From 06a240d7b61ced18d069313464a1464c57c0d373 Mon Sep 17 00:00:00 2001 From: zimbatm Date: Wed, 17 Nov 2021 21:55:09 +0100 Subject: [PATCH 1/4] install-nix.sh: use a temporary workdir Don't leave temporary files around --- lib/install-nix.sh | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/lib/install-nix.sh b/lib/install-nix.sh index c3d25f8..83a94f1 100755 --- a/lib/install-nix.sh +++ b/lib/install-nix.sh @@ -6,9 +6,13 @@ if type -p nix &>/dev/null ; then exit fi +# Create a temporary workdir +workdir=$(mktemp -d) +trap 'rm -rf "$workdir"' EXIT + # Configure Nix add_config() { - echo "$1" | tee -a /tmp/nix.conf >/dev/null + echo "$1" | tee -a "$workdir/nix.conf" >/dev/null } # Set jobs to number of cores add_config "max-jobs = auto" @@ -18,7 +22,7 @@ add_config "trusted-users = root $USER" if [[ $INPUT_EXTRA_NIX_CONFIG != "" ]]; then add_config "$INPUT_EXTRA_NIX_CONFIG" fi -if [[ ! $INPUT_EXTRA_NIX_CONFIG =~ "experimental-features" ]]; then +if [[ ! $INPUT_EXTRA_NIX_CONFIG =~ "experimental-features" ]]; then add_config "experimental-features = nix-command flakes" fi @@ -26,7 +30,7 @@ fi installer_options=( --no-channel-add --darwin-use-unencrypted-nix-store-volume - --nix-extra-conf-file /tmp/nix.conf + --nix-extra-conf-file "$workdir/nix.conf" ) # only use the nix-daemon settings if on darwin (which get ignored) or systemd is supported @@ -49,13 +53,13 @@ fi echo "installer options: ${installer_options[@]}" # There is --retry-on-errors, but only newer curl versions support that -until curl -o /tmp/install -v --fail --retry 5 --retry-connrefused -L "${INPUT_INSTALL_URL:-https://nixos.org/nix/install}" +until curl -o "$workdir/install" -v --fail --retry 5 --retry-connrefused -L "${INPUT_INSTALL_URL:-https://nixos.org/nix/install}" do sleep 1 done -chmod +x /tmp/install -sh /tmp/install "${installer_options[@]}" +chmod +x "$workdir/install" +sh "$workdir/install" "${installer_options[@]}" if [[ $OSTYPE =~ darwin ]]; then # macOS needs certificates hints From 732b0240d27a97f7de4734a1b3e00185e02fe6bc Mon Sep 17 00:00:00 2001 From: zimbatm Date: Wed, 17 Nov 2021 21:56:02 +0100 Subject: [PATCH 2/4] install-nix.sh: remove unnecessary chmod The script is invoked with sh and therefor doesn't need and executable script. --- lib/install-nix.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/install-nix.sh b/lib/install-nix.sh index 83a94f1..d884fd3 100755 --- a/lib/install-nix.sh +++ b/lib/install-nix.sh @@ -58,7 +58,6 @@ do sleep 1 done -chmod +x "$workdir/install" sh "$workdir/install" "${installer_options[@]}" if [[ $OSTYPE =~ darwin ]]; then From 21a5164e1231976ff8101eb79282e68e5f42579f Mon Sep 17 00:00:00 2001 From: zimbatm Date: Wed, 17 Nov 2021 23:02:06 +0100 Subject: [PATCH 3/4] install-nix.sh: fix shellcheck issues --- lib/install-nix.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/install-nix.sh b/lib/install-nix.sh index d884fd3..ea783dd 100755 --- a/lib/install-nix.sh +++ b/lib/install-nix.sh @@ -37,7 +37,7 @@ installer_options=( if [[ $OSTYPE =~ darwin || -e /run/systemd/system ]]; then installer_options+=( --daemon - --daemon-user-count `python -c 'import multiprocessing as mp; print(mp.cpu_count() * 2)'` + --daemon-user-count "$(python -c 'import multiprocessing as mp; print(mp.cpu_count() * 2)')" ) else # "fix" the following error when running nix* @@ -46,11 +46,11 @@ else fi if [[ $INPUT_INSTALL_OPTIONS != "" ]]; then - IFS=' ' read -r -a extra_installer_options <<< $INPUT_INSTALL_OPTIONS + IFS=' ' read -r -a extra_installer_options <<< "$INPUT_INSTALL_OPTIONS" installer_options=("${extra_installer_options[@]}" "${installer_options[@]}") fi -echo "installer options: ${installer_options[@]}" +echo "installer options: ${installer_options[*]}" # There is --retry-on-errors, but only newer curl versions support that until curl -o "$workdir/install" -v --fail --retry 5 --retry-connrefused -L "${INPUT_INSTALL_URL:-https://nixos.org/nix/install}" From 802bde54e087fab9394e00134753a40e5cc89b0c Mon Sep 17 00:00:00 2001 From: zimbatm Date: Wed, 17 Nov 2021 23:11:38 +0100 Subject: [PATCH 4/4] install-nix.sh: retry curl 5 times If fetching the install script fails, don't keep the CI running forever. --- lib/install-nix.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/install-nix.sh b/lib/install-nix.sh index ea783dd..904f487 100755 --- a/lib/install-nix.sh +++ b/lib/install-nix.sh @@ -53,9 +53,15 @@ fi echo "installer options: ${installer_options[*]}" # There is --retry-on-errors, but only newer curl versions support that -until curl -o "$workdir/install" -v --fail --retry 5 --retry-connrefused -L "${INPUT_INSTALL_URL:-https://nixos.org/nix/install}" +curl_retries=5 +while ! curl -o "$workdir/install" -v --fail -L "${INPUT_INSTALL_URL:-https://nixos.org/nix/install}" do sleep 1 + ((curl_retries--)) + if [[ $curl_retries -le 0 ]]; then + echo "curl retries failed" >&2 + exit 1 + fi done sh "$workdir/install" "${installer_options[@]}"