search

DeterminateSystems / nix-installer

Install Nix and flakes with the fast and reliable Determinate Nix Installer, with over 7 million installs.
https://determinate.systems
GNU Lesser General Public License v2.1
2.27k stars 57 forks source link

Consider adding an option to install nixsa, a sandboxed nix #1122

Open adam-gaia opened 2 months ago

adam-gaia commented 2 months ago

I've recently discovered nixsa, a staticly-linked exec that sets up a sandboxed environment and then calls nix in that environment. Nixsa uses bubblewrap which flatpak uses for sandboxing.

I'm personally interested in the DetSys installer supporting my Synology NAS (see #585) and I see nixsa as a way to get around the need for /nix/store to be on a bind mount (I don't think setting up a persistent bind mount can be scripted on Synology's OS).

Is there any interest in supporting an option to install nixsa or something similar? If so, I'm happy to put in the legwork and try to get a PR in!

cole-h commented 1 month ago

If nixsa can produce a binary tarball similar to the one Nix does, you may be able to use it by passing a link to the binary tarball with --nix-package-url <url> (where <url> could also be a local file).