Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support --no-modify-profile for daemon installations #4457

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Support --no-modify-profile for daemon installations #4457

wants to merge 1 commit into from

Conversation

aneeshusa
Copy link
Contributor

@aneeshusa aneeshusa commented Jan 17, 2021
edited

Unlike the single user install which edits user-specific files in $HOME
the daemon installer only edits global shell startup files.
As some systems have non-standard locations for these global files
(e.g. usage of /etc/zsh/zshenv instead of /etc/zshenv),
this allows folks to pre-configure relevant shell startup files
before they run the regular installer.

Personally, I don't edit the shell (i.e. bash/zsh) specific files,
but create a symlink in /etc/profile.d directly to $PROFILE_NIX_FILE
(instead of a file sourcing it).
I also don't need any of the backup functionality.

Fixes #4369.

@aneeshusa
Copy link
Contributor Author

aneeshusa commented Jan 17, 2021
edited

TODOs before I unmark as draft:

  • Test a regular install in Vagrant (no --no-modify-profile) and confirm everything still works
  • Test an install in Vagrant with --no-modify-profile where I manually set up /etc/profile.d before running the installer and confirm things still work

@edolstra edolstra added installer feature Feature request or proposal labels Jan 18, 2021
@aneeshusa aneeshusa force-pushed the support-no-modify-profile-for-daemon-installs branch from 00bbb13 to 7cb3bcf Compare January 18, 2021 21:40
@aneeshusa
Support --no-modify-profile for daemon installations
0a346b7 
Unlike the single user install which edits user-specific files in $HOME
the daemon installer only edits global shell startup files.
As some systems have non-standard locations for these global files
(e.g. usage of `/etc/zsh/zshenv` instead of /etc/zshenv),
this allows folks to pre-configure relevant shell startup files
before they run the regular installer.

Personally, I don't edit the shell (i.e. bash/zsh) specific files,
but create a symlink in `/etc/profile.d` directly to $PROFILE_NIX_FILE
(instead of a file sourcing it).
I also don't need any of the backup functionality.
@aneeshusa aneeshusa force-pushed the support-no-modify-profile-for-daemon-installs branch from 7cb3bcf to 0a346b7 Compare January 18, 2021 21:41
@aneeshusa
Copy link
Contributor Author

Tested locally with the 2 situations from the TODO, as well as another one with --no-modify-profile but no extra setup to show the profile files aren't modified.

Test Script 
#!/usr/bin/env bash

set -euo pipefail

cat >./Vagrantfile <<EOF
Vagrant.configure("2") do |config|
  config.vm.define "fedora31" do |fedora31|
    fedora31.vm.box = "bento/fedora-31"
  end
  config.vm.synced_folder "../tmp-nix-installer-tarball", "/nix-installer"
end
EOF

echo '> Building tarball'
nix-build --no-out-link -A hydraJobs.binaryTarball.x86_64-linux 2>/dev/null

rm -rf ../tmp-nix-installer-tarball && mkdir -p ../tmp-nix-installer-tarball
tar -xf "$(nix-build --no-out-link -A hydraJobs.binaryTarball.x86_64-linux)"/*.tar.xz -C ../tmp-nix-installer-tarball --strip-components=1

echo '> Normal'
vagrant destroy --force
vagrant up
vagrant ssh -- /nix-installer/install --daemon --no-channel-add --daemon-user-count 3 </dev/null
vagrant ssh -- 'set -x; ls /etc/profile.d; sudo grep -r "End Nix" /etc; env | grep -i nix; which -a nix; nix --experimental-features nix-command store ping' || true
# Cannot run again due to existing `.backup-before-nix` copies of global shell startup files


echo '> With --no-modify-profile'
vagrant destroy --force
vagrant up
vagrant ssh -- /nix-installer/install --daemon --no-channel-add --daemon-user-count 3 --no-modify-profile </dev/null
vagrant ssh -- 'set -x; ls /etc/profile.d; sudo grep -r "End Nix" /etc; env | grep -i nix; which -a nix; nix --experimental-features nix-command store ping' || true
vagrant ssh -- ALLOW_PREEXISTING_INSTALLATION=true /nix-installer/install --daemon --no-channel-add --daemon-user-count 3 --no-modify-profile </dev/null
vagrant ssh -- 'set -x; ls /etc/profile.d; sudo grep -r "End Nix" /etc; env | grep -i nix; which -a nix; nix --experimental-features nix-command store ping' || true

