nix @@ -31,7 +31,9 @@ in writeShellApplication { echo >&2 " - remove /Applications/Nix Apps symlink" echo >&2 " - cleanup static /etc files" echo >&2 " - disable and remove all launchd services managed by nix-darwin" - echo >&2 " - restore daemon service from nix installer (only when this is a multi-user install)" + if [[ $(stat -f '%Su' /nix/store) == "root" ]]; then + echo >&2 " - restore nix-daemon service from nix installer as this is a multi-user install" + fi echo >&2 if [[ -t 0 ]]; then @@ -87,8 +89,9 @@ in writeShellApplication { pgrep -l nix-daemon test -e /Library/LaunchDaemons/org.nixos.nix-daemon.plist [[ "$(shasum -a 256 /Library/LaunchDaemons/org.nixos.nix-daemon.plist | awk '{print $1}')" == "$(shasum -a 256 /Library/LaunchDaemons/org.nixos.nix-daemon.plist | awk '{print $1}')" ]] - echo >&2 ok + nix-store --store daemon -q --hash ${stdenv.shell} fi + echo >&2 ok ''; }; }