Wrap up nix-env in a way that handles conflicting, pre-installed pack…

…ages (#1467) * Wrap up nix-env in a way that handles conflicting, pre-installed packages * Use set_nix_options more pervasively * Ref buildenv.nix * Fixup duplicated error * Drop newline * Rename Nixy * Add more context to some errors * improve error message * Split tests out * Set process group at Command site so it is more obvious that it is present * Split out the validation of new paths * Break up the mega-func into a bunch of smaller ones * reset_profile_to -> set_profile_to * Ignore (but log) errors hen inspecting children * Breakpoint * Use the per-user/root profile instead of default... * Write to the default profile on install * Make sample_tree assert * let bind * :|
DeterminateSystems · Feb 25, 2025 · e370fa4 · e370fa4
1 parent 9e27e38
commit e370fa4
Show file tree

Hide file tree

Showing 5 changed files with 617 additions and 45 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -58,10 +58,10 @@ sysctl = "0.6.0"
 walkdir = "2.3.3"
 indexmap = { version = "2.0.2", features = ["serde"] }
 once_cell = "1.19.0"
+tempfile = "3.3.0"
 
 [dev-dependencies]
 eyre = { version = "0.6.8", default-features = false, features = [ "track-caller" ] }
-tempfile = "3.3.0"
 
 [profile.release]
 strip = true  # Automatically strip symbols from the binary.

diff --git a/src/action/base/setup_default_profile.rs b/src/action/base/setup_default_profile.rs
@@ -2,7 +2,8 @@ use std::path::PathBuf;
 
 use crate::{
     action::{common::ConfigureNix, ActionError, ActionErrorKind, ActionTag, StatefulAction},
-    execute_command, set_env,
+    nixenv::WriteToDefaultProfile,
+    set_env,
 };
 
 use tokio::{io::AsyncWriteExt, process::Command};
@@ -114,49 +115,18 @@ impl Action for SetupDefaultProfile {
             )));
         };
 
-        // Install `nix` itself into the store
-        execute_command(
-            Command::new(nix_pkg.join("bin/nix-env"))
-                .process_group(0)
-                .args(["--option", "substitute", "false"])
-                .args(["--option", "post-build-hook", ""])
-                .arg("-i")
-                .arg(&nix_pkg)
-                .stdin(std::process::Stdio::null())
-                .env(
-                    "HOME",
-                    dirs::home_dir()
-                        .ok_or_else(|| Self::error(SetupDefaultProfileError::NoRootHome))?,
-                )
-                .env(
-                    "NIX_SSL_CERT_FILE",
-                    nss_ca_cert_pkg.join("etc/ssl/certs/ca-bundle.crt"),
-                ), /* This is apparently load bearing... */
-        )
-        .await
-        .map_err(Self::error)?;
-
-        // Install `nix` itself into the store
-        execute_command(
-            Command::new(nix_pkg.join("bin/nix-env"))
-                .process_group(0)
-                .args(["--option", "substitute", "false"])
-                .args(["--option", "post-build-hook", ""])
-                .arg("-i")
-                .arg(&nss_ca_cert_pkg)
-                .stdin(std::process::Stdio::null())
-                .env(
-                    "HOME",
-                    dirs::home_dir()
-                        .ok_or_else(|| Self::error(SetupDefaultProfileError::NoRootHome))?,
-                )
-                .env(
-                    "NIX_SSL_CERT_FILE",
-                    nss_ca_cert_pkg.join("etc/ssl/certs/ca-bundle.crt"),
-                ), /* This is apparently load bearing... */
-        )
-        .await
-        .map_err(Self::error)?;
+        let nixenv = crate::nixenv::NixEnv {
+            nix_store_path: &nix_pkg,
+            nss_ca_cert_path: &nss_ca_cert_pkg,
+
+            profile: std::path::Path::new("/nix/var/nix/profiles/default"),
+            pkgs: &[&nix_pkg, &nss_ca_cert_pkg],
+        };
+        nixenv
+            .install_packages(WriteToDefaultProfile::WriteToDefault)
+            .await
+            .map_err(SetupDefaultProfileError::NixEnv)
+            .map_err(Self::error)?;
 
         set_env(
             "NIX_SSL_CERT_FILE",
@@ -186,6 +156,9 @@ impl Action for SetupDefaultProfile {
 pub enum SetupDefaultProfileError {
     #[error("No root home found to place channel configuration in")]
     NoRootHome,
+
+    #[error("Failed to install packages with nix-env")]
+    NixEnv(#[from] crate::nixenv::NixEnvError),
 }
 
 impl From<SetupDefaultProfileError> for ActionErrorKind {

diff --git a/src/lib.rs b/src/lib.rs
@@ -76,6 +76,7 @@ pub mod cli;
 pub mod diagnostics;
 mod error;
 pub mod feedback;
+mod nixenv;
 mod os;
 mod plan;
 pub mod planner;