Closes#1032
Add `"check"` to the `onActivation.cleanup` enum. When set, nix-darwin runs
`brew bundle cleanup` during system checks to detect Homebrew packages that
are installed but not present in the generated Brewfile. If extra packages
are found, activation fails with a list of them and remediation steps.
Unlike `"uninstall"` and `"zap"`, the `"check"` mode never removes packages
-- it only reports. This runs during both `darwin-rebuild check` and
`darwin-rebuild switch`, matching the behavior of all other system checks.
Add `enableBashIntegration`, `enableFishIntegration`, and
`enableZshIntegration` options that evaluate `brew shellenv` to set up
Homebrew's environment and shell completions. This automates the
boilerplate that every nix-darwin Homebrew user currently writes manually.
All three shells use `interactiveShellInit`, consistent with direnv and
home-manager conventions. Fish additionally sets up completions paths in
the same hook.
Closes#596
`homebrew.brewPrefix` defaulted to the bin directory (`/opt/homebrew/bin`),
not the actual Homebrew prefix (`/opt/homebrew`). This misled users into
writing `${config.homebrew.brewPrefix}/bin`, producing the broken path
`/opt/homebrew/bin/bin`.
Replace it with `homebrew.prefix`, which has correct semantics matching
`brew --prefix`. The old `brewPrefix` option is removed using
`mkRemovedOptionModule`, which catches both users who set the option and
users who read it in custom code. A warning also fires if the new `prefix`
value ends with `/bin`, catching users who copy the old value verbatim.
Homebrew Bundle removed lockfile support in Homebrew 4.4.0 (Oct 2024):
the `--no-lock` CLI flag, the `HOMEBREW_BUNDLE_NO_LOCK` env var, and
the `no_lock` parameter in `installer.rb` are all dead code. Setting
`homebrew.global.lockfiles` has had no effect on current Homebrew
versions.
- Replace the `lockfiles` option with a hidden stub (matching `noLock`)
- Replace the `noLock` hard assertion with a shared deprecation warning
for both options
- Stop setting `HOMEBREW_BUNDLE_NO_LOCK` in `environment.variables`
- Remove the lockfiles paragraph from the `brewfile` option description
Whalebrew support was fully removed from Homebrew Bundle in
Homebrew 4.7.0 (Nov 2025). A `whalebrew` entry in a Brewfile now
raises `RuntimeError: Invalid Brewfile: undefined method 'whalebrew'`,
breaking the entire `brew bundle` invocation.
Use `mkRemovedOptionModule` so that existing configs get a clear
warning instead of an undefined-option error. Also removes the
auto-addition of `"whalebrew"` to `homebrew.brews` and the Brewfile
generation for Docker containers.
Add support for `cargo "pkg"` entries in the generated Brewfile. Homebrew
Bundle supports installing Rust crates via `cargo install`; the `rust`
formula is automatically installed if not already present.
Add support for `go "pkg"` entries in the generated Brewfile. Homebrew
Bundle supports installing Go packages via `go install`; the `go`
formula is automatically installed if not already present.
Both `brew bundle` formula and cask installers support a `postinstall`
option -- a shell command to run after the package is installed or
upgraded. The command only executes when the package actually changed,
not on every `brew bundle` run.
Examples from the Homebrew docs added to the `homebrew.brews` and
`homebrew.casks` option examples and tests.
Homebrew supports `link: :overwrite` which runs `brew link --overwrite`,
force-overwriting existing symlinks. Extract the existing
`restart_service` special-case logic into a reusable helper
(`mkBrewfileLineBoolOrSymbolString`) for options that can be either a
bool or a Ruby symbol in the Brewfile.
We ran into this issue wherein GitHub's `actions/checkout` would fail
because `git-config` would fail to include additional configuration.
The symptom was:
```
Error: fatal: could not read Username for 'https://github.com': terminal prompts disabled
```
And is caused by `git config --local includeIf.gitdir:/var/lib/github-runners/_work/…`.
Wherein `git` apparently resolves (canonicalizes) the current repository
path which then does not match the argument for `includeIf.gitdir` which
then means the configuration that `actions/checkout` is trying to apply
does not get pulled in, which then prevents git from authenticating with
GitHub and fails the build.
Ngl, gemini 3 found that out for me.
We could prefix `/private` everywhere, but changing the user's home
directory is going to [be tricky], not sure what do to about that.
[be tricky]: 7e22bf538a/modules/users/default.nix (L208)
Addresses an error like the following:
```sh-session
$ sudo darwin-rebuild --verbose --print-build-logs switch
building the system configuration...
fetching git input 'git+file:///private/etc/nix-darwin'
error:
… while evaluating an expression to select 'drvPath' on it
at «internal»:1:552:
… while evaluating strict
at «internal»:1:552:
(stack trace truncated; use '--show-trace' to show the full trace)
error: 'vim_configurable' has been renamed to/replaced by 'vim-full'
```
See <853d9f31ea>
Fixesnix-darwin/nix-darwin#1622
Adds a new `services.dnsmasq.servers` option to configure upstream DNS servers. This allows users to specify which DNS servers dnsmasq should forward queries to, supporting domain-specific routing and custom ports.
When empty (default), dnsmasq uses servers from /etc/resolv.conf.
Signed-off-by: Wigger Boelens <me@wigger.email>
Add `NSStatusItemSpacing` and `NSStatusItemSelectionPadding` to `NSGlobalDomain`
options.
These options control the spacing between and padding inside status icons in the
menu bar. With these options, it's possible to squeeze more items on the menu
bar, something that's especially useful on machines with a notch.
This is a copy of #872, which was closed without being merged.
Co-Authored-By: Rob Harrop <rob@robharrop.dev>
The conditional override was intended to be backwards-compatible with older runner packages without the `nodeRuntimes` argument.
However, `override` doesn't yield default arguments, so the override was never applied.
This commit removes the conditional entirely since `nodeRuntimes` was added back in 24.05.