echo '> With --no-modify-profile, pre-creating /etc/profile/nix.sh'
vagrant destroy --force
vagrant up
vagrant ssh -- 'sudo ln -s /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh /etc/profile.d/' || true
vagrant ssh -- /nix-installer/install --daemon --no-channel-add --daemon-user-count 3 --no-modify-profile </dev/null
vagrant ssh -- 'set -x; ls /etc/profile.d; sudo grep -r "End Nix" /etc; env | grep -i nix; which -a nix; nix --experimental-features nix-command store ping' || true
vagrant ssh -- ALLOW_PREEXISTING_INSTALLATION=true /nix-installer/install --daemon --no-channel-add --daemon-user-count 3 --no-modify-profile </dev/null
vagrant ssh -- 'set -x; ls /etc/profile.d; sudo grep -r "End Nix" /etc; env | grep -i nix; which -a nix; nix --experimental-features nix-command store ping' || true
Test output 
> Building tarball
/nix/store/4gn4c4dii84hv2sj1y44z9r2jrb23sx2-nix-binary-tarball-2.4pre19700101_0a346b7
> Normal
==> fedora31: Forcing shutdown of VM...
==> fedora31: Destroying VM and associated drives...
Bringing machine 'fedora31' up with 'virtualbox' provider...
==> fedora31: Importing base box 'bento/fedora-31'...
Progress: 10%Progress: 20%Progress: 30%Progress: 40%Progress: 50%Progress: 60%Progress: 70%Progress: 80%Progress: 90%==> fedora31: Matching MAC address for NAT networking...
==> fedora31: Checking if box 'bento/fedora-31' version '202010.22.0' is up to date...
==> fedora31: Setting the name of the VM: nix_fedora31_1611007601488_56727
==> fedora31: Fixed port collision for 22 => 2222. Now on port 2200.
==> fedora31: Clearing any previously set network interfaces...
==> fedora31: Preparing network interfaces based on configuration...
    fedora31: Adapter 1: nat
==> fedora31: Forwarding ports...
    fedora31: 22 (guest) => 2200 (host) (adapter 1)
==> fedora31: Booting VM...
==> fedora31: Waiting for machine to boot. This may take a few minutes...
    fedora31: SSH address: 127.0.0.1:2200
    fedora31: SSH username: vagrant
    fedora31: SSH auth method: private key
    fedora31: 
    fedora31: Vagrant insecure key detected. Vagrant will automatically replace
    fedora31: this with a newly generated keypair for better security.
    fedora31: 
    fedora31: Inserting generated public key within guest...
    fedora31: Removing insecure key from the guest if it's present...
    fedora31: Key inserted! Disconnecting and reconnecting using new SSH key...
==> fedora31: Machine booted and ready!
==> fedora31: Checking for guest additions in VM...
==> fedora31: Mounting shared folders...
    fedora31: /vagrant => /home/aneesh/workspace/nix
    fedora31: /nix-installer => /home/aneesh/workspace/tmp-nix-installer-tarball
Note: a multi-user installation is possible. See https://nixos.org/nix/manual/#sect-multi-user-installation
Switching to the Multi-user Installer
Welcome to the Multi-User Nix Installation

This installation tool will set up your computer with the Nix package
manager. This will happen in a few stages:

- Make sure your computer doesn't already have Nix. If it does, I
  will show you instructions on how to clean up your old one.

- Show you what we are going to install and where. Then we will ask
  if you are ready to continue.

- Create the system users and groups that the Nix daemon uses to run
  builds.

- Perform the basic installation of the Nix files daemon.

- Configure your shell to import special Nix Profile files, so you
  can use Nix.

- Start the Nix daemon.

Would you like to see a more detailed list of what we will do?
No TTY, assuming you would say yes :)

We will:

 - make sure your computer doesn't already have Nix files
   (if it does, I will tell you how to clean them up.)
 - create local users (see the list above for the users we'll make)
 - create a local group (nixbld)
 - install Nix in to /nix
 - create a configuration file in /etc/nix
 - set up the "default profile" by creating some Nix-related files in
   /root
 - back up /etc/bashrc to /etc/bashrc.backup-before-nix
 - update /etc/bashrc to include some Nix configuration
 - load and start a service (at /etc/systemd/system/nix-daemon.service
   and /etc/systemd/system/nix-daemon.socket) for nix-daemon

Ready to continue?
No TTY, assuming you would say yes :)

---- let's talk about sudo -----------------------------------------------------
This script is going to call sudo a lot. Normally, it would show you
exactly what commands it is running and why. However, the script is
run in a headless fashion, like this:

  $ curl -L https://nixos.org/nix/install | sh

or maybe in a CI pipeline. Because of that, we're going to skip the
verbose output in the interest of brevity.

