From patchwork Thu May 9 12:29:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Oleg Pykhalov X-Patchwork-Id: 13935 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id DB5BC16F86; Thu, 9 May 2019 13:31:16 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM, T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTP id D05CE16F11 for ; Thu, 9 May 2019 13:31:15 +0100 (BST) Received: from localhost ([127.0.0.1]:53915 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hOiCg-0006rw-9t for patchwork@mira.cbaines.net; Thu, 09 May 2019 08:31:14 -0400 Received: from eggs.gnu.org ([209.51.188.92]:37921) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hOiCZ-0006rQ-8A for guix-patches@gnu.org; Thu, 09 May 2019 08:31:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hOiCT-0004Ez-UY for guix-patches@gnu.org; Thu, 09 May 2019 08:31:07 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:49597) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hOiCT-0004Es-RI for guix-patches@gnu.org; Thu, 09 May 2019 08:31:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hOiCT-000122-N6 for guix-patches@gnu.org; Thu, 09 May 2019 08:31:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#35648] [PATCH] services: Add 'nix-service-type'. Resent-From: Oleg Pykhalov Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Thu, 09 May 2019 12:31:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 35648 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 35648@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.15574050333923 (code B ref -1); Thu, 09 May 2019 12:31:01 +0000 Received: (at submit) by debbugs.gnu.org; 9 May 2019 12:30:33 +0000 Received: from localhost ([127.0.0.1]:34906 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hOiBy-000117-0l for submit@debbugs.gnu.org; Thu, 09 May 2019 08:30:33 -0400 Received: from eggs.gnu.org ([209.51.188.92]:51658) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hOiBw-00010v-80 for submit@debbugs.gnu.org; Thu, 09 May 2019 08:30:28 -0400 Received: from lists.gnu.org ([209.51.188.17]:39723) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hOiBr-0003uN-15 for submit@debbugs.gnu.org; Thu, 09 May 2019 08:30:23 -0400 Received: from eggs.gnu.org ([209.51.188.92]:37793) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hOiBp-0006WC-AA for guix-patches@gnu.org; Thu, 09 May 2019 08:30:22 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hOiBn-0003mb-KL for guix-patches@gnu.org; Thu, 09 May 2019 08:30:21 -0400 Received: from mail-lj1-x22a.google.com ([2a00:1450:4864:20::22a]:45624) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hOiBn-0003kF-CA for guix-patches@gnu.org; Thu, 09 May 2019 08:30:19 -0400 Received: by mail-lj1-x22a.google.com with SMTP id r76so1815727lja.12 for ; Thu, 09 May 2019 05:30:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=mw7tc5UyEKF6Jew3vdsg03gCgs+RFzwCuDJ6krH8QBg=; b=aQPS2BY+rn4LHofzJSU0EY47qf9DLhnFxXLn2HJ5dhgNi1U0EE6oltOMDy2HIQNegf UNzKbgn5ILwB9JOSU+fqLWhRMOvaz/IW+jAywBXGo6OCJG5ZXU23VsM/lfCEP962YBpc lte/cqsFkf503K/YWRKdpJHEmk0oYLStjy6SLvsCbG4I93/gZP+xF3B2MAclCdWNPd0/ eJKUJCtu/jDwohk6iNuj9zzPnh5Sg02Ybp/6pDzjMDs5iGqjsMzqBQcHdogc8iMsmBRD OQTBEPl2bCb0gc8Rrc4B9L9D/F0/z/D97TnI/aClvVZ9Z4FhenrflAFmSnRABqIoKlpZ Y48g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=mw7tc5UyEKF6Jew3vdsg03gCgs+RFzwCuDJ6krH8QBg=; b=jkzTWU1CmRO8dWiYVBpir1ZUAsSjwiq02qOJSw4agnx1i2+TB2MUm908/FohcabYdi i6yBOE412hf1eChfmz1uMTGoiovo2Dd/54E7VmgAkcl577FwR34dY3lmucYBVusMjRYZ pBcvenyu/Rt4VXtfXztbSfLmyzoAyjPSWUCL1kyS/2+oo5HzlWwarVXaFAooc+u4cr77 f/+VfJP8CE7e2g9s0QsWfXwAzRLJV7BsaTrhYd1L3UJ/1Hlt9nv9tTq8oJRN8AE/j/dJ tqoA7vLgrnG6OHxzr4VEs6z86xlAPagWUGMQtqKk5ftiqEpe7UyXNKt4yD8HQTLmxZ6z F2xQ== X-Gm-Message-State: APjAAAXl58G1UIBzBHoFHg38zUpuVNOgXw/oBQiG9RRJasA0aMdFAqno BsSsMrWJKd2uR49odlJwyF6+EfLQtsA= X-Google-Smtp-Source: APXvYqydovWm2E5wMK95aj2HR9tKrsLtm5n77elr9sb/OCSbLEmv1rBEsjWvUGMN3fG/oPEM9q0vuA== X-Received: by 2002:a2e:99d2:: with SMTP id l18mr2123184ljj.27.1557405014960; Thu, 09 May 2019 05:30:14 -0700 (PDT) Received: from localhost.localdomain (95-55-15-198.dynamic.avangarddsl.ru. [95.55.15.198]) by smtp.gmail.com with ESMTPSA id x68sm349322lff.3.2019.05.09.05.30.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 May 2019 05:30:14 -0700 (PDT) From: Oleg Pykhalov Date: Thu, 9 May 2019 15:29:51 +0300 Message-Id: <20190509122951.9119-1-go.wigust@gmail.