New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Example of using Arx to create installers #215
Conversation
This uses Arx to create self-extracting shell scripts. Hopefully these will be able to replace the https://nixos.org/nix/install script.
Why is this better than |
It seems a bit ugly to do this as part of the homepage generation. Would be better to add it to the Nix jobset and copy it to the release directory in the |
Arx should be crossplatform. I’m not sure what platform issue you mean. Also, makeself is IMO not as well designed. Specifically, piping will not work so |
@matthewbauer I just meant this thing you said:
What we really need is an ELF/Mach-O polyglot 😁 |
Oh well that would be necessary with makeself as well. The Nix installer is only built to handle 1 version of Nix. It's hardcoded here: https://github.com/NixOS/nix/blob/master/scripts/install-nix-from-closure.sh#L7. We could rewrite it to make a "universal" installer that comes with tarballs for all supported systems, but that would increase download size 4x what it already is. |
Uses Arx files now
Okay redid this to avoid building Arx in nixos-homepage. PR is at #2135. I have now redone the install script to show how to retain the "platform detection" of the original (so you don't have to know what your system name is ahead of time & |
I think losing the .sig and the hash checking is a non-starter. I think the goal of having the installer not re-fetch the tarball on each run is a good one. I think this could be done with the existing installer process, by fetching to |
Yes this can be readded. I wasn't sure why .sig was there in the first place, though. Doesn't Curl's SSL do this for us already?
This is definitely good to do. But the root cause is that the average user will be downloading two different files, the install script & the tarball, which can be confusing. My thinking is it would be better to just bundle them together.
Well, you can always circumvent the Also, this is more of a POC for how an install process using Arx could work. First, we would want to merge NixOS/nix#2135 & establish that it works correctly for at least 1 release before making it the default. |
the signature can be used to ensure every release was signed by the same person, and can provide an out-of-band way to validate the integrity of the tarball. It isn't used by the
I won't guess what the average user would say, but this is also the result of the code in this PR now: the script and arx files are fetched separately, but still the arx file is not cached. Also, I don't think the root cause is the second download, I think the root cause is the second download is performed repeatedly and unnecessarily -- a pretty easy problem to fix. |
Yes that's true & probably good reason why this doesn't make sense. I guess it's difficult to figure out because what I'd really like to do is create a "universal" installer that bundles everything into one file & can be used everywhere. But that's probably too much to download right now (download size would go from 20MB to 80MB). It might still be useful to distribute it as an alternative though. This script rewrite was kind of a compromise but doesn't really accomplish that original goal. |
Inspired by NixOS/nix#2119.
This uses Arx to create self-extracting shell scripts. Hopefully these
will be able to replace the https://nixos.org/nix/install script.
Arx will bundle the .tar.bz2 file into a shell script that will extract automatically.
It is the same project used by nix-bundle & works well for it. All platforms with
curl, tr, & tar should support it (either bz2 or gz compression is used).
Unfortunately, this also means that we will need 1 installer for each platform supported. This could make things more difficult for users to use. They would have to install it with something like:
etc.
Note that it's probably important to wait on solidsnack/arx#8 to be able to safely use the --shared flag.
/cc @edolstra @shlevy @grahamc