From 58f09a95d3646ac05a4d16abb52dc352b48b1d02 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Wed, 30 Oct 2024 18:38:55 +0100
Subject: [PATCH 1/6] add update script for macos machines

---
 update-macos.sh | 51 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100755 update-macos.sh

diff --git a/update-macos.sh b/update-macos.sh
new file mode 100755
index 0000000..066ad23
--- /dev/null
+++ b/update-macos.sh
@@ -0,0 +1,51 @@
+#!/usr/bin/env nix
+#! nix shell --inputs-from .# nixpkgs#bashInteractive nixpkgs#openssh nixpkgs#nix nixpkgs#jq --command bash
+
+set -euo pipefail -x
+
+targets=(
+  root@208.83.1.145
+  root@208.83.1.173
+  root@208.83.1.181
+  root@208.83.1.186
+  root@208.83.1.175
+)
+
+path=$(nix flake metadata --json | jq -r '.path')
+
+SSHOPTS=(
+  "-o" "ControlMaster=auto"
+  "-o" "ControlPath=~/.ssh/cm-%r@%h:%p"
+  "-o" "ControlPersist=60m"
+)
+
+# Establish persistent connections
+for target in "${targets[@]}"; do
+  ssh "${SSHOPTS[@]}" -Nf "$target"
+done
+
+for target in "${targets[@]}"; do
+  NIX_SSHOPTS="${SSHOPTS[*]}" nix copy --to "ssh://$target" "$path"
+done
+
+declare -A builds
+for target in "${targets[@]}"; do
+  ssh "${SSHOPTS[@]}" "$target" "darwin-rebuild build -L --flake $path" &
+  builds["$target"]=$!
+done
+
+for target in "${!builds[@]}"; do
+  wait "${builds["$target"]}" || {
+    echo "Build failed on $target"
+    exit 1
+  }
+done
+
+for target in "${targets[@]}"; do
+  ssh "${SSHOPTS[@]}" "$target" "darwin-rebuild switch -L --flake $path"
+done
+
+# Close the persistent connections
+for target in "${targets[@]}"; do
+  ssh "${SSHOPTS[@]}" -O exit "$target"
+done

From 2f96fd873954bc67da268da09638d059d6337728 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Wed, 30 Oct 2024 18:56:36 +0100
Subject: [PATCH 2/6] darwin: fix remote login

---
 darwin-configuration.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/darwin-configuration.nix b/darwin-configuration.nix
index 6ec4286..673c5f3 100644
--- a/darwin-configuration.nix
+++ b/darwin-configuration.nix
@@ -48,6 +48,9 @@
   };
 
   nix.package = pkgs.nix;
+  # bash doesn't export /run/current-system/sw/bin to $PATH,
+  # which we need for nix-store
+  users.users.root.shell = "/bin/zsh";
   nix.settings.max-jobs = 4;
   nix.settings.cores = 1;
   nix.gc.automatic = true;

From c4c43d8599fa89b162d0278e1feca1c801035c9b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Wed, 30 Oct 2024 18:56:43 +0100
Subject: [PATCH 3/6] darwin: set system.stateVersion

---
 darwin-configuration.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/darwin-configuration.nix b/darwin-configuration.nix
index 673c5f3..5adead7 100644
--- a/darwin-configuration.nix
+++ b/darwin-configuration.nix
@@ -4,6 +4,8 @@
     ./nixops/modules/ofborg/module.nix
   ];
 
+  system.stateVersion = 5;
+
   nixpkgs.overlays = [
     (final: prev: {
       # https://github.com/NixOS/nixpkgs/pull/198306

From d136147d1026be3394493068f707fb6391f4b45a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Wed, 30 Oct 2024 19:01:52 +0100
Subject: [PATCH 4/6] darwin: move enableCompletion to completion.enable

---
 darwin-configuration.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/darwin-configuration.nix b/darwin-configuration.nix
index 5adead7..013b328 100644
--- a/darwin-configuration.nix
+++ b/darwin-configuration.nix
@@ -20,7 +20,7 @@
   programs.zsh.enable = true;
   programs.zsh.enableCompletion = false;
   programs.bash.enable = true;
-  programs.bash.enableCompletion = false;
+  programs.bash.completion.enable = false;
 
   #services.activate-system.enable = true;
   services.ofborg.enable = true;

From 484e5fba88e3837b1b934a89b62df339d6f9d659 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Wed, 30 Oct 2024 20:42:45 +0100
Subject: [PATCH 5/6] darwin: ofborg needs explicit home set now

---
 darwin-configuration.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/darwin-configuration.nix b/darwin-configuration.nix
index 013b328..8590caf 100644
--- a/darwin-configuration.nix
+++ b/darwin-configuration.nix
@@ -42,6 +42,7 @@
   # depending on what modules are enabled.
   users.knownGroups = [ "ofborg" ];
   users.knownUsers = [ "ofborg" ];
+  users.users.ofborg.home = "/private/var/lib/ofborg";
 
   services.nix-daemon.enable = true;
 

From 7abbc2f50c9de4430e7ca476174f880344b75808 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Wed, 30 Oct 2024 20:49:06 +0100
Subject: [PATCH 6/6] update nix-darwin

---
 flake.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/flake.lock b/flake.lock
index 529116a..18f7f1c 100644
--- a/flake.lock
+++ b/flake.lock
@@ -32,11 +32,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1704277720,
-        "narHash": "sha256-meAKNgmh3goankLGWqqpw73pm9IvXjEENJloF0coskE=",
+        "lastModified": 1730184279,
+        "narHash": "sha256-6OB+WWR6gnaWiqSS28aMJypKeK7Pjc2Wm6L0MtOrTuA=",
         "owner": "LnL7",
         "repo": "nix-darwin",
-        "rev": "0dd382b70c351f528561f71a0a7df82c9d2be9a4",
+        "rev": "b379bd4d872d159e5189053ce9a4adf86d56db4b",
         "type": "github"
       },
       "original": {