Commit graph

485 commits

Author SHA1 Message Date
Graham Christensen 0b0172547c
Fetch updates from i.d.s by default (#772)
* Fetch updates from i.d.s by default

Our goal is to deliver a solid experience with Nix flakes, including an upgrade path that is safe. Occasionally, the upstream Nix project may introduce regressions for the common flake path. This is not desirable for our users, who depend on a consistent and stable flakes experience.

Additionally, the Nix project isn't directly responsible for delivering updates to users as that role is delegated to the Nixpkgs project.

Overall, this means upgrades are not consistently delivered to users.

This update directs future update requests to install.determinate.systems, which we will upgrade as part of our standard release process.

Our standard release process includes proactive testing: validating our installer and Nix's behavior across a wide variety of platforms and scenarios.

After an update passes our proactive validation, we do a phased rollout of reactive monitoring: the update is released to a small percentage of users on GitHub Actions. We monitor the failure rate of the installer and overall workflows to ensure the updated Nix isn't causing widespread failure we weren't able to identify ahead of time.

Only after a release passes both proactive and reactive validation, our macOS .pkg and nix-upgrade paths are bumped to the most recent release. This gives user the confidence they're looking for that the Nix release they're getting is safe.

* Universal -> universal
2023-12-08 03:45:05 +00:00
Ana Hobden 8c9e64d2a3
Update deps (#771) 2023-12-05 15:19:43 -08:00
Ana Hobden b84ebf0841
Don't modify shell profile files if they are symlinks (#767)
* Don't modify shell profile files if they are symlinks

* Fixup remote building step
2023-12-05 11:14:46 -08:00
Ana Hobden 0419422de0
nix-2.19.2 (#756)
* nix-2.19.2

* Fix speeling
2023-11-30 16:51:41 -08:00
Ana Hobden a176784a03
0.15.1-unreleased (#755) 2023-11-30 18:59:40 +00:00
Ana Hobden cd61f98c90
MacOS installer does not honor case sensitive setting (#748)
* MacOS should respect case-sensitivity setting

* Fix warning
2023-11-28 09:22:01 -08:00
Graham Christensen 41a96f49fc
Clippy nits while hacking around (#737)
* clippy: unnecessary guard

* create merge nix config clippy nit, old

* Clean up a clippy nit on an extra clone

* clippy nit legacy wsl detection error
2023-11-22 14:50:25 -05:00
Ana Hobden df9610edba
Release v0.15.1 (#729) 2023-11-14 19:04:27 -08:00
Ana Hobden b48c7204bc
Release v0.15.0 (#728) 2023-11-14 16:05:36 -08:00
Graham Christensen 0c01adc852
Nix config: add extra newlines after the initial comment (#719)
* Nix config: add extra newlines after the initial comment

Otherwise the extra-config option will get swallowed.

Closes #717

* Push individual strs
2023-11-14 08:27:11 -08:00
Graham Christensen 01a3447b83
Remove the writable flag, don't set too many permission bits (#718)
Making everything 0o555 is too much, since many files in the store
are not supposed to be executable. Those should be 0o444. Instead
of splatting 0o555 out, take a more measured approach and remove
the writable flag from the on-disk mode.
2023-11-14 08:26:23 -08:00
Graham Christensen dac0adca28
Support remote-building to macOS hosts (#714)
* Support remote-building to macOS hosts

Our README has long featured a snippet to add to the zshenv, with a
caevat that it might behave strangely if you're writing a script with an
empty PATH.

It is pretty straightforward to eliminate those caveats while still
providing remote building for Nix to macOS hosts.

Co-authored-by: Ana Hobden <operator@hoverbear.org>
2023-11-10 19:02:19 +00:00
Matthew Kenigsberg 6ca2c68e31
Document max-jobs=auto (#712)
max-jobs is set to auto as of
https://github.com/DeterminateSystems/nix-installer/pull/627
2023-11-10 07:59:42 -08:00
Graham Christensen a026cc2224
Don't include the version number in the nix config, for reproducibility. Closes #580 (#710) 2023-11-08 19:00:41 +00:00
Timothy Sutton dda36c4a22
Add 'sudo' to suggestions for launchd-related config fixes (#706) 2023-11-06 10:09:58 -08:00
Ana Hobden ccae8a097d
Document the known nix-darwin related uninstall issue (#687)
* Document the known nix-darwin related uninstall issue

* Fix nits

* Update README.md

Co-authored-by: Cole Helbling <cole.helbling@determinate.systems>

---------

Co-authored-by: Cole Helbling <cole.helbling@determinate.systems>
2023-10-24 18:55:51 +00:00
Graham Christensen 93cdd9bcb0
create /etc/tmpfiles.d on ostree (#686) 2023-10-24 10:34:41 -07:00
Ana Hobden 2dd40810fb
Fix exit code inconsistency (#684) 2023-10-23 13:52:42 -07:00
Ana Hobden c79dcb91ae
Release v0.14.0 (#679) 2023-10-18 10:18:59 -07:00
Graham Christensen 32dcdb7550
Make our Nix installation immune to macOS upgrades (#672)
* Add cargo-watch

* clippy: the borrowed expression implements the required traits

* clippy: expression creates a reference which is immediately dereferenced by the compiler

* clippy: redundant closure

* clippy: this if-then-else expression returns a bool literal

* clippy: explicit call to .into_iter() in function argument accepting IntoIterator

* Clippy: an implementation of From is preferred since it gives you Into<_> for free where the reverse isn't true

* Support cargo building on a mac

* Create a nix-hook service on macos to inject the shell at startup

* Introduce nix-installe restore-shell to fix the init scripts, called by the nix-hook plist on every login

* Wait for /nix to be there, and restart the hook until it works

* Back to run-at-load hoping that works

* Revert "Back to run-at-load hoping that works"

This reverts commit cccb8bcd971e296fecc0a2dba4f1101795bcd5ba.

It starts too early, fails, and then aborts. When it fails,
launchd says the service failed to initialize and that the system
is read-only.

* nits

* rename to repair

* Handle --no-modify-profile

* fmt

---------

Co-authored-by: Ana Hobden <operator@hoverbear.org>
2023-10-16 11:50:33 -07:00
Daniel Flanagan 5e06d6fcd2
Update ssl-cert-file docs (#671) 2023-10-10 09:21:22 -07:00
Ana Hobden 201fd4a0a7
Release v0.13.1 (#666) 2023-10-04 09:08:02 -07:00
Ana Hobden 917c0e89e7
Use Nix 2.17.0 (#665) 2023-10-03 19:03:44 +00:00
Ana Hobden 5eedbab041
Update nix-config-parser (#664) 2023-10-03 18:09:37 +00:00
Graham Christensen 95045cf8c0
flake-compat: use flakehub (#663) 2023-10-03 10:47:17 -07:00
Ana Hobden b68cf8b56c
Upgrade to Nix 2.18.1 (#661) 2023-10-03 10:07:35 -07:00
Ana Hobden 25ed45fc1b
Unmount apfs volumes before deleting them (#662) 2023-10-03 10:07:17 -07:00
Ana Hobden d01e1b820c
Release v0.13.0 (#652) 2023-09-28 17:02:45 -07:00
Ana Hobden 042873d7d6
Reintroduce 640, 638, 627 (#651)
* Reintroduce 640, 638, 627

* fmt
2023-09-28 22:58:31 +00:00
Ana Hobden b0bdd3ddef
Revert "Release v0.12.1 (#649)" (#650)
This reverts commit af06724a5e.
2023-09-28 22:35:57 +00:00
Ana Hobden af06724a5e
Release v0.12.1 (#649) 2023-09-28 14:35:35 -07:00
Ana Hobden fc6d611285
Revert "Make nix.conf changes deterministic (#620)" (#648)
* Revert "Make nix.conf changes deterministic (#620)"

This reverts commit 05571a4990.

* fmt

* Prod ci
2023-09-28 13:53:14 -07:00
Ana Hobden 3c7297e6ab
v0.12.1-unreleased (#644)
* v0.12.0-unreleased

* v0.12.1-unreleased...
2023-09-27 15:01:58 +00:00
Ana Hobden aed05e9a5c
Release v0.12.0 (#641) 2023-09-25 13:36:51 -07:00
Ana Hobden ff6ee246ae
Tweak nix-build-user-count default in all places (#643) 2023-09-25 12:43:45 -07:00
Ana Hobden da7e44e40e
Fixup VM tests (#642) 2023-09-25 08:43:11 -07:00
Ana Hobden 6bee48c11e
Enable repl-flake experimental feature (#640)
* Enable repl-flake experimental feature

* fmt
2023-09-22 12:06:42 -07:00
Ana Hobden 1da69eef4a
Plan prompts for sudo (#639)
* Plan prompts for sudo

* clippy/fmt
2023-09-22 18:08:01 +00:00
Ana Hobden 8911329beb
Upgrade to Nix 2.18 (#637) 2023-09-22 10:45:23 -07:00
Ana Hobden 7669045865
Disable auto-allocate-uids on Linux too (#638)
* Disable auto-allocate-uids on Linux too

* Fix clippy/fmt
2023-09-22 10:44:40 -07:00
Ana Hobden abfde74d1f
Add support for URLs or paths in --nix-package-url and --extra-conf (#634)
* Add support for URLs or paths in --nix-package-url and --extra-conf

* fmt

* Into a mod with you, tests!
2023-09-20 19:10:56 +00:00
Graham Christensen 60e5fff623
Support user-defined diagnostics attribution (#635)
* Switch to flakehub

* Diagnostics: support user-defined attribution.

Allows a user to specify an additional value to associate their diagnostics with that value. nix-installer doesn't generate or store these values, and most users have no need for it.

* Respond to feedback
2023-09-20 11:23:23 -07:00
Ana Hobden 1c103edb90
Set max-jobs in nix.conf (#627) 2023-09-13 17:38:40 +00:00
Ana Hobden 05571a4990
Make nix.conf changes deterministic (#620)
* Make nix.conf changes deterministic

* Add mac fixture

* Warn/error if user settings don't match our needs

* Repair mac fixture

* fmt

* clipster

* Tidy up some feedback

* fmt

* resolve some nits
2023-09-13 17:02:05 +00:00
Ana Hobden 0cd1d4bb03
Fix uninstall instructions (#631) 2023-09-13 09:56:00 -07:00
Ana Hobden b3dcf07f58
Check for file existence before attempting to open it (#626)
* Check for file existence before attempting to open it

* Fixup
2023-09-13 09:55:44 -07:00
Ana Hobden dd36129aa2
Improve --help (#624) 2023-09-13 09:52:41 -07:00
Ana Hobden dd6edfb5eb
Uninvert logic (#623) 2023-09-13 09:38:42 -07:00
Miguel 34d0b7e4f0
Add Upgrading section to README.md (#598)
* Add Upgrading section to README.md

* Change upgrading note README.md

* Change upgrading section at README.md

Remove note.
Add explanation of which version will be installed.

* Use an h3 instead

* A bit less detail...

---------

Co-authored-by: Ana Hobden <operator@hoverbear.org>
2023-09-06 11:20:37 -07:00
Ana Hobden d7412ba096
Readme cutificiation (#618)
* Engage README cutification subroutine

* Trimming
2023-09-06 08:12:47 -07:00