aboutsummaryrefslogtreecommitdiff
path: root/system/nix/README
diff options
context:
space:
mode:
Diffstat (limited to 'system/nix/README')
-rw-r--r--system/nix/README46
1 files changed, 46 insertions, 0 deletions
diff --git a/system/nix/README b/system/nix/README
new file mode 100644
index 0000000000000..e59a68ec39fcf
--- /dev/null
+++ b/system/nix/README
@@ -0,0 +1,46 @@
+nix (functional package manager)
+
+Nix is a purely functional package manager. This means that it treats packages
+like values in purely functional programming languages such as Haskell -- they
+are built by functions that don't have side-effects, and they never change
+after they have been built. Nix stores packages in the Nix store, usually the
+directory /nix/store, where each package has its own unique subdirectory such
+as
+
+ /nix/store/b6gvzjyb2pg0kjfwrjmg1vfhh54ad73z-firefox-33.1/
+
+where b6gvzjyb2pg0... is a unique identifier for the package that captures all
+its dependencies (it's a cryptographic hash of the package's build dependency
+graph).
+
+Nix may be run in single or multi-user mode (which requires the nix-daemon). To
+have the nix daemon start and stop with your host, add to /etc/rc.d/rc.local:
+
+ if [ -x /etc/rc.d/rc.nix ]; then
+ /etc/rc.d/rc.nix start
+ fi
+
+and to /etc/rc.d/rc.local_shutdown (creating it if needed):
+
+ if [ -x /etc/rc.d/rc.nix ]; then
+ /etc/rc.d/rc.nix stop
+ fi
+
+The daemon requires users for building the nix packages, which should be added
+under the 'nixbld' group.
+
+ groupadd -g 314 nixbld
+ for n in $(seq 1 10); do useradd -c "Nix build user $n" \
+ -d /var/empty -g nixbld -G nixbld -M -N -r -s "$(which nologin)" \
+ nixbld$n; done
+
+Restricting access to the daemon is acheived by setting file permissions for
+the daemon's socket's folder.
+
+ chgrp nix-users /nix/var/nix/daemon-socket
+ chmod ug=rwx,o= /nix/var/nix/daemon-socket
+
+Correct permissions must also be set for the following profile directories to give users access.
+
+ /nix/var/nix/profiles
+ /var/nix/profiles