Add Support for Darwin/macOS Hosts

.github/workflows/check.yml

@@ -9,7 +9,11 @@ on:
 
 jobs:
   check:
-    runs-on: ubuntu-latest
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: true
+      matrix:
+        os: [ubuntu-latest, macos-latest]
     steps:
 
     - uses: actions/checkout@v3

default.nix

@@ -7,12 +7,11 @@ let
         sha256 = lock.nodes.flake-compat.locked.narHash;
       }
     )
-    { src = ./.; }
-  ) defaultNix;
+    { src = ./.; }) defaultNix;
 in
-  # Pass this flake as inputs.digga
-  defaultNix // {
-    inputs = defaultNix.inputs // { digga = defaultNix; };
-    shell = import ./devShell.nix { };
-  }
+# Pass this flake as inputs.digga
+defaultNix // {
+  inputs = defaultNix.inputs // { digga = defaultNix; };
+  shell = import ./devShell.nix { };
+}
 

deprecated.nix

@@ -1,4 +1,4 @@
-{ lib, flake-utils-plus, internal-modules, importers, nixosModules }:
+{ lib, importers }:
 lib.warn ''
   You are accessing a deprecated item of the digga lib.
   Please update timely, it will be remove soon.

devShell.nix

@@ -2,9 +2,10 @@
 , inputs ? (import ./.).inputs
 }:
 let
-
   pkgs = inputs.nixpkgs.legacyPackages.${system};
-  devshell = import inputs.devshell { inherit pkgs system; };
+  unstablePkgs = inputs.nixpkgs-unstable.legacyPackages.${system};
+  devshell = import inputs.devshell { inherit system; };
+  nixBin = "${unstablePkgs.nix}/bin/nix";
 
   withCategory = category: attrset: attrset // { inherit category; };
   utils = withCategory "utils";
@@ -79,9 +80,9 @@ let
       digga_fixture
 
       test -f flake.lock && lockfile_present=$? || true
-      ${pkgs.nixUnstable}/bin/nix flake lock --update-input digga "$@"; lockfile_updated=$?;
-      ${pkgs.nixUnstable}/bin/nix flake show "$@"
-      ${pkgs.nixUnstable}/bin/nix flake check "$@"
+      ${nixBin} flake lock --update-input digga "$@"; lockfile_updated=$?;
+      ${nixBin} flake show "$@"
+      ${nixBin} flake check "$@"
 
       cleanup
     '';
@@ -93,7 +94,8 @@ devshell.mkShell {
   packages = with pkgs; [
     fd
     nixpkgs-fmt
-    nixUnstable
+    # Use the latest stable version of nix
+    unstablePkgs.nix
   ];
 
   env = [

doc/api-reference-channels.md

@@ -57,7 +57,7 @@ nix flake
 ## channels.\<name\>.overlays
 overlays to apply to this channel
 these will get exported under the 'overlays' flake output
-as \<channel\>/\<name\> and any overlay pulled from ${inputs}
+as \<channel\>/\<name\> and any overlay pulled from \<inputs\>
 will be filtered out
 
 
@@ -73,3 +73,19 @@ list of valid Nixpkgs overlay or path convertible to its or anything convertible
 
 
 
+## channels.\<name\>.patches
+patches to apply to this channel
+
+
+*_Type_*:
+list of paths
+
+
+*_Default_*
+```
+[]
+```
+
+
+
+

doc/api-reference-home.md

@@ -101,54 +101,6 @@ list of valid modules or anything convertible to it or path convertible to it
 
 
 
-## home.profiles
-WARNING: The 'suites' and `profiles` options have been deprecated, you can now create
-both with the importables option. `rakeLeaves` can be used to create profiles and
-by passing a module or `rec` set to `importables`, suites can access profiles.
-Example:
-```
-importables = rec {
-  profiles = digga.lib.rakeLeaves ./profiles;
-  suites = with profiles; { };
-}
-```
-See https://github.com/divnix/digga/pull/30 for more details
-
-
-*_Type_*:
-list of paths or path convertible to it
-
-
-*_Default_*
-```
-[]
-```
-
-
-
-
-## home.suites
-WARNING: The 'suites' and `profiles` options have been deprecated, you can now create
-both with the importables option. `rakeLeaves` can be used to create profiles and
-by passing a module or `rec` set to `importables`, suites can access profiles.
-Example:
-```
-importables = rec {
-  profiles = digga.lib.rakeLeaves ./profiles;
-  suites = with profiles; { };
-}
-```
-See https://github.com/divnix/digga/pull/30 for more details
-
-
-*_Type_*:
-function that evaluates to a(n) attrs or path convertible to it
-
-
-
-
-
-
 ## home.users
 HM users that can be deployed portably without a host.
 

doc/api-reference-nixos.md

@@ -232,51 +232,3 @@ null
 
 
 
-## nixos.profiles
-WARNING: The 'suites' and `profiles` options have been deprecated, you can now create
-both with the importables option. `rakeLeaves` can be used to create profiles and
-by passing a module or `rec` set to `importables`, suites can access profiles.
-Example:
-```
-importables = rec {
-  profiles = digga.lib.rakeLeaves ./profiles;
-  suites = with profiles; { };
-}
-```
-See https://github.com/divnix/digga/pull/30 for more details
-
-
-*_Type_*:
-list of paths or path convertible to it
-
-
-*_Default_*
-```
-[]
-```
-
-
-
-
-## nixos.suites
-WARNING: The 'suites' and `profiles` options have been deprecated, you can now create
-both with the importables option. `rakeLeaves` can be used to create profiles and
-by passing a module or `rec` set to `importables`, suites can access profiles.
-Example:
-```
-importables = rec {
-  profiles = digga.lib.rakeLeaves ./profiles;
-  suites = with profiles; { };
-}
-```
-See https://github.com/divnix/digga/pull/30 for more details
-
-
-*_Type_*:
-function that evaluates to a(n) attrs or path convertible to it
-
-
-
-
-
-

doc/api-reference.md

@@ -5,6 +5,7 @@
 - [Home](./api-reference-home.md)
 - [Devshell](./api-reference-devshell.md)
 - [NixOS](./api-reference-nixos.md)
+- [Darwin](./api-reference-darwin.md)
 
 ## channelsConfig
 nixpkgs config for all channels
@@ -39,7 +40,7 @@ The builder gets passed an attrset of all channels
 
 
 *_Type_*:
-function that evaluates to a(n) attrs or path convertible to it
+function that evaluates to a(n) attribute set or path convertible to it
 
 
 *_Default_*

examples/devos/flake.nix

@@ -10,6 +10,13 @@
       # Track channels with commits tested and built by hydra
       nixos.url = "github:nixos/nixpkgs/nixos-21.11";
       latest.url = "github:nixos/nixpkgs/nixos-unstable";
+      # For darwin hosts: it can be helpful to track this darwin-specific stable
+      # channel equivalent to the `nixos-*` channels for NixOS. For one, these
+      # channels are more likely to provide cached binaries for darwin systems.
+      # But, perhaps even more usefully, it provides a place for adding
+      # darwin-specific overlays and packages which could otherwise cause build
+      # failures on Linux systems.
+      nixpkgs-darwin-stable.url = "github:NixOS/nixpkgs/nixpkgs-21.11-darwin";
 
       digga.url = "github:divnix/digga";
       digga.inputs.nixpkgs.follows = "nixos";
@@ -25,7 +32,7 @@
       home.inputs.nixpkgs.follows = "nixos";
 
       darwin.url = "github:LnL7/nix-darwin";
-      darwin.inputs.nixpkgs.follows = "nixos";
+      darwin.inputs.nixpkgs.follows = "nixpkgs-darwin-stable";
 
