You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
They are reported here in case they might be of further use.
1- Bad permissions on /tmp
This issue is specific to GitHub CodeSpaces, where it seems the /tmp filesystem, is injected into the development environment with problematic default ACL permissions.
This is fixed with the following snippet in the postCreateCommand script (assuming the script has sudo powers):
In our case, we are invoking the installer without an init system within a multiuser install:
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux --no-confirm --init none
This means we either need to invoke nix as root or start the nix-daemon ourselves.
Unfortunately when we start the daemon process from our postCreateCommand, it would be terminated at the script's end, even when put into the background.
Starting the nix-daemon with nohup solves the problem, as we can see in this postCreateCommand snippet:
# Notice the '&' to background the process and 'nohup' to prevent the process from being killed when the shell exits
sudo -n sh -c '. /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh; nohup /nix/var/nix/profiles/default/bin/nix-daemon > /tmp/nix-daemon.log 2>&1 &'
tl;dr - Context
I am trying to establish a working general development environment based on Nix using devcontainers
I am specifically targeting both:
Local docker based devcontainer (MacOS/Docker Desktop/aarch64)
GitHub CodeSpaces / x86_64)
Devcontainers have a very flexible lifecycle which allows for many ways of preparing the development environment.
Start from a Docker image (can be general or based on a custom Dockerfile
We are using a generic debian(bookworm) image
Additional features, which are containerized extra initialized steps
Lastly there are a few slots to invoke our own commands (which can be externalized to bash scripts, as the repository contents are available at this point in the devcontainer lifecycle.
Most notably the "postCreateCommand" attribute of the .devcontainer/devcontainer.json
The text was updated successfully, but these errors were encountered:
In trying to use nix inside of Devcontainers, I encountered 2 issues, which were resolved with the helpful folks on Determinate Systems Discord (#nix-installer).
They are reported here in case they might be of further use.
1- Bad permissions on
/tmp
This issue is specific to GitHub CodeSpaces, where it seems the
/tmp
filesystem, is injected into the development environment with problematic default ACL permissions.This is fixed with the following snippet in the
postCreateCommand
script (assuming the script hassudo
powers):Before/After ACL state
Before fix:After fix:
2- Starting the nix-daemon
In our case, we are invoking the installer without an
init
system within a multiuser install:This means we either need to invoke
nix
asroot
or start thenix-daemon
ourselves.Unfortunately when we start the daemon process from our
postCreateCommand
, it would be terminated at the script's end, even when put into the background.Starting the
nix-daemon
withnohup
solves the problem, as we can see in thispostCreateCommand
snippet:tl;dr - Context
I am trying to establish a working general development environment based on Nix using devcontainers
I am specifically targeting both:
Devcontainers have a very flexible lifecycle which allows for many ways of preparing the development environment.
Dockerfile
"postCreateCommand"
attribute of the.devcontainer/devcontainer.json
The text was updated successfully, but these errors were encountered: