UPDATE (2020-06-12): Nix 2.3.5 has introduced command line option --darwin-use-unencrypted-nix-store-volume
to do the following. (Documentation)
To install Nix on macOS Catalina, run:
sh <(curl https://nixos.org/nix/install) --darwin-use-unencrypted-nix-store-volume
Installing Nix on macOS Catalina following the instruction in the "Get Nix" button would abort with the following error as of 2020-04-27:
mkdir: /nix: Read-only file system
The installation script would suggest you manually create the /nix
folder but you'd receive the same error. This is because in macOS Catalina the root /
is mounted read-only, to protect system components from being tampered with.
To workaround this, Nix team has written a script to create a new APFS volume and mount at /nix
. To run the script:
curl -L https://raw.githubusercontent.com/NixOS/nix/d42ae78de9f92d60d0cd3db97216274946e8ba8e/scripts/create-darwin-volume.sh | sh
If successful, you'd see output like:
------------------------------------------------------------------
| This installer will create a volume for the nix store and |
| configure it to mount at /nix. Follow these steps to uninstall. |
------------------------------------------------------------------
1. Remove the entry from fstab using 'sudo vifs'
2. Destroy the data volume using 'diskutil apfs deleteVolume'
3. Remove the 'nix' line from /etc/synthetic.conf or the file
Configuring /etc/synthetic.conf...
Password:
nix
Creating mountpoint for /nix...
Creating a Nix Store volume...
Will export new APFS Volume "Nix Store" from APFS Container Reference disk1
Started APFS operation on disk1
Preparing to add APFS Volume to APFS Container disk1
Creating APFS Volume
Created new APFS Volume disk1s6
Mounting disk
Setting volume permissions
Disk from APFS operation: disk1s6
Finished APFS operation on disk1
Configuring /etc/fstab...
123
164
The following options can be enabled to disable spotlight indexing
of the volume, which might be desirable.
$ sudo mdutil -i off /nix
Go ahead and disable spotlight indexing for /nix
. You don't need to index a cache.
Now that /nix
is available, the official installation instruction works:
curl -L https://nixos.org/nix/install | sh
Happy nixing!
nix --version
nix (Nix) 2.3.4
The script comes from NixOS/nix#3212:
install: configure and bootstrap synthetic.conf on darwin #3212
Fixes https://github.com/NixOS/nix/issues/2925.
Here's some preliminary documentation for the apfs volume creation section.
Updated to create an apfs volume instead of using the symlink approach. This works on a clean install but I expect there are other corner cases that are not covered. More testing is probably required.
Using a symlink instead of a separate volume is the most straightforward approach which relies less on darwin specific tools. However it does have some disadvantages, especially if this has to be changed in the future. Also the new location should be avoided for official infrastructure (at least for a while) so installation using an apfs volume should probably also be implemented somewhere.
From my testing it looks like apfs.util
works properly now, unless this breaks again a reboot can be bypassed for both mountpoints and symlinks.
This issue is being discussed at NixOS/nix#2925.
/nix will not be writable on macOS Catalina #2925
This is not a short term bug, but it will become an issue when macOS Catalina is released this fall. macOS is now split across two volumes (system and data) with a read-only system volume. This means that /nix
will no longer be writable.
Some more information can be found in the related WWDC talk and some session notes people took from a Q&A.
Summary: the system volume, which is mounted at /
will become non-writable. Some directories that need to be writable are connected via firmlinks (an Apple invention) to the data volume. /nix
is not among these locations, so with the release of macOS Catalina, this location is no longer an option.
I see two possible solutions:
- I could try and file a bug to convince Apple to pre-install
/nix
as a firmlink to a writable location. I think this has limited success and Nix would then depend on Apple to not drop this link in a future release. - We could move Nix on macOS to a different default location. Possible locations are those that Apple chooses to pre-install as links to writable locations. Two examples are
/usr/local
and/opt
, so we could move to/usr/local/nix
or/opt/nix
. I would hope that these locations are common enough so that Apple would not drop them in the future.
I wanted to raise this issue early, before it becomes a problem for users. If this issue tracker is not the right place, please feel free to move this discussion elsewhere. I would also be available for testing any potential solution, since I have access to a macOS Catalina beta.
- I am installing Nix to build Ormolu, a formatter for Haskell source code.
If you feel that you've got something from this post, I am glad! Please don't hesitate to comment or reach out.
If you feel that you've got enough that you'd like to donate, please donate to Wikimedia Foundation, to which I owe infinitely.
Top comments (2)
Th solution, creating a separate volume, is far from elegant. If you use nix-darwin, it also creates a symlink
/run
. Besides, installing a package is easy, but how to start it as a service? There's nobrew services
at all.Much appreciated! Thank you for documenting this solution. The initial suggestions to e.g. disable SIP were not appealing, and a real blocker to upgrading. So glad there's a reasonable work-around, and it doesn't rely on an Apple exemption.