Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: switch over to determinate nix installer #48

Merged
merged 2 commits into from
Mar 17, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion etc/nix/nix.conf

This file was deleted.

21 changes: 11 additions & 10 deletions usr/bin/nix-install
Original file line number Diff line number Diff line change
Expand Up @@ -3,16 +3,16 @@
# thanks dnkmmr!

sudo sleep 2
echo "Adding selinux content to /nix"
echo "Adding SELinux content to /nix"
sudo semanage fcontext -a -t etc_t '/nix/store/[^/]+/etc(/.*)?' ; sudo semanage fcontext -a -t lib_t '/nix/store/[^/]+/lib(/.*)?' ; sudo semanage fcontext -a -t systemd_unit_file_t '/nix/store/[^/]+/lib/systemd/system(/.*)?' ; sudo semanage fcontext -a -t man_t '/nix/store/[^/]+/man(/.*)?' ; sudo semanage fcontext -a -t bin_t '/nix/store/[^/]+/s?bin(/.*)?' ; sudo semanage fcontext -a -t usr_t '/nix/store/[^/]+/share(/.*)?' ; sudo semanage fcontext -a -t var_run_t '/nix/var/nix/daemon-socket(/.*)?' ; sudo semanage fcontext -a -t usr_t '/nix/var/nix/profiles(/per-user/[^/]+)?/[^/]+'
sleep 1
sudo mkdir /var/lib/nix
sleep 1
echo "adding selinux content to /var/lib/nix"
echo "Adding SELinux content to /var/lib/nix"
sudo semanage fcontext -a -t etc_t '/var/lib/nix/store/[^/]+/etc(/.*)?' ; sudo semanage fcontext -a -t lib_t '/var/lib/nix/store/[^/]+/lib(/.*)?' ; sudo semanage fcontext -a -t systemd_unit_file_t '/var/lib/nix/store/[^/]+/lib/systemd/system(/.*)?' ; sudo semanage fcontext -a -t man_t '/var/lib/nix/store/[^/]+/man(/.*)?' ; sudo semanage fcontext -a -t bin_t '/var/lib/nix/store/[^/]+/s?bin(/.*)?' ; sudo semanage fcontext -a -t usr_t '/var/lib/nix/store/[^/]+/share(/.*)?' ; sudo semanage fcontext -a -t var_run_t '/var/lib/nix/var/nix/daemon-socket(/.*)?' ; sudo semanage fcontext -a -t usr_t '/var/lib/nix/var/nix/profiles(/per-user/[^/]+)?/[^/]+'
echo "Creating service files"
sleep 1
echo "creating SSL cert file"
echo "Creating SSL cert file"

sudo tee /etc/systemd/system/nix-daemon.service.d/override.conf <<EOF
[Service]
Expand Down Expand Up @@ -57,40 +57,41 @@ Type=none
EOF

sleep 1
echo "Enabling mounting of /var/lib/nix to /nix and resetting SELinux context"
echo "Enabling mount and resetting SELinux context"
sleep 1

sudo systemctl daemon-reload ; sudo systemctl enable nix.mount ; sudo systemctl start nix.mount ; sudo restorecon -RF /nix

sleep 1

echo "Temorarly setting SELinux to permissive"
echo "Temorarily setting SELinux to Permissive"

sudo setenforce Permissive

sleep 1

echo "Preparring the nix install script"
echo "Preparing the nix install script"

sleep 5

sh <(curl -L https://nixos.org/nix/install) --daemon
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install --no-confirm

echo "Nix installer has finished running"
sleep 1
echo "Now copying service files"
echo "Copying service files"

sleep 1

sudo rm -f /etc/systemd/system/nix-daemon.{service,socket} ; sudo cp /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.{service,socket} /etc/systemd/system/ ; sudo restorecon -RF /nix ; sudo systemctl daemon-reload ; sudo systemctl enable --now nix-daemon.socket

sleep 1

echo "Now setting SELinux back to Enforcing"
echo "Setting SELinux back to Enforcing"

sudo setenforce Enforcing

sleep 1

echo "Reboot your system by typing"
echo "You MUST reboot in order for the installation to finish"
echo "Reboot your system by typing:"
echo "systemctl reboot"