If you would like to
see the output, try like this:

  $ curl -L -o install-nix https://nixos.org/nix/install
  $ sh ./install-nix


---- Nix config report ---------------------------------------------------------
        Temp Dir:	/tmp/tmp.PucEI0rBUl
        Nix Root:	/nix
     Build Users:	3
  Build Group ID:	30000
Build Group Name:	nixbld

build users:
    Username:	UID
     nixbld1:	30001
     nixbld2:	30002
     nixbld3:	30003

Ready to continue?
No TTY, assuming you would say yes :)

~~> Setting up the build group nixbld
            Created:	Yes

~~> Setting up the build user nixbld1
           Created:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 1
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000

~~> Setting up the build user nixbld2
           Created:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 2
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000

~~> Setting up the build user nixbld3
           Created:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 3
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000
mkdir: created directory '/nix'
mkdir: created directory '/nix/var'
mkdir: created directory '/nix/var/log'
mkdir: created directory '/nix/var/log/nix'
mkdir: created directory '/nix/var/log/nix/drvs'
mkdir: created directory '/nix/var/nix'
mkdir: created directory '/nix/var/nix/db'
mkdir: created directory '/nix/var/nix/gcroots'
mkdir: created directory '/nix/var/nix/profiles'
mkdir: created directory '/nix/var/nix/temproots'
mkdir: created directory '/nix/var/nix/userpool'
mkdir: created directory '/nix/var/nix/gcroots/per-user'
mkdir: created directory '/nix/var/nix/profiles/per-user'
mkdir: created directory '/nix/store'
mkdir: created directory '/etc/nix'
      Alright! We have our first nix at /nix/store/28jm9hb07j6gxcs8qrnlmba16xk9qild-nix-2.4pre19700101_0a346b7
      Just finished getting the nix database ready.

# Nix
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
  . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi
# End Nix


# Nix
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
  . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi
# End Nix


# Nix
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
  . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi
# End Nix

installing 'nix-2.4pre19700101_0a346b7'
building '/nix/store/30rqq919h91y2vqqiqmcyn44iqvaxgq6-user-environment.drv'...
installing 'nss-cacert-3.56'
building '/nix/store/knzb7v8rj2n5rld7gqm1922c8jl671r7-user-environment.drv'...
Created symlink /etc/systemd/system/nix-daemon.service â /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.service.
Created symlink /etc/systemd/system/sockets.target.wants/nix-daemon.socket â /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.socket.
Created symlink /etc/systemd/system/nix-daemon.socket â /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.socket.
Alright! We're done!

Before Nix will work in your existing shells, you'll need to close
them and open them again. Other than that, you should be ready to go.

Try it! Open a new terminal, and type:

  $ nix-shell -p nix-info --run "nix-info -m"

Thank you for using this installer. If you have any feedback, don't
hesitate:

We'd love to help if you need it.

If you can, open an issue at https://github.com/nixos/nix/issues

Or feel free to contact the team,
 - on IRC #nixos on irc.freenode.net
 - on twitter @nixos_org
+ ls /etc/profile.d
colorgrep.csh
colorgrep.sh
colorls.csh
colorls.sh
colorxzgrep.csh
colorxzgrep.sh
colorzgrep.csh
colorzgrep.sh
csh.local
gawk.csh
gawk.sh
lang.csh
lang.sh
less.csh
less.sh
nix.sh
sh.local
which2.csh
which2.sh
+ sudo grep -r 'End Nix' /etc
/etc/bashrc:# End Nix
/etc/profile.d/nix.sh:# End Nix
/etc/zshenv:# End Nix
+ grep -i nix
+ env
NIX_PROFILES=/nix/var/nix/profiles/default /home/vagrant/.nix-profile
NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt
PATH=/home/vagrant/.local/bin:/home/vagrant/bin:/home/vagrant/.nix-profile/bin:/nix/var/nix/profiles/default/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
+ which -a nix
/nix/var/nix/profiles/default/bin/nix
+ nix --experimental-features nix-command store ping
> With --no-modify-profile
==> fedora31: Forcing shutdown of VM...
==> fedora31: Destroying VM and associated drives...
Bringing machine 'fedora31' up with 'virtualbox' provider...
==> fedora31: Importing base box 'bento/fedora-31'...
Progress: 10%Progress: 20%Progress: 90%==> fedora31: Matching MAC address for NAT networking...
==> fedora31: Checking if box 'bento/fedora-31' version '202010.22.0' is up to date...
==> fedora31: Setting the name of the VM: nix_fedora31_1611007643750_97655
==> fedora31: Fixed port collision for 22 => 2222. Now on port 2200.
==> fedora31: Clearing any previously set network interfaces...
==> fedora31: Preparing network interfaces based on configuration...
    fedora31: Adapter 1: nat
==> fedora31: Forwarding ports...
    fedora31: 22 (guest) => 2200 (host) (adapter 1)
==> fedora31: Booting VM...
==> fedora31: Waiting for machine to boot. This may take a few minutes...
    fedora31: SSH address: 127.0.0.1:2200
    fedora31: SSH username: vagrant
    fedora31: SSH auth method: private key
    fedora31: 
    fedora31: Vagrant insecure key detected. Vagrant will automatically replace
    fedora31: this with a newly generated keypair for better security.
    fedora31: 
    fedora31: Inserting generated public key within guest...
    fedora31: Removing insecure key from the guest if it's present...
    fedora31: Key inserted! Disconnecting and reconnecting using new SSH key...
==> fedora31: Machine booted and ready!
==> fedora31: Checking for guest additions in VM...
==> fedora31: Mounting shared folders...
    fedora31: /vagrant => /home/aneesh/workspace/nix
    fedora31: /nix-installer => /home/aneesh/workspace/tmp-nix-installer-tarball
Note: a multi-user installation is possible. See https://nixos.org/nix/manual/#sect-multi-user-installation
Switching to the Multi-user Installer
Welcome to the Multi-User Nix Installation

