* repair: use target_lexicon::OperatingSystem over target_os cfg
* repair: make repair actions a collection
* Make some things pub for ease of reuse
* fixup: make write_receipt() take a reference instead of ownership
* fixup: make write_receipt() atomic and member of InstallPlan
* CreateUser: enable skipping the completion check
This is useful for when you don't care if it's been completed or not and
want to rerun the commands. Especially useful on macOS, where `dscl .
-create` is idempotent.
* repair: add `sequoia` subcommand that can migrate build users to the new 351+ UID range
* fixup: should not be able to specify uid base
* fixup: nicer wording for human consumption
* fixup: don't worry about incompatible receipts
* fixup: prompt before some repair commands
* fixup: set user_base outside of branch
* fixup: store a timestamped, pre-repair copy of the receipt
* fixup: note whether or not the receipt will be updated
* fixup: note that uninstallation will work even if the receipt could not be updated
(cherry picked from commit ded6eb7352eaf1bf9dcd07719a13c5b3f083a739)
Upstream-PR: https://github.com/DeterminateSystems/nix-installer/pull/1143
Change-Id: I9084dcf5a53b1453436db6fedbe5e785a8b5e3ae
Ubuntu 16.04, Fedora 36-37, and RHEL 7 are all out of support.
Replace them with more recent VM images from vagrant, when available
Change-Id: I7760d1784d6b70757e5795499caaa6fe2c9dae83
Updating the lix version changes flake.nix inputs,
but did not change flake.lock.
Running `nix flake lock` is sufficient.
Change-Id: Ib1f482a0deb5c95ff2c9fc4d715bbc0733a5630b
- We were looking for a top-level tarball path that looked like nix-*.
This was invalid, since our tarballs have lix-*.
- We were looking for a store path that looked like nix-*.*.*. This was
invalid, since ours is lix-*.*.*.
This change accepts both.
- We also added a symlink for nix-installer and nix-installer.sh, which
deals with the test suite being pretty tightly coupled to that path.
- We fixed a bug exposed in the tests where --no-substitute is not
passed while self-testing builds. This seems to have been relying on
offline detection and while it eventually passed, it was busted and
took ages.
Change-Id: I2f497bd647ecf1db5963a4bb245279db582d2af3
Previously we used a nix install tarball built from nix 2.20.5,
download with flakehub.
That does not make sense for a lix installer, use Lix 2.90 beta 1
instead.
Also use this opportunity to remove the unused flake-compat input.
Change-Id: I622bb9fedb45f3a03c1e5f43757afbd0222c6b90
The `nix-installer-static` package is now named `lix-installer-static`.
However, the uninstall binary is still called `nix-installer`
Change-Id: I60fd2ab84867beaa8cf527e88c953298ec703881
The flake build relies on the name lix-installer.sh.
Rename nix-installer.sh to lix-installer.sh and, AFAICT,
all references
Change-Id: I4f2594e9a38d5489de6be092ce97dcb247627aca
Not all references to the crate name were caught when it was changed.
Some tests rely on importing from `lix_installer` and filter directives
for the logs vary based on crate name.
Change-Id: I29acde8b96c823332a740dc69ef1847fdd89d967
When detsys-specific items were removed, some lines of JSON were
removed. This caused syntax errors due to the trailing commas.
Also use this opportunity to add `enable_flakes`, which is required
in new lix-installer plan files
Change-Id: I7874b3b19cb2e15f82b0733894c52b3a23c0cbe5
* Document nix version pinning more explicitly
https://github.com/DeterminateSystems/nix-installer/issues/387#issuecomment-1581743074
Co-authored-by: Ana Hobden <operator@hoverbear.org>
* Fixed a single typo in README.md
* Link to nixos.org to explain Nix
* README: Delete now-incorrect link listing installed `nix` versions
---------
Co-authored-by: Peter Kolloch <peter.kolloch@nexxiot.com>
Co-authored-by: Ana Hobden <operator@hoverbear.org>
Co-authored-by: Mikko Lukas Räsänen <1522239+mikkolukas@users.noreply.github.com>
Co-authored-by: Mauricio Scheffer <mauricioscheffer@gmail.com>
Co-authored-by: Ilya Grigoriev <ilyagr@users.noreply.github.com>
* fix: workaround for lies from uname -m
On an arm64 mac, `uname -m` returns x86_64 which causes install script to install with the wrong architecture
* refactor: use same logic from rustup
* Tweak credit comment
* Prod ci
---------
Co-authored-by: oz <otech47@gmail.com>
* Fetch updates from i.d.s by default
Our goal is to deliver a solid experience with Nix flakes, including an upgrade path that is safe. Occasionally, the upstream Nix project may introduce regressions for the common flake path. This is not desirable for our users, who depend on a consistent and stable flakes experience.
Additionally, the Nix project isn't directly responsible for delivering updates to users as that role is delegated to the Nixpkgs project.
Overall, this means upgrades are not consistently delivered to users.
This update directs future update requests to install.determinate.systems, which we will upgrade as part of our standard release process.
Our standard release process includes proactive testing: validating our installer and Nix's behavior across a wide variety of platforms and scenarios.
After an update passes our proactive validation, we do a phased rollout of reactive monitoring: the update is released to a small percentage of users on GitHub Actions. We monitor the failure rate of the installer and overall workflows to ensure the updated Nix isn't causing widespread failure we weren't able to identify ahead of time.
Only after a release passes both proactive and reactive validation, our macOS .pkg and nix-upgrade paths are bumped to the most recent release. This gives user the confidence they're looking for that the Nix release they're getting is safe.
* Universal -> universal