Closed andrewcrook closed 1 year ago
I'm also failing quite a bit, with neovim-unwrapped
. I'm not sure if it's related yet, but noticed 23.05 is definitely causing some issues. Following this thread.
I'm not sure what's going on here but it looks like it might be an error in your configuration. Can you show your configuration, or at least your permittedInsecurePackages
(if any) and list of installed packages?
config is spread out into flak.nix, host, user and module files. I am starting to refract config heavy applications to modules (smaller ones were tests) so has its source , settings, config files etc. As you can see permittedInsecurePackages is set to false globally.
nixpkgs = {
config = {
allowUnfree = true; # could change to a list of pkgs
permittedInsecurePackages = false; # if needed add list of pkgs
allowUnsupportedSystem = false; # darwin rossetta 86 and arm64 ???
};
};
List of applications
main list
environment.systemPackages = with pkgs;
# (if stdenv.isDarwin then [ openssl gawk gnused coreutils findutils ] else [ dwm dmenu xclip ]) ++
[
asdf-vm
aria2
ascii
## asdf-vm # moved to a module
# bash
borgbackup
boxes
bzip2
# cached-nix-shell # not on darwin instant nix-shell
cachix
clamav
coreutils-prefixed # gnu versions prefixed with g
curl
dateutils
darwin.trash # darwin only
diff-so-fancy
direnv
docker
# docker-compose
dockutil # mac darwin only
duti # Select default apps for documents and URL schemes on macOS
exa
exiftool # exif
fd
ffmpeg # generic or ffmpeg_6-full??
findutils
fpart # Split file trees into bags (called "partitions")
fzf
gawk # gnu awk
# ghostscript < enable when needed
gh # or hub? gGitHubsupport
git
gnugrep
gnused
gnutar
gping
gzip
html2text
hyperfine # Command-line benchmarking tool
htop
jq
lbzip2 # paralell bzip2
mas # macOS app store cli darwinonly
moreutils
# nvim
nmap
multitail # Tail multiple files in one terminal simultaneously
# nil # nix LSP
nixpkgs-fmt # format nix files
nix-direnv
nix-zsh-completions
nix-bash-completions
num-utils
openssl
pandoc
p7zip # 7 - Zip (high compression file archiver) implementation
pigz
plzip # A massively parallel lossless data compressor based on the lzlib compression library
pv
ranger # file manager
readline
# rnix-lsp # another nix LSP
shfmt
shellcheck # bashls
symlinks
tree
tldr
units
urlview
# usbutils no darwin version
uutils-coreutils # rust versions pf coreutils prefixed "uutils-"
wakeonlan
wget
youtube-dl
yt-dlp
# zinint
zoxide
];
in a user module
user = {
packages = with pkgs; [
bfs
deadnix
grex # regex patern generator and lib
pv
ngrok
navi
nil
nix-tree
nixfmt
mat2 # A handy tool to trash your metadata
pstree # ps as tree
#rnix-lsp
# showkey << not found
statix
symlinks
starship
xdg-ninja
}
the follow are spread out between modules ....
asdf-vm
bat
ripgrep
zellajs
[ vim
neovim-unwrapped
tree-sitter
] ++ (lib.optionals (!pkgs.stdenv.isDarwin) [
gcc # Requried for treesitter parsers
]);
and I still have a couple of homebrew formulas
brews = [
"tavianator/tap/bfs" # breath firet search
"blueutil" # MacOS blutooth cli tool
"displayplacer" # MacOS cli to control muliple displays
"imagesnap"
"tag" # cli tool for manipulating and querying finder tags.
"zinit" # zsh plugin loader
"dark-mode" # cli to change darkmode
"terminal-notifier" # cli tool for making macos notifications
"detox" # fixes filenames
"fileicon" # cli custom file/folder icons in macOS
"showkey" # shows keypresses
"unxip" # A fast Xcode unarchiver xip files
"yakitrak/yakitrak/obs" # obsidian cli
];
permittedInsecurePackages
must be a list, not a boolean. If you don't want to permit any then you can just leave it unset. So this is a user configuration issue, although I'm not sure what changed about 23.05 here.
Ah thanks, I presume it also took false because I had seen other configs do it. It seemed to work upto now LOL. So documentation says this should work if explicit
allowUnfreePredicate = (pkg: false);
otherwise just leave out like you said. Off to try.
Going to close this as it's hopefully resolved but comment if you're still having issues.
@ihgann I imagine your neovim issue is probably unrelated, but feel free to ask in #macos:matrix.org
or maybe the NixOS Discourse/issue tracker unless it seems like it's a nix-darwin-specific issue.
@emilazy
yes that worked with my current setup so I uninstalled nix, updated urls in my flake, install nix 2.16.1. however, when I when to nix build the flask I get the following error
error: unable to download 'https://cache.nixos.org/295gb0pm9mk5vvgyvjv601c86cxn80f8.narinfo': Problem with the SSL CA cert (path? access rights?) (77)
I'm not sure what's going on there; it looks like it's probably a problem with an enterprise SSL CA you're using. Unless you're using our security.pki.*
options it's unlikely to be related to nix-darwin.
@emilazy
Thanks, finally got it working I am not sure if it was nix or nix-darwin because both mention /etc/static and /etc/ssl in their scripts. I think it was down to a symbolic link broken from the previous installation.
/etc/ssl/certs/ca-certificates --> -/etc/static/ssl/certs/ca-certificates.crt
-/etc/static is a symbolic link to the nix store
I backed up and removed /etc/ssl/certs/ca-certificates, rebuilt and it worked recreating the links. I wondered if part of the issue is that flakes don't have uninstall scripts.
I wonder if I should install nix-darwin and home-manager via channels from now on and leave flakes to the rest of my setup so I can add extras via a script and use the proper uninstall scripts?
Support for installing nix-darwin
via flakes recently got merged, the instructions are in the README.
darwin-uninstaller
works the same on flake installs and non flake installs, however there are some issues with the uninstaller at the moment tracked at #730.
I wanted to update a working system from nix from 22.11 to 23.05 I just updated my flakes, I normally pin them once everything is working
however, when I try build it always fails on evaluating darwin-system-23.05.20230618.572d269+darwin4.8a5af0d I have tried to change system state version to 23.05 but it didn’t help. The issue is it doesn’t really give me enough information to tell me if it’s an issue with my config files. I am not even sure if people using nix-darwin using 23.05 I guess they are because I cannot see the reports similar to this.
Any ideas how I can fix or debug this?
nix doctor passes