diff options
author | midchildan <git@midchildan.org> | 2023-03-21 21:05:38 +0900 |
---|---|---|
committer | midchildan <git@midchildan.org> | 2023-03-21 21:18:16 +0900 |
commit | 8da60f204ffc26b6ac59b39568071fa4e3276412 (patch) | |
tree | af7d2b2f132d2c2536d2fbb71d638d120dfd0e82 /pkgs/applications/networking/syncthing | |
parent | a8cb03117a94c13184c47ba00e6ec21a503c6ecd (diff) |
syncthing: apply autoSignDarwinBinariesHook
Somewhere between macOS 13.0.1 and 13.2.1, launchd started rejecting binaries that aren't signed in Launch Agents/Daemons. This is the case even on x86 devices, which has a more lax code signing policy compared to Apple Silicon. This change signs Syncthing binaries so that it can be auto-started at login by launchd.
Diffstat (limited to 'pkgs/applications/networking/syncthing')
-rw-r--r-- | pkgs/applications/networking/syncthing/default.nix | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/pkgs/applications/networking/syncthing/default.nix b/pkgs/applications/networking/syncthing/default.nix index 952851b08dbac..0ddf1fc8f9ccc 100644 --- a/pkgs/applications/networking/syncthing/default.nix +++ b/pkgs/applications/networking/syncthing/default.nix @@ -1,4 +1,13 @@ -{ pkgsBuildBuild, go, buildGoModule, stdenv, lib, procps, fetchFromGitHub, nixosTests }: +{ pkgsBuildBuild +, go +, buildGoModule +, stdenv +, lib +, procps +, fetchFromGitHub +, nixosTests +, autoSignDarwinBinariesHook +}: let common = { stname, target, postInstall ? "" }: @@ -15,6 +24,15 @@ let vendorHash = "sha256-5NgflkRXkbWiIkASmxIgWliE8sF89HtlMtlIF+5u6Ic="; + nativeBuildInputs = lib.optionals stdenv.isDarwin [ + # Recent versions of macOS seem to require binaries to be signed when + # run from Launch Agents/Daemons, even on x86 devices where it has a + # more lax code signing policy compared to Apple Silicon. So just sign + # the binaries on both architectures to make it possible for launchd to + # auto-start Syncthing at login. + autoSignDarwinBinariesHook + ]; + doCheck = false; BUILD_USER = "nix"; |