From 300af6fcc5303203fa0af5b7ab2e81f2131a6a80 Mon Sep 17 00:00:00 2001
From: Brian Romanko <bromanko@meta.com>
Date: Tue, 27 May 2025 16:33:25 -0700
Subject: [PATCH 1/2] Preserve PATH variable when using sudo

Some systems set `secure_path` in sudoers. When this is set
the `PATH` variable is not set in the sudo environment. Using
`--preserve-env=PATH` ensures that the PATH env var is set properly
in those systems.

This is similar to the issue with [darwin-rebuild](https://github.com/nix-darwin/nix-darwin/issues/798)
not working with sudo on these systems.
---
 modules/homebrew.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/homebrew.nix b/modules/homebrew.nix
index c78d41f..ff04da3 100644
--- a/modules/homebrew.nix
+++ b/modules/homebrew.nix
@@ -802,6 +802,7 @@ in
       if [ -f "${cfg.brewPrefix}/brew" ]; then
         PATH="${cfg.brewPrefix}:${lib.makeBinPath [ pkgs.mas ]}:$PATH" \
         sudo \
+          --preserve-env=PATH \
           --user=${escapeShellArg cfg.user} \
           --set-home \
           ${cfg.onActivation.brewBundleCmd}

From 0721726e213d0274b8626f32b4e95617e6ab58bf Mon Sep 17 00:00:00 2001
From: Brian Romanko <bromanko@meta.com>
Date: Tue, 27 May 2025 16:57:45 -0700
Subject: [PATCH 2/2] Wrap the call with env

---
 modules/homebrew.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/homebrew.nix b/modules/homebrew.nix
index ff04da3..1cef578 100644
--- a/modules/homebrew.nix
+++ b/modules/homebrew.nix
@@ -805,6 +805,7 @@ in
           --preserve-env=PATH \
           --user=${escapeShellArg cfg.user} \
           --set-home \
+          env \
           ${cfg.onActivation.brewBundleCmd}
       else
         echo -e "\e[1;31merror: Homebrew is not installed, skipping...\e[0m" >&2