This installation tool will set up your computer with the Nix package
manager. This will happen in a few stages:

- Make sure your computer doesn't already have Nix. If it does, I
  will show you instructions on how to clean up your old one.

- Show you what we are going to install and where. Then we will ask
  if you are ready to continue.

- Create the system users and groups that the Nix daemon uses to run
  builds.

- Perform the basic installation of the Nix files daemon.

- Start the Nix daemon.

Would you like to see a more detailed list of what we will do?
No TTY, assuming you would say yes :)

We will:

 - make sure your computer doesn't already have Nix files
   (if it does, I will tell you how to clean them up.)
 - create local users (see the list above for the users we'll make)
 - create a local group (nixbld)
 - install Nix in to /nix
 - create a configuration file in /etc/nix
 - load and start a service (at /etc/systemd/system/nix-daemon.service
   and /etc/systemd/system/nix-daemon.socket) for nix-daemon

Ready to continue?
No TTY, assuming you would say yes :)

---- let's talk about sudo -----------------------------------------------------
This script is going to call sudo a lot. Normally, it would show you
exactly what commands it is running and why. However, the script is
run in a headless fashion, like this:

  $ curl -L https://nixos.org/nix/install | sh

or maybe in a CI pipeline. Because of that, we're going to skip the
verbose output in the interest of brevity.

If you would like to
see the output, try like this:

  $ curl -L -o install-nix https://nixos.org/nix/install
  $ sh ./install-nix


---- Nix config report ---------------------------------------------------------
        Temp Dir:	/tmp/tmp.IkN15Rh83y
        Nix Root:	/nix
     Build Users:	3
  Build Group ID:	30000
Build Group Name:	nixbld

build users:
    Username:	UID
     nixbld1:	30001
     nixbld2:	30002
     nixbld3:	30003

Ready to continue?
No TTY, assuming you would say yes :)

~~> Setting up the build group nixbld
            Created:	Yes

~~> Setting up the build user nixbld1
           Created:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 1
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000

~~> Setting up the build user nixbld2
           Created:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 2
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000

~~> Setting up the build user nixbld3
           Created:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 3
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000
mkdir: created directory '/nix'
mkdir: created directory '/nix/var'
mkdir: created directory '/nix/var/log'
mkdir: created directory '/nix/var/log/nix'
mkdir: created directory '/nix/var/log/nix/drvs'
mkdir: created directory '/nix/var/nix'
mkdir: created directory '/nix/var/nix/db'
mkdir: created directory '/nix/var/nix/gcroots'
mkdir: created directory '/nix/var/nix/profiles'
mkdir: created directory '/nix/var/nix/temproots'
mkdir: created directory '/nix/var/nix/userpool'
mkdir: created directory '/nix/var/nix/gcroots/per-user'
mkdir: created directory '/nix/var/nix/profiles/per-user'
mkdir: created directory '/nix/store'
mkdir: created directory '/etc/nix'
      Alright! We have our first nix at /nix/store/28jm9hb07j6gxcs8qrnlmba16xk9qild-nix-2.4pre19700101_0a346b7
      Just finished getting the nix database ready.
installing 'nix-2.4pre19700101_0a346b7'
building '/nix/store/30rqq919h91y2vqqiqmcyn44iqvaxgq6-user-environment.drv'...
installing 'nss-cacert-3.56'
building '/nix/store/knzb7v8rj2n5rld7gqm1922c8jl671r7-user-environment.drv'...
Created symlink /etc/systemd/system/nix-daemon.service â /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.service.
Created symlink /etc/systemd/system/sockets.target.wants/nix-daemon.socket â /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.socket.
Created symlink /etc/systemd/system/nix-daemon.socket â /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.socket.
Alright! We're done!

