mirror of
https://github.com/NixOS/nix
synced 2025-07-07 14:21:48 +02:00
Merge pull request #6 from DeterminateSystems/nix-installer-recommandation
Recommend only the Determinate Nix Installer
This commit is contained in:
commit
f76ef9d4d3
9 changed files with 17 additions and 225 deletions
|
@ -4,14 +4,12 @@
|
||||||
- [Quick Start](quick-start.md)
|
- [Quick Start](quick-start.md)
|
||||||
- [Installation](installation/index.md)
|
- [Installation](installation/index.md)
|
||||||
- [Supported Platforms](installation/supported-platforms.md)
|
- [Supported Platforms](installation/supported-platforms.md)
|
||||||
- [Installing a Binary Distribution](installation/installing-binary.md)
|
|
||||||
- [Installing Nix from Source](installation/installing-source.md)
|
- [Installing Nix from Source](installation/installing-source.md)
|
||||||
- [Prerequisites](installation/prerequisites-source.md)
|
- [Prerequisites](installation/prerequisites-source.md)
|
||||||
- [Obtaining a Source Distribution](installation/obtaining-source.md)
|
- [Obtaining a Source Distribution](installation/obtaining-source.md)
|
||||||
- [Building Nix from Source](installation/building-source.md)
|
- [Building Nix from Source](installation/building-source.md)
|
||||||
- [Using Nix within Docker](installation/installing-docker.md)
|
- [Using Nix within Docker](installation/installing-docker.md)
|
||||||
- [Security](installation/nix-security.md)
|
- [Security](installation/nix-security.md)
|
||||||
- [Environment Variables](installation/env-variables.md)
|
|
||||||
- [Upgrading Nix](installation/upgrading.md)
|
- [Upgrading Nix](installation/upgrading.md)
|
||||||
- [Uninstalling Nix](installation/uninstall.md)
|
- [Uninstalling Nix](installation/uninstall.md)
|
||||||
- [Nix Store](store/index.md)
|
- [Nix Store](store/index.md)
|
||||||
|
|
|
@ -67,7 +67,7 @@ By default, this symlink points to:
|
||||||
- `$NIX_STATE_DIR/profiles/per-user/root/profile` for `root`
|
- `$NIX_STATE_DIR/profiles/per-user/root/profile` for `root`
|
||||||
|
|
||||||
The `PATH` environment variable should include `/bin` subdirectory of the profile link (e.g. `~/.nix-profile/bin`) for the user environment to be visible to the user.
|
The `PATH` environment variable should include `/bin` subdirectory of the profile link (e.g. `~/.nix-profile/bin`) for the user environment to be visible to the user.
|
||||||
The [installer](@docroot@/installation/installing-binary.md) sets this up by default, unless you enable [`use-xdg-base-directories`].
|
The installer sets this up by default, unless you enable [`use-xdg-base-directories`].
|
||||||
|
|
||||||
[`nix-env`]: @docroot@/command-ref/nix-env.md
|
[`nix-env`]: @docroot@/command-ref/nix-env.md
|
||||||
[`nix profile`]: @docroot@/command-ref/new-cli/nix3-profile.md
|
[`nix profile`]: @docroot@/command-ref/new-cli/nix3-profile.md
|
||||||
|
|
|
@ -1,62 +0,0 @@
|
||||||
# Environment Variables
|
|
||||||
|
|
||||||
To use Nix, some environment variables should be set. In particular,
|
|
||||||
`PATH` should contain the directories `prefix/bin` and
|
|
||||||
`~/.nix-profile/bin`. The first directory contains the Nix tools
|
|
||||||
themselves, while `~/.nix-profile` is a symbolic link to the current
|
|
||||||
*user environment* (an automatically generated package consisting of
|
|
||||||
symlinks to installed packages). The simplest way to set the required
|
|
||||||
environment variables is to include the file
|
|
||||||
`prefix/etc/profile.d/nix.sh` in your `~/.profile` (or similar), like
|
|
||||||
this:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
source prefix/etc/profile.d/nix.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
# `NIX_SSL_CERT_FILE`
|
|
||||||
|
|
||||||
If you need to specify a custom certificate bundle to account for an
|
|
||||||
HTTPS-intercepting man in the middle proxy, you must specify the path to
|
|
||||||
the certificate bundle in the environment variable `NIX_SSL_CERT_FILE`.
