MacOS: Brew help

Help
1

I’m fairly new to Nix. Most of the challenges I ran into, I was able to solve myself. But I do have 1.5 issues with Brew
I’m running 15.1.1

flake.nix 
{
  description = "Example nix-darwin system flake";

  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
    nix-darwin.url = "github:LnL7/nix-darwin";
    #nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
    nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
    nix-homebrew.url = "github:zhaofengli-wip/nix-homebrew";

    # Optional: Declarative tap management
    homebrew-core = {
      url = "github:homebrew/homebrew-core";
      flake = false;
    };
    homebrew-cask = {
      url = "github:homebrew/homebrew-cask";
      flake = false;
    };
    homebrew-bundle = {
      url = "github:homebrew/homebrew-bundle";
      flake = false;
    };

    home-manager = {
      url = "github:nix-community/home-manager";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nix-vscode-extensions = {
      url = "github:nix-community/nix-vscode-extensions";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    # import the 1Password Shell Plugins Flake
    _1password-shell-plugins.url = "github:1Password/shell-plugins";
  };

  outputs = inputs @ {
    self,
    nix-darwin,
    nixpkgs,
    nix-homebrew,
    homebrew-core,
    homebrew-cask,
    homebrew-bundle,
    home-manager,
    nix-vscode-extensions,
    ...
  }: let
    overlays = [
      (final: prev: {
        vscode-extensions = inputs.nix-vscode-extensions.extensions.${prev.system};
      })
    ];
    configuration = {
      pkgs,
      config,
      ...
    }: {
      nixpkgs.overlays = overlays;
      nixpkgs.config.allowUnfree = true;

      environment.systemPackages = [
        pkgs.neovim
        pkgs.mkalias
        pkgs.aldente
        pkgs.git
        pkgs._1password-cli
      ];

      # Necessary for using flakes on this system.
      nix.settings.experimental-features = "nix-command flakes";

      # Garabage Collection to keep the system cleaner
      nix.gc = {
        automatic = true;
        interval = {
          Weekday = 0;
          Hour = 4;
          Minute = 0;
        };
        options = "--delete-older-than 30d";
      };

      imports = [
        ./modules/darwin-system-defaults.nix
      ];

      # Set Git commit hash for darwin-version.
      system.configurationRevision = self.rev or self.dirtyRev or null;

      # $ darwin-rebuild changelog
      system.stateVersion = 5;

      # The platform the configuration will be used on.
      nixpkgs.hostPlatform = "aarch64-darwin";

      homebrew = {
        enable = true;
        onActivation = {
          cleanup = "zap";
          upgrade = true;
          autoUpdate = true;
        };

        casks = [
          "bartender"
          "soundsource"
          "selfcontrol"
          "hammerspoon"
          "microsoft-excel"
          "microsoft-outlook"
          "microsoft-teams"
          "istat-menus"
          "hazel"
          "1password" 
          "karabiner-elements"
          "ticktick"
          "tailscale"
          "bettermouse"
        ];
        brews = [
          "ollama"
          "gollama"
        ];
        masApps = {
          "1Password for Safari" = 1569813296;
          "1Bloker" = 1365531024;
          Raindrop = 1549370672;
        };
      };

      fonts.packages = [
        pkgs.nerd-fonts.jetbrains-mono
        pkgs.nerd-fonts.meslo-lg
      ];

      system.activationScripts.applications.text = let
        env = pkgs.buildEnv {
          name = "system-applications";
          paths = config.environment.systemPackages;
          pathsToLink = "/Applications";
        };
      in
        pkgs.lib.mkForce ''
          # Set up applications.
          echo "setting up /Applications..." >&2
          rm -rf /Applications/Nix\ Apps
          mkdir -p /Applications/Nix\ Apps
          find ${env}/Applications -maxdepth 1 -type l -exec readlink '{}' + |
          while read -r src; do
            app_name=$(basename "$src")
            echo "copying $src" >&2
            ${pkgs.mkalias}/bin/mkalias "$src" "/Applications/Nix Apps/$app_name"
          done
        '';
    };
  in {
    darwinConfigurations."maxbook-pro" = nix-darwin.lib.darwinSystem {
      modules = [
        configuration
        nix-homebrew.darwinModules.nix-homebrew
        {
          nix-homebrew = {
            # Install Homebrew under the default prefix
            enable = true;
            enableRosetta = false;

            # User owning the Homebrew prefix
            user = "USER"; #Changed for public

            # Optional: Declarative tap management
            taps = {
              "homebrew/homebrew-core" = homebrew-core;
              "homebrew/homebrew-cask" = homebrew-cask;
              "homebrew/homebrew-bundle" = homebrew-bundle;
            };
            mutableTaps = false;
          };
        }
        home-manager.darwinModules.home-manager
        {
          home-manager.backupFileExtension = "backup";
          users.users.USER.home = "/Users/USEER";
          home-manager.useGlobalPkgs = true;
          home-manager.useUserPackages = true;
          home-manager.users.USER = import ./home-manager/main-user.nix;
        }
      ];
    };
  };
}

Updating
With casks apps, I ran twice into the situation that an update failed. Both of them were a bit of a hassle to debug.

Question:
Without starting philosophical debate: Leaving the updating to the apps wouldn’t be clean (none deterministic).
Would it be a solution, to install the apps via Brew the module (is that the correct therm?) and in some cases leave the updating to the apps themselves?

Unable to untap
During rebuilding Brew reports that it is unable to untap several casks. I started to just ignoring it. But that is never a good solution. Am I holding it wrong?

Error

Error: Refusing to untap homebrew/cask because it contains the following installed formulae or casks:
1password
bartender
hammerspoon
hazel
istat-menus
karabiner-elements
languagetool
microsoft-excel
microsoft-outlook
microsoft-teams
selfcontrol
soundsource
synology-drive
tailscale

1 Like
2

Hello Tourim,

I’m also new to Nix, so I may not be of much help. I’m mainly posting to say I have the same “Refusing to untap” problem with the Nix Darwin Homebrew integration.

I will say that it sounds like you actually have two different questions. The first is, “Is it a good idea to let the Homebrew apps update themselves to sidestep my failing updates even though that’s not necessarily deterministic?”, and the second is, “I get this ‘Refusing to untap’ error with Homebrew when I try to rebuild. Is it safe to ignore this error?”

My response to your first question: :man_shrugging:

My response to your second: My guess is no. Emphasis on guess (I’m also a nix noob, so a more informed opinion is very welcome). The reason I say “no”, is because I don’t always get this “refusing to untap” error, and things ‘seem to work better’ (what does that mean exactly? —:man_shrugging:) when it doesn’t happen. I can’t figure out the mechanism for when it appears and when it doesn’t. This error almost always shows up in my rebuilds, and when it doesn’t, the reason is a complete mystery to me. This forum post is the only resource I’ve been able to find on Google that mentions this error by name, and it’s encouraging to see that it’s only a few days old, so hopefully someone with real expertise can shed some light on our problems lol

1 Like
3

A couple of days ago, I ran into a similar issue where each time I did a rebuild, I would get a similar error where Homebrew couldn’t untap caskroom/cask.

I managed to fix this by deleting the Taps directory on my system, which was located at /usr/local/Homebrew/Library. (Might be different on ARM) There were several taps located here that were several years old and couldn’t be untapped by Homebrew.

After running a new rebuild, this directory was recreated, and the error was gone.