nix-installer-action/action.yml

263 lines
13 KiB
YAML
Raw Normal View History

name: The Determinate Nix Installer
2023-01-13 19:04:16 +01:00
branding:
2023-02-17 19:45:59 +01:00
icon: "box"
color: "purple"
2023-02-24 20:27:26 +01:00
description: "Install Nix with the Determinate Nix Installer. See: https://github.com/DeterminateSystems/nix-installer"
2023-01-13 19:04:16 +01:00
inputs:
2023-02-17 19:45:59 +01:00
backtrace:
description: The setting for `RUST_BACKTRACE` (see https://doc.rust-lang.org/std/backtrace/index.html#environment-variables)
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
extra-args:
description: Extra args to pass to the planner (prefer using structured `with:` arguments unless using a custom planner!)
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
extra-conf:
2023-02-24 20:05:08 +01:00
description: Extra configuration lines for `/etc/nix/nix.conf` (includes `access-tokens` with `secrets.GITHUB_TOKEN` automatically if `github-token` is set)
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
github-token:
description: A GitHub token for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests)
default: ${{ github.token }}
init:
description: "The init system to configure, requires `planner: linux-multi` (allowing the choice between `none` or `systemd`)"
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
local-root:
description: A local `nix-installer` binary root, overrides the `nix-installer-url` setting (a `nix-installer.sh` script should exist, binaries should be named `nix-installer-$ARCH`, eg. `nix-installer-x86_64-linux`)
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
log-directives:
description: A list of Tracing directives, comma separated, `-`s replaced with `_` (eg. `nix_installer=trace`, see https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html#directives)
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
logger:
description: The logger to use for install (eg. `pretty`, `json`, `full`, `compact`)
2023-01-13 19:04:16 +01:00
required: false
2023-03-16 18:02:22 +01:00
ssl-cert-file:
description: "An SSL cert to use (if any), used for fetching Nix and sets `NIX_SSL_CERT_FILE` for Nix"
required: false
pproxy:
description: "The proxy to use (if any), valid proxy bases are `https://$URL`, `http://$URL` and `socks5://$URL`"
required: false
2023-02-17 19:45:59 +01:00
mac-case-sensitive:
description: "Use a case sensitive volume (`planner: macos` only)"
2023-01-13 19:04:16 +01:00
required: false
mac-encrypt:
description: "Force encryption on the volume (`planner: macos` only)"
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
mac-root-disk:
description: "The root disk of the target (`planner: macos` only)"
2023-01-13 19:04:16 +01:00
required: false
mac-volume-label:
description: "The label for the created APFS volume (`planner: macos` only)"
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
modify-profile:
description: Modify the user profile to automatically load nix
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
nix-build-group-id:
description: The Nix build group GID
2023-01-24 17:17:18 +01:00
required: false
2023-02-17 19:45:59 +01:00
nix-build-group-name:
description: The Nix build group name
2023-01-24 17:17:18 +01:00
required: false
2023-02-17 19:45:59 +01:00
nix-build-user-base:
description: The Nix build user base UID (ascending)
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
nix-build-user-count:
description: Number of build users to create
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
nix-build-user-prefix:
description: The Nix build user prefix (user numbers will be postfixed)
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
nix-installer-branch:
description: The branch of `nix-installer` to use (conflicts with `nix-installer-tag`, `nix-installer-revision`, `nix-installer-pr`)
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
nix-installer-pr:
description: The PR of `nix-installer` to use (conflicts with `nix-installer-tag`, `nix-installer-revision`, `nix-installer-branch`)
required: false
nix-installer-revision:
description: The revision of `nix-installer` to use (conflicts with `nix-installer-tag`, `nix-installer-branch`, `nix-installer-pr`)
2023-01-13 19:04:16 +01:00
required: false
nix-installer-tag:
2023-01-24 17:51:23 +01:00
description: The tag of `nix-installer` to use (conflicts with `nix-installer-revision`, `nix-installer-branch`, `nix-installer-pr`)
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
nix-installer-url:
description: A URL pointing to a `nix-installer.sh` script
2023-01-13 19:04:16 +01:00
required: false
2023-02-17 19:45:59 +01:00
nix-package-url:
description: The Nix package URL
2023-01-24 17:51:23 +01:00
required: false
2023-02-17 19:45:59 +01:00
planner:
description: A planner to use
2023-01-13 19:04:16 +01:00
required: false
2023-01-13 21:09:36 +01:00
reinstall:
2023-02-17 19:45:59 +01:00
description: Force a reinstall if an existing installation is detected (consider backing up `/nix/store`)
required: false
start-daemon:
description: "If the daemon should be started, requires `planner: linux-multi`"
required: false
diagnostic-endpoint:
description: "Diagnostic endpoint url where the installer sends data to. To disable set this to an empty string."
default: "https://install.determinate.systems/nix/diagnostic"
2023-02-17 19:45:59 +01:00
trust-runner-user:
description: Whether to make the runner user trusted by the Nix daemon
default: "true"
2023-01-13 19:04:16 +01:00
runs:
using: composite
steps:
- name: Install Nix
shell: bash
2023-07-06 19:09:34 +02:00
env:
NIX_INSTALLER_MODIFY_PROFILE: ${{ inputs.modify-profile }}
NIX_INSTALLER_NIX_BUILD_USER_COUNT: ${{ inputs.nix-build-user-count }}
NIX_INSTALLER_NIX_BUILD_USER_ID_BASE: ${{ inputs.nix-build-user-base }}
NIX_INSTALLER_NIX_BUILD_USER_PREFIX: ${{ inputs.nix-build-user-prefix }}
NIX_INSTALLER_NIX_BUILD_GROUP_ID: ${{ inputs.nix-build-group-id }}
NIX_INSTALLER_NIX_BUILD_GROUP_NAME: ${{ inputs.nix-build-group-name }}
NIX_INSTALLER_ENCRYPT: ${{ inputs.mac-encrypt }}
NIX_INSTALLER_CASE_SENSITIVE: ${{ inputs.mac-case-sensitive }}
NIX_INSTALLER_VOLUME_LABEL: ${{ inputs.mac-volume-label }}
NIX_INSTALLER_ROOT_DISK: ${{ inputs.mac-root-disk }}
NIX_INSTALLER_LOGGER: ${{ inputs.logger }}
NIX_INSTALLER_INIT: ${{ inputs.init }}
NIX_INSTALLER_START_DAEMON: ${{ inputs.start-daemon }}
NIX_INSTALLER_LOG_DIRECTIVES: ${{ inputs.log-directives }}
RUST_BACKTRACE: ${{ inputs.backtrace }}
NIX_INSTALLER_DIAGNOSTIC_ENDPOINT: ${{ inputs.diagnostic-endpoint }}
NIX_INSTALLER_NO_CONFIRM: true
2023-01-13 19:04:16 +01:00
run: |
if [ -f "/nix/receipt.json" ] && [ -f "/nix/nix-installer" ]; then
if ([ -n "${{ inputs.nix-installer-revision }}" ] || [ -n "${{ inputs.nix-installer-branch }}" ]) && [ "${{ inputs.reinstall }}" != "true" ]; then
echo "Detection of existing installation versions isn't supported when \`nix-installer-revision\` or \`nix-installer-branch\` are set, \`reinstall: true\` should also be set"
fi
if [ -n "${{ inputs.reinstall }}" ] && [ "${{ inputs.reinstall }}" == "true" ]; then
2023-01-13 21:09:36 +01:00
/nix/nix-installer uninstall --no-confirm
else
EXISTING_VERSION=$(/nix/nix-installer --version | awk '{ print $2 }')
if [ -n "${{ inputs.nix-installer-tag }}" ] && [ "${{ inputs.nix-installer-tag }}" != "$EXISTING_VERSION" ]; then
2023-01-16 18:35:30 +01:00
echo "`nix-installer` version mismatch, use `reinstall: true` to reinstall Nix using the new `nix-installer` version (consider backing up `/nix/store`)"
exit 1
fi
2023-01-13 21:09:36 +01:00
echo "Nix was already installed, using existing install"
echo "/nix/var/nix/profiles/default/bin" >> $GITHUB_PATH
2023-05-24 18:46:04 +02:00
echo "$HOME/.nix-profile/bin" >> $GITHUB_PATH
2023-01-13 21:09:36 +01:00
exit 0
fi
fi
NIX_EXTRA_CONF_FILE=$(mktemp)
if [ -n "$ACT" ] && [ ! -n "$NOT_ACT" ]; then
echo 'Detected `$ACT` environment, assuming this is a https://github.com/nektos/act created container, set `NOT_ACT=true` to override this. This will change the settings of the `init` as well as `extra-conf` to be compatible with `act`'
export NIX_INSTALLER_INIT="none"
echo "Set NIX_INSTALLER_INIT=$NIX_INSTALLER_INIT"