|
|
||||||
|
|
||||||
If you don't specify a `NIX_SSL_CERT_FILE` manually, Nix will install
|
|
||||||
and use its own certificate bundle.
|
|
||||||
|
|
||||||
Set the environment variable and install Nix
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt
|
|
||||||
$ curl -L https://nixos.org/nix/install | sh
|
|
||||||
```
|
|
||||||
|
|
||||||
In the shell profile and rc files (for example, `/etc/bashrc`,
|
|
||||||
`/etc/zshrc`), add the following line:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt
|
|
||||||
```
|
|
||||||
|
|
||||||
> **Note**
|
|
||||||
>
|
|
||||||
> You must not add the export and then do the install, as the Nix
|
|
||||||
> installer will detect the presence of Nix configuration, and abort.
|
|
||||||
|
|
||||||
If you use the Nix daemon, you should also add the following to
|
|
||||||
`/etc/nix/nix.conf`:
|
|
||||||
|
|
||||||
```
|
|
||||||
ssl-cert-file = /etc/ssl/my-certificate-bundle.crt
|
|
||||||
```
|
|
||||||
|
|
||||||
## Proxy Environment Variables
|
|
||||||
|
|
||||||
The Nix installer has special handling for these proxy-related
|
|
||||||
environment variables: `http_proxy`, `https_proxy`, `ftp_proxy`,
|
|
||||||
`all_proxy`, `no_proxy`, `HTTP_PROXY`, `HTTPS_PROXY`, `FTP_PROXY`,
|
|
||||||
`ALL_PROXY`, `NO_PROXY`.
|
|
||||||
|
|
||||||
If any of these variables are set when running the Nix installer, then
|
|
||||||
the installer will create an override file at
|
|
||||||
`/etc/systemd/system/nix-daemon.service.d/override.conf` so `nix-daemon`
|
|
||||||
will use them.
|
|
|
@ -1,23 +1,17 @@
|
||||||
# Installation
|
# Installation
|
||||||
|
|
||||||
This section describes how to install and configure Nix for first-time use.
|
We recommend that macOS users install Determinate Nix using [Determinate.pkg][pkg].
|
||||||
Nix follows a [multi-user](./nix-security.md#multi-user-model) model on both Linux
|
For Linux and Windows Subsystem for Linux (WSL) users:
|
||||||
and macOS.
|
|
||||||
|
|
||||||
```console
|
```console
|
||||||
$ curl -L https://nixos.org/nix/install | sh -s -- --daemon
|
$ curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | \
|
||||||
|
sh -s -- install --determinate
|
||||||
```
|
```
|
||||||
|
|
||||||
> **Updating to macOS 15 Sequoia**
|
|
||||||
>
|
|
||||||
> If you recently updated to macOS 15 Sequoia and are getting
|
|
||||||
> ```console
|
|
||||||
> error: the user '_nixbld1' in the group 'nixbld' does not exist
|
|
||||||
> ```
|
|
||||||
> when running Nix commands, refer to GitHub issue [NixOS/nix#10892](https://github.com/NixOS/nix/issues/10892) for instructions to fix your installation without reinstalling.
|
|
||||||
|
|
||||||
## Distributions
|
## Distributions
|
||||||
|
|
||||||
The Nix community maintains installers for several distributions.
|
The Nix community maintains installers for several distributions.
|
||||||
|
|
||||||
They can be found in the [`nix-community/nix-installers`](https://github.com/nix-community/nix-installers) repository.
|
They can be found in the [`nix-community/nix-installers`](https://github.com/nix-community/nix-installers) repository.
