Minor changes
parent
6c7a5bdca8
commit
5b037bd5d7
|
@ -12,7 +12,7 @@
|
|||
|
||||
# https://github.com/nix-community/home-manager/issues/423
|
||||
environment.variables = {
|
||||
TERMINFO_DIRS = "${pkgs.kitty.terminfo.outPath}/share/terminfo";
|
||||
TERMINFO_DIRS = [ "${pkgs.kitty.terminfo.outPath}/share/terminfo" ];
|
||||
};
|
||||
programs.nix-index.enable = true;
|
||||
|
||||
|
|
|
@ -29,10 +29,10 @@ in
|
|||
'';
|
||||
|
||||
homebrew.enable = pkgs.lib.homebrew-enabled;
|
||||
homebrew.autoUpdate = true;
|
||||
homebrew.cleanup = "zap";
|
||||
homebrew.onActivation.autoUpdate = true;
|
||||
homebrew.onActivation.upgrade = true;
|
||||
homebrew.onActivation.cleanup = "zap";
|
||||
homebrew.global.brewfile = true;
|
||||
homebrew.global.noLock = true;
|
||||
|
||||
homebrew.taps = [
|
||||
"homebrew/cask"
|
||||
|
@ -98,6 +98,6 @@ in
|
|||
"fileicon"
|
||||
"fzf"
|
||||
"gifsicle"
|
||||
"unison-language"
|
||||
# "unison-language"
|
||||
];
|
||||
}
|
||||
|
|
97
flake.lock
97
flake.lock
|
@ -3,11 +3,11 @@
|
|||
"crane": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1654444508,
|
||||
"narHash": "sha256-4OBvQ4V7jyt7afs6iKUvRzJ1u/9eYnKzVQbeQdiamuY=",
|
||||
"lastModified": 1661875961,
|
||||
"narHash": "sha256-f1h/2c6Teeu1ofAHWzrS8TwBPcnN+EEu+z1sRVmMQTk=",
|
||||
"owner": "ipetkov",
|
||||
"repo": "crane",
|
||||
"rev": "db5482bf225acc3160899124a1df5a617cfa27b5",
|
||||
"rev": "d9f394e4e20e97c2a60c3ad82c2b6ef99be19e24",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -39,11 +39,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1661882940,
|
||||
"narHash": "sha256-4LaVFnV22WrOA0aolqqk9dXrM8crikcrLQt29G18F7M=",
|
||||
"lastModified": 1663677921,
|
||||
"narHash": "sha256-NfQnUfRrjv8DXeugdbQC5El+MMhShP42ohc8iM+UAdM=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "80cec5115aae74accc4ccfb9f84306d7863f0632",
|
||||
"rev": "088c98a584a38b5f844bb9e9cd32eb28479ca6d7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -56,11 +56,11 @@
|
|||
"devshell": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1655976588,
|
||||
"narHash": "sha256-VreHyH6ITkf/1EX/8h15UqhddJnUleb0HgbC3gMkAEQ=",
|
||||
"lastModified": 1660811669,
|
||||
"narHash": "sha256-V6lmsaLNFz41myppL0yxglta92ijkSvpZ+XVygAh+bU=",
|
||||
"owner": "numtide",
|
||||
"repo": "devshell",
|
||||
"rev": "899ca4629020592a13a46783587f6e674179d1db",
|
||||
"rev": "c2feacb46ee69949124c835419861143c4016fb5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -73,57 +73,52 @@
|
|||
"inputs": {
|
||||
"alejandra": [
|
||||
"helix",
|
||||
"nixCargoIntegration",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
],
|
||||
"crane": "crane",
|
||||
"devshell": [
|
||||
"helix",
|
||||
"nixCargoIntegration",
|
||||
"nci",
|
||||
"devshell"
|
||||
],
|
||||
"flake-utils-pre-commit": [
|
||||
"helix",
|
||||
"nixCargoIntegration",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
],
|
||||
"gomod2nix": [
|
||||
"helix",
|
||||
"nixCargoIntegration",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
],
|
||||
"mach-nix": [
|
||||
"helix",
|
||||
"nixCargoIntegration",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"helix",
|
||||
"nixCargoIntegration",
|
||||
"nixpkgs"
|
||||
],
|
||||
"node2nix": [
|
||||
"helix",
|
||||
"nixCargoIntegration",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
],
|
||||
"poetry2nix": [
|
||||
"helix",
|
||||
"nixCargoIntegration",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
],
|
||||
"pre-commit-hooks": [
|
||||
"helix",
|
||||
"nixCargoIntegration",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1655975833,
|
||||
"narHash": "sha256-g8sdfuglIZ24oWVbntVzniNTJW+Z3n9DNL9w9Tt+UCE=",
|
||||
"lastModified": 1662176993,
|
||||
"narHash": "sha256-Sy7DsGAveDUFBb6YDsUSYZd/AcXfP/MOMIwMt/NgY84=",
|
||||
"owner": "nix-community",
|
||||
"repo": "dream2nix",
|
||||
"rev": "4e75e665ec3a1cddae5266bed0dd72fce0b74a23",
|
||||
"rev": "809bc5940214744eb29778a9a0b03f161979c1b2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -165,11 +160,11 @@
|
|||
},
|
||||
"flake-utils_2": {
|
||||
"locked": {
|
||||
"lastModified": 1637014545,
|
||||
"narHash": "sha256-26IZAc5yzlD9FlDT54io1oqG/bBoyka+FJk5guaX4x4=",
|
||||
"lastModified": 1656928814,
|
||||
"narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "bba5dcc8e0b20ab664967ad83d24d64cb64ec4f4",
|
||||
"rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -180,18 +175,18 @@
|
|||
},
|
||||
"helix": {
|
||||
"inputs": {
|
||||
"nixCargoIntegration": "nixCargoIntegration",
|
||||
"nci": "nci",
|
||||
"nixpkgs": [
|
||||
"nixpkgs-unstable"
|
||||
],
|
||||
"rust-overlay": "rust-overlay"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1662086378,
|
||||
"narHash": "sha256-wKSQT5HAOCdwfdO6cVJ9FXLy2Fftk3ITFnMatvEgOYQ=",
|
||||
"lastModified": 1663860810,
|
||||
"narHash": "sha256-NJubeVByiZz+0oU6f+OCaltxOZnUW4AGUipnj0RBYnk=",
|
||||
"owner": "helix-editor",
|
||||
"repo": "helix",
|
||||
"rev": "e8730ca5fd72e3bb275b4d825de40475eabea174",
|
||||
"rev": "eb6fd283dcf041ecf822fd8f2d4520abb2a26df9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -208,11 +203,11 @@
|
|||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1661824092,
|
||||
"narHash": "sha256-nSWLWytlXbeLrx5A+r5Pso7CvVrX5EgmIIXW/EXvPHQ=",
|
||||
"lastModified": 1663835995,
|
||||
"narHash": "sha256-XNHQ+mdHbjNR1Oit00SFAEcrAZoCS08E7uAFcVMtwhM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "5bd66dc6cd967033489c69d486402b75d338eeb6",
|
||||
"rev": "bd83eab6220226085c82e637931a7ae3863d9893",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -252,7 +247,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixCargoIntegration": {
|
||||
"nci": {
|
||||
"inputs": {
|
||||
"devshell": "devshell",
|
||||
"dream2nix": "dream2nix",
|
||||
|
@ -266,11 +261,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1656453541,
|
||||
"narHash": "sha256-ZCPVnS6zJOZJvIlwU3rKR8MBVm6A3F4/0mA7G1lQ3D0=",
|
||||
"lastModified": 1662177071,
|
||||
"narHash": "sha256-x6XF//RdZlw81tFAYM1TkjY+iQIpyMCWZ46r9o4wVQY=",
|
||||
"owner": "yusdacra",
|
||||
"repo": "nix-cargo-integration",
|
||||
"rev": "9eb74345b30cd2e536d9dac9d4435d3c475605c7",
|
||||
"rev": "65270dea87bb82fc02102a15221677eea237680e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -297,11 +292,11 @@
|
|||
},
|
||||
"nixpkgs-master": {
|
||||
"locked": {
|
||||
"lastModified": 1661900101,
|
||||
"narHash": "sha256-YBW6x74aRNvtZW25PErYcDAwa8svJgi6d3Cn+t7bJEk=",
|
||||
"lastModified": 1663895890,
|
||||
"narHash": "sha256-p0hOonmnAwi6sTzfzhbJZL1MAWaIitXhzdcGTUpro5k=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "bde62ccf6d316e79bf5ab2ffb390c34504240a14",
|
||||
"rev": "403bfc5a5cc9c8843651bc309b14633fb1e7e1d3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -313,11 +308,11 @@
|
|||
},
|
||||
"nixpkgs-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1661353537,
|
||||
"narHash": "sha256-1E2IGPajOsrkR49mM5h55OtYnU0dGyre6gl60NXKITE=",
|
||||
"lastModified": 1663879234,
|
||||
"narHash": "sha256-zCe2EVY+Jt3I7gBgMSkuGesZ57vyt/WwIUwshiwDErk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0e304ff0d9db453a4b230e9386418fd974d5804a",
|
||||
"rev": "a8a557e233c30b60225fa5af41cc56f8409e4afb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -351,11 +346,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1655779671,
|
||||
"narHash": "sha256-6feeiGa6fb7ZPVHR71uswkmN1701TAJpwYQA8QffmRk=",
|
||||
"lastModified": 1662087605,
|
||||
"narHash": "sha256-Gpf2gp2JenKGf+TylX/YJpttY2bzsnvAMLdLaxoZRyU=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "8159585609a772b041cce6019d5c21d240709244",
