From 5b037bd5d7a5bf2c99a940b2740ef851ed87ab7e Mon Sep 17 00:00:00 2001 From: mat ess Date: Thu, 22 Sep 2022 23:49:34 -0400 Subject: [PATCH] Minor changes --- darwin/general.nix | 2 +- darwin/homebrew.nix | 8 +-- flake.lock | 97 ++++++++++++++++----------------- flake.nix | 2 - modules/darwin/security/pam.nix | 63 --------------------- pkgs/default.nix | 6 +- 6 files changed, 56 insertions(+), 122 deletions(-) delete mode 100644 modules/darwin/security/pam.nix diff --git a/darwin/general.nix b/darwin/general.nix index a33ff99..d023cde 100644 --- a/darwin/general.nix +++ b/darwin/general.nix @@ -12,7 +12,7 @@ # https://github.com/nix-community/home-manager/issues/423 environment.variables = { - TERMINFO_DIRS = "${pkgs.kitty.terminfo.outPath}/share/terminfo"; + TERMINFO_DIRS = [ "${pkgs.kitty.terminfo.outPath}/share/terminfo" ]; }; programs.nix-index.enable = true; diff --git a/darwin/homebrew.nix b/darwin/homebrew.nix index 69ede1f..9d4f4ac 100644 --- a/darwin/homebrew.nix +++ b/darwin/homebrew.nix @@ -29,10 +29,10 @@ in ''; homebrew.enable = pkgs.lib.homebrew-enabled; - homebrew.autoUpdate = true; - homebrew.cleanup = "zap"; + homebrew.onActivation.autoUpdate = true; + homebrew.onActivation.upgrade = true; + homebrew.onActivation.cleanup = "zap"; homebrew.global.brewfile = true; - homebrew.global.noLock = true; homebrew.taps = [ "homebrew/cask" @@ -98,6 +98,6 @@ in "fileicon" "fzf" "gifsicle" - "unison-language" + # "unison-language" ]; } diff --git a/flake.lock b/flake.lock index bf350a6..5bab7cf 100644 --- a/flake.lock +++ b/flake.lock @@ -3,11 +3,11 @@ "crane": { "flake": false, "locked": { - "lastModified": 1654444508, - "narHash": "sha256-4OBvQ4V7jyt7afs6iKUvRzJ1u/9eYnKzVQbeQdiamuY=", + "lastModified": 1661875961, + "narHash": "sha256-f1h/2c6Teeu1ofAHWzrS8TwBPcnN+EEu+z1sRVmMQTk=", "owner": "ipetkov", "repo": "crane", - "rev": "db5482bf225acc3160899124a1df5a617cfa27b5", + "rev": "d9f394e4e20e97c2a60c3ad82c2b6ef99be19e24", "type": "github" }, "original": { @@ -39,11 +39,11 @@ ] }, "locked": { - "lastModified": 1661882940, - "narHash": "sha256-4LaVFnV22WrOA0aolqqk9dXrM8crikcrLQt29G18F7M=", + "lastModified": 1663677921, + "narHash": "sha256-NfQnUfRrjv8DXeugdbQC5El+MMhShP42ohc8iM+UAdM=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "80cec5115aae74accc4ccfb9f84306d7863f0632", + "rev": "088c98a584a38b5f844bb9e9cd32eb28479ca6d7", "type": "github" }, "original": { @@ -56,11 +56,11 @@ "devshell": { "flake": false, "locked": { - "lastModified": 1655976588, - "narHash": "sha256-VreHyH6ITkf/1EX/8h15UqhddJnUleb0HgbC3gMkAEQ=", + "lastModified": 1660811669, + "narHash": "sha256-V6lmsaLNFz41myppL0yxglta92ijkSvpZ+XVygAh+bU=", "owner": "numtide", "repo": "devshell", - "rev": "899ca4629020592a13a46783587f6e674179d1db", + "rev": "c2feacb46ee69949124c835419861143c4016fb5", "type": "github" }, "original": { @@ -73,57 +73,52 @@ "inputs": { "alejandra": [ "helix", - "nixCargoIntegration", + "nci", "nixpkgs" ], "crane": "crane", "devshell": [ "helix", - "nixCargoIntegration", + "nci", "devshell" ], "flake-utils-pre-commit": [ "helix", - "nixCargoIntegration", + "nci", "nixpkgs" ], "gomod2nix": [ "helix", - "nixCargoIntegration", + "nci", "nixpkgs" ], "mach-nix": [ "helix", - "nixCargoIntegration", + "nci", "nixpkgs" ], "nixpkgs": [ "helix", - "nixCargoIntegration", - "nixpkgs" - ], - "node2nix": [ - "helix", - "nixCargoIntegration", + "nci", "nixpkgs" ], "poetry2nix": [ "helix", - "nixCargoIntegration", + "nci", "nixpkgs" ], "pre-commit-hooks": [ "helix", - "nixCargoIntegration", + "nci", "nixpkgs" ] }, "locked": { - "lastModified": 1655975833, - "narHash": "sha256-g8sdfuglIZ24oWVbntVzniNTJW+Z3n9DNL9w9Tt+UCE=", + "lastModified": 1662176993, + "narHash": "sha256-Sy7DsGAveDUFBb6YDsUSYZd/AcXfP/MOMIwMt/NgY84=", "owner": "nix-community", "repo": "dream2nix", - "rev": "4e75e665ec3a1cddae5266bed0dd72fce0b74a23", + "rev": "809bc5940214744eb29778a9a0b03f161979c1b2", "type": "github" }, "original": { @@ -165,11 +160,11 @@ }, "flake-utils_2": { "locked": { - "lastModified": 1637014545, - "narHash": "sha256-26IZAc5yzlD9FlDT54io1oqG/bBoyka+FJk5guaX4x4=", + "lastModified": 1656928814, + "narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=", "owner": "numtide", "repo": "flake-utils", - "rev": "bba5dcc8e0b20ab664967ad83d24d64cb64ec4f4", + "rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249", "type": "github" }, "original": { @@ -180,18 +175,18 @@ }, "helix": { "inputs": { - "nixCargoIntegration": "nixCargoIntegration", + "nci": "nci", "nixpkgs": [ "nixpkgs-unstable" ], "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1662086378, - "narHash": "sha256-wKSQT5HAOCdwfdO6cVJ9FXLy2Fftk3ITFnMatvEgOYQ=", + "lastModified": 1663860810, + "narHash": "sha256-NJubeVByiZz+0oU6f+OCaltxOZnUW4AGUipnj0RBYnk=", "owner": "helix-editor", "repo": "helix", - "rev": "e8730ca5fd72e3bb275b4d825de40475eabea174", + "rev": "eb6fd283dcf041ecf822fd8f2d4520abb2a26df9", "type": "github" }, "original": { @@ -208,11 +203,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1661824092, - "narHash": "sha256-nSWLWytlXbeLrx5A+r5Pso7CvVrX5EgmIIXW/EXvPHQ=", + "lastModified": 1663835995, + "narHash": "sha256-XNHQ+mdHbjNR1Oit00SFAEcrAZoCS08E7uAFcVMtwhM=", "owner": "nix-community", "repo": "home-manager", - "rev": "5bd66dc6cd967033489c69d486402b75d338eeb6", + "rev": "bd83eab6220226085c82e637931a7ae3863d9893", "type": "github" }, "original": { @@ -252,7 +247,7 @@ "type": "github" } }, - "nixCargoIntegration": { + "nci": { "inputs": { "devshell": "devshell", "dream2nix": "dream2nix", @@ -266,11 +261,11 @@ ] }, "locked": { - "lastModified": 1656453541, - "narHash": "sha256-ZCPVnS6zJOZJvIlwU3rKR8MBVm6A3F4/0mA7G1lQ3D0=", + "lastModified": 1662177071, + "narHash": "sha256-x6XF//RdZlw81tFAYM1TkjY+iQIpyMCWZ46r9o4wVQY=", "owner": "yusdacra", "repo": "nix-cargo-integration", - "rev": "9eb74345b30cd2e536d9dac9d4435d3c475605c7", + "rev": "65270dea87bb82fc02102a15221677eea237680e", "type": "github" }, "original": { @@ -297,11 +292,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1661900101, - "narHash": "sha256-YBW6x74aRNvtZW25PErYcDAwa8svJgi6d3Cn+t7bJEk=", + "lastModified": 1663895890, + "narHash": "sha256-p0hOonmnAwi6sTzfzhbJZL1MAWaIitXhzdcGTUpro5k=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bde62ccf6d316e79bf5ab2ffb390c34504240a14", + "rev": "403bfc5a5cc9c8843651bc309b14633fb1e7e1d3", "type": "github" }, "original": { @@ -313,11 +308,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1661353537, - "narHash": "sha256-1E2IGPajOsrkR49mM5h55OtYnU0dGyre6gl60NXKITE=", + "lastModified": 1663879234, + "narHash": "sha256-zCe2EVY+Jt3I7gBgMSkuGesZ57vyt/WwIUwshiwDErk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0e304ff0d9db453a4b230e9386418fd974d5804a", + "rev": "a8a557e233c30b60225fa5af41cc56f8409e4afb", "type": "github" }, "original": { @@ -351,11 +346,11 @@ ] }, "locked": { - "lastModified": 1655779671, - "narHash": "sha256-6feeiGa6fb7ZPVHR71uswkmN1701TAJpwYQA8QffmRk=", + "lastModified": 