|
||||||
|
|
||||||
|
[pkg]: https://install.determinate.systems/determinate-pkg/stable/Universal
|
||||||
|
|
|
@ -1,135 +0,0 @@
|
||||||
# Installing a Binary Distribution
|
|
||||||
|
|
||||||
> **Updating to macOS 15 Sequoia**
|
|
||||||
>
|
|
||||||
> If you recently updated to macOS 15 Sequoia and are getting
|
|
||||||
> ```console
|
|
||||||
> error: the user '_nixbld1' in the group 'nixbld' does not exist
|
|
||||||
> ```
|
|
||||||
> when running Nix commands, refer to GitHub issue [NixOS/nix#10892](https://github.com/NixOS/nix/issues/10892) for instructions to fix your installation without reinstalling.
|
|
||||||
|
|
||||||
To install the latest version Nix, run the following command:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ curl -L https://nixos.org/nix/install | sh
|
|
||||||
```
|
|
||||||
|
|
||||||
This performs the default type of installation for your platform:
|
|
||||||
|
|
||||||
- [Multi-user](#multi-user-installation):
|
|
||||||
- Linux with systemd and without SELinux
|
|
||||||
- macOS
|
|
||||||
|
|
||||||
The installer can configured with various command line arguments and environment variables.
|
|
||||||
To show available command line flags:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ curl -L https://nixos.org/nix/install | sh -s -- --help
|
|
||||||
```
|
|
||||||
|
|
||||||
To check what it does and how it can be customised further, [download and edit the second-stage installation script](#installing-from-a-binary-tarball).
|
|
||||||
|
|
||||||
# Installing a pinned Nix version from a URL
|
|
||||||
|
|
||||||
Version-specific installation URLs for all Nix versions since 1.11.16 can be found at [releases.nixos.org](https://releases.nixos.org/?prefix=nix/).
|
|
||||||
The directory for each version contains the corresponding SHA-256 hash.
|
|
||||||
|
|
||||||
All installation scripts are invoked the same way:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ export VERSION=2.19.2
|
|
||||||
$ curl -L https://releases.nixos.org/nix/nix-$VERSION/install | sh
|
|
||||||
```
|
|
||||||
|
|
||||||
# Multi User Installation
|
|
||||||
|
|
||||||
The multi-user Nix installation creates system users and a system service for the Nix daemon.
|
|
||||||
|
|
||||||
Supported systems:
|
|
||||||
|
|
||||||
- Linux running systemd, with SELinux disabled
|
|
||||||
- macOS
|
|
||||||
|
|
||||||
To explicitly instruct the installer to perform a multi-user installation on your system:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ bash <(curl -L https://nixos.org/nix/install) --daemon
|
|
||||||
```
|
|
||||||
|
|
||||||
You can run this under your usual user account or `root`.
|
|
||||||
The script will invoke `sudo` as needed.
|
|
||||||
|
|
||||||
# Installing from a binary tarball
|
|
||||||
|
|
||||||
You can also download a binary tarball that contains Nix and all its dependencies:
|
|
||||||
- Choose a [version](https://releases.nixos.org/?prefix=nix/) and [system type](../development/building.md#platforms)
|
|
||||||
- Download and unpack the tarball
|
|
||||||
- Run the installer
|
|
||||||
|
|
||||||
> **Example**
|
|
||||||
>
|
|
||||||
> ```console
|
|
||||||
> $ pushd $(mktemp -d)
|
|
||||||
> $ export VERSION=2.19.2
|
|
||||||
> $ export SYSTEM=x86_64-linux
|
|
||||||
> $ curl -LO https://releases.nixos.org/nix/nix-$VERSION/nix-$VERSION-$SYSTEM.tar.xz
|
|
||||||
> $ tar xfj nix-$VERSION-$SYSTEM.tar.xz
|
|
||||||
> $ cd nix-$VERSION-$SYSTEM
|
|
||||||
> $ ./install
|
|
||||||
> $ popd
|
|
||||||
> ```
|
|
||||||
|
|
||||||
The installer can be customised with the environment variables declared in the file named `install-multi-user`.
|
|
||||||
|
|
||||||
## Native packages for Linux distributions
|
|
||||||
|
|
||||||
The Nix community maintains installers for some Linux distributions in their native packaging format(https://nix-community.github.io/nix-installers/).
|
|
||||||
|
|
||||||
# macOS Installation
|
|
||||||
|
|
||||||
<!-- anchors to catch existing links -->
|
|
||||||
[]{#sect-macos-installation-change-store-prefix}[]{#sect-macos-installation-encrypted-volume}[]{#sect-macos-installation-symlink}[]{#sect-macos-installation-recommended-notes}
|
|
||||||
|
|
||||||
We believe we have ironed out how to cleanly support the read-only root file system
|
|
||||||
on modern macOS. New installs will do this automatically.
|
|
||||||
|
|
||||||
This section previously detailed the situation, options, and trade-offs,
|
|
||||||
but it now only outlines what the installer does. You don't need to know
|
|
||||||
this to run the installer, but it may help if you run into trouble:
|
|
||||||
|
|
||||||
- create a new APFS volume for your Nix store
|
|
||||||
- update `/etc/synthetic.conf` to direct macOS to create a "synthetic"
|
|
||||||
empty root directory to mount your volume
|
|
||||||
- specify mount options for the volume in `/etc/fstab`
|
|
||||||
- `rw`: read-write
|
|
||||||
- `noauto`: prevent the system from auto-mounting the volume (so the
|
|
||||||
LaunchDaemon mentioned below can control mounting it, and to avoid
|
|
||||||
masking problems with that mounting service).
|
|
||||||
- `nobrowse`: prevent the Nix Store volume from showing up on your
|
|
||||||
desktop; also keeps Spotlight from spending resources to index
|
|
||||||
this volume
|
|
||||||
<!-- TODO:
|
|
||||||
- `suid`: honor setuid? surely not? ...
|
|
||||||
- `owners`: honor file ownership on the volume
|
|
||||||
|
|
||||||
For now I'll avoid pretending to understand suid/owners more
|
|
||||||
than I do. There've been some vague reports of file-ownership
|
|
||||||
and permission issues, particularly in cloud/VM/headless setups.
|
|
||||||
My pet theory is that this has something to do with these setups
|
|
||||||
not having a token that gets delegated to initial/admin accounts
|
|
||||||
on macOS. See scripts/create-darwin-volume.sh for a little more.
|
|
||||||
|
|
||||||
In any case, by Dec 4 2021, it _seems_ like some combination of
|
|
||||||
suid, owners, and calling diskutil enableOwnership have stopped
|
|
||||||
new reports from coming in. But I hesitate to celebrate because we
|
|
||||||
haven't really named and catalogued the behavior, understood what
|
|
||||||
we're fixing, and validated that all 3 components are essential.
|
|
||||||
-->
|
|
||||||
- if you have FileVault enabled
|
|
||||||
- generate an encryption password
|
|
||||||
- put it in your system Keychain
|
|
||||||
- use it to encrypt the volume
|
|
||||||
- create a system LaunchDaemon to mount this volume early enough in the
|
|
||||||
boot process to avoid problems loading or restoring any programs that
|
|
||||||
need access to your Nix store
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
## Multi User
|
## Multi User
|
||||||
|
|
||||||
Removing a [multi-user installation](./installing-binary.md#multi-user-installation) depends on the operating system.
|
Removing a multi-user installation depends on the operating system.
|
||||||
|
|
||||||
### Linux
|
### Linux
|
||||||
|
|
||||||
|
@ -43,14 +43,6 @@ which you may remove.
|
||||||
|
|
||||||
### macOS
|
### macOS
|
||||||
|
|
||||||
> **Updating to macOS 15 Sequoia**
|
|
||||||
>
|
|
||||||
> If you recently updated to macOS 15 Sequoia and are getting
|
|
||||||
> ```console
|
|
||||||
> error: the user '_nixbld1' in the group 'nixbld' does not exist
|
|
||||||
> ```
|
|
||||||
> when running Nix commands, refer to GitHub issue [NixOS/nix#10892](https://github.com/NixOS/nix/issues/10892) for instructions to fix your installation without reinstalling.
|
|
||||||
|
|
||||||
1. If system-wide shell initialisation files haven't been altered since installing Nix, use the backups made by the installer:
|
1. If system-wide shell initialisation files haven't been altered since installing Nix, use the backups made by the installer:
|
||||||
|
|
||||||
```console
|
```console
|
||||||
|
|
|
@ -3,10 +3,13 @@
|
||||||
This chapter is for impatient people who don't like reading documentation.
|
This chapter is for impatient people who don't like reading documentation.
|
||||||
For more in-depth information you are kindly referred to subsequent chapters.
|
For more in-depth information you are kindly referred to subsequent chapters.
|
||||||
|
|
||||||
1. Install Nix:
|
1. Install Nix.
|
||||||
|
We recommend that macOS users install Determinate Nix using [Determinate.pkg][pkg].
|
||||||
|
For Linux and Windows Subsystem for Linux (WSL) users:
|
||||||
|
|
||||||
```console
|
```console
|
||||||
$ curl -L https://nixos.org/nix/install | sh
|
$ curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | \
|
||||||
|
sh -s -- install --determinate
|
||||||
```
|
```
|
||||||
|
|
||||||
The install script will use `sudo`, so make sure you have sufficient rights.
|
The install script will use `sudo`, so make sure you have sufficient rights.
|
||||||
|
@ -41,3 +44,5 @@ For more in-depth information you are kindly referred to subsequent chapters.
|
||||||
```console
|
```console
|
||||||
$ nix-collect-garbage
|
$ nix-collect-garbage
|
||||||
```
|
```
|
||||||
|
|
||||||
|
[pkg]: https://install.determinate.systems/determinate-pkg/stable/Universal
|
||||||
|
|
|
@ -69,7 +69,7 @@
|
||||||
|
|
||||||
This makes it match `nix derivation show`, which also maps store paths to information.
|
This makes it match `nix derivation show`, which also maps store paths to information.
|
||||||
|
|
||||||
- When Nix is installed using the [binary installer](@docroot@/installation/installing-binary.md), in supported shells (Bash, Zsh, Fish)
|
- When Nix is installed using the binary installer, in supported shells (Bash, Zsh, Fish)
|
||||||
[`XDG_DATA_DIRS`](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html#variables) is now populated with the path to the `/share` subdirectory of the current profile.
|
[`XDG_DATA_DIRS`](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html#variables) is now populated with the path to the `/share` subdirectory of the current profile.
|
||||||
This means that command completion scripts, `.desktop` files, and similar artifacts installed via [`nix-env`](@docroot@/command-ref/nix-env.md) or [`nix profile`](@docroot@/command-ref/new-cli/nix3-profile.md)
|
This means that command completion scripts, `.desktop` files, and similar artifacts installed via [`nix-env`](@docroot@/command-ref/nix-env.md) or [`nix profile`](@docroot@/command-ref/new-cli/nix3-profile.md)
|
||||||
(experimental) can be found by any program that follows the [XDG Base Directory Specification](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html).
|
(experimental) can be found by any program that follows the [XDG Base Directory Specification](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html).
|
||||||
|
|
|
@ -96,7 +96,7 @@ struct EvalSettings : Config
|
||||||
|
|
||||||
The current state of all channels for the `root` user.
|
The current state of all channels for the `root` user.
|
||||||
|
|
||||||
These files are set up by the [Nix installer](@docroot@/installation/installing-binary.md).
|
These files are set up by the Nix installer.
|
||||||
See [`NIX_STATE_DIR`](@docroot@/command-ref/env-common.md#env-NIX_STATE_DIR) for details on the environment variable.
|
See [`NIX_STATE_DIR`](@docroot@/command-ref/env-common.md#env-NIX_STATE_DIR) for details on the environment variable.
|
||||||
|
|
||||||
> **Note**
|
> **Note**
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue