forked from lix-project/lix
Merge branch 'master' into remove-repeat
This commit is contained in:
commit
b5b7902a08
36
.github/ISSUE_TEMPLATE/installer.md
vendored
Normal file
36
.github/ISSUE_TEMPLATE/installer.md
vendored
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
---
|
||||||
|
name: Installer issue
|
||||||
|
about: Report problems with installation
|
||||||
|
title: ''
|
||||||
|
labels: installer
|
||||||
|
assignees: ''
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Platform
|
||||||
|
|
||||||
|
<!-- select the platform on which you tried to install Nix -->
|
||||||
|
|
||||||
|
- [ ] Linux: <!-- state your distribution, e.g. Arch Linux, Ubuntu, ... -->
|
||||||
|
- [ ] macOS
|
||||||
|
- [ ] WSL
|
||||||
|
|
||||||
|
## Additional information
|
||||||
|
|
||||||
|
<!-- state special circumstances on your system or additional steps you have taken prior to installation -->
|
||||||
|
|
||||||
|
## Output
|
||||||
|
|
||||||
|
<details><summary>Output</summary>
|
||||||
|
|
||||||
|
```log
|
||||||
|
|
||||||
|
<!-- paste console output here and remove this comment -->
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
## Priorities
|
||||||
|
|
||||||
|
Add :+1: to [issues you find important](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc).
|
|
@ -65,6 +65,7 @@
|
||||||
- [CLI guideline](contributing/cli-guideline.md)
|
- [CLI guideline](contributing/cli-guideline.md)
|
||||||
- [Release Notes](release-notes/release-notes.md)
|
- [Release Notes](release-notes/release-notes.md)
|
||||||
- [Release X.Y (202?-??-??)](release-notes/rl-next.md)
|
- [Release X.Y (202?-??-??)](release-notes/rl-next.md)
|
||||||
|
- [Release 2.12 (2022-12-06)](release-notes/rl-2.12.md)
|
||||||
- [Release 2.11 (2022-08-25)](release-notes/rl-2.11.md)
|
- [Release 2.11 (2022-08-25)](release-notes/rl-2.11.md)
|
||||||
- [Release 2.10 (2022-07-11)](release-notes/rl-2.10.md)
|
- [Release 2.10 (2022-07-11)](release-notes/rl-2.10.md)
|
||||||
- [Release 2.9 (2022-05-30)](release-notes/rl-2.9.md)
|
- [Release 2.9 (2022-05-30)](release-notes/rl-2.9.md)
|
||||||
|
|
|
@ -33,12 +33,17 @@ distribute the public key for verifying the authenticity of the paths.
|
||||||
example-nix-cache-1:1/cKDz3QCCOmwcztD2eV6Coggp6rqc9DGjWv7C0G+rM=
|
example-nix-cache-1:1/cKDz3QCCOmwcztD2eV6Coggp6rqc9DGjWv7C0G+rM=
|
||||||
```
|
```
|
||||||
|
|
||||||
Then, add the public key and the cache URL to your `nix.conf`'s
|
Then update [`nix.conf`](../command-ref/conf-file.md) on any machine that will access the cache.
|
||||||
`trusted-public-keys` and `substituters` options:
|
Add the cache URL to [`substituters`](../command-ref/conf-file.md#conf-substituters) and the public key to [`trusted-public-keys`](../command-ref/conf-file.md#conf-trusted-public-keys):
|
||||||
|
|
||||||
substituters = https://cache.nixos.org/ s3://example-nix-cache
|
substituters = https://cache.nixos.org/ s3://example-nix-cache
|
||||||
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= example-nix-cache-1:1/cKDz3QCCOmwcztD2eV6Coggp6rqc9DGjWv7C0G+rM=
|
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= example-nix-cache-1:1/cKDz3QCCOmwcztD2eV6Coggp6rqc9DGjWv7C0G+rM=
|
||||||
|
|
||||||
|
Machines that build for the cache must sign derivations using the private key.
