Jakub Sokołowski 5e6d488a3e
nix: fix cache usage by modifying global config
Otherwise Nix produces warnings like this:
```
warning: ignoring untrusted substituter 'https://nix-cache.status.im/', you are not a trusted user.
```
Since adding users to `trusted-users` essentially gives them `root`:

>Adding a user to trusted-users is essentially equivalent to giving that user root access to the system.
> — https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-trusted-users

A more kosher approach might be to just add the cache config itself globally.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-06-23 18:02:38 +02:00

38 lines
1.2 KiB
Bash
Executable File

#!/usr/bin/env bash
# This script upgrades Nix to specific version.
# https://nixos.org/manual/nix/stable/installation/upgrading.html
set -eo pipefail
GIT_ROOT=$(cd "${BASH_SOURCE%/*}" && git rev-parse --show-toplevel)
source "${GIT_ROOT}/scripts/colors.sh"
source "${GIT_ROOT}/nix/scripts/lib.sh"
source "${GIT_ROOT}/nix/scripts/source.sh"
source "${GIT_ROOT}/nix/scripts/version.sh"
nix_upgrade() {
echo -e "Upgrading Nix interpreter to: ${GRN}${NIX_VERSION}${RST}" >&2
nix-channel --update
nix-env --install --attr "nixpkgs.${NIX_PACKAGE}" "nixpkgs.cacert"
nix_daemon_restart
}
# Allow for sourcing the script
if [[ "${BASH_SOURCE[0]}" != "$0" ]]; then
return
fi
if [[ "$(nix_current_version)" == "${NIX_VERSION}" ]]; then
echo -e "Nix interpreter already on version: ${GRN}${NIX_VERSION}${RST}"
exit 0
fi
NIX_INSTALL_TYPE=$(nix_install_type)
if [[ "${NIX_INSTALL_TYPE}" == "nixos" ]]; then
echo -e "${YLW}WARNING:${RST} Upgrade Nix in your NixOS configuration!" >&2
exit 0
elif [[ "${NIX_INSTALL_TYPE}" == "single" ]]; then
nix_upgrade
elif [[ "${NIX_INSTALL_TYPE}" == "multi" ]]; then
sudo -i bash -c "source ${PWD}/${0}; nix_upgrade"
fi