<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xi="http://www.w3.org/2001/XInclude" version="5.0" xml:id="ch-env-variables"> <title>Environment Variables</title> <para>To use Nix, some environment variables should be set. In particular, <envar>PATH</envar> should contain the directories <filename><replaceable>prefix</replaceable>/bin</filename> and <filename>~/.nix-profile/bin</filename>. The first directory contains the Nix tools themselves, while <filename>~/.nix-profile</filename> is a symbolic link to the current <emphasis>user environment</emphasis> (an automatically generated package consisting of symlinks to installed packages). The simplest way to set the required environment variables is to include the file <filename><replaceable>prefix</replaceable>/etc/profile.d/nix.sh</filename> in your <filename>~/.profile</filename> (or similar), like this:</para> <screen> source <replaceable>prefix</replaceable>/etc/profile.d/nix.sh</screen> <section xml:id="sec-nix-ssl-cert-file"> <title><envar>NIX_SSL_CERT_FILE</envar></title> <para>If you need to specify a custom certificate bundle to account for an HTTPS-intercepting man in the middle proxy, you must specify the path to the certificate bundle in the environment variable <envar>NIX_SSL_CERT_FILE</envar>.</para> <para>If you don't specify a <envar>NIX_SSL_CERT_FILE</envar> manually, Nix will install and use its own certificate bundle.</para> <procedure> <step><para>Set the environment variable and install Nix</para> <screen> $ export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt $ sh <(curl https://nixos.org/nix/install) </screen></step> <step><para>In the shell profile and rc files (for example, <filename>/etc/bashrc</filename>, <filename>/etc/zshrc</filename>), add the following line:</para> <programlisting> export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt </programlisting> </step> </procedure> <note><para>You must not add the export and then do the install, as the Nix installer will detect the presense of Nix configuration, and abort.</para></note> <section xml:id="sec-nix-ssl-cert-file-with-nix-daemon-and-macos"> <title><envar>NIX_SSL_CERT_FILE</envar> with macOS and the Nix daemon</title> <para>On macOS you must specify the environment variable for the Nix daemon service, then restart it:</para> <screen> $ sudo launchctl setenv NIX_SSL_CERT_FILE /etc/ssl/my-certificate-bundle.crt $ sudo launchctl kickstart -k system/org.nixos.nix-daemon </screen> </section> </section> </chapter>