add --install flag that bootstraps via nix-installer#129
Draft
add --install flag that bootstraps via nix-installer#129
Conversation
Collapses the two-step mkdir + curl-pipe-sh dance from the README into a single command. Defaults the store location to $XDG_DATA_HOME/nix and runs the NixOS nix-installer inside our user namespace with its new --rootless mode, so it sees a writable /nix without any real privilege. The uid mapping for --install writes '0 <uid> 1' instead of the usual identity map so the installer's EUID==0 checks pass; everything it creates still lands as the real user on the host filesystem since only one uid is mapped. The installer binary is fetched via curl to keep the normal (network-free) operation of nix-user-chroot from gaining an HTTP+TLS dependency. NIX_USER_CHROOT_INSTALLER lets tests and offline users point at a local binary instead. wait_for_child now returns the exit status rather than calling process::exit directly, so the parent can print the 'enter with...' hint only on a successful install. Depends on NixOS/nix-installer#166 for the --rootless flag.
Member
|
It would be great to have a test for this. |
Member
Author
|
Yeah, should be easy, I basically have a docker-based manual test script locally. But I would like to add the upstream feature to nix-installer first. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Collapses the two-step mkdir + curl-pipe-sh dance from the README into a single command. Defaults the store location to $XDG_DATA_HOME/nix and runs the NixOS nix-installer inside our user namespace with its new --rootless mode, so it sees a writable /nix without any real privilege.
The uid mapping for --install writes '0 1' instead of the usual identity map so the installer's EUID==0 checks pass; everything it creates still lands as the real user on the host filesystem since only one uid is mapped.
The installer binary is fetched via curl to keep the normal (network-free) operation of nix-user-chroot from gaining an HTTP+TLS dependency. NIX_USER_CHROOT_INSTALLER lets tests and offline users point at a local binary instead.
wait_for_child now returns the exit status rather than calling process::exit directly, so the parent can print the 'enter with...' hint only on a successful install.
Depends on NixOS/nix-installer#166 for the --rootless flag.