Commit Graph

98 Commits

Author SHA1 Message Date
Eelco Dolstra
e53e5c38d4 Add a setting for configuring the SSL certificates file
This provides a platform-independent way to configure the SSL
certificates file in the Nix daemon. Previously we provided
instructions for overriding the environment variable in launchd, but
that obviously doesn't work with systemd. Now we can just tell users
to add

  ssl-cert-file = /etc/ssl/my-certificate-bundle.crt

to their nix.conf.
2023-03-17 18:32:18 +01:00
Théophane Hufschmitt
1548dc5587
Merge pull request #6645 from Artturin/limitinfinity
systemd,launchd match nixos open files limit
2022-12-09 13:36:13 +01:00
Artturin
2320a2f93e systemd,launchd match nixos open files limit
it was bumped in https://github.com/NixOS/nixpkgs/pull/176558
2022-11-04 19:40:16 +02:00
Matthew Bauer
dd3cd1a167
Apply suggestions from code review 2022-09-02 10:50:02 -05:00
Matthew Bauer
bd63ae7e18 Don’t add a space after attrs completion in zsh
This matches the behavior of bash. We don’t want to add a space after
completion on attrs. Uses -S.

Switches to new compadd style comppletions instead of _describe.
Shouldn’t have any negative issues from what I can tell.
2022-09-01 23:16:55 -05:00
Artturin
cebef6a250 nix-daemon.service: sync LimitNOFILE with the nixos service
5628480acd/nixos/modules/services/misc/nix-daemon.nix (L737)
Closes https://github.com/NixOS/nix/issues/6007
2022-05-19 21:16:07 +03:00
midchildan
68d51ae012
refactor: don't hardcode nix subcommands in run-help-nix 2022-04-27 01:56:10 +09:00
midchildan
0f7c7ab97b
fix: typo make-content-addressable -> make-content-addressed 2022-04-25 02:34:59 +09:00
midchildan
c67d8876c3
feat: add integration with zsh's run-help 2022-04-25 02:21:41 +09:00
Eelco Dolstra
51712bf012
Merge pull request #6128 from ncfavier/fix-completion
Shell completion improvements
2022-04-19 13:45:33 +02:00
Graham Christensen
3b26dd51ff
nix-daemon.service: require mounts for /nix/var/nix/db
Users may want to mount a filesystem just for the Nix database, with
the filesystem's parameters specially tuned for sqlite. For example, on
ZFS you might set the recordsize to 64k after changing the database's
page size to 65536.
2022-03-29 21:05:57 -04:00
Florian Klink
d60f3cf6e9 nix-daemon.conf.in: add tmpfiles file to create nix/daemon-socket directory
nix-daemon.socket is used to socket-activate nix-daemon.service when
/nix/var/nix/daemon-socket/socket is accessed.

In container usecases, sometimes /nix/var/nix/daemon-socket is
bind-mounted read-only into the container.

In these cases, we want to skip starting nix-daemon.socket.

However, since systemd 250, `ConditionPathIsReadWrite` is also not met
if /nix/var/nix/daemon-socket doesn't exist at all. This means, a
regular NixOS system will skip starting nix-daemon.socket:

> [  237.187747] systemd[1]: Nix Daemon Socket was skipped because of a failed condition check (ConditionPathIsReadWrite=/nix/var/nix/daemon-socket).

To prevent this from happening, ship a tmpfiles file that'll cause the
directory to be created if it doesn't exist already.

In the case of NixOS, we can just add Nix to `systemd.tmpfiles.packages`
and have these files picked up automatically.
2022-03-18 16:14:09 +01:00
thkoch2001
e06b264f94
Add documentation= entry to systemd unit file
Closes: #6246
2022-03-13 18:42:26 +02:00
Naïm Favier
55c6906701
Perform tilde expansion when completing flake fragments
Allows completing `nix build ~/flake#<Tab>`.
We can implement expansion for `~user` later if needed.
Not using wordexp(3) since that expands way too much.
2022-03-07 12:01:54 +01:00
Maximilian Bosch
9d840758a8
completions: pipe stderr to /dev/null
This fixes weird issues where e.g.

    nix build -L .#<tab>

deletes the current line from the prompt.
2022-02-04 22:43:16 +01:00
Eelco Dolstra
b666a2ca8c
Merge pull request #5820 from ncfavier/completion-nospace
Don't insert spaces when completing attribute paths
2021-12-22 17:55:05 +01:00
Naïm Favier
1da1b2b345
Don't insert spaces when completing attribute paths 2021-12-22 16:17:01 +01:00
Eelco Dolstra
5b5f68f1dd Make bash completion work when nix is invoked as ~/.../nix 2021-12-22 13:26:35 +01:00
Zhong Jianxin
d9b3adca75 launchd: Set NumberOfFiles to 4096
The default maxfiles on macOS 11 and macOS 12 is 256, which is too low
for nix to work:

```
$ launchctl limit maxfiles
	maxfiles    256            unlimited
```

Set NumberOfFiles of nix-daemon to 4096 to avoid `Too many open files`
error.
2021-12-04 20:46:29 +08:00
Eelco Dolstra
2172e60f7a
Merge pull request #4935 from alyssais/host_os
Apply OS checks to host platform, not build
2021-07-08 12:40:54 +02:00
Jan Tojnar
bee71e1bb1 Add a fish completion script
This is only rudimentary support as allowed by `NIX_GET_COMPLETIONS`.

In the future, we could use complete’s `--wraps` argument to autocomplete arguments for programs after `nix shell -c`.
2021-06-23 19:59:58 +02:00
Alyssa Ross
4f80464645
Apply OS checks to host platform, not build
Previously, the build system used uname(1) output when it wanted to
check the operating system it was being built for, which meant that it
didn't take into-account cross-compilation when the build and host
operating systems were different.

To fix this, instead of consulting uname output, we consult the host
triple, specifically the third "kernel" part.

For "kernel"s with stable ABIs, like Linux or Cygwin, we can use a
simple ifeq to test whether we're compiling for that system, but for
other platforms, like Darwin, FreeBSD, or Solaris, we have to use a
more complicated check to take into account the version numbers at the
end of the "kernel"s.  I couldn't find a way to just strip these
version numbers in GNU Make without shelling out, which would be even
more ugly IMO.  Because these checks differ between kernels, and the
patsubst ones are quite fiddly, I've added variables for each host OS
we might want to check to make them easier to reuse.
2021-06-23 15:00:36 +00:00
Matthew Bauer
79674c6cdb Fix zsh completion script
Installed site-functions need to be run directly, not via compdef.
2021-06-12 23:50:26 -05:00
Chua Hou
aedb5c7301
Install zsh completion script 2021-06-02 00:44:03 +08:00
Anders Kaseorg
4f493faf80 launchd: Use exec to avoid leaving the extra shell wrapper running
Before:

  UID   PID  PPID   C STIME   TTY           TIME CMD
    0  1737     1   0  2:28PM ??         0:00.00 /bin/sh -c /bin/wait4path /nix/var/nix/profiles/default/bin/nix-daemon && /nix/var/nix/profiles/default/bin/nix-daemon
    0  1739  1737   0  2:28PM ??         0:00.05 /nix/var/nix/profiles/default/bin/nix-daemon

After:

  UID   PID  PPID   C STIME   TTY           TIME CMD
    0  1763     1   0  2:29PM ??         0:00.05 /nix/var/nix/profiles/default/bin/nix-daemon

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2021-05-04 14:33:47 -07:00
Eelco Dolstra
20a7d8d23a Add some missing clean-files 2020-10-18 20:32:59 +02:00
regnat
eea310b241 Add a zsh completion script
Based on @clhodapp's suggestion in https://github.com/spwhitt/nix-zsh-completions/issues/32#issuecomment-705315356 and adapted to use the description of the completions
2020-10-09 09:47:47 +02:00
regnat
04e5d0e704 Add a description in the completion outputs
Make nix output completions in the form `completion\tdescription`.
This can't be used by bash (afaik), but other shells like zsh or fish
can display it along the completion choices
2020-10-09 09:39:51 +02:00
Marwan Aljubeh
b7c02232b2
Fix the nix-daemon Mac OS SSL CA cert
Mac OS multi-user installations are currently broken because all requests
made by nix-daemon to the binary cache fail with:

```
unable to download ... Problem with the SSL CA cert (path? access rights?) (77).
```

This change ensures that the nix-daemon knows where to find the SSL CA cert file.

Fixes #2899 and #3261.
2020-09-16 17:56:43 +01:00
Eelco Dolstra
959295cf4b Fix completion script install name 2020-06-04 13:37:37 +02:00
Eelco Dolstra
da310fac62 Bash completion: Don't break on ':' 2020-05-11 21:37:53 +02:00
Eelco Dolstra
e0c19ee620 Add completion for paths 2020-05-10 21:35:07 +02:00
Eelco Dolstra
91ddee6bf0 nix: Implement basic bash completion 2020-05-10 20:32:21 +02:00
Dan Callahan
8c4a5e7ba1
Make nix-daemon.plist less fragile on macOS
We're calling `wait4path` on the full, resolved `@bindir@/nix-daemon` path.

That means we're hardcoding something like:

    /bin/wait4path /nix/store/zs9c5xhp3zv9p23qnjxp87nl5injsi1i-nix-2.3/bin/nix-daemon &amp;&amp; /nix/var/nix/profiles/default/bin/nix-daemon

That seems unnecessarily fragile.

It might be better to wait4path on the path we intend to call.
2019-10-09 12:52:01 +01:00
Matthew Bauer
0847f2f1b3 Copy instead of linking launch agent
On Catalina, the /nix filesystem might not be mounted at start time.
To avoid this service not starting, we need to keep the launch agent
outside of the Nix store. A wait4pid will hold for our /nix dir to be
mounted.

Fixes #3125.
2019-10-08 21:52:17 -04:00
Eelco Dolstra
918717f3b5
Merge pull request #3066 from matthewbauer/wait4path
Use wait4path on org.nixos.nix-daemon.plist
2019-09-03 12:10:32 +02:00
Matthew Bauer
87c604c1f0 Fix launchd program args
launchd has some weird syntx. Apparently the program needs to be in
the ProgramArguments, as Program appears to be ignored.
2019-09-02 18:35:10 -04:00
Matthew Bauer
800fba1037 Use wait4path on org.nixos.nix-daemon.plist
When using a volume, the nix-daemon path may not exist. To avoid this
issue, we must use the wait4path tool. This should solve one of the
issues in multi-user on macOS Catalina.
2019-08-27 10:58:48 -04:00
Piotr Szubiakowski
d459224724 nix-daemon.service: add install section.
Signed-off-by: Piotr Szubiakowski <pszubiak@eso.org>
2019-08-27 10:35:35 +02:00
Daiderd Jordan
8ac1130cc2
nix-daemon: add variable to disable fork safety
Since macOS 10.14 this has become an error, causing problems if the
nix-daemon loads nix during substitution (this is a forked process).

Workaround for #2523.
2019-02-09 20:35:30 +01:00
Peter Simons
81261ca538 docker: move the docker file to https://github.com/NixOS/docker
We have automated builds at https://hub.docker.com/r/nixos/nix/ now. The master
branch of the "docker" repository is available as "latest". Branches that match
the regular expression "^[0-9.]+$" are pushed to the tag that corresponds to
their branch name. Other branches are ignored.
2018-06-21 19:13:04 +02:00
Lorenzo Manacorda
b600d46412
Dockerfile: 2.0.4 2018-06-06 14:50:47 +02:00
Domen Kožar
2228891260
docker readme: simplify 2018-05-08 12:37:52 +02:00
Domen Kožar
85f9650322
Dockerfile: 2.0.2 2018-05-08 12:37:43 +02:00
Domen Kožar
257c3c763a
Add README for docker 2018-05-08 12:28:55 +02:00
Domen Kožar
1e20ed5a0c
Dockerfile: update to 2.0.1 2018-05-08 12:28:06 +02:00
Ben Challenor
a74288b943 Dockerfile: verify tar file with sha256sum 2018-03-19 04:56:13 +00:00
Ben Challenor
ec6a328fe8 Dockerfile: 1.11.14 -> 2.0 2018-03-18 23:31:11 +00:00
Daiderd Jordan
05cb8e5c5a
launchd: enable keepalive for the nix-daemon service
Without this the daemon won't be restarted if the process ever dies, for
example when sending a SIGHUP to reload nix.conf.
2018-02-28 19:58:48 +01:00
Peter Simons
37164ae389 docker: ensure that the installation works for users other than 'root', too
The path /root/.nix-profile is a sym-link to /nix/var/nix/profiles/default. The
latter path, however, works for everyone while the former path works only for
root, so we prefer the public path whenever possible.
2017-10-07 17:28:34 +02:00