Skip to content

add nix flake#481

Open
caniko wants to merge 11 commits into
tpoechtrager:masterfrom
caniko:flake
Open

add nix flake#481
caniko wants to merge 11 commits into
tpoechtrager:masterfrom
caniko:flake

Conversation

@caniko

@caniko caniko commented Feb 1, 2026
edited
Loading

Copy link
Copy Markdown

Summary

This PR adds a comprehensive Nix flake that enables building the OSXCross macOS cross-compilation toolchain in a reproducible, declarative way. The flake provides first-class integration with the Nix ecosystem including Rust cross-compilation helpers for use with rust-overlay and crane.

Alternatively, I can also maintain the flake downstream if you don't want to support nix.

Features

Core Toolchain

  • Complete toolchain build - Builds cctools-port, ld64, TAPI library, XAR, and compiler wrappers
  • SDK auto-detection - Automatically detects SDK version from tarball filename
  • Multi-architecture support - arm64, arm64e, x86_64, x86_64h, i386 (SDK-dependent)
  • Configurable options - Deployment target, architecture selection, LTO support

Rust Integration

  • rust-overlay compatible - Helpers for setting up Rust cross-compilation
  • crane integration - mkCrossBuilder wraps crane for easy cross-builds
  • Universal binary support - mkUniversalBinary creates fat binaries from arm64 + x86_64 builds
  • Environment helpers - cargoEnvFor, mkCargoConfig, mkDevShellHook

Build Quality

  • Minimal shell scripting - Logic implemented in native Nix where possible
  • Pure data structures - Symlink definitions as attrsets, not shell commands
  • No pkg-config shadowing - Unprefixed pkg-config intentionally omitted to avoid breaking native Linux builds

Usage

{
  inputs.osxcross.url = "github:tpoechtrager/osxcross";

  outputs = { osxcross, ... }: {
    packages.x86_64-linux.myApp = let
      toolchain = osxcross.lib.x86_64-linux.mkOsxcross {
        sdkPath = ./MacOSX14.5.sdk.tar.xz;
      };
    in /* use toolchain */;
  };
}

Files Added

File Description
flake.nix Main flake with mkOsxcross, mkRustHelpers, overlay
nix/lib.nix SDK version mapping, architecture validation, symlink generation
nix/osxcross.nix Main derivation combining all components
nix/cctools-port.nix Apple cctools and ld64 linker
nix/wrapper.nix Compiler wrapper build
nix/sdk.nix SDK extraction from tarballs
nix/xar.nix XAR archive tool
nix/apple-libtapi.nix Apple TAPI library for .tbd files
nix/rust.nix Rust cross-compilation helpers
nix/README.md Comprehensive documentation

Testing

# Check flake evaluation
nix flake check --no-build

# Build standalone packages
nix build .#xar
nix build .#apple-libtapi

# Build full toolchain (requires SDK)
nix build --impure --expr '
  (builtins.getFlake (toString ./.)).lib.x86_64-linux.mkOsxcross {
    sdkPath = /path/to/MacOSX14.5.sdk.tar.xz;
  }
'

Commit signature verification

Will sign the commit later.

caniko added 2 commits February 1, 2026 11:41
@caniko
feat: add Nix flake for reproducible toolchain builds
a4fde1e 
- Complete toolchain: cctools-port, ld64, TAPI, XAR, wrappers
- SDK auto-detection, multi-arch support, configurable options
- Rust helpers: crane integration, universal binaries, env setup
- Minimal shell scripting, pure Nix data structures
@caniko
add build-time version validation using apple authorative version ins…
8a48fe5 
…ide tar
caniko added 9 commits February 1, 2026 11:57
@caniko
split devsell into its own file, and add alejandra formatter
1fd142e
@caniko
use packages instead of buildInputs in devshell
a9d98f0
@caniko
add path retrieval from env var
e1d726d
@caniko
devshell text about sdk retrieval
a47f68d
@caniko
fix sdk retrieval from env var
dc11cbe
@caniko
Add pure shared macOS SDK refs
47a045b
@caniko
feat: add realize-macos-sdk helper
634c710
@caniko
Split SDK discovery from osxcross toolchain
25e6c51
@caniko
nix: expose unprefixed codesign_allocate for ad-hoc signing
246fc03 
The toolchain installs cctools only under arch-prefixed names
(<arch>-apple-<target>-codesign_allocate). Tools that ad-hoc sign Mach-O
binaries -- e.g. sigtool's `codesign` -- spawn `codesign_allocate` by bare
name via PATH and abort ("Failed to spawn codesign_allocate") unless the
caller sets $CODESIGN_ALLOCATE by hand. macOS itself ships it unprefixed at
/usr/bin/codesign_allocate.

Add an unprefixed `codesign_allocate` symlink to the primary arch's binary
(all arch variants are the same binary), so PATH-based spawning works out of
the box with no extra wiring.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@caniko