dirty commits; will be reverted x2

Signed-off-by: s0me1newithhand7s <117505144+s0me1newithhand7s@users.noreply.github.com>

Cargo.lock

@@ -96,9 +96,9 @@ checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
 
 [[package]]
 name = "clap"
-version = "4.5.45"
+version = "4.5.46"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1fc0e74a703892159f5ae7d3aac52c8e6c392f5ae5f359c70b5881d60aaac318"
+checksum = "2c5e4fcf9c21d2e544ca1ee9d8552de13019a42aa7dbf32747fa7aaf1df76e57"
 dependencies = [
  "clap_builder",
  "clap_derive",
@@ -106,9 +106,9 @@ dependencies = [
 
 [[package]]
 name = "clap_builder"
-version = "4.5.44"
+version = "4.5.46"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b3e7f4214277f3c7aa526a59dd3fbe306a370daee1f8b7b8c987069cd8e888a8"
+checksum = "fecb53a0e6fcfb055f686001bc2e2592fa527efaf38dbe81a6a9563562e57d41"
 dependencies = [
  "anstream",
  "anstyle",
@@ -142,13 +142,13 @@ checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990"
 
 [[package]]
 name = "dbus"
-version = "0.9.7"
+version = "0.9.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1bb21987b9fb1613058ba3843121dd18b163b254d8a6e797e144cbac14d96d1b"
+checksum = "6e8d0767bcb66eb101d5ab87b9f38542691185af14fa8a7026c2490e62b45cfc"
 dependencies = [
  "libc",
  "libdbus-sys",
- "winapi",
+ "windows-sys",
 ]
 
 [[package]]
@@ -402,9 +402,9 @@ dependencies = [
 
 [[package]]
 name = "serde_json"
-version = "1.0.142"
+version = "1.0.143"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "030fedb782600dcbd6f02d479bf0d817ac3bb40d644745b769d6a96bc3afc5a7"
+checksum = "d401abef1d108fbd9cbaebc3e46611f4b1021f714a0597a71f41ee463f5f4a5a"
 dependencies = [
  "itoa",
  "memchr",
@@ -459,18 +459,18 @@ dependencies = [
 
 [[package]]
 name = "thiserror"
-version = "2.0.15"
+version = "2.0.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "80d76d3f064b981389ecb4b6b7f45a0bf9fdac1d5b9204c7bd6714fecc302850"
+checksum = "3467d614147380f2e4e374161426ff399c91084acd2363eaf549172b3d5e60c0"
 dependencies = [
  "thiserror-impl",
 ]
 
 [[package]]
 name = "thiserror-impl"
-version = "2.0.15"
+version = "2.0.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "44d29feb33e986b6ea906bd9c3559a856983f92371b3eaa5e83782a351623de0"
+checksum = "6c5e1be1c48b9172ee610da68fd9cd2770e7a4056cb3fc98710ee6906f0c7960"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -501,28 +501,6 @@ version = "0.9.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a"
 
-[[package]]
-name = "winapi"
-version = "0.3.9"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419"
-dependencies = [
- "winapi-i686-pc-windows-gnu",
- "winapi-x86_64-pc-windows-gnu",
-]
-
-[[package]]
-name = "winapi-i686-pc-windows-gnu"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
-
-[[package]]
-name = "winapi-x86_64-pc-windows-gnu"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
-
 [[package]]
 name = "windows-sys"
 version = "0.59.0"

README.md

@@ -141,7 +141,7 @@ System Manager is currently only supported on NixOS and Ubuntu. However, it can
 }
 ```
 
-> \[!WARNING\]
+> [!WARNING]
 > This is unsupported and untested. Use at your own risk.
 
 ## Commercial support

flake.nix

@@ -57,7 +57,46 @@
       devShells = eachSystem (
         { pkgs, ... }:
         {
-          default = import ./shell.nix { inherit pkgs; };
+          default = pkgs.mkShellNoCC {
+            shellHook = ''
+              ${pkgs.pre-commit}/bin/pre-commit install --install-hooks --overwrite
+              export PKG_CONFIG_PATH="${
+                pkgs.lib.makeSearchPath "lib/pkgconfig" [
+                  pkgs.dbus.dev
+                  pkgs.systemdMinimal.dev
+                ]
+              }"
+              export LIBCLANG_PATH="${pkgs.llvmPackages_latest.libclang}/lib"
+              # for rust-analyzer
+              export RUST_SRC_PATH="${pkgs.rustPlatform.rustLibSrc}"
+              export RUST_BACKTRACE=1
+              export RUSTFLAGS="${
+                pkgs.lib.concatStringsSep " " [
+                  "-L${pkgs.lib.getLib pkgs.systemdMinimal}/lib"
+                  "-lsystemd"
+                ]
+              }"
+            '';
+
+            buildInputs = with pkgs; [
+              dbus
+            ];
+
+            nativeBuildInputs = with pkgs; [
+              pkgs.llvmPackages_latest.clang
+              pkg-config
+              rustc
+              cargo
+              # Formatting
+              pre-commit
+              treefmt
+              nixfmt-rfc-style
+              rustfmt
+              clippy
+              mdbook
+              mdformat
+            ];
+          };
         }
       );
 

nix/modules/upstream/nixpkgs/default.nix

@@ -7,6 +7,7 @@
   imports =
     [
       ./nginx.nix
+      ./nix.nix
     ]
     ++
     # List of imported NixOS modules
@@ -15,6 +16,12 @@
       "/misc/meta.nix"
       "/security/acme/"
       "/services/web-servers/nginx/"
+      # nix settings
+      "/config/nix.nix"
+
+      # things tested by hand7s
+      "/services/web-servers/caddy"
+      "/programs/yazi.nix"
     ];
 
   options =

nix/modules/upstream/nixpkgs/nix.nix

@@ -0,0 +1,25 @@
+{ lib, pkgs, ... }:
+{
+  options = {
+    # options coming from modules/services/system/nix-daemon.nix that we cannot import just yet because it
+    # depends on users. These are the minimum options we need to be able to configure Nix using system-manager.
+    nix = {
+      enable = lib.mkOption {
+        type = lib.types.bool;
+        default = true;
+        description = ''
+          Whether to enable Nix.
+          Disabling Nix makes the system hard to modify and the Nix programs and configuration will not be made available by NixOS itself.
+        '';
+      };
+      package = lib.mkOption {
+        type = lib.types.package;
+        default = pkgs.nix;
+        defaultText = lib.literalExpression "pkgs.nix";
+        description = ''
+          This option specifies the Nix package instance to use throughout the system.
+        '';
+      };
+    };
+  };
+}

shell.nix

@@ -1,44 +0,0 @@
-{
-  pkgs ? import <nixpkgs> { },
-}:
-let
-  llvm = pkgs.llvmPackages_latest;
-in
-pkgs.mkShellNoCC {
-  shellHook = ''
-    ${pkgs.pre-commit}/bin/pre-commit install --install-hooks --overwrite
-    export PKG_CONFIG_PATH="${
-      pkgs.lib.makeSearchPath "lib/pkgconfig" [
-        pkgs.dbus.dev
-        pkgs.systemdMinimal.dev
-      ]
-    }"
-    export LIBCLANG_PATH="${llvm.libclang}/lib"
-    # for rust-analyzer
-    export RUST_SRC_PATH="${pkgs.rustPlatform.rustLibSrc}"
-    export RUST_BACKTRACE=1
-    export RUSTFLAGS="${
-      pkgs.lib.concatStringsSep " " [
-        "-L${pkgs.lib.getLib pkgs.systemdMinimal}/lib"
-        "-lsystemd"
-      ]
-    }"
-  '';
-  buildInputs = with pkgs; [
-    dbus
-  ];
-  nativeBuildInputs = with pkgs; [
-    llvm.clang
-    pkg-config
-    rustc
-    cargo
-    # Formatting
-    pre-commit
-    treefmt
-    nixfmt-rfc-style
-    rustfmt
-    clippy
-    mdbook
-    mdformat
-  ];
-}

src/activate.rs

@@ -82,18 +82,16 @@ pub fn activate(store_path: &StorePath, ephemeral: bool) -> Result<()> {
     match etc_files::activate(store_path, old_state.file_tree, ephemeral) {
         Ok(etc_tree) => {
             log::info!("Activating tmp files...");
-            match tmp_files::activate(&etc_tree) {
+            let tmp_result = tmp_files::activate(&etc_tree);
-                Ok(_) => {
+            if let Err(e) = &tmp_result {
-                    log::debug!("Successfully created tmp files");
-                }
-                Err(e) => {
                 log::error!("Error during activation of tmp files");
                 log::error!("{e}");
+            } else {
+                log::debug!("Successfully created tmp files");
             }
-            };
 
             log::info!("Activating systemd services...");
-            match services::activate(store_path, old_state.services, ephemeral) {
+            let final_state = match services::activate(store_path, old_state.services, ephemeral) {
                 Ok(services) => State {
                     file_tree: etc_tree,
                     services,
@@ -105,20 +103,26 @@ pub fn activate(store_path: &StorePath, ephemeral: bool) -> Result<()> {
                         services: result,
                     }
                 }
+            };
+            final_state.write_to_file(state_file)?;
+
+            if let Err(e) = tmp_result {
+                return Err(e.into());
             }
+
+            Ok(())
         }
         Err(ActivationError::WithPartialResult { result, source }) => {
             log::error!("Error during activation: {source:?}");
-            State {
+            let final_state = State {
                 file_tree: result,
                 ..old_state
-            }
+            };
-        }
+            final_state.write_to_file(state_file)?;
-    }
-    .write_to_file(state_file)?;
-
             Ok(())
         }
+    }
+}
 
 pub fn prepopulate(store_path: &StorePath, ephemeral: bool) -> Result<()> {
     log::info!("Pre-populating system-manager profile: {store_path}");

test/nix/modules/default.nix

@@ -134,6 +134,16 @@ let
                 '';
               };
             };
+
+            nix = {
+              settings = {
+                experimental-features = [
+                  "nix-command"
+                  "flakes"
+                ];
+                trusted-users = [ "zimbatm" ];
+              };
+            };
           };
         }
       )
@@ -149,7 +159,7 @@ forEachUbuntuImage "example" {
   ];
   extraPathsToRegister = [ newConfig ];
   testScriptFunction =
-    { toplevel, ... }:
+    { toplevel, hostPkgs, ... }:
     #python
     ''
       # Start all machines in parallel
@@ -223,6 +233,9 @@ forEachUbuntuImage "example" {
       vm.fail("test -f /etc/baz/bar/foo2")
       vm.succeed("test -f /etc/foo_new")
 
+      nix_trusted_users = vm.succeed("${hostPkgs.nix}/bin/nix config show trusted-users").strip()
+      assert "zimbatm" in nix_trusted_users, f"Expected 'zimbatm' to be in trusted-users, got {nix_trusted_users}"
+
       ${system-manager.lib.deactivateProfileSnippet {
         node = "vm";
         profile = newConfig;