Passing through root paths allows external programs to see
which nix and cacert are in a binary tarball,
e.g. to recreate it from substituters
Change-Id: I27431134df53bbc6623484f8a0822004b51f7c87
This had a regression last time: https://gerrit.lix.systems/c/lix/+/1196
But f3f68fcfa fixed upgrade-nix to not be broken, so this should be ok tbh.
Change-Id: I48ea1359790878bb8ead5d8a4b3f61caa4aabfb5
Here's my guide so far:
$ rg '((?!(recursive).*) Nix
(?!(daemon|store|expression|Rocks!|Packages|language|derivation|archive|account|user|sandbox|flake).*))'
-g '!doc/' --pcre2
All items from this query have been tackled. For the documentation side:
that's for https://git.lix.systems/lix-project/lix/issues/162.
Additionally, all remaining references to github.com/NixOS/nix which
were not relevant were also replaced.
Fixes: https://git.lix.systems/lix-project/lix/issues/148.
Fixes: https://git.lix.systems/lix-project/lix/issues/162.
Change-Id: Ib3451fae5cb8ab8cd9ac9e4e4551284ee6794545
Signed-off-by: Raito Bezarius <raito@lix.systems>
93cc06334 removed nss-cacert from the binary tarball, but they're
necessary for global compatibility (and for our installer). This is what
results in cacerts being in the default profile, so e.g. the daemon has
TLS certs without having to use the system ones.
There's a fallback behavior in the daemon script in case these wind up
missing from the profile, but we don't want to have to rely on that,
since the fallback fails if it doesn't recognize one of a handful of
distros.
Change-Id: I60d8e6f734469548e80d5f38113ef168f67cbf7d
