Skip to content

Instantly share code, notes, and snippets.

@queeup

queeup/Nix_package_manager_on_Fedora_Silverblue.md

Last active October 15, 2025 13:55
Show Gist options
  • Save queeup/1666bc0a5558464817494037d612f094 to your computer and use it in GitHub Desktop.
Save queeup/1666bc0a5558464817494037d612f094 to your computer and use it in GitHub Desktop.
Download ZIP
Nix package manager install (single user) on Fedora Silverblue
Raw
Nix_package_manager_on_Fedora_Silverblue.md

Nix package manager on Fedora Silverblue

Warning

Disable composefs or enable root.transient before install and use nix on Fedora Silverblue 42. Do not mix both. Use just one method. I prefer enabling root.transient.

  • With composefs disabled

    sudo sed -i 's/,ro//' /etc/fstab

sudo rpm-ostree kargs --append='ostree.prepare-root.composefs=0' --reboot

  • With root.transient enabled

    sudo tee /etc/ostree/prepare-root.conf <<'EOL'
[composefs]
enabled = yes
[root]
transient = true
EOL

rpm-ostree initramfs-etc --reboot --track=/etc/ostree/prepare-root.conf

Install nix

curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | \
    sh -s -- install ostree --no-confirm --persistence=/var/lib/nix

Add nix unstable channel

nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs
nix-channel --update

Fix sudo

echo "Defaults  secure_path = /nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:$(sudo printenv PATH)" | sudo tee /etc/sudoers.d/nix-sudo-env

Old way (Obsolete)

  • This is a single user install.

  • For multi user install and without changing selinux mode: https://gist.github.com/matthewpi/08c3d652e7879e4c4c30bead7021ff73

  • Please note that these instructions are not offically supported or condoned by Nix and are not guaranteed to always work, but from my testing everything seems to work perfectly fine.

  • Change SELinux mode to permissive

    sudo setenforce Permissive
sudo sed -i 's/SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config

  • Create the nix directory in a persistent location

    sudo mkdir /var/lib/nix
sudo chown $USER:$USER /var/lib/nix

  • /etc/systemd/system/[email protected]

    [Unit]
Description=Enable mount points in / for ostree
ConditionPathExists=!%f
DefaultDependencies=no
Requires=local-fs-pre.target
After=local-fs-pre.target

[Service]
Type=oneshot
ExecStartPre=chattr -i /
ExecStart=mkdir -p '%f'
ExecStopPost=chattr +i /

  • /etc/systemd/system/nix.mount

    [Unit]
Description=Nix Package Manager
DefaultDependencies=no
After[email protected]
Wants[email protected]
Before=sockets.target
After=ostree-remount.service
BindsTo=var.mount

[Mount]
What=/var/lib/nix
Where=/nix
Options=bind
Type=none

[Install]
WantedBy=local-fs.target

  • Enable and mount the nix mount.

    # Ensure systemd picks up the newly created units
sudo systemctl daemon-reload
# Enable the nix mount on boot.
sudo systemctl enable nix.mount
# Mount the nix mount now.
sudo systemctl start nix.mount

  • Install Nix

    sh <(curl -L https://nixos.org/nix/install) --no-daemon

  • Load Nix into your environment. Enable bash/fish/zhs completion for nix installed commands

    Load Nix into your environment. The installer modified ~/.bash_profile, but it isn't used when you start a terminal from desktop, it's only used when using a full shell login with bash -l, which doesn't happen on silverblue.

    tee --append $HOME/.bashrc <<EOF
# Nix Package Manager
if [ -e $HOME/.nix-profile/etc/profile.d/nix.sh ]; then
    source $HOME/.nix-profile/etc/profile.d/nix.sh;
fi
EOF

  • Links:

@queeup
Copy link
Author

queeup commented Apr 26, 2025

Strange indeed. My instances works with disabled composefs. I will investigate. Thank you both of you for reporting this problem.

@landtuna
Copy link

landtuna commented May 1, 2025

This didn't work for me, either, but following the directions here (making my own Kinoite with a /nix) did work:
DeterminateSystems/nix-installer#1445 (comment)

@queeup
Copy link
Author

queeup commented May 6, 2025

With composefs enabled root subvolume mount options in /etc/fstab are ignored. But with composefs disabled root subvolume mounted as ro (readonly). This is not like that before with Silverblue 41 etc. Silverblue 42 install add ro flag for root mount. So we need to mount rw or erase ro flag from /etc/fstab.

That why disabling composefs not working.

sudo sed -i 's/subvol=root,compress=zstd:1,ro/subvol=root,compress=zstd:1/' /etc/fstab

sudo rpm-ostree kargs --append='ostree.prepare-root.composefs=0' --reboot

after these two command it should work. I will update my howto accordantly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment