Srid said:
home-manager online event
https://nixos.asia/en/event/nix-dev-home
We will demonstrate using Nix to declaratively manage your dotfiles, programs and services using home-manager, thus replacing the likes of legacy software like homebrew. The goal is to create an one-click environment to setup an user environment on any system, be it a Macbook or a Linux machine.
Highly interested in using home-manager with a non-root install of nix. I work on multiple remote servers for HPC development (where I don't have admin priveleges), and would like to have an identical dev environment everywhere with modern tools etc available in my $PATH. Would be nice if the talk will cover this aspect.
A message was moved here from #nix > Nix events in India by Srid.
@Krishnakumar Gopalakrishnan Welcome!
I'm pretty sure home-manager on itself shouldn't require root access.
It is Nix installation that normally does, but I think there's a way to install it without requiring it.
Srid said:
[...] I think there's a way to install it without requiring it.
You can try this: https://nixos.wiki/wiki/Nix_Installation_Guide#Installing_without_root_permissions
Also https://github.com/DavHau/nix-portable
But has performance drawbacks,
If user namespaces are not available on a system, nix-portable will fall back to using proot instead of bubblewrap. Proot's virtualization can have a significant performance overhead depending on the workload. In that situation, it might be beneficial to use a remote builder or alternatively build the derivations on another host and sync them via a cache like cachix.org.
Nix only needs root if using the daemon. You can still run Nix in "single-user" daemonless mode, and the only requirement is that the user calling the binary own the /nix dir
Little known fact that a static nix binary will create its own chroot store automatically for the current user of called and no /nix dir exists as well
(making nix-portable somewhat obsolete)
Okay, so basically @Krishnakumar Gopalakrishnan can follow the "Single user" instructions here https://nixos.org/manual/nix/stable/installation/#single-user
Tim DeHerrera said:
Little known fact that a static nix binary will create its own chroot store automatically for the current user of called and no /nix dir exists as well
now all we need is for that to work on macos as it does on linux and and something like nix bundle
for distributing runtimes with guis much like the other pack formats on linux
Problem is, mac's kernel doesn't have the same namespace capabilities of Linux :sweat_smile:
Related: https://x.com/matthewcroughan/status/1787886356762382563?s=46
Probably a good candidate for a blog at nixos.asia?
Shivaraj B H said:
Probably a good candidate for a blog at nixos.asia?
Sure, or a tutorial.
Create an issue on GitHub so we don't forget.
The static version of nix can't install binary executables and needs to
build every single package from source.
@Krishnakumar Gopalakrishnan you mean to say that binary cache, such as cache.nixos.org isn’t used to fetch the packages in a single user installation?
Anyways, I will check this out, here’s the issue to track progress: https://github.com/nixos-asia/website/issues/35
That's right. Without root access, static nix will have to build every
single package declared in the home.nix file from scratch.
This is because the cached versions of the pre built binaries have
hardcoded locations that expect certain dynamic libraries to be loaded from
certain standard library paths in the user's system (which requires root
access typically eg. /usr/local/lib). The HPC package manager Spack from
Lawrence Livermore National Laboratories addresses this exact problem
(relocatable binary issue) by using clever RPATH redirection mechanism
embedded into the binary and by explicitly providing binary caches that
target user-space installs.
Most HPC and shared scientific computing clusters don't allow any kind of
write access to the /nix directory. In fact sysadmins don't even create
this directory.
Hey so, this isn't true unless you globally change the location of the /nix/store, which isn't necessary. The static version of Nix will automatically use a user namespace store in the users home directory if it doesn't have permission to write to /nix, which still uses /nix/store in the namespace, so the cache will work.
You can also just give your user ownership of the /nix directory in single-user mode. Also, you don't need a static Nix to run in single-user mode. Two different things
Hmm. Interesting. When I tried static nix, it appeared to be building my
home-manager configured packages from source.
I think readers will benefit from a detailed study and writeup of how to
get a static version of nix without sudo privileges or ownership of /nix,
and still make it use pre-built binaries.
Did you check to make sure the cache was properly configured?
It should be as simple as "download static nix, excute a build", if that's not working something else has gone wrong.
I've done it several times
(on Linux anyway)
Last updated: Nov 13 2024 at 11:45 UTC