We cannot guarantee that the Nix store will be writable during startup
so installing the user packages through `nix-env -i` may fail.
Therefore, when building through the NixOS module install through the
`users.users.<name?>.packages` option.
It is safest to use the system install of Nix since that will be
compatible with the running nix-daemon and/or databases.
Also add a printout of the used Nix version in the activation script
when running in verbose mode.
Fixes#218.
This is a NixOS module that is intended to be imported into a NixOS
system configuration. It allows the system users to be set up directly
from the system configuration.
The actual profile switch is performed by a oneshot systemd unit per
configured user that acts much like the regular `home-manager switch`
command.
With this implementation, the NixOS module does not work properly with
the `nixos-rebuild build-vm` command. This can be solved by using the
`users.users.<name?>.packages` option to install packages but this
does not work flawlessly with certain Nixpkgs packages. In particular,
for programs using the Qt libraries.
In certain cases it makes sense to override the target username and
home directory. In particular, if you're building a configuration for
a remote profile.
This adds the option `home.emptyActivationPath` that, when enabled,
will cause the activation script to ignore the calling user's `PATH`.
The option is disabled by default to match current behavior but the
intent is to change this in the future to reduce risk of accidental
dependencies of the environment.
Note, we still pull in the user's `PATH` in case the user has defined
their own activation blocks that depend on additional tools.
Eventually this will be deprecated and removed.
See #99.
Technically not necessary but it was a bit silly to leave out this
important directory from the generation directory. This also makes it
more convenient to browse the installed packages after a
`home-manager build`.
With --ignore-fail-on-non-empty, non-emptiness is the only failure
that gets ignored by rmdir. In the case that rmdir reaches $HOME and
considers deleting it, it will detect insufficient permissions and
subsequently exit with an error, even if $HOME is not empty.
Prevent this by calling rmdir with a relative path that excludes
$HOME.
We must only follow the symbolic link once (i.e., not use the `-e`
option) since otherwise the pattern will not match when
`home.file.xyz.source` is a directory.
Problem
-------
We resolve symlinks from inside `/nix/store/HASH-home-manager-files`
into the nix store as `/nix/store/HASH-DRVNAME` which does not match
the pattern.
This happened to me because I pull in some repos in via `home.file`.
The `home-manager-files` derivation links to the repo's derivation in
the nix store. For example:
let nanorcs = fetchFromGitHub {
owner = "scopatz";
repo = "nanorc";
…
}; in [
{
target = ".nano";
source = nanorcs;
}
{
target = ".nanorc";
source = "${nanorcs}/nanorc";
}
]
Solution
--------
Call `readlink` without `-e` to obtain only the first redirection from
`~` to `/nix/store/HASH-home-manager-files`.
When a file has disappeared between the previous and the next
generations then its symlink in `$HOME` is typically deleted. With
this commit we refuse to delete the path unless we are reasonably
certain it is a symlink into a Home Manager generation.
In the activation script we expect to use the tools provided by GNU
Core Utilities and GNU Bash. This commit therefore explicitly add
these first in the `PATH` environment variable.
This should reduce the risk of overwriting an existing file in the
user's home directory. A file will only be replaced if it is a link
pointing to a home-manager tree inside the Nix store.
If an existing file is detected an error is written indicating the
file's path and the activation will terminate before any mutation
occurs.
Fixes#6
Previously the home files were not linked if the generation hadn't
changed. Unfortunately, this would mean that, if a file link was
removed for some reason it would not be recreated by running a switch
command.
For example, with these settings Bash will complain if uninitialized
variables are used. Some code has been improved to run cleanly with
these settings.
Nix does not allow files whose name start with a '.' in the Nix store.
This commit makes a not of this fact in the `home.file.source` option
and also adds an assertion verifying that no such file is given.
Closes#4