       deploy.url = "github:serokell/deploy-rs";
       deploy.inputs.nixpkgs.follows = "nixos";
@@ -55,6 +62,7 @@
     , agenix
     , nvfetcher
     , deploy
+    , nixpkgs
     , ...
     } @ inputs:
     digga.lib.mkFlake
@@ -66,12 +74,11 @@
         channels = {
           nixos = {
             imports = [ (digga.lib.importOverlays ./overlays) ];
-            overlays = [
-              nur.overlay
-              agenix.overlay
-              nvfetcher.overlay
-              ./pkgs/default.nix
-            ];
+            overlays = [ ];
+          };
+          nixpkgs-darwin-stable = {
+            imports = [ (digga.lib.importOverlays ./overlays) ];
+            overlays = [ ];
           };
           latest = { };
         };
@@ -85,6 +92,12 @@
               our = self.lib;
             });
           })
+
+          nur.overlay
+          agenix.overlay
+          nvfetcher.overlay
+
+          (import ./pkgs)
         ];
 
         nixos = {
@@ -102,17 +115,45 @@
             ];
           };
 
-          imports = [ (digga.lib.importHosts ./hosts) ];
+          imports = [ (digga.lib.importHosts ./hosts/nixos) ];
           hosts = {
-            /* set host specific properties here */
+            /* set host-specific properties here */
             NixOS = { };
           };
           importables = rec {
             profiles = digga.lib.rakeLeaves ./profiles // {
               users = digga.lib.rakeLeaves ./users;
             };
             suites = with profiles; rec {
-              base = [ core users.nixos users.root ];
+              base = [ core.nixos users.nixos users.root ];
+            };
+          };
+        };
+
+        darwin = {
+          hostDefaults = {
+            system = "x86_64-darwin";
+            channelName = "nixpkgs-darwin-stable";
+            imports = [ (digga.lib.importExportableModules ./modules) ];
+            modules = [
+              { lib.our = self.lib; }
+              digga.darwinModules.nixConfig
+              home.darwinModules.home-manager
+              agenix.nixosModules.age
+            ];
+          };
+
+          imports = [ (digga.lib.importHosts ./hosts/darwin) ];
+          hosts = {
+            /* set host-specific properties here */
+            Mac = { };
+          };
+          importables = rec {
+            profiles = digga.lib.rakeLeaves ./profiles // {
+              users = digga.lib.rakeLeaves ./users;
+            };
+            suites = with profiles; rec {
+              base = [ core.darwin users.darwin ];
             };
           };
         };
@@ -127,13 +168,34 @@
             };
           };
           users = {
+            # TODO: does this naming convention still make sense with darwin support?
+            #
+            # - it doesn't make sense to make a 'nixos' user available on
+            #   darwin, and vice versa
+            #
+            # - the 'nixos' user might have special significance as the default
+            #   user for fresh systems
+            #
+            # - perhaps a system-agnostic home-manager user is more appropriate?
+            #   something like 'primaryuser'?
+            #
+            # all that said, these only exist within the `hmUsers` attrset, so
+            # it could just be left to the developer to determine what's
+            # appropriate. after all, configuring these hm users is one of the
+            # first steps in customizing the template.
             nixos = { suites, ... }: { imports = suites.base; };
+            darwin = { suites, ... }: { imports = suites.base; };
           }; # digga.lib.importers.rakeLeaves ./users/hm;
         };
 
         devshell = ./shell;
 
-        homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
+        # TODO: similar to the above note: does it make sense to make all of
+        # these users available on all systems?
+        homeConfigurations = digga.lib.mergeAny
+          (digga.lib.mkHomeConfigurations self.darwinConfigurations)
+          (digga.lib.mkHomeConfigurations self.nixosConfigurations)
+        ;
 
         deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { };
 

examples/devos/hosts/darwin/Mac.nix

@@ -0,0 +1,6 @@
+{ config, pkgs, suites, ... }:
+
+{
+  imports = with suites;
+    base;
+}

examples/devos/hosts/bootstrap.nix → examples/devos/hosts/nixos/bootstrap.nix

@@ -6,7 +6,7 @@
   # interface that has the local link to the target machine
   imports = [
     # profiles.networking
-    profiles.core
+    profiles.core.nixos
     profiles.users.root # make sure to configure ssh keys
     profiles.users.nixos
   ];