1662087605, + "narHash": "sha256-Gpf2gp2JenKGf+TylX/YJpttY2bzsnvAMLdLaxoZRyU=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "8159585609a772b041cce6019d5c21d240709244", + "rev": "60c2cfaa8b90ed8cebd18b214fac8682dcf222dd", "type": "github" }, "original": { @@ -366,11 +361,11 @@ }, "utils": { "locked": { - "lastModified": 1653893745, - "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", "owner": "numtide", "repo": "flake-utils", - "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 3cabdb4..e6bd099 100644 --- a/flake.nix +++ b/flake.nix @@ -18,7 +18,6 @@ # Flake helpers flake-utils.url = "github:numtide/flake-utils"; - flake-utils.inputs.nixpkgs.follows = "nixpkgs-unstable"; flake-compat.url = "github:edolstra/flake-compat"; flake-compat.flake = false; @@ -267,7 +266,6 @@ homebrew = import ./darwin/homebrew.nix; # modules games = import ./modules/darwin/games.nix; - security-pam = import ./modules/darwin/security/pam.nix; primary-user = import ./modules/darwin/primary-user.nix; }; diff --git a/modules/darwin/security/pam.nix b/modules/darwin/security/pam.nix deleted file mode 100644 index a3e19d8..0000000 --- a/modules/darwin/security/pam.nix +++ /dev/null @@ -1,63 +0,0 @@ -# Upstream PR: https://github.com/LnL7/nix-darwin/pull/228 -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.security.pam; - - # Implementation Notes - # - # We don't use `environment.etc` because this would require that the user manually delete - # `/etc/pam.d/sudo` which seems unwise given that applying the nix-darwin configuration requires - # sudo. We also can't use `system.patchs` since it only runs once, and so won't patch in the - # changes again after OS updates (which remove modifications to this file). - # - # As such, we resort to line addition/deletion in place using `sed`. We add a comment to the - # added line that includes the name of the option, to make it easier to identify the line that - # should be deleted when the option is disabled. - mkSudoTouchIdAuthScript = isEnabled: - let - file = "/etc/pam.d/sudo"; - option = "security.pam.enableSudoTouchIdAuth"; - sed = "${pkgs.gnused}/bin/sed"; - in - '' - ${if isEnabled then '' - # Enable sudo Touch ID authentication, if not already enabled - if ! grep 'pam_tid.so' ${file} > /dev/null; then - ${sed} -i '2i\ - auth sufficient pam_tid.so # nix-darwin: ${option} - ' ${file} - fi - '' else '' - # Disable sudo Touch ID authentication, if added by nix-darwin - if grep '${option}' ${file} > /dev/null; then - ${sed} -i '/${option}/d' ${file} - fi - ''} - ''; -in - -{ - options = { - security.pam.enableSudoTouchIdAuth = mkEnableOption '' - Enable sudo authentication with Touch ID - When enabled, this option adds the following line to /etc/pam.d/sudo: - - auth sufficient pam_tid.so - - (Note that macOS resets this file when doing a system update. As such, sudo - authentication with Touch ID won't work after a system update until the nix-darwin - configuration is reapplied.) - ''; - }; - - config = { - system.activationScripts.extraActivation.text = '' - # PAM settings - echo >&2 "setting up pam..." - ${mkSudoTouchIdAuthScript cfg.enableSudoTouchIdAuth} - ''; - }; -} diff --git a/pkgs/default.nix b/pkgs/default.nix index 1348512..90ba299 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,5 +1,9 @@ { callPackage, inputs, system }: { - dark-mode-notify = callPackage ./dark-mode-notify.nix { inherit (inputs) dark-mode-notify-src; }; + dark-mode-notify = callPackage ./dark-mode-notify.nix { + sdkVersion = "14.0"; + inherit (inputs) dark-mode-notify-src; + }; helix = inputs.helix.packages.${system}.default; + yubiswitch = callPackage ./yubiswitch.nix { }; }