Skip to content
This repository has been archived by the owner on Feb 19, 2024. It is now read-only.

Commit

Permalink
feat: update nix tools (ublue-os#263)
Browse files Browse the repository at this point in the history
  • Loading branch information
bketelsen authored Jun 7, 2023
1 parent c5ad75c commit 8148ddb
Show file tree
Hide file tree
Showing 2 changed files with 61 additions and 40 deletions.
87 changes: 50 additions & 37 deletions usr/bin/ublue-nix-install
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,23 @@
# original script here: https://github.com/dnkmmr69420/nix-with-selinux/blob/main/silverblue-installer.sh
# thanks dnkmmr!

#!/bin/bash
sudo sleep 2
echo "Adding SELinux content to /nix"
echo "Adding selinux content to /nix"
sudo semanage fcontext -a -t etc_t '/nix/store/[^/]+/etc(/.*)?' ; sudo semanage fcontext -a -t lib_t '/nix/store/[^/]+/lib(/.*)?' ; sudo semanage fcontext -a -t systemd_unit_file_t '/nix/store/[^/]+/lib/systemd/system(/.*)?' ; sudo semanage fcontext -a -t man_t '/nix/store/[^/]+/man(/.*)?' ; sudo semanage fcontext -a -t bin_t '/nix/store/[^/]+/s?bin(/.*)?' ; sudo semanage fcontext -a -t usr_t '/nix/store/[^/]+/share(/.*)?' ; sudo semanage fcontext -a -t var_run_t '/nix/var/nix/daemon-socket(/.*)?' ; sudo semanage fcontext -a -t usr_t '/nix/var/nix/profiles(/per-user/[^/]+)?/[^/]+'
sleep 1
sudo mkdir /var/lib/nix
sleep 1
echo "Adding SELinux content to /var/lib/nix"
echo "adding selinux content to /var/lib/nix"
sudo semanage fcontext -a -t etc_t '/var/lib/nix/store/[^/]+/etc(/.*)?' ; sudo semanage fcontext -a -t lib_t '/var/lib/nix/store/[^/]+/lib(/.*)?' ; sudo semanage fcontext -a -t systemd_unit_file_t '/var/lib/nix/store/[^/]+/lib/systemd/system(/.*)?' ; sudo semanage fcontext -a -t man_t '/var/lib/nix/store/[^/]+/man(/.*)?' ; sudo semanage fcontext -a -t bin_t '/var/lib/nix/store/[^/]+/s?bin(/.*)?' ; sudo semanage fcontext -a -t usr_t '/var/lib/nix/store/[^/]+/share(/.*)?' ; sudo semanage fcontext -a -t var_run_t '/var/lib/nix/var/nix/daemon-socket(/.*)?' ; sudo semanage fcontext -a -t usr_t '/var/lib/nix/var/nix/profiles(/per-user/[^/]+)?/[^/]+'
echo "Creating service files"
sleep 1
echo "creating SSL cert file"

sudo tee /etc/systemd/system/nix-daemon.service.d/override.conf <<EOF
[Service]
Environment="NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt"
EOF
sleep 1
echo "Creating rootfs mkdir service"

Expand All @@ -22,7 +29,6 @@ ConditionPathExists=!%f
DefaultDependencies=no
Requires=local-fs-pre.target
After=local-fs-pre.target
[Service]
Type=oneshot
ExecStartPre=chattr -i /
Expand All @@ -42,7 +48,6 @@ Wants=mkdir-rootfs@nix.service
Before=sockets.target
After=ostree-remount.service
BindsTo=var.mount
[Mount]
What=/var/lib/nix
Where=/nix
Expand All @@ -51,71 +56,79 @@ Type=none
EOF

sleep 1
echo "Enabling mount and resetting SELinux context"
echo "Enabling mounting of /var/lib/nix to /nix and resetting SELinux context"
sleep 1

sudo systemctl daemon-reload ; sudo systemctl enable nix.mount ; sudo systemctl start nix.mount ; sudo restorecon -RF /nix

sleep 1

echo "Temorarily setting SELinux to Permissive"
echo "Temorarly setting SELinux to permissive"

sudo setenforce Permissive

sleep 1

echo "Preparing the nix install script"
echo "Preparing the nix install script..."

sleep 2
sleep 5

sh <(curl -L https://nixos.org/nix/install) --daemon
sh <(curl -L https://nixos.org/nix/install) --daemon --yes

echo "Nix installer has finished running"
echo "Nix installer has Finished running..."
sleep 1
echo "Copying service files"
echo "Now copying service files..."

sleep 1

echo "Creating SSL cert file"
sudo mkdir -p /etc/systemd/system/nix-daemon.service.d/
sudo tee /etc/systemd/system/nix-daemon.service.d/override.conf <<EOF
[Service]
Environment="NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt"
EOF
sudo rm -f /etc/systemd/system/nix-daemon.{service,socket} ; sudo cp /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.{service,socket} /etc/systemd/system/ ; sudo restorecon -RF /nix ; sudo systemctl daemon-reload ; sudo systemctl enable --now nix-daemon.socket

sleep 1

echo "Setting SELinux back to Enforcing"
echo "Now setting SELinux back to Enforcing"

sudo setenforce Enforcing

echo "Modifying /etc/nix/nix.conf"
echo "experimental-features = nix-command flakes" | sudo tee -a /etc/nix/nix.conf
sleep 1



sleep 1

echo "Installing nix backup"
bash <(curl -s https://raw.githubusercontent.com/dnkmmr69420/nix-installer-scripts/main/other-scripts/nix-sudo-path.sh)

sudo mkdir /opt/nixbackup
sudo cp -R /nix /opt/nixbackup
echo "Modifying configurations..."

sudo tee /opt/nixbackup/reset-nix <<EOF
#!/bin/bash
sudo echo "Resetting nix..."
sudo rm -rf /nix/*
sudo mkdir -p /nix
sudo cp -R /opt/nixbackup/nix/* /nix/
sudo restorecon -RF /nix
sudo echo "Nix has been reset. Reboot for changes to apply."
EOF
sleep 1

sudo rm -f /etc/nix/nix.conf ; sudo wget -P /etc/nix https://raw.githubusercontent.com/dnkmmr69420/nix-installer-scripts/main/other-files/nix.conf
sudo rm -f /etc/profile.d/nix-app-icons.sh ; sudo wget -P /etc/profile.d https://raw.githubusercontent.com/dnkmmr69420/nix-installer-scripts/main/other-files/nix-app-icons.sh

sudo echo "Building nix package manager..."

sudo chmod a+x /opt/nixbackup/reset-nix
sleep 1

curl -s https://raw.githubusercontent.com/dnkmmr69420/nix-installer-scripts/main/nix-out-of-default/setup.sh | bash -s /usr/local

sudo echo "Finished installing nix backup"
sudo echo "Cleaning up..."

sleep 1

echo "You MUST reboot in order for the installation to finish"
echo "Reboot your system by typing:"
echo "systemctl reboot"
sudo nix profile remove 0
sudo nix profile remove 0

echo "Linking..."

sleep 1

sudo ln -s /nix/var/nix/profiles/default /nix/nix-profile
sudo ln -s /nix/var/nix/profiles/default /var/nix-profile

sleep 1

echo "Making a nix backup..."

bash <(curl -s https://raw.githubusercontent.com/dnkmmr69420/nix-installer-scripts/main/backup-scripts/create-backup-selinux.sh)

echo "Reboot your system by typing"
echo "systemctl reboot"
14 changes: 11 additions & 3 deletions usr/share/ublue-os/just/custom.just
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,21 @@ gnome-extensions:
gext install pano@elhan.io
gext install weatheroclock@CleoMenezesJr.github.io

nix-me-up:
echo 'Setting phasers to kill. Installing nix.'
/usr/bin/ublue-nix-install

nix-devbox:
echo 'Setting phasers to kill. Installing nix.'
curl -s https://raw.githubusercontent.com/dnkmmr69420/nix-installer-scripts/main/installer-scripts/silverblue-nix-installer.sh | bash
echo 'Installing devbox!'
curl -fsSL https://get.jetpack.io/devbox | bash
echo 'You MUST reboot to continue'

nix-devbox-global:
echo 'Installing devbox global profile.'
devbox global pull https://devbox.getfleek.dev/high
echo 'run "devbox global run install-bash-hook" to configure bash shell'
echo 'run "devbox global run install-zsh-hook" to configure zsh shell'
echo 'run "devbox global run" to see other available configuration commands'


touch:
pip install --upgrade gnome-extensions-cli
Expand Down

0 comments on commit 8148ddb

Please sign in to comment.