|
||||
"rev": "60c2cfaa8b90ed8cebd18b214fac8682dcf222dd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -366,11 +361,11 @@
|
|||
},
|
||||
"utils": {
|
||||
"locked": {
|
||||
"lastModified": 1653893745,
|
||||
"narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
|
||||
"lastModified": 1659877975,
|
||||
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
|
||||
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -18,7 +18,6 @@
|
|||
|
||||
# Flake helpers
|
||||
flake-utils.url = "github:numtide/flake-utils";
|
||||
flake-utils.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||
flake-compat.url = "github:edolstra/flake-compat";
|
||||
flake-compat.flake = false;
|
||||
|
||||
|
@ -267,7 +266,6 @@
|
|||
homebrew = import ./darwin/homebrew.nix;
|
||||
# modules
|
||||
games = import ./modules/darwin/games.nix;
|
||||
security-pam = import ./modules/darwin/security/pam.nix;
|
||||
primary-user = import ./modules/darwin/primary-user.nix;
|
||||
};
|
||||
|
||||
|
|
|
@ -1,63 +0,0 @@
|
|||
# Upstream PR: https://github.com/LnL7/nix-darwin/pull/228
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.security.pam;
|
||||
|
||||
# Implementation Notes
|
||||
#
|
||||
# We don't use `environment.etc` because this would require that the user manually delete
|
||||
# `/etc/pam.d/sudo` which seems unwise given that applying the nix-darwin configuration requires
|
||||
# sudo. We also can't use `system.patchs` since it only runs once, and so won't patch in the
|
||||
# changes again after OS updates (which remove modifications to this file).
|
||||
#
|
||||
# As such, we resort to line addition/deletion in place using `sed`. We add a comment to the
|
||||
# added line that includes the name of the option, to make it easier to identify the line that
|
||||
# should be deleted when the option is disabled.
|
||||
mkSudoTouchIdAuthScript = isEnabled:
|
||||
let
|
||||
file = "/etc/pam.d/sudo";
|
||||
option = "security.pam.enableSudoTouchIdAuth";
|
||||
sed = "${pkgs.gnused}/bin/sed";
|
||||
in
|
||||
''
|
||||
${if isEnabled then ''
|
||||
# Enable sudo Touch ID authentication, if not already enabled
|
||||
if ! grep 'pam_tid.so' ${file} > /dev/null; then
|
||||
${sed} -i '2i\
|
||||
auth sufficient pam_tid.so # nix-darwin: ${option}
|
||||
' ${file}
|
||||
fi
|
||||
'' else ''
|
||||
# Disable sudo Touch ID authentication, if added by nix-darwin
|
||||
if grep '${option}' ${file} > /dev/null; then
|
||||
${sed} -i '/${option}/d' ${file}
|
||||
fi
|
||||
''}
|
||||
'';
|
||||
in
|
||||
|
||||
{
|
||||
options = {
|
||||
security.pam.enableSudoTouchIdAuth = mkEnableOption ''
|
||||
Enable sudo authentication with Touch ID
|
||||
When enabled, this option adds the following line to /etc/pam.d/sudo:
|
||||
|
||||
auth sufficient pam_tid.so
|
||||
|
||||
(Note that macOS resets this file when doing a system update. As such, sudo
|
||||
authentication with Touch ID won't work after a system update until the nix-darwin
|
||||
configuration is reapplied.)
|
||||
'';
|
||||
};
|
||||
|
||||
config = {
|
||||
system.activationScripts.extraActivation.text = ''
|
||||
# PAM settings
|
||||
echo >&2 "setting up pam..."
|
||||
${mkSudoTouchIdAuthScript cfg.enableSudoTouchIdAuth}
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -1,5 +1,9 @@
|
|||
{ callPackage, inputs, system }:
|
||||
{
|
||||
dark-mode-notify = callPackage ./dark-mode-notify.nix { inherit (inputs) dark-mode-notify-src; };
|
||||
dark-mode-notify = callPackage ./dark-mode-notify.nix {
|
||||
sdkVersion = "14.0";
|
||||
inherit (inputs) dark-mode-notify-src;
|
||||
};
|
||||
helix = inputs.helix.packages.${system}.default;
|
||||
yubiswitch = callPackage ./yubiswitch.nix { };
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue