[demo] Portable Nix
109 views
Skip to first unread message
Matthew Bauer
Apr 11, 2018, 2:10:50 PM4/11/18
to nix-devel
Frequently I have to work on computers without Nix installed and no
root access to install it. The primary motivation of "nix-bundle" was
to build Nix derivations to run on these systems. Will Dietz's recent
work on "static" Nix and Musl has made this experience much better.
Starting today, I am releasing a "nix" binary that will run without a
Nix store. It's available at the following URL and can be run on
x86_64-linux:
https://matthewbauer.us/nix
It contains Nix 2.0 in a self-contained shell script and is only about
10MB! You can pass it Nix commands directly like this (obviously
insecure):
```
curl https://matthewbauer.us/nix | sh -s -- run -f
channel:nixos-unstable hello -c hello
```
It's a little slow to start, but a neat proof of concept. Please try
out lots of derivations especially graphical things like Firefox,
Emacs, etc. The issues will helps us improve the experience.
root access to install it. The primary motivation of "nix-bundle" was
to build Nix derivations to run on these systems. Will Dietz's recent
work on "static" Nix and Musl has made this experience much better.
Starting today, I am releasing a "nix" binary that will run without a
Nix store. It's available at the following URL and can be run on
x86_64-linux:
https://matthewbauer.us/nix
It contains Nix 2.0 in a self-contained shell script and is only about
10MB! You can pass it Nix commands directly like this (obviously
insecure):
```
curl https://matthewbauer.us/nix | sh -s -- run -f
channel:nixos-unstable hello -c hello
```
It's a little slow to start, but a neat proof of concept. Please try
out lots of derivations especially graphical things like Firefox,
Emacs, etc. The issues will helps us improve the experience.
Guillaume Girol
Apr 12, 2018, 11:35:30 AM4/12/18
to nix-...@googlegroups.com
Hello,
Is it supposed to work on a kernel without user namespace support ?
I tried on a Centos 7.4 and got:
$ mkdir -p /tmp/blah/store
$ mkdir -p /tmp/blah/var/nix
$ NIX_STORE_DIR=/tmp/blah/store NIX_LOCALSTATE_DIR=/tmp/blah/var
NIX_STATE_DIR=/tmp/blah/var/nix NIX_REMOTE= NIX_CONF_DIR=/tmp/blah
NIX_LOG_DIR=/tmp /tmp/static_nix build -f channel:nixos-18.03 nix
unshare(): Invalid argument
The error message comes even before starting dowloading the channel.
I get the same error message when adding --sandbox false.
Anyway, thanks for this neat thing :)
Guillaume Girol
Is it supposed to work on a kernel without user namespace support ?
I tried on a Centos 7.4 and got:
$ mkdir -p /tmp/blah/store
$ mkdir -p /tmp/blah/var/nix
$ NIX_STORE_DIR=/tmp/blah/store NIX_LOCALSTATE_DIR=/tmp/blah/var
NIX_STATE_DIR=/tmp/blah/var/nix NIX_REMOTE= NIX_CONF_DIR=/tmp/blah
NIX_LOG_DIR=/tmp /tmp/static_nix build -f channel:nixos-18.03 nix
unshare(): Invalid argument
The error message comes even before starting dowloading the channel.
I get the same error message when adding --sandbox false.
Anyway, thanks for this neat thing :)
Guillaume Girol
zimbatm
Apr 12, 2018, 12:12:43 PM4/12/18
to Guillaume Girol, nix-...@googlegroups.com
Thanks for working on this Matt. Do you have the build instructions available somewhere?
Over at https://github.com/nix-community/docker-nix we worked to produce a more modern and self-contained Nix docker image.
One issue is that if the /nix/store is mounted as a volume (to share the cache), nix-env and nix-shell disappear. It would be great if all the nix utilities could be provided outside of the store to support that scenario.
--
You received this message because you are subscribed to the Google Groups "nix-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nix-devel+...@googlegroups.com.
To post to this group, send email to nix-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/nix-devel/c43c1881-6f00-4293-325a-66ae79336232%40xlumurb.eu.
For more options, visit https://groups.google.com/d/optout.
Matthew Bauer
Apr 12, 2018, 12:39:41 PM4/12/18
to Guillaume Girol, nix-devel
> Is it supposed to work on a kernel without user namespace support ?
Not currently. It's made with nix-bundle which uses unshare and user
namespaces. We definitely need more clear error handling though.
In the past, I had experimented with alternatives to unshare, but it
never seemed to work right. PRoot seemed to be the most promising
though.
Matthew Bauer
Apr 12, 2018, 12:44:49 PM4/12/18
to zimbatm, nix-devel
> Do you have the build instructions available somewhere?
Forgot to mention this! Not exactly build instructions, but everything
is from this branch in nix-bundle:
https://github.com/matthewbauer/nix-bundle/pull/35
You can build it from that tree with "nix-build nix.nix". "result"
will be a nix-bundle file that you can copy outside of the Nix store.
For it to build in a reasonable amount of time, you will need to add
the ALLVM binary cache which has Musl binaries. See
https://github.com/NixOS/nixpkgs/pull/34645 under "Quickstart with
Binary Cache".
Reply all
Reply to author
Forward
0 new messages