echo "sandbox = false" >> ${NIX_EXTRA_CONF_FILE}
fi
2023-01-13 19:04:16 +01:00
if [ -n "${{ inputs.nix-package-url }}" ]; then
export NIX_INSTALLER_NIX_PACKAGE_URL=${{ inputs.nix-package-url }}
echo "Set NIX_INSTALLER_NIX_PACKAGE_URL=$NIX_INSTALLER_NIX_PACKAGE_URL"
fi
if [ -n "${{ inputs.extra-conf }}" ]; then
echo "${{ inputs.extra-conf }}" >> ${NIX_EXTRA_CONF_FILE}
fi
if [ -n "${{ inputs.github-token }}" ]; then
echo "access-tokens = github.com=${{ inputs.github-token }}" >> ${NIX_EXTRA_CONF_FILE}
fi
if [ "${{ inputs.trust-runner-user }}" == "true" ]; then
echo "trusted-users = root $USER" >> ${NIX_EXTRA_CONF_FILE}
fi
if [ -n "$NIX_EXTRA_CONF_FILE" ]; then
export NIX_INSTALLER_EXTRA_CONF=$(cat ${NIX_EXTRA_CONF_FILE})
2023-01-13 19:04:16 +01:00
echo "Set NIX_INSTALLER_EXTRA_CONF=$NIX_INSTALLER_EXTRA_CONF"
fi
2023-01-31 16:44:42 +01:00
if [ -n "${{ inputs.nix-installer-pr }}" ] && [ -n "${{ inputs.nix-installer-tag }}" ]; then
echo "The nix-installer-pr and nix-installer-tag options conflict, please choose one"
exit 1
fi
if [ -n "${{ inputs.nix-installer-pr }}" ] && [ -n "${{ inputs.nix-installer-revision }}" ]; then
echo "The nix-installer-pr and nix-installer-revision options conflict, please choose one"
exit 1
fi
if [ -n "${{ inputs.nix-installer-pr }}" ] && [ -n "${{ inputs.nix-installer-branch }}" ]; then
echo "The nix-installer-pr and nix-installer-branch options conflict, please choose one"
exit 1
fi
if [ -n "${{ inputs.nix-installer-tag }}" ] && [ -n "${{ inputs.nix-installer-revision }}" ]; then
echo "The nix-installer-tag and nix-installer-revision options conflict, please choose one"
exit 1
fi
if [ -n "${{ inputs.nix-installer-branch }}" ] && [ -n "${{ inputs.nix-installer-revision }}" ]; then
echo "The nix-installer-branch and nix-installer-revision options conflict, please choose one"
exit 1
fi
if [ -n "${{ inputs.nix-installer-tag }}" ] && [ -n "${{ inputs.nix-installer-branch }}" ]; then
echo "The nix-installer-tag and nix-installer-branch options conflict, please choose one"
exit 1
fi
2023-02-01 19:20:19 +01:00
if [ -n "${{ inputs.nix-installer-url }}" ] && [ -n "${{ inputs.nix-installer-pr }}" ]; then
echo "The nix-installer-url and nix-installer-pr options conflict, please choose one"
exit 1
fi
if [ -n "${{ inputs.nix-installer-url }}" ] && [ -n "${{ inputs.nix-installer-tag }}" ]; then
echo "The nix-installer-url and nix-installer-tag options conflict, please choose one"
exit 1
fi
if [ -n "${{ inputs.nix-installer-url }}" ] && [ -n "${{ inputs.nix-installer-branch }}" ]; then
echo "The nix-installer-url and nix-installer-branch options conflict, please choose one"
exit 1
fi
2023-01-31 16:44:42 +01:00
2023-01-13 19:04:16 +01:00
if [ -n "${{ inputs.local-root }}" ]; then
if [ "$RUNNER_OS" == "macOS" ]; then
export PYTHON="python3"
else
export PYTHON="python"
fi
$PYTHON -m http.server --directory ${{ inputs.local-root }} --bind 0.0.0.0 8000 &
export HTTP_PID=$!
echo "Started simple http server for ${{ inputs.local-root }} on 0.0.0.0:8000"
while (! (: </dev/tcp/localhost/8000) &> /dev/null); do
sleep 1
done
export NIX_INSTALLER_FORCE_ALLOW_HTTP="1"
echo "Set NIX_INSTALLER_FORCE_ALLOW_HTTP=$NIX_INSTALLER_FORCE_ALLOW_HTTP"
export NIX_INSTALLER_URL=0.0.0.0:8000/nix-installer.sh
echo "Set NIX_INSTALLER_URL=$NIX_INSTALLER_URL"
export NIX_INSTALLER_BINARY_ROOT=http://0.0.0.0:8000/
echo "Set NIX_INSTALLER_BINARY_ROOT=$NIX_INSTALLER_BINARY_ROOT"
export NIX_INSTALLER_FORCE_ALLOW_HTTP=1
echo "Set NIX_INSTALLER_FORCE_ALLOW_HTTP=$NIX_INSTALLER_FORCE_ALLOW_HTTP"
else
if [ -n "${{ inputs.nix-installer-url }}" ]; then
2023-06-01 20:32:35 +02:00
export NIX_INSTALLER_URL="${{ inputs.nix-installer-url }}"
2023-01-13 19:04:16 +01:00
else
2023-01-24 17:51:23 +01:00
if [ -n "${{ inputs.nix-installer-pr }}" ]; then
2023-06-01 20:32:35 +02:00
export NIX_INSTALLER_URL="https://install.determinate.systems/nix/pr/${{ inputs.nix-installer-pr }}?ci=github"
2023-01-24 17:51:23 +01:00
elif [ -n "${{ inputs.nix-installer-tag }}" ]; then
2023-06-01 20:32:35 +02:00
export NIX_INSTALLER_URL="https://install.determinate.systems/nix/tag/${{ inputs.nix-installer-tag }}?ci=github"
2023-01-24 17:51:23 +01:00
elif [ -n "${{ inputs.nix-installer-revision }}" ]; then
2023-06-01 20:32:35 +02:00
export NIX_INSTALLER_URL="https://install.determinate.systems/nix/rev/${{ inputs.nix-installer-revision }}?ci=github"
2023-01-24 17:51:23 +01:00
elif [ -n "${{ inputs.nix-installer-branch }}" ]; then
2023-06-01 20:32:35 +02:00
export NIX_INSTALLER_URL="https://install.determinate.systems/nix/branch/${{ inputs.nix-installer-branch }}?ci=github"
2023-01-13 19:16:26 +01:00
else
2023-06-01 20:32:35 +02:00
export NIX_INSTALLER_URL="https://install.determinate.systems/nix?ci=github"
2023-01-13 19:04:16 +01:00
fi
fi
echo "Set NIX_INSTALLER_URL=$NIX_INSTALLER_URL"
fi
if [ "${RUNNER_OS}" == "Linux" ]; then
export PLANNER="linux"
elif [ "${RUNNER_OS}" == "macOS" ]; then
export PLANNER="macos"
else
echo "${RUNNER_OS} not supported"
exit 1
fi
curl --retry 20 -L $NIX_INSTALLER_URL | sh -s -- install ${PLANNER} ${{ inputs.extra-args }}
2023-01-13 19:04:16 +01:00
if [ -n "$HTTP_PID" ]; then
kill $HTTP_PID
fi