kevinveenbirkenbach/pkgmgr
1
0
Fork 0
Code Issues Pull Requests Actions 28 Packages Projects Releases Wiki Activity

**Enable Nix experimental features system-wide and refactor Nix bootstrap config**
Some checks failed
Ruff (Python code sniffer) / codesniffer-ruff (push) Has been cancelled
Details
ShellCheck / codesniffer-shellcheck (push) Has been cancelled
Details
Mark stable commit / test-unit (push) Has been cancelled
Details
Mark stable commit / test-integration (push) Has been cancelled
Details
Mark stable commit / test-env-virtual (push) Has been cancelled
Details
Mark stable commit / test-env-nix (push) Has been cancelled
Details
Mark stable commit / test-e2e (push) Has been cancelled
Details
Mark stable commit / test-virgin-user (push) Has been cancelled
Details
Mark stable commit / test-virgin-root (push) Has been cancelled
Details
Mark stable commit / codesniffer-shellcheck (push) Has been cancelled
Details
Mark stable commit / codesniffer-ruff (push) Has been cancelled
Details
Mark stable commit / mark-stable (push) Has been cancelled
Details

Browse Source 
* Rename `config.sh` to `bootstrap_config.sh` to clearly separate installer bootstrap config from Nix system config
* Add `nix_conf_file.sh` to manage `/etc/nix/nix.conf` safely and idempotently
* Ensure `nix-command` and `flakes` are enabled without overwriting existing experimental features
* Invoke Nix config enforcement from `nix/init.sh` during root installation
* Update documentation and ShellCheck annotations accordingly
* Extend CLI git proxy to include `git status`

https://chatgpt.com/share/693d5c4a-bad0-800f-adaf-4719dd4ca377
This commit is contained in:
Kevin Veen-Birkenbach
2025-12-13 13:29:48 +01:00
parent ea84c1b14e
commit 422ac8b837
4 changed files with 65 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/nix/README.md
View File

@@ -22,7 +22,7 @@ It is invoked during package installation (Arch/Debian/Fedora scriptlets) and ca
The entry point sources small, focused modules from *scripts/nix/lib/*: The entry point sources small, focused modules from *scripts/nix/lib/*:
- *config.sh* — configuration defaults (installer URL, retry timing) - *bootstrap_config.sh* — configuration defaults (installer URL, retry timing)
- *detect.sh* — container detection helpers - *detect.sh* — container detection helpers
- *path.sh* — PATH adjustments and `nix` binary resolution helpers - *path.sh* — PATH adjustments and `nix` binary resolution helpers
- *symlinks.sh* — user/global symlink helpers for stable `nix` discovery - *symlinks.sh* — user/global symlink helpers for stable `nix` discovery

11
scripts/nix/init.sh
View File

@@ -1,21 +1,23 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
# shellcheck source=lib/config.sh # shellcheck source=lib/bootstrap_config.sh
# shellcheck source=lib/detect.sh # shellcheck source=lib/detect.sh
# shellcheck source=lib/path.sh # shellcheck source=lib/path.sh
# shellcheck source=lib/symlinks.sh # shellcheck source=lib/symlinks.sh
# shellcheck source=lib/users.sh # shellcheck source=lib/users.sh
# shellcheck source=lib/install.sh # shellcheck source=lib/install.sh
# shellcheck source=lib/nix_conf_file.sh
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "${SCRIPT_DIR}/lib/config.sh" source "${SCRIPT_DIR}/lib/bootstrap_config.sh"
source "${SCRIPT_DIR}/lib/detect.sh" source "${SCRIPT_DIR}/lib/detect.sh"
source "${SCRIPT_DIR}/lib/path.sh" source "${SCRIPT_DIR}/lib/path.sh"
source "${SCRIPT_DIR}/lib/symlinks.sh" source "${SCRIPT_DIR}/lib/symlinks.sh"
source "${SCRIPT_DIR}/lib/users.sh" source "${SCRIPT_DIR}/lib/users.sh"
source "${SCRIPT_DIR}/lib/install.sh" source "${SCRIPT_DIR}/lib/install.sh"
source "${SCRIPT_DIR}/lib/nix_conf_file.sh"
echo "[init-nix] Starting Nix initialization..." echo "[init-nix] Starting Nix initialization..."
@@ -26,6 +28,7 @@ main() {
ensure_nix_on_path ensure_nix_on_path
if [[ "${EUID:-0}" -eq 0 ]]; then if [[ "${EUID:-0}" -eq 0 ]]; then
nixconf_ensure_experimental_features
ensure_global_nix_symlinks "$(resolve_nix_bin 2>/dev/null || true)" ensure_global_nix_symlinks "$(resolve_nix_bin 2>/dev/null || true)"
else else
ensure_user_nix_symlink "$(resolve_nix_bin 2>/dev/null || true)" ensure_user_nix_symlink "$(resolve_nix_bin 2>/dev/null || true)"
@@ -106,6 +109,10 @@ main() {
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
ensure_nix_on_path ensure_nix_on_path
if [[ "${EUID:-0}" -eq 0 ]]; then
nixconf_ensure_experimental_features
fi
local nix_bin_post local nix_bin_post
nix_bin_post="$(resolve_nix_bin 2>/dev/null || true)" nix_bin_post="$(resolve_nix_bin 2>/dev/null || true)"

0
scripts/nix/lib/config.sh → scripts/nix/lib/bootstrap_config.sh
View File

55
scripts/nix/lib/nix_conf_file.sh Normal file
View File

@@ -0,0 +1,55 @@
#!/usr/bin/env bash
set -euo pipefail
# Prevent double-sourcing
if [[ -n "${PKGMGR_NIX_CONF_FILE_SH:-}" ]]; then
return 0
fi
PKGMGR_NIX_CONF_FILE_SH=1
nixconf_file_path() {
echo "/etc/nix/nix.conf"
}
nixconf_ensure_experimental_features() {
local nix_conf want
nix_conf="$(nixconf_file_path)"
want="experimental-features = nix-command flakes"
mkdir -p /etc/nix
if [[ ! -f "${nix_conf}" ]]; then
echo "[nix-conf] Creating ${nix_conf} with: ${want}"
printf "%s\n" "${want}" >"${nix_conf}"
return 0
fi
if grep -qE '^\s*experimental-features\s*=' "${nix_conf}"; then
if grep -qE '^\s*experimental-features\s*=.*\bnix-command\b' "${nix_conf}" \
&& grep -qE '^\s*experimental-features\s*=.*\bflakes\b' "${nix_conf}"; then
echo "[nix-conf] experimental-features already correct"
return 0
fi
echo "[nix-conf] Extending experimental-features in ${nix_conf}"
local current
current="$(grep -E '^\s*experimental-features\s*=' "${nix_conf}" | head -n1 | cut -d= -f2-)"
current="$(echo "${current}" | xargs)" # trim
# Build a merged feature string without duplicates (simple token set)
local merged="nix-command flakes"
local token
for token in ${current}; do
if [[ " ${merged} " != *" ${token} "* ]]; then
merged="${merged} ${token}"
fi
done
sed -i "s|^\s*experimental-features\s*=.*|experimental-features = ${merged}|" "${nix_conf}"
return 0
fi
echo "[nix-conf] Appending to ${nix_conf}: ${want}"
printf "\n%s\n" "${want}" >>"${nix_conf}"
}