Before Nix will work in your existing shells, you'll need to close
them and open them again. Other than that, you should be ready to go.

Try it! Open a new terminal, and type:

  $ nix-shell -p nix-info --run "nix-info -m"

Thank you for using this installer. If you have any feedback, don't
hesitate:

We'd love to help if you need it.

If you can, open an issue at https://github.com/nixos/nix/issues

Or feel free to contact the team,
 - on IRC #nixos on irc.freenode.net
 - on twitter @nixos_org
+ ls /etc/profile.d
colorgrep.csh
colorgrep.sh
colorls.csh
colorls.sh
colorxzgrep.csh
colorxzgrep.sh
colorzgrep.csh
colorzgrep.sh
csh.local
gawk.csh
gawk.sh
lang.csh
lang.sh
less.csh
less.sh
sh.local
which2.csh
which2.sh
+ sudo grep -r 'End Nix' /etc
+ grep -i nix
+ env
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
+ which -a nix
which: no nix in (/home/vagrant/.local/bin:/home/vagrant/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin)
+ nix --experimental-features nix-command store ping
bash: nix: command not found
Note: a multi-user installation is possible. See https://nixos.org/nix/manual/#sect-multi-user-installation
Switching to the Multi-user Installer
Welcome to the Multi-User Nix Installation

This installation tool will set up your computer with the Nix package
manager. This will happen in a few stages:

- Make sure your computer doesn't already have Nix. If it does, I
  will show you instructions on how to clean up your old one.

- Show you what we are going to install and where. Then we will ask
  if you are ready to continue.

- Create the system users and groups that the Nix daemon uses to run
  builds.

- Perform the basic installation of the Nix files daemon.

- Start the Nix daemon.

Would you like to see a more detailed list of what we will do?
No TTY, assuming you would say yes :)

We will:

 - make sure your computer doesn't already have Nix files
   (if it does, I will tell you how to clean them up.)
 - create local users (see the list above for the users we'll make)
 - create a local group (nixbld)
 - install Nix in to /nix
 - create a configuration file in /etc/nix
 - load and start a service (at /etc/systemd/system/nix-daemon.service
   and /etc/systemd/system/nix-daemon.socket) for nix-daemon

Ready to continue?
No TTY, assuming you would say yes :)

---- let's talk about sudo -----------------------------------------------------
This script is going to call sudo a lot. Normally, it would show you
exactly what commands it is running and why. However, the script is
run in a headless fashion, like this:

  $ curl -L https://nixos.org/nix/install | sh

or maybe in a CI pipeline. Because of that, we're going to skip the
verbose output in the interest of brevity.

If you would like to
see the output, try like this:

  $ curl -L -o install-nix https://nixos.org/nix/install
  $ sh ./install-nix


---- Nix config report ---------------------------------------------------------
        Temp Dir:	/tmp/tmp.jO3CVDrOtw
        Nix Root:	/nix
     Build Users:	3
  Build Group ID:	30000
Build Group Name:	nixbld
Preexisting Install:	Allowed

build users:
    Username:	UID
     nixbld1:	30001
     nixbld2:	30002
     nixbld3:	30003

Ready to continue?
No TTY, assuming you would say yes :)

~~> Setting up the build group nixbld
            Exists:	Yes

~~> Setting up the build user nixbld1
            Exists:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 1
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000

~~> Setting up the build user nixbld2
            Exists:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 2
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000

~~> Setting up the build user nixbld3
            Exists:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 3
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000
      Alright! We have our first nix at /nix/store/28jm9hb07j6gxcs8qrnlmba16xk9qild-nix-2.4pre19700101_0a346b7
      Just finished getting the nix database ready.
replacing old 'nix-2.4pre19700101_0a346b7'
installing 'nix-2.4pre19700101_0a346b7'
building '/nix/store/hdwywpngms7gnwlgrjf6hxs0ldp56h9i-user-environment.drv'...
replacing old 'nss-cacert-3.56'
installing 'nss-cacert-3.56'
Alright! We're done!

Before Nix will work in your existing shells, you'll need to close
them and open them again. Other than that, you should be ready to go.

Try it! Open a new terminal, and type:

  $ nix-shell -p nix-info --run "nix-info -m"

Thank you for using this installer. If you have any feedback, don't
hesitate:

We'd love to help if you need it.

If you can, open an issue at https://github.com/nixos/nix/issues

Or feel free to contact the team,
 - on IRC #nixos on irc.freenode.net
 - on twitter @nixos_org
+ ls /etc/profile.d
colorgrep.csh
colorgrep.sh
colorls.csh
colorls.sh
colorxzgrep.csh
colorxzgrep.sh
colorzgrep.csh
colorzgrep.sh
csh.local
gawk.csh
gawk.sh
lang.csh
lang.sh
less.csh
less.sh
sh.local
which2.csh
which2.sh
+ sudo grep -r 'End Nix' /etc
+ grep -i nix
+ env
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
+ which -a nix
which: no nix in (/home/vagrant/.local/bin:/home/vagrant/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin)
+ nix --experimental-features nix-command store ping
bash: nix: command not found
> With --no-modify-profile, pre-creating /etc/profile/nix.sh
==> fedora31: Forcing shutdown of VM...
==> fedora31: Destroying VM and associated drives...
Bringing machine 'fedora31' up with 'virtualbox' provider...
==> fedora31: Importing base box 'bento/fedora-31'...
Progress: 10%Progress: 20%Progress: 90%==> fedora31: Matching MAC address for NAT networking...
==> fedora31: Checking if box 'bento/fedora-31' version '202010.22.0' is up to date...
==> fedora31: Setting the name of the VM: nix_fedora31_1611007692639_22520
==> fedora31: Fixed port collision for 22 => 2222. Now on port 2200.
==> fedora31: Clearing any previously set network interfaces...
==> fedora31: Preparing network interfaces based on configuration...
    fedora31: Adapter 1: nat
==> fedora31: Forwarding ports...
    fedora31: 22 (guest) => 2200 (host) (adapter 1)
==> fedora31: Booting VM...
==> fedora31: Waiting for machine to boot. This may take a few minutes...
    fedora31: SSH address: 127.0.0.1:2200
    fedora31: SSH username: vagrant
    fedora31: SSH auth method: private key
    fedora31: 
    fedora31: Vagrant insecure key detected. Vagrant will automatically replace
    fedora31: this with a newly generated keypair for better security.
    fedora31: 
    fedora31: Inserting generated public key within guest...
    fedora31: Removing insecure key from the guest if it's present...
    fedora31: Key inserted! Disconnecting and reconnecting using new SSH key...
==> fedora31: Machine booted and ready!
==> fedora31: Checking for guest additions in VM...
==> fedora31: Mounting shared folders...
    fedora31: /vagrant => /home/aneesh/workspace/nix
    fedora31: /nix-installer => /home/aneesh/workspace/tmp-nix-installer-tarball
Note: a multi-user installation is possible. See https://nixos.org/nix/manual/#sect-multi-user-installation
Switching to the Multi-user Installer
Welcome to the Multi-User Nix Installation

This installation tool will set up your computer with the Nix package
manager. This will happen in a few stages:

- Make sure your computer doesn't already have Nix. If it does, I
  will show you instructions on how to clean up your old one.

- Show you what we are going to install and where. Then we will ask
  if you are ready to continue.

- Create the system users and groups that the Nix daemon uses to run
  builds.

- Perform the basic installation of the Nix files daemon.

- Start the Nix daemon.

Would you like to see a more detailed list of what we will do?
No TTY, assuming you would say yes :)

We will:

 - make sure your computer doesn't already have Nix files
   (if it does, I will tell you how to clean them up.)
 - create local users (see the list above for the users we'll make)
 - create a local group (nixbld)
 - install Nix in to /nix
 - create a configuration file in /etc/nix
 - load and start a service (at /etc/systemd/system/nix-daemon.service
   and /etc/systemd/system/nix-daemon.socket) for nix-daemon

Ready to continue?
No TTY, assuming you would say yes :)

---- let's talk about sudo -----------------------------------------------------
This script is going to call sudo a lot. Normally, it would show you
exactly what commands it is running and why. However, the script is
run in a headless fashion, like this:

  $ curl -L https://nixos.org/nix/install | sh

or maybe in a CI pipeline. Because of that, we're going to skip the
verbose output in the interest of brevity.

