From 47b9614b3110307093382363c0ba70d31f32ef59 Mon Sep 17 00:00:00 2001 From: Oleg Pykhalov Date: Thu, 9 May 2019 15:13:26 +0300 Subject: [PATCH] services: Add 'nix-service-type'. * gnu/services/nix.scm: New file. * gnu/local.mk: Add this. * doc/guix.texi (Miscellaneous Services): Document this. --- doc/guix.texi | 41 ++++++++++++++++ gnu/local.mk | 3 +- gnu/services/nix.scm | 112 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 155 insertions(+), 1 deletion(-) create mode 100644 gnu/services/nix.scm diff --git a/doc/guix.texi b/doc/guix.texi index a9cd66ce87..83981b50d2 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -24197,6 +24197,47 @@ setuid-root (@pxref{Setuid Programs}) such that unprivileged users can invoke @command{singularity run} and similar commands. @end defvr +@cindex Nix +@subsubheading Nix service + +The @code{(gnu services nix)} module provides the following service. + +@defvr {Scheme Variable} nix-service-type + +This is the type of the service that runs build daemon of the +@url{https://nixos.org/nix/, Nix} package manager. Here is an example showing +how to use it: + +@example +(use-modules (gnu)) +(use-service-modules nix) +(use-package-modules package-management) + +(operating-system + ;; @dots{} + (packages (append (list nix) + %base-packages)) + + (services (append (list (service nix-service-type)) + %base-services))) +@end example + +After @command{guix system reconfigure} configure Nix for your user: + +@itemize +@item Add a Nix channel and update it. See @url{https://nixos.org/nix/manual/, +Nix Package Manager Guide}. + +@item Create a symlink to your profile and activate Nix profile: +@end itemize + +@example +$ ln -s "/nix/var/nix/profiles/per-user/$USER/profile" ~/.nix-profile +$ source /run/current-system/profile/etc/profile.d/nix.sh +@end example + +@end defvr + @node Setuid Programs @section Setuid Programs diff --git a/gnu/local.mk b/gnu/local.mk index 0522148385..34f00f9591 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -17,7 +17,7 @@ # Copyright © 2017 Mathieu Othacehe # Copyright © 2017, 2018 Gábor Boskovits # Copyright © 2018 Amirouche Boubekki -# Copyright © 2018 Oleg Pykhalov +# Copyright © 2018, 2019 Oleg Pykhalov # Copyright © 2018 Stefan Stefanović # Copyright © 2018 Maxim Cournoyer # @@ -526,6 +526,7 @@ GNU_SYSTEM_MODULES = \ %D%/services/messaging.scm \ %D%/services/monitoring.scm \ %D%/services/networking.scm \ + %D%/services/nix.scm \ %D%/services/nfs.scm \ %D%/services/security-token.scm \ %D%/services/shepherd.scm \ diff --git a/gnu/services/nix.scm b/gnu/services/nix.scm new file mode 100644 index 0000000000..72ecb7d089 --- /dev/null +++ b/gnu/services/nix.scm @@ -0,0 +1,112 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2019 Oleg Pykhalov +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu services nix) + #:use-module (gnu packages admin) + #:use-module (gnu packages package-management) + #:use-module (gnu services base) + #:use-module (gnu services configuration) + #:use-module (gnu services shepherd) + #:use-module (gnu services web) + #:use-module (gnu services) + #:use-module (gnu system shadow) + #:use-module (guix gexp) + #:use-module (guix packages) + #:use-module (guix records) + #:use-module (guix store) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) + #:export (nix-service-type)) + +;;; Commentary: +;;; +;;; This module provides a service definition for the Nix daemon. +;;; +;;; Code: + + +;;; +;;; Accounts +;;; + +;; Copied from gnu/services/base.scm +(define* (nix-build-accounts count #:key + (group "nixbld") + (shadow shadow)) + "Return a list of COUNT user accounts for Nix build users with the given +GID." + (unfold (cut > <> count) + (lambda (n) + (user-account + (name (format #f "nixbld~2,'0d" n)) + (system? #t) + (group group) + (supplementary-groups (list group "kvm")) + (comment (format #f "Nix Build User ~2d" n)) + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin")))) + 1+ + 1)) +(define (nix-accounts _) + "Return the user accounts and user groups." + (cons (user-group + (name "nixbld") + (system? #t) + + ;; Use a fixed GID so that we can create the store with the right + ;; owner. + (id 40000)) + (nix-build-accounts 10 #:group "nixbld"))) + +(define (nix-activation _) + "Return the activation gexp." + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (for-each (cut mkdir-p <>) '("/nix/store" "/nix/var/log" + "/nix/var/nix/gcroots/per-user" + "/nix/var/nix/profiles/per-user")) + (chown "/nix/store" + (passwd:uid (getpw "root")) (group:gid (getpw "nixbld01"))) + (chmod "/nix/store" #o775) + (for-each (cut chmod <> #o777) '("/nix/var/nix/profiles" + "/nix/var/nix/profiles/per-user"))))) + +(define (nix-shepherd-service _) + "Return a for Nix." + (list + (shepherd-service + (provision '(nix-daemon)) + (documentation "Run nix-daemon.") + (requirement '()) + (start #~(make-forkexec-constructor + (list (string-append #$nix "/bin/nix-daemon")))) + (respawn? #f) + (stop #~(make-kill-destructor))))) + +(define nix-service-type + (service-type + (name 'nix) + (extensions + (list (service-extension shepherd-root-service-type nix-shepherd-service) + (service-extension account-service-type nix-accounts) + (service-extension activation-service-type nix-activation))) + (default-value '()) + (description "Run the Nix daemon."))) + +;;; nix.scm ends here