Open hraban opened 7 months ago
rvem
commented
7 months ago Hmm, I don't think that it's currently possible for a single profile to run activation scripts under multiple users.
Do you have an example of such a configuration that needs to be activated under both root and user?
As a workaround, I think it might be possible to split your configuration into two profiles: one under root and the other under your regular user
hraban
commented
7 months ago It's the standard MO of nix-darwin afaik. The "result" of a nix-darwin build creates two separate activation scripts, and nix-darwin switch calls them both separately. There's an entrypoint in the nix-darwin codebase which calls both those scripts. You can't just call them directly from the resulting derivation's output dir, afaik.
https://github.com/LnL7/nix-darwin/blob/0e6857fa1d632637488666c08e7b02c08e3178f8/pkgs/nix-tools/darwin-rebuild.sh#L222-L230 seems to be where it happens.
nix-darwin has two activation scripts: regular activation (meant to run as root) and user activation. User activation is meant to run as a user with sudo permissions, for tools like brew which don't like being run as root but want to control their own privilege escalation.
When doing
nix run github:serokell/deploy-rs -- --ssh-user user -son a deployment similar to the darwin example, it runs the activation script, but not user activation.Any idea how to get that invoked? Am I doing something wrong in calling the deploy script?