home: Add buildEnvWithNoChroot to help avoid darwin sandbox failures

Sets `__noChroot = true` on select `buildEnv` derivations that assemble large numbers of paths. This may be used to avoid sandbox failures on darwin, see NixOS/nix#4119 and the `sandbox` option in `man nix.conf`.
amarshall · Mar 2, 2023 · f09565f · f09565f
1 parent a7d3f51
commit f09565f
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 8 deletions.
diff --git a/modules/home-environment.nix b/modules/home-environment.nix
@@ -458,6 +458,14 @@ in
         will be printed when the user configuration is being built.
       '';
     };
+
+    home.buildEnvWithNoChroot = mkEnableOption ''
+      Sets <code>__noChroot = true</code> on select <code>buildEnv</code>
+      derivations that assemble large numbers of paths. This may be used to
+      avoid sandbox failures on darwin, see
+      https://github.com/NixOS/nix/issues/4119 and the <code>sandbox</code>
+      option in <command>man nix.conf</command>.
+    '';
   };
 
   config = {
@@ -705,7 +713,7 @@ in
           ${activationCmds}
         '';
       in
-        pkgs.runCommand
+        (pkgs.runCommand
           "home-manager-generation"
           {
             preferLocalBuild = true;
@@ -727,9 +735,11 @@ in
             ln -s ${cfg.path} $out/home-path
 
             ${cfg.extraBuilderCommands}
-          '';
+          '').overrideAttrs (old: {
+            __noChroot = cfg.buildEnvWithNoChroot;
+          });
 
-    home.path = pkgs.buildEnv {
+    home.path = (pkgs.buildEnv {
       name = "home-manager-path";
 
       paths = cfg.packages;
@@ -740,6 +750,8 @@ in
       meta = {
         description = "Environment of packages installed through home-manager";
       };
-    };
+    }).overrideAttrs (old: {
+      __noChroot = cfg.buildEnvWithNoChroot;
+    });
   };
 }
diff --git a/modules/targets/darwin/fonts.nix b/modules/targets/darwin/fonts.nix
@@ -4,11 +4,13 @@ with lib;
 
 let
   homeDir = config.home.homeDirectory;
-  fontsEnv = pkgs.buildEnv {
+  fontsEnv = (pkgs.buildEnv {
     name = "home-manager-fonts";
     paths = config.home.packages;
     pathsToLink = "/share/fonts";
-  };
+  }).overrideAttrs (old: {
+    __noChroot = config.home.buildEnvWithNoChroot;
+  });
   fonts = "${fontsEnv}/share/fonts";
 in {
   # macOS won't recognize symlinked fonts

diff --git a/modules/targets/darwin/linkapps.nix b/modules/targets/darwin/linkapps.nix
@@ -4,11 +4,13 @@
   config = lib.mkIf pkgs.stdenv.hostPlatform.isDarwin {
     # Install MacOS applications to the user environment.
     home.file."Applications/Home Manager Apps".source = let
-      apps = pkgs.buildEnv {
+      apps = (pkgs.buildEnv {
         name = "home-manager-applications";
         paths = config.home.packages;
         pathsToLink = "/Applications";
-      };
+      }).overrideAttrs (old: {
+        __noChroot = config.home.buildEnvWithNoChroot;
+      });
     in "${apps}/Applications";
   };
 }