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * gnu/services/nix.scm: New file. * gnu/local.mk: Add this. * doc/guix.texi (Miscellaneous Services): Document this. --- doc/guix.texi | 46 ++++++++++++++++++ gnu/local.mk | 3 +- gnu/services/nix.scm | 112 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 160 insertions(+), 1 deletion(-) create mode 100644 gnu/services/nix.scm diff --git a/doc/guix.texi b/doc/guix.texi index df7208229c..c79d64e444 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -23604,6 +23604,52 @@ The Containerd package to use. @end table @end deftp +@cindex Nix +@subsubheading Nix service + +The @code{(gnu services nix)} module provides the following service. + +@defvr {Scheme Variable} nix-service-type + +This is the type of the service that runs @url{https://nixos.org/nix/, Nix}, a +daemon that is required to use the Nix package manager. + +@example +(use-modules (gnu)) +(use-service-modules nix) +(use-package-modules package-management) + +(operating-system + (packages (append (list nix) + %base-packages)) + + (services (append (list (service nix-service-type)) + %base-services))) +@end example + +After @command{guix system reconfigure} you need to configure Nix for your +user, e.g.: + +@example +$ nix-channel --add https://nixos.org/channels/nixpkgs-unstable +$ nix-channel --update +$ ln -s "/nix/var/nix/profiles/per-user/$USER/profile" ~/.nix-profile +$ source /run/current-system/profile/etc/profile.d/nix.sh +$ nix-env --install hello +$ hello +@end example + +You could add the following Bash snippet to your @file{~/.bashrc} file to load +all Nix required variables automatically after login: + +@example +if [ -f /run/current-system/profile/etc/profile.d/nix.sh ] +then + . /run/current-system/profile/etc/profile.d/nix.sh +fi +@end example +@end defvr + @node Setuid Programs @section Setuid Programs diff --git a/gnu/local.mk b/gnu/local.mk index 3f97397c4a..760181f25f 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -17,7 +17,7 @@ # Copyright © 2017 Mathieu Othacehe # Copyright © 2017, 2018 Gábor Boskovits # Copyright © 2018 Amirouche Boubekki -# Copyright © 2018 Oleg Pykhalov +# Copyright © 2018, 2019 Oleg Pykhalov # Copyright © 2018 Stefan Stefanović # Copyright © 2018 Maxim Cournoyer # @@ -521,6 +521,7 @@ GNU_SYSTEM_MODULES = \ %D%/services/messaging.scm \ %D%/services/monitoring.scm \ %D%/services/networking.scm \ + %D%/services/nix.scm \ %D%/services/nfs.scm \ %D%/services/security-token.scm \ %D%/services/shepherd.scm \ diff --git a/gnu/services/nix.scm b/gnu/services/nix.scm new file mode 100644 index 0000000000..72ecb7d089 --- /dev/null +++ b/gnu/services/nix.scm @@ -0,0 +1,112 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2019 Oleg Pykhalov +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu services nix) + #:use-module (gnu packages admin) + #:use-module (gnu packages package-management) + #:use-module (gnu services base) + #:use-module (gnu services configuration) + #:use-module (gnu services shepherd) + #:use-module (gnu services web) + #:use-module (gnu services) + #:use-module (gnu system shadow) + #:use-module (guix gexp) + #:use-module (guix packages) + #:use-module (guix records) + #:use-module (guix store) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) + #:export (nix-service-type)) + +;;; Commentary: +;;; +;;; This module provides a service definition for the Nix daemon. +;;; +;;; Code: + + +;;; +;;; Accounts +;;; + +;; Copied from gnu/services/base.scm +(define* (nix-build-accounts count #:key + (group "nixbld") + (shadow shadow)) + "Return a list of COUNT user accounts for Nix build users with the given +GID." + (unfold (cut > <> count) + (lambda (n) + (user-account + (name (format #f "nixbld~2,'0d" n)) + (system? #t) + (group group) + (supplementary-groups (list group "kvm")) + (comment (format #f "Nix Build User ~2d" n)) + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin")))) + 1+ + 1)) +(define (nix-accounts _) + "Return the user accounts and user groups." + (cons (user-group + (name "nixbld") + (system? #t) + + ;; Use a fixed GID so that we can create the store with the right + ;; owner. + (id 40000)) + (nix-build-accounts 10 #:group "nixbld"))) + +(define (nix-activation _) + "Return the activation gexp." + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (for-each (cut mkdir-p <>) '("/nix/store" "/nix/var/log" + "/nix/var/nix/gcroots/per-user" + "/nix/var/nix/profiles/per-user")) + (chown "/nix/store" + (passwd:uid (getpw "root")) (group:gid (getpw "nixbld01"))) + (chmod "/nix/store" #o775) + (for-each (cut chmod <> #o777) '("/nix/var/nix/profiles" + "/nix/var/nix/profiles/per-user"))))) + +(define (nix-shepherd-service _) + "Return a for Nix." + (list + (shepherd-service + (provision '(nix-daemon)) + (documentation "Run nix-daemon.") + (requirement '()) + (start #~(make-forkexec-constructor + (list (string-append #$nix "/bin/nix-daemon")))) + (respawn? #f) + (stop #~(make-kill-destructor))))) + +(define nix-service-type + (service-type + (name 'nix) + (extensions + (list (service-extension shepherd-root-service-type nix-shepherd-service) + (service-extension account-service-type nix-accounts) + (service-extension activation-service-type nix-activation))) + (default-value '()) + (description "Run the Nix daemon."))) + +;;; nix.scm ends here