Skip to content

Instantly share code, notes, and snippets.

@tasmo

tasmo/README.md

Forked from matthewpi/README.md
Last active November 17, 2023 14:20
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save tasmo/48b1ce32f7c295d4a8a15b09f947a406 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save tasmo/48b1ce32f7c295d4a8a15b09f947a406 to your computer and use it in GitHub Desktop.
Download ZIP
Nix on Fedora
Raw
README.md

NixOS on Fedora

Please note that these instructions are not offically supported or condoned by Nix and are not guaranteed to always work, but from my testing everything seems to work perfectly fine.

These steps may not be required if NixOS/nix#2374 is resolved.

SELinux

These commands are required for both Fedora Workstation and Fedora Silverblue

sudo semanage fcontext -a -t etc_t '/nix/store/[^/]+/etc(/.*)?'
sudo semanage fcontext -a -t lib_t '/nix/store/[^/]+/lib(/.*)?'
sudo semanage fcontext -a -t systemd_unit_file_t '/nix/store/[^/]+/lib/systemd/system(/.*)?'
sudo semanage fcontext -a -t man_t '/nix/store/[^/]+/man(/.*)?'
sudo semanage fcontext -a -t bin_t '/nix/store/[^/]+/s?bin(/.*)?'
sudo semanage fcontext -a -t usr_t '/nix/store/[^/]+/share(/.*)?'
sudo semanage fcontext -a -t var_run_t '/nix/var/nix/daemon-socket(/.*)?'
sudo semanage fcontext -a -t usr_t '/nix/var/nix/profiles(/per-user/[^/]+)?/[^/]+'

Fedora Silverblue

If you are running Fedora Silverblue, you will need to follow these extra steps.

Create the nix directory in a persistent location

sudo mkdir /var/nix

/etc/systemd/system/mkdir-rootfs@.service

[Unit]
Description=Enable mount points in / for ostree
DefaultDependencies=no
ConditionPathExists=!%f

[Service]
Type=oneshot
ExecStartPre=chattr -i /
ExecStart=mkdir -p '%f'
ExecStopPost=chattr +i /

/etc/systemd/system/nix.mount

[Unit]
After=mkdir-rootfs@nix.service
Wants=mkdir-rootfs@nix.service

[Mount]
What=/var/nix
Where=/nix
Options=bind
Type=none

[Install]
WantedBy=local-fs.target

Enable and mount the nix mount and reset the SELinux context.

# Ensure systemd picks up the newly created units
sudo systemctl daemon-reload
# Enable the nix mount on boot.
sudo systemctl enable nix.mount
# Mount the nix mount now.
sudo systemctl start nix.mount
# R = recurse, F = full context (not just target)
sudo restorecon -RF /nix

Install Nix

# Install NixOS normally
sh <(curl -L https://nixos.org/nix/install) --daemon

If you are on Fedora Workstation, you have just installed Nix and should be ready to rock!

If you are on Fedora Silverblue, you will need to run the following:

sudo rm /etc/systemd/system/nix-daemon.service
sudo rm /etc/systemd/system/nix-daemon.socket
sudo systemctl link /var/nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.service
sudo systemctl link /var/nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.socket
sudo systemctl add-requires nix-daemon.socket nix.mount

This links the nix services from /var/nix rather than /nix which fixes an issue where the units would not start automatically on boot due to systemd not finding the services files due to them missing until nix.mount gets mounted. It also adds a requirement that nix.mount be mounted before nix-daemon.socket can start.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment