Commit graph

491 commits

Author SHA1 Message Date
Ana Hobden
2477de21eb
Bump to 0.16.1-unreleased (#808) 2024-01-08 18:43:45 +00:00
Ana Hobden
fb4401df00
Release v0.16.0 (#804) 2024-01-08 08:41:39 -08:00
Ana Hobden
83a0da10c4
Fix adduser so it doesn't create the home (#801) 2024-01-05 11:45:06 -08:00
Ana Hobden
e48a8962b5
Bump dependencies (#800) 2024-01-04 11:17:58 -08:00
Ana Hobden
7011c077ec
fix create build users action description (#788)
Co-authored-by: Michael Gallagher <mjgallag@gmail.com>
2024-01-03 20:01:11 +00:00
Ana Hobden
e815280881
Fix arm64 darwin install (#789)
* fix: workaround for lies from uname -m

On an arm64 mac, `uname -m` returns x86_64 which causes install script to install with the wrong architecture

* refactor: use same logic from rustup

* Tweak credit comment

* Prod ci

---------

Co-authored-by: oz <otech47@gmail.com>
2024-01-03 12:00:51 -08:00
Graham Christensen
0b0172547c
Fetch updates from i.d.s by default (#772)
* Fetch updates from i.d.s by default

Our goal is to deliver a solid experience with Nix flakes, including an upgrade path that is safe. Occasionally, the upstream Nix project may introduce regressions for the common flake path. This is not desirable for our users, who depend on a consistent and stable flakes experience.

Additionally, the Nix project isn't directly responsible for delivering updates to users as that role is delegated to the Nixpkgs project.

Overall, this means upgrades are not consistently delivered to users.

This update directs future update requests to install.determinate.systems, which we will upgrade as part of our standard release process.

Our standard release process includes proactive testing: validating our installer and Nix's behavior across a wide variety of platforms and scenarios.

After an update passes our proactive validation, we do a phased rollout of reactive monitoring: the update is released to a small percentage of users on GitHub Actions. We monitor the failure rate of the installer and overall workflows to ensure the updated Nix isn't causing widespread failure we weren't able to identify ahead of time.

Only after a release passes both proactive and reactive validation, our macOS .pkg and nix-upgrade paths are bumped to the most recent release. This gives user the confidence they're looking for that the Nix release they're getting is safe.

* Universal -> universal
2023-12-08 03:45:05 +00:00
Ana Hobden
8c9e64d2a3
Update deps (#771) 2023-12-05 15:19:43 -08:00
Ana Hobden
b84ebf0841
Don't modify shell profile files if they are symlinks (#767)
* Don't modify shell profile files if they are symlinks

* Fixup remote building step
2023-12-05 11:14:46 -08:00
Ana Hobden
0419422de0
nix-2.19.2 (#756)
* nix-2.19.2

* Fix speeling
2023-11-30 16:51:41 -08:00
Ana Hobden
a176784a03
0.15.1-unreleased (#755) 2023-11-30 18:59:40 +00:00
Ana Hobden
cd61f98c90
MacOS installer does not honor case sensitive setting (#748)
* MacOS should respect case-sensitivity setting

* Fix warning
2023-11-28 09:22:01 -08:00
Graham Christensen
41a96f49fc
Clippy nits while hacking around (#737)
* clippy: unnecessary guard

* create merge nix config clippy nit, old

* Clean up a clippy nit on an extra clone

* clippy nit legacy wsl detection error
2023-11-22 14:50:25 -05:00
Ana Hobden
df9610edba
Release v0.15.1 (#729) 2023-11-14 19:04:27 -08:00
Ana Hobden
b48c7204bc
Release v0.15.0 (#728) 2023-11-14 16:05:36 -08:00
Graham Christensen
0c01adc852
Nix config: add extra newlines after the initial comment (#719)
* Nix config: add extra newlines after the initial comment

Otherwise the extra-config option will get swallowed.

Closes #717

* Push individual strs
2023-11-14 08:27:11 -08:00
Graham Christensen
01a3447b83
Remove the writable flag, don't set too many permission bits (#718)
Making everything 0o555 is too much, since many files in the store
are not supposed to be executable. Those should be 0o444. Instead
of splatting 0o555 out, take a more measured approach and remove
the writable flag from the on-disk mode.
2023-11-14 08:26:23 -08:00
Graham Christensen
dac0adca28
Support remote-building to macOS hosts (#714)
* Support remote-building to macOS hosts

Our README has long featured a snippet to add to the zshenv, with a
caevat that it might behave strangely if you're writing a script with an
empty PATH.

It is pretty straightforward to eliminate those caveats while still
providing remote building for Nix to macOS hosts.

Co-authored-by: Ana Hobden <operator@hoverbear.org>
2023-11-10 19:02:19 +00:00
Matthew Kenigsberg
6ca2c68e31
Document max-jobs=auto (#712)
max-jobs is set to auto as of
https://github.com/DeterminateSystems/nix-installer/pull/627
2023-11-10 07:59:42 -08:00
Graham Christensen
a026cc2224
Don't include the version number in the nix config, for reproducibility. Closes #580 (#710) 2023-11-08 19:00:41 +00:00
Timothy Sutton
dda36c4a22
Add 'sudo' to suggestions for launchd-related config fixes (#706) 2023-11-06 10:09:58 -08:00
Ana Hobden
ccae8a097d
Document the known nix-darwin related uninstall issue (#687)
* Document the known nix-darwin related uninstall issue

* Fix nits

* Update README.md

Co-authored-by: Cole Helbling <cole.helbling@determinate.systems>

---------

Co-authored-by: Cole Helbling <cole.helbling@determinate.systems>
2023-10-24 18:55:51 +00:00
Graham Christensen
93cdd9bcb0
create /etc/tmpfiles.d on ostree (#686) 2023-10-24 10:34:41 -07:00
Ana Hobden
2dd40810fb
Fix exit code inconsistency (#684) 2023-10-23 13:52:42 -07:00
Ana Hobden
c79dcb91ae
Release v0.14.0 (#679) 2023-10-18 10:18:59 -07:00
Graham Christensen
32dcdb7550
Make our Nix installation immune to macOS upgrades (#672)
* Add cargo-watch

* clippy: the borrowed expression implements the required traits

* clippy: expression creates a reference which is immediately dereferenced by the compiler

* clippy: redundant closure

* clippy: this if-then-else expression returns a bool literal

* clippy: explicit call to .into_iter() in function argument accepting IntoIterator

* Clippy: an implementation of From is preferred since it gives you Into<_> for free where the reverse isn't true

* Support cargo building on a mac

* Create a nix-hook service on macos to inject the shell at startup

* Introduce nix-installe restore-shell to fix the init scripts, called by the nix-hook plist on every login

* Wait for /nix to be there, and restart the hook until it works

* Back to run-at-load hoping that works

* Revert "Back to run-at-load hoping that works"

This reverts commit cccb8bcd971e296fecc0a2dba4f1101795bcd5ba.

It starts too early, fails, and then aborts. When it fails,
launchd says the service failed to initialize and that the system
is read-only.

* nits

* rename to repair

* Handle --no-modify-profile

* fmt

---------

Co-authored-by: Ana Hobden <operator@hoverbear.org>
2023-10-16 11:50:33 -07:00
Daniel Flanagan
5e06d6fcd2
Update ssl-cert-file docs (#671) 2023-10-10 09:21:22 -07:00
Ana Hobden
201fd4a0a7
Release v0.13.1 (#666) 2023-10-04 09:08:02 -07:00
Ana Hobden
917c0e89e7
Use Nix 2.17.0 (#665) 2023-10-03 19:03:44 +00:00
Ana Hobden
5eedbab041
Update nix-config-parser (#664) 2023-10-03 18:09:37 +00:00
Graham Christensen
95045cf8c0
flake-compat: use flakehub (#663) 2023-10-03 10:47:17 -07:00
Ana Hobden
b68cf8b56c
Upgrade to Nix 2.18.1 (#661) 2023-10-03 10:07:35 -07:00
Ana Hobden
25ed45fc1b
Unmount apfs volumes before deleting them (#662) 2023-10-03 10:07:17 -07:00
Ana Hobden
d01e1b820c
Release v0.13.0 (#652) 2023-09-28 17:02:45 -07:00
Ana Hobden
042873d7d6
Reintroduce 640, 638, 627 (#651)
* Reintroduce 640, 638, 627

* fmt
2023-09-28 22:58:31 +00:00
Ana Hobden
b0bdd3ddef
Revert "Release v0.12.1 (#649)" (#650)
This reverts commit af06724a5e.
2023-09-28 22:35:57 +00:00
Ana Hobden
af06724a5e
Release v0.12.1 (#649) 2023-09-28 14:35:35 -07:00
Ana Hobden
fc6d611285
Revert "Make nix.conf changes deterministic (#620)" (#648)
* Revert "Make nix.conf changes deterministic (#620)"

This reverts commit 05571a4990.

* fmt

* Prod ci
2023-09-28 13:53:14 -07:00
Ana Hobden
3c7297e6ab
v0.12.1-unreleased (#644)
* v0.12.0-unreleased

* v0.12.1-unreleased...
2023-09-27 15:01:58 +00:00
Ana Hobden
aed05e9a5c
Release v0.12.0 (#641) 2023-09-25 13:36:51 -07:00
Ana Hobden
ff6ee246ae
Tweak nix-build-user-count default in all places (#643) 2023-09-25 12:43:45 -07:00
Ana Hobden
da7e44e40e
Fixup VM tests (#642) 2023-09-25 08:43:11 -07:00
Ana Hobden
6bee48c11e
Enable repl-flake experimental feature (#640)
* Enable repl-flake experimental feature

* fmt
2023-09-22 12:06:42 -07:00
Ana Hobden
1da69eef4a
Plan prompts for sudo (#639)
* Plan prompts for sudo

* clippy/fmt
2023-09-22 18:08:01 +00:00
Ana Hobden
8911329beb
Upgrade to Nix 2.18 (#637) 2023-09-22 10:45:23 -07:00
Ana Hobden
7669045865
Disable auto-allocate-uids on Linux too (#638)
* Disable auto-allocate-uids on Linux too

* Fix clippy/fmt
2023-09-22 10:44:40 -07:00
Ana Hobden
abfde74d1f
Add support for URLs or paths in --nix-package-url and --extra-conf (#634)
* Add support for URLs or paths in --nix-package-url and --extra-conf

* fmt

* Into a mod with you, tests!
2023-09-20 19:10:56 +00:00
Graham Christensen
60e5fff623
Support user-defined diagnostics attribution (#635)
* Switch to flakehub

* Diagnostics: support user-defined attribution.

Allows a user to specify an additional value to associate their diagnostics with that value. nix-installer doesn't generate or store these values, and most users have no need for it.

* Respond to feedback
2023-09-20 11:23:23 -07:00
Ana Hobden
1c103edb90
Set max-jobs in nix.conf (#627) 2023-09-13 17:38:40 +00:00
Ana Hobden
05571a4990
Make nix.conf changes deterministic (#620)
* Make nix.conf changes deterministic

* Add mac fixture

* Warn/error if user settings don't match our needs

* Repair mac fixture

* fmt

* clipster

* Tidy up some feedback

* fmt

* resolve some nits
2023-09-13 17:02:05 +00:00