v0.9.0
This release includes few big features, as well as several bug fixes (notably for the Steam Deck), we've highlighted below.
Nix 2.15 and newly enabled features
We're excited to adopt Nix 2.15!
2.15 includes the new auto-allocate-uids feature! While we still need to create a system group, This removes a significant portion of the installer complexity, especially on Mac. It also makes things a bit faster:
ana@ubuntu-22:~/Downloads$ hyperfine --warmup 2 "./v0.8.0 install --no-confirm && /nix/nix-installer uninstall --no-confirm" "./v0.9.0 install --no-confirm && /nix/nix-installer uninstall --no-confirm"
Benchmark 1: ./v0.8.0 install --no-confirm && /nix/nix-installer uninstall --no-confirm
Time (mean ± σ): 7.722 s ± 0.414 s [User: 0.007 s, System: 0.009 s]
Range (min … max): 7.343 s … 8.537 s 10 runs
Benchmark 2: ./v0.9.0 install --no-confirm && /nix/nix-installer uninstall --no-confirm
Time (mean ± σ): 3.774 s ± 0.047 s [User: 0.006 s, System: 0.010 s]
Range (min … max): 3.706 s … 3.836 s 10 runs
Summary
'./v0.9.0 install --no-confirm && /nix/nix-installer uninstall --no-confirm' ran
2.05 ± 0.11 times faster than './v0.8.0 install --no-confirm && /nix/nix-installer uninstall --no-confirm'SELinux Support
This release also includes support for SELinux based off https://github.com/nix-community/nix-installers/tree/master/selinux.
Here's an example of a Fedora install with SELinux set to Enforce:
[ana@fedora ~]$ getenforce
Enforcing
[ana@fedora ~]$ curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix/tag/v0.9.0 | sh -s -- install --no-confirm --log-directive nix_installer=warn
info: downloading installer https://install.determinate.systems/nix/tag/v0.9.0/nix-installer-x86_64-linux
`nix-installer` needs to run as `root`, attempting to escalate now via `sudo`...
Nix was installed successfully!
To get started using Nix, open a new shell or run `. /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh`
[ana@fedora ~]$ . /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh
[ana@fedora ~]$ nix run nixpkgs#hello
[37.3 MiB DL]
Hello, world!
[ana@fedora ~]$ getenforce
EnforcingInfrastructure friendliness
We had some users reporting that they wanted to blindly run nix-installer during CI without having to check for a /nix. So, we now exit 0 and print a warning if the same version of Nix seems to be already installed.
If you're relying on this feature, we do advise picking a specific tag of the nix-installer instead of pinning to latest:
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix/tag/v0.9.0 | sh -s -- install --no-confirmWe also improved the container documentation to provide a unified feel for both Docker and Podman users.
What's Changed
- Nix 2.13.3 -> 2.15.0 by @grahamc in #428
- Add SELinux support by @Hoverbear in #465
- Adopted the new auto-uid-allocation feature by @Hoverbear in #196
- fsync after writing Nix config to attempt to fix the flaky preserves_comment test by @Hoverbear in #448
- Don't error if already installed with same settings, just warn by @Hoverbear in #454
- Improve failure chain on revert by @Hoverbear in #467
- Improve messaging around version incompatability by @Hoverbear in #457
- Improve the SELinux heuristic to look for sestatus by @Hoverbear in #470
- Improve container docs somewhat by @Hoverbear in #472
Bug Fixes
- Set permissions on unpacked Nix store paths more carefully by @Hoverbear in #451
- Fixup multiple --extra-conf usages by @Hoverbear in #456
- Improve WSL systemd detection by @Hoverbear in #469
- RequiredBy items in the nix.mount of steam-deck planner in [Install] by @Hoverbear in #455
Full Changelog: v0.8.0...v0.9.0
