https://github.com/nix-community/home-manager/pull/7117#issuecomment-3018582819
noted that #7117 broke compatibility with forwarding ssh-agents using
`ssh -A`/`ForwardAgent`. In order to continue supporting the fix for
the issue raised in #5997 and address the compatibility problem
mentioned by @euank, this commit introduces the solution described in
https://github.com/nix-community/home-manager/pull/7117#issuecomment-3025001779.
The code now checks the following:
1. is this shell part of an SSH connection and is `SSH_AUTH_SOCK` set?
if so, assume the socket variable was set by sshd to point at a
forwarded socket; bail out to skip setting `SSH_AUTH_SOCK".
1. is the current process a child of `gpg-agent --daemon`? if so, then
bail out to skip setting `SSH_AUTH_SOCK`.
1. if we got this far, then set `SSH_AUTH_SOCK`.
I've tested this fix locally and can confirm that both #5997 as well as
the regression are fixed.
Signed-off-by: squat <lserven@gmail.com>
We need to make sure that we don't insert invalid maintainers otherwise
it breaks the RFC39 invite workflow. Check that we have valid nix and
the required attributes are able to be parsed properly.
Signed-off-by: Austin Horstman <khaneliman12@gmail.com>
Creates the user.js if profile.extensions.settings is set.
This fixes the case when profile.extensions.settings is set but every
other option in the mkIf is false, resulting in no user.js creation.
Want to create an easier way to notify maintainers that someone is
working on their module. Added a workflow for requesting a review from any maintainers that have joined the `home-manager-maintainers` team in the organization.
Signed-off-by: Austin Horstman <khaneliman12@gmail.com>
Automated update of the master maintainers list combining:
- Home Manager specific maintainers from modules/lib/maintainers.nix
- Nixpkgs maintainers referenced in Home Manager modules
Changes: +6 -4 lines
Generated by: lib/python/generate-all-maintainers.py
Co-authored-by: home-manager-ci[bot] <214323736+home-manager-ci[bot]@users.noreply.github.com>
We need a nixpkgs on NIX_PATH. Right now we have been using the latest
from channel. But, we can actually just fetch the nixpkgs from our
flake.lock by parsing the flake.lock.
Signed-off-by: Austin Horstman <khaneliman12@gmail.com>
Not every PR requires the overhead of spinning up runners and running
our entire test suite. Filter on paths affected and only run the
relevant steps.
Signed-off-by: Austin Horstman <khaneliman12@gmail.com>
Create initial master maintainer list from the home manager and nixpkgs
maintainers that are referenced in the repository.
Signed-off-by: Austin Horstman <khaneliman12@gmail.com>
Create a script for generating the master maintainer list we will use
for inviting / pinging on changed files.
Signed-off-by: Austin Horstman <khaneliman12@gmail.com>
Before:
> Existing file '' would be clobbered by backing up '/home/winter/.config/fish/config.fish'
After:
> Existing file '/home/winter/.config/fish/config.fish' would be clobbered
I had programs.bash.sessionVariables.CDPATH = ... defined in the
different nix files. One was taken into account and the other one
ignored.
Turns out plain "types.attrs" has the following merging strategy:
===
merge = loc: foldl' (res: def: res // def.value) { };
===
Changing it to "attrsOf", the module system warned me of the conflicting
values.
Similar to the `nixos-rebuild repl` command, `home-manager repl` will
launch the Nix read-evaluate-print-loop environment with the Home
Manager configuration loaded.
To make that more useful, also add the pkgs and options attributes from
the generated Home Manager configuration to the environment.
This doesn't currently work with flakes, because I don't use them and
I'm not confident I could safely test that function.
We have a configuration option services.syncthing.guiAddress which is an explicit option because we need it in the syncthing-init service, but why not also set it in the actual syncthing config as well as (or instead of?) the current CLI override? This way other software that parses the config file / REST API like syncthingtray just works with it instead of erroring out and unexpectedly requesting user interaction.
I guess we could actually also scrap the explicit services.syncthing.guiAddress option in favor of the syncthing-native services.syncthing.settings.gui.address because these two (valid!) options conflict otherwise.
Also, a next PR (or addition to this one) could be to make sure the syncthing-init service treats services.syncthing.settings.gui differently by not PUTting but PATCHing the configuration as PUTting triggers an API key regeneration, again breaking REST API access for other tools.
This commit addresses https://github.com/nix-community/home-manager/issues/5997
At the root, the gpg-agent SSH integration is not working on Darwin
because shells are started with `SSH_AUTH_SOCK` already set to something
like `/private/tmp/com.apple.launchd.ozLmoURHDC/Listeners`, which
prevents the hook from setting the variable to the gpg-agent's socket.
This commit fixes the issue using a different mechanism to detect if the
current shell has already had the `SSH_AUTH_SOCK` variable set to the
gpg-agent's socket, namely by checking for `gnupg_SSH_AUTH_SOCK_by` as
documented in
https://www.gnupg.org/documentation/manuals/gnupg/Agent-Examples.html#Agent-Examples.
This is essentially a simplified version of
https://github.com/nix-community/home-manager/pull/5901 that does not
attempt to migrate gpg-agent over to launchd.
Signed-off-by: squat <lserven@gmail.com>
Zed uses JSON5 for settings files. JQ doesn't understand that format and
fails if found, when merging with preexisting settings.
Here I add a conversion step that converts JSON5 to JSON before handling
the contents to JQ.
Besides, I changed the arguments in the jq function, so instead of using
`[0]` and `[1]`, we now use `$dynamic` and `$static` respectively. This
should make scripts more readable.
Fixes https://github.com/nix-community/home-manager/issues/7247
Fixes https://github.com/nix-community/home-manager/issues/7226
Currently only running on the master branch. But, we can schedule on the
release branch, as well.
Signed-off-by: Austin Horstman <khaneliman12@gmail.com>