If you would like to
see the output, try like this:

  $ curl -L -o install-nix https://nixos.org/nix/install
  $ sh ./install-nix


---- Nix config report ---------------------------------------------------------
        Temp Dir:	/tmp/tmp.XwFRD3hcip
        Nix Root:	/nix
     Build Users:	3
  Build Group ID:	30000
Build Group Name:	nixbld

build users:
    Username:	UID
     nixbld1:	30001
     nixbld2:	30002
     nixbld3:	30003

Ready to continue?
No TTY, assuming you would say yes :)

~~> Setting up the build group nixbld
            Created:	Yes

~~> Setting up the build user nixbld1
           Created:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 1
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000

~~> Setting up the build user nixbld2
           Created:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 2
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000

~~> Setting up the build user nixbld3
           Created:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 3
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000
mkdir: created directory '/nix'
mkdir: created directory '/nix/var'
mkdir: created directory '/nix/var/log'
mkdir: created directory '/nix/var/log/nix'
mkdir: created directory '/nix/var/log/nix/drvs'
mkdir: created directory '/nix/var/nix'
mkdir: created directory '/nix/var/nix/db'
mkdir: created directory '/nix/var/nix/gcroots'
mkdir: created directory '/nix/var/nix/profiles'
mkdir: created directory '/nix/var/nix/temproots'
mkdir: created directory '/nix/var/nix/userpool'
mkdir: created directory '/nix/var/nix/gcroots/per-user'
mkdir: created directory '/nix/var/nix/profiles/per-user'
mkdir: created directory '/nix/store'
mkdir: created directory '/etc/nix'
      Alright! We have our first nix at /nix/store/28jm9hb07j6gxcs8qrnlmba16xk9qild-nix-2.4pre19700101_0a346b7
      Just finished getting the nix database ready.
installing 'nix-2.4pre19700101_0a346b7'
building '/nix/store/30rqq919h91y2vqqiqmcyn44iqvaxgq6-user-environment.drv'...
installing 'nss-cacert-3.56'
building '/nix/store/knzb7v8rj2n5rld7gqm1922c8jl671r7-user-environment.drv'...
Created symlink /etc/systemd/system/nix-daemon.service â /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.service.
Created symlink /etc/systemd/system/sockets.target.wants/nix-daemon.socket â /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.socket.
Created symlink /etc/systemd/system/nix-daemon.socket â /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.socket.
Alright! We're done!

Before Nix will work in your existing shells, you'll need to close
them and open them again. Other than that, you should be ready to go.

Try it! Open a new terminal, and type:

  $ nix-shell -p nix-info --run "nix-info -m"

Thank you for using this installer. If you have any feedback, don't
hesitate:

We'd love to help if you need it.

If you can, open an issue at https://github.com/nixos/nix/issues

Or feel free to contact the team,
 - on IRC #nixos on irc.freenode.net
 - on twitter @nixos_org
+ ls /etc/profile.d
colorgrep.csh
colorgrep.sh
colorls.csh
colorls.sh
colorxzgrep.csh
colorxzgrep.sh
colorzgrep.csh
colorzgrep.sh
csh.local
gawk.csh
gawk.sh
lang.csh
lang.sh
less.csh
less.sh
nix-daemon.sh
sh.local
which2.csh
which2.sh
+ sudo grep -r 'End Nix' /etc
+ grep -i nix
+ env
NIX_PROFILES=/nix/var/nix/profiles/default /home/vagrant/.nix-profile
NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt
PATH=/home/vagrant/.local/bin:/home/vagrant/bin:/home/vagrant/.nix-profile/bin:/nix/var/nix/profiles/default/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
+ which -a nix
/nix/var/nix/profiles/default/bin/nix
+ nix --experimental-features nix-command store ping
Note: a multi-user installation is possible. See https://nixos.org/nix/manual/#sect-multi-user-installation
Switching to the Multi-user Installer
Welcome to the Multi-User Nix Installation

This installation tool will set up your computer with the Nix package
manager. This will happen in a few stages:

- Make sure your computer doesn't already have Nix. If it does, I
  will show you instructions on how to clean up your old one.

- Show you what we are going to install and where. Then we will ask
  if you are ready to continue.

- Create the system users and groups that the Nix daemon uses to run
  builds.

- Perform the basic installation of the Nix files daemon.

- Start the Nix daemon.

Would you like to see a more detailed list of what we will do?
No TTY, assuming you would say yes :)

We will:

 - make sure your computer doesn't already have Nix files
   (if it does, I will tell you how to clean them up.)
 - create local users (see the list above for the users we'll make)
 - create a local group (nixbld)
 - install Nix in to /nix
 - create a configuration file in /etc/nix
 - load and start a service (at /etc/systemd/system/nix-daemon.service
   and /etc/systemd/system/nix-daemon.socket) for nix-daemon

Ready to continue?
No TTY, assuming you would say yes :)

---- let's talk about sudo -----------------------------------------------------
This script is going to call sudo a lot. Normally, it would show you
exactly what commands it is running and why. However, the script is
run in a headless fashion, like this:

  $ curl -L https://nixos.org/nix/install | sh

or maybe in a CI pipeline. Because of that, we're going to skip the
verbose output in the interest of brevity.

If you would like to
see the output, try like this:

  $ curl -L -o install-nix https://nixos.org/nix/install
  $ sh ./install-nix


---- warning! ------------------------------------------------------------------
Nix already appears to be installed. This installer may run into issues.
If an error occurs, try manually uninstalling, then rerunning this script.


Uninstalling nix:
1. Delete the systemd service and socket units

  sudo systemctl stop nix-daemon.socket
  sudo systemctl stop nix-daemon.service
  sudo systemctl disable nix-daemon.socket
  sudo systemctl disable nix-daemon.service
  sudo systemctl daemon-reload
2. Delete the files Nix added to your system:

  sudo rm -rf /etc/nix /nix /root/.nix-profile /root/.nix-defexpr /root/.nix-channels /home/vagrant/.nix-profile /home/vagrant/.nix-defexpr /home/vagrant/.nix-channels

and that is it.


---- Nix config report ---------------------------------------------------------
        Temp Dir:	/tmp/tmp.JHYFth8bQQ
        Nix Root:	/nix
     Build Users:	3
  Build Group ID:	30000
Build Group Name:	nixbld
Preexisting Install:	Allowed

build users:
    Username:	UID
     nixbld1:	30001
     nixbld2:	30002
     nixbld3:	30003

Ready to continue?
No TTY, assuming you would say yes :)

~~> Setting up the build group nixbld
            Exists:	Yes

~~> Setting up the build user nixbld1
            Exists:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 1
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000

~~> Setting up the build user nixbld2
            Exists:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 2
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000

~~> Setting up the build user nixbld3
            Exists:	Yes
            Hidden:	Yes
    Home Directory:	/var/empty
usermod: no changes
              Note:	Nix build user 3
   Logins Disabled:	Yes
  Member of nixbld:	Yes
    PrimaryGroupID:	30000
      Alright! We have our first nix at /nix/store/28jm9hb07j6gxcs8qrnlmba16xk9qild-nix-2.4pre19700101_0a346b7
      Just finished getting the nix database ready.
replacing old 'nix-2.4pre19700101_0a346b7'
installing 'nix-2.4pre19700101_0a346b7'
building '/nix/store/hdwywpngms7gnwlgrjf6hxs0ldp56h9i-user-environment.drv'...
Alright! We're done!

Before Nix will work in your existing shells, you'll need to close
them and open them again. Other than that, you should be ready to go.

Try it! Open a new terminal, and type:

  $ nix-shell -p nix-info --run "nix-info -m"

Thank you for using this installer. If you have any feedback, don't
hesitate:

We'd love to help if you need it.

If you can, open an issue at https://github.com/nixos/nix/issues

Or feel free to contact the team,
 - on IRC #nixos on irc.freenode.net
 - on twitter @nixos_org
+ ls /etc/profile.d
colorgrep.csh
colorgrep.sh
colorls.csh
colorls.sh
colorxzgrep.csh
colorxzgrep.sh
colorzgrep.csh
colorzgrep.sh
csh.local
gawk.csh
gawk.sh
lang.csh
lang.sh
less.csh
less.sh
nix-daemon.sh
sh.local
which2.csh
which2.sh
+ sudo grep -r 'End Nix' /etc
+ grep -i nix
+ env
NIX_PROFILES=/nix/var/nix/profiles/default /home/vagrant/.nix-profile
NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt
PATH=/home/vagrant/.local/bin:/home/vagrant/bin:/home/vagrant/.nix-profile/bin:/nix/var/nix/profiles/default/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
+ which -a nix
/nix/var/nix/profiles/default/bin/nix
+ nix --experimental-features nix-command store ping

@aneeshusa aneeshusa marked this pull request as ready for review January 18, 2021 22:14
@aneeshusa
Copy link
Contributor Author

Let me know if there's a better way to test this and/or if I should check in the test script - I couldn't find any existing tests for the installer.

@aneeshusa
Copy link
Contributor Author

Also, let me know if I should update any release notes (or website documentation?). I didn't see any existing installer docs detailing all the flags to update, and https://github.com/NixOS/nix/blob/master/doc/manual/src/contributing/contributing.md is empty / https://nixos.org/guides/contributing.html doesn't mention if release notes should be updated or not.

@stale
Copy link

stale bot commented Jul 19, 2021

I marked this as stale due to inactivity. → More info

@stale stale bot added the stale label Jul 19, 2021
@Ericson2314
Copy link
Member

Does this help make the installer more ideompotent?

@stale stale bot removed the stale label Jun 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
feature Feature request or proposal installer
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Installer doesn't respect --no-modify-profile for files under /etc in multi-user install
3 participants
@aneeshusa @Ericson2314 @edolstra