|
||||||
|
On those machines, add the path to the key file to the [`secret-key-files`](../command-ref/conf-file.md#conf-secret-key-files) field in their [`nix.conf`](../command-ref/conf-file.md):
|
||||||
|
|
||||||
|
secret-key-files = /etc/nix/key.private
|
||||||
|
|
||||||
We will restart the Nix daemon in a later step.
|
We will restart the Nix daemon in a later step.
|
||||||
|
|
||||||
# Implementing the build hook
|
# Implementing the build hook
|
||||||
|
@ -52,10 +57,8 @@ set -eu
|
||||||
set -f # disable globbing
|
set -f # disable globbing
|
||||||
export IFS=' '
|
export IFS=' '
|
||||||
|
|
||||||
echo "Signing paths" $OUT_PATHS
|
|
||||||
nix store sign --key-file /etc/nix/key.private $OUT_PATHS
|
|
||||||
echo "Uploading paths" $OUT_PATHS
|
echo "Uploading paths" $OUT_PATHS
|
||||||
exec nix copy --to 's3://example-nix-cache' $OUT_PATHS
|
exec nix copy --to "s3://example-nix-cache" $OUT_PATHS
|
||||||
```
|
```
|
||||||
|
|
||||||
> **Note**
|
> **Note**
|
||||||
|
|
43
doc/manual/src/release-notes/rl-2.12.md
Normal file
43
doc/manual/src/release-notes/rl-2.12.md
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
# Release 2.12 (2022-12-06)
|
||||||
|
|
||||||
|
* On Linux, Nix can now run builds in a user namespace where they run
|
||||||
|
as root (UID 0) and have 65,536 UIDs available.
|
||||||
|
<!-- FIXME: move this to its own section about system features -->
|
||||||
|
This is primarily useful for running containers such as `systemd-nspawn`
|
||||||
|
inside a Nix build. For an example, see [`tests/systemd-nspawn/nix`][nspawn].
|
||||||
|
|
||||||
|
[nspawn]: https://github.com/NixOS/nix/blob/67bcb99700a0da1395fa063d7c6586740b304598/tests/systemd-nspawn.nix.
|
||||||
|
|
||||||
|
A build can enable this by setting the derivation attribute:
|
||||||
|
|
||||||
|
```
|
||||||
|
requiredSystemFeatures = [ "uid-range" ];
|
||||||
|
```
|
||||||
|
|
||||||
|
The `uid-range` [system feature] requires the [`auto-allocate-uids`]
|
||||||
|
setting to be enabled.
|
||||||
|
|
||||||
|
[system feature]: (../command-ref/conf-file.md#conf-system-features)
|
||||||
|
|
||||||
|
* Nix can now automatically pick UIDs for builds, removing the need to
|
||||||
|
create `nixbld*` user accounts. See [`auto-allocate-uids`].
|
||||||
|
|
||||||
|
[`auto-allocate-uids`]: (../command-ref/conf-file.md#conf-auto-allocate-uids)
|
||||||
|
|
||||||
|
* On Linux, Nix has experimental support for running builds inside a
|
||||||
|
cgroup. See
|
||||||
|
[`use-cgroups`](../command-ref/conf-file.md#conf-use-cgroups).
|
||||||
|
|
||||||
|
* `<nix/fetchurl.nix>` now accepts an additional argument `impure` which
|
||||||
|
defaults to `false`. If it is set to `true`, the `hash` and `sha256`
|
||||||
|
arguments will be ignored and the resulting derivation will have
|
||||||
|
`__impure` set to `true`, making it an impure derivation.
|
||||||
|
|
||||||
|
* If `builtins.readFile` is called on a file with context, then only
|
||||||
|
the parts of the context that appear in the content of the file are
|
||||||
|
retained. This avoids a lot of spurious errors where strings end up
|
||||||
|
having a context just because they are read from a store path
|
||||||
|
([#7260](https://github.com/NixOS/nix/pull/7260)).
|
||||||
|
|
||||||
|
* `nix build --json` now prints some statistics about top-level
|
||||||
|
derivations, such as CPU statistics when cgroups are enabled.
|
|
@ -1,51 +1,4 @@
|
||||||
# Release X.Y (202?-??-??)
|
# Release X.Y (202?-??-??)
|
||||||
|
|
||||||
* `<nix/fetchurl.nix>` now accepts an additional argument `impure` which
|
|
||||||
defaults to `false`. If it is set to `true`, the `hash` and `sha256`
|
|
||||||
arguments will be ignored and the resulting derivation will have
|
|
||||||
`__impure` set to `true`, making it an impure derivation.
|
|
||||||
|
|
||||||
* If `builtins.readFile` is called on a file with context, then only the parts
|
|
||||||
of that context that appear in the content of the file are retained.
|
|
||||||
This avoids a lot of spurious errors where some benign strings end-up having
|
|
||||||
a context just because they are read from a store path
|
|
||||||
([#7260](https://github.com/NixOS/nix/pull/7260)).
|
|
||||||
|
|
||||||
* Nix can now automatically pick UIDs for builds, removing the need to
|
|
||||||
create `nixbld*` user accounts.
|
|
||||||
|
|
||||||
See [`auto-allocate-uids`].
|
|
||||||
|
|
||||||
[`auto-allocate-uids`]: (../command-ref/conf-file.md#conf-auto-allocate-uids)
|
|
||||||
|
|
||||||
* On Linux, Nix can now run builds in a user namespace where the build
|
|
||||||
runs as root (UID 0) and has 65,536 UIDs available.
|
|
||||||
|
|
||||||
<!-- FIXME: move this to its own section about system features -->
|
|
||||||
|
|
||||||
This is primarily useful for running containers such as `systemd-nspawn`
|
|
||||||
inside a Nix build. For an example, see [`tests/systemd-nspawn/nix`][nspawn].
|
|
||||||
|
|
||||||
[nspawn]: https://github.com/NixOS/nix/blob/67bcb99700a0da1395fa063d7c6586740b304598/tests/systemd-nspawn.nix.
|
|
||||||
|
|
||||||
A build can enable this by by setting the derivation attribute:
|
|
||||||
|
|
||||||
```
|
|
||||||
requiredSystemFeatures = [ "uid-range" ];
|
|
||||||
```
|
|
||||||
|
|
||||||
The `uid-range` [system feature] requires the [`auto-allocate-uids`]
|
|
||||||
setting to be enabled.
|
|
||||||
|
|
||||||
[system feature]: (../command-ref/conf-file.md#conf-system-features),
|
|
||||||
|
|
||||||
* On Linux, Nix has experimental support for running builds inside a
|
|
||||||
cgroup.
|
|
||||||
|
|
||||||
See [`use-cgroups`](../command-ref/conf-file.md#conf-use-cgroups).
|
|
||||||
|
|
||||||
* `nix build --json` now prints some statistics about top-level
|
|
||||||
derivations, such as CPU statistics when cgroups are enabled.
|
|
||||||
|
|
||||||
* The `repeat` and `enforce-determinism` options have been removed
|
* The `repeat` and `enforce-determinism` options have been removed
|
||||||
since they had been broken under many circumstances for a long time.
|
since they had been broken under many circumstances for a long time.
|
||||||
|
|
|
@ -97,13 +97,10 @@ is_os_darwin() {
|
||||||
}
|
}
|
||||||
|
|
||||||
contact_us() {
|
contact_us() {
|
||||||
echo "You can open an issue at https://github.com/nixos/nix/issues"
|
echo "You can open an issue at"
|
||||||
|
echo "https://github.com/NixOS/nix/issues/new?labels=installer&template=installer.md"
|
||||||
echo ""
|
echo ""
|
||||||
echo "Or feel free to contact the team:"
|
echo "Or get in touch with the community: https://nixos.org/community"
|
||||||
echo " - Matrix: #nix:nixos.org"
|
|
||||||
echo " - IRC: in #nixos on irc.libera.chat"
|
|
||||||
echo " - twitter: @nixos_org"
|
|
||||||
echo " - forum: https://discourse.nixos.org"
|
|
||||||
}
|
}
|
||||||
get_help() {
|
get_help() {
|
||||||
echo "We'd love to help if you need it."
|
echo "We'd love to help if you need it."
|
||||||
|
|
Loading…
Reference in a new issue