install-nix.sh: use a temporary workdir

Don't leave temporary files around
This commit is contained in:
zimbatm 2021-11-17 21:55:09 +01:00
parent 1b5d414ec3
commit 06a240d7b6
No known key found for this signature in database
GPG Key ID: 71BAF6D40C1D63D7

View File

@ -6,9 +6,13 @@ if type -p nix &>/dev/null ; then
exit exit
fi fi
# Create a temporary workdir
workdir=$(mktemp -d)
trap 'rm -rf "$workdir"' EXIT
# Configure Nix # Configure Nix
add_config() { add_config() {
echo "$1" | tee -a /tmp/nix.conf >/dev/null echo "$1" | tee -a "$workdir/nix.conf" >/dev/null
} }
# Set jobs to number of cores # Set jobs to number of cores
add_config "max-jobs = auto" add_config "max-jobs = auto"
@ -18,7 +22,7 @@ add_config "trusted-users = root $USER"
if [[ $INPUT_EXTRA_NIX_CONFIG != "" ]]; then if [[ $INPUT_EXTRA_NIX_CONFIG != "" ]]; then
add_config "$INPUT_EXTRA_NIX_CONFIG" add_config "$INPUT_EXTRA_NIX_CONFIG"
fi fi
if [[ ! $INPUT_EXTRA_NIX_CONFIG =~ "experimental-features" ]]; then if [[ ! $INPUT_EXTRA_NIX_CONFIG =~ "experimental-features" ]]; then
add_config "experimental-features = nix-command flakes" add_config "experimental-features = nix-command flakes"
fi fi
@ -26,7 +30,7 @@ fi
installer_options=( installer_options=(
--no-channel-add --no-channel-add
--darwin-use-unencrypted-nix-store-volume --darwin-use-unencrypted-nix-store-volume
--nix-extra-conf-file /tmp/nix.conf --nix-extra-conf-file "$workdir/nix.conf"
) )
# only use the nix-daemon settings if on darwin (which get ignored) or systemd is supported # only use the nix-daemon settings if on darwin (which get ignored) or systemd is supported
@ -49,13 +53,13 @@ fi
echo "installer options: ${installer_options[@]}" echo "installer options: ${installer_options[@]}"
# There is --retry-on-errors, but only newer curl versions support that # There is --retry-on-errors, but only newer curl versions support that
until curl -o /tmp/install -v --fail --retry 5 --retry-connrefused -L "${INPUT_INSTALL_URL:-https://nixos.org/nix/install}" until curl -o "$workdir/install" -v --fail --retry 5 --retry-connrefused -L "${INPUT_INSTALL_URL:-https://nixos.org/nix/install}"
do do
sleep 1 sleep 1
done done
chmod +x /tmp/install chmod +x "$workdir/install"
sh /tmp/install "${installer_options[@]}" sh "$workdir/install" "${installer_options[@]}"
if [[ $OSTYPE =~ darwin ]]; then if [[ $OSTYPE =~ darwin ]]; then
# macOS needs certificates hints # macOS needs certificates hints