Skip to content

cpick/nix-rosetta-builder

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

83 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

nix-rosetta-builder

A Rosetta 2-enabled, Apple silicon (macOS/Darwin)-hosted Linux Nix builder.

Runs on aarch64-darwin and builds aarch64-linux (natively) and x86_64-linux (quickly using Rosetta 2).

Features

Advantages over nix-darwin's built in nix.linux-builder (which is based on pkgs.darwin.linux-builder):

  • x86_64-linux support enabled by default and much faster (using Rosetta 2)
  • Multi-core by default
  • More secure:
    • VM runs with minimum permissions (runs as a non-root/admin/wheel user/service account)
    • VM doesn't accept remote connections (it binds to the loopback interface (127.0.0.1))
    • VM cannot be impersonated (its private SSH host key is not publicly-known)

nix-darwin flake setup

flake.nix:

{
  description = "Configure macOS using nix-darwin with rosetta-builder";

  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
    nix-darwin = {
      url = "github:lnl7/nix-darwin";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nix-rosetta-builder = {
      url = "github:cpick/nix-rosetta-builder";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

  outputs = inputs@{ self, nix-darwin, nix-rosetta-builder, nixpkgs }: {
    darwinConfigurations."${hostname}" = nix-darwin.lib.darwinSystem {
      modules = [
        # An existing Linux builder is needed to initially bootstrap `nix-rosetta-builder`.
        # If one isn't already available: comment out the `nix-rosetta-builder` module below,
        # uncomment this `linux-builder` module, and run `darwin-rebuild switch`:
        # { nix.linux-builder.enable = true; }
        # Then: uncomment `nix-rosetta-builder`, remove `linux-builder`, and `darwin-rebuild switch`
        # a second time. Subsequently, `nix-rosetta-builder` can rebuild itself.
        nix-rosetta-builder.darwinModules.default
      ];
    };
  };
}

Uninstall

Remove nix-rosetta-builder from nix-darwin's flake.nix, darwin-rebuild switch, and then:

sudo rm -r /var/lib/rosetta-builder
sudo dscl . -delete /Users/_rosettabuilder
sudo dscl . -delete /Groups/rosettabuilder

Contributing

Feature requests, bug reports, and pull requests are all welcome.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages