workflow: pre-create nixbld group so the Nix install can run as root
The catthehacker runner image runs jobs as root and Nix's install script refuses to do a clean root install without the nixbld group + build users already in place — even with --no-daemon. Adding them inline keeps the workflow self-contained without swapping to a Nix-prebuilt container image. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
parent
670ff0a9f9
commit
b2b68603f7
1 changed files with 8 additions and 0 deletions
|
|
@ -18,6 +18,14 @@ jobs:
|
|||
- name: Install Nix
|
||||
run: |
|
||||
set -euxo pipefail
|
||||
# The Nix install script refuses to run cleanly as root unless the
|
||||
# nixbld group + users exist, even with --no-daemon. The runner's
|
||||
# catthehacker image runs jobs as root, so create them first.
|
||||
groupadd -r nixbld || true
|
||||
for i in $(seq 1 10); do
|
||||
useradd -r -g nixbld -G nixbld -d /var/empty -s /sbin/nologin \
|
||||
-c "Nix build user $i" "nixbld$i" || true
|
||||
done
|
||||
curl --proto '=https' --tlsv1.2 -sSfL https://nixos.org/nix/install | sh -s -- --no-daemon
|
||||
echo "$HOME/.nix-profile/bin" >> "$GITHUB_PATH"
|
||||
mkdir -p ~/.config/nix
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue