Skip to content

nixos-rebuild-ng: allow deploying closures#482430

Merged
phaer merged 1 commit intoNixOS:staging-nixosfrom
zimbatm:nixos-rebuild-store-path
Jan 22, 2026
Merged

nixos-rebuild-ng: allow deploying closures#482430
phaer merged 1 commit intoNixOS:staging-nixosfrom
zimbatm:nixos-rebuild-store-path

Conversation

@zimbatm
Copy link
Copy Markdown
Member

@zimbatm zimbatm commented Jan 21, 2026

Tools that want to deploy NixOS all re-implement the same core logic
available in nixos-rebuild-ng (bin/switch-to-configuration + nix-env
-p) because they want to be able to deploy specific system closures.

By adding a --store-path flag, tools can now directly invoke
nixos-rebuild-ng instead.

Bringing the interface to a higher level allows us to incorporate ideas
such as health checks and auto-rollbacks that are harder to achieve on
the lower layer.

Things done

  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

github-actions[bot]

This comment was marked as outdated.

Sign in to view

@nixpkgs-ci nixpkgs-ci bot requested a review from thiagokokada January 21, 2026 21:54
@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-nixos-tests This PR causes rebuilds for all NixOS tests and should normally target the staging branches. labels Jan 21, 2026
thiagokokada
thiagokokada reviewed Jan 21, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@thiagokokada thiagokokada left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is really similar to github.com//pull/464490, but since this seems more complete (additional checks, tests) and I like --store-path more than --use-prebuilt-closure, I am more inclined to merge this one instead of the previous one.

thiagokokada
thiagokokada reviewed Jan 21, 2026
View reviewed changes
pkgs/by-name/ni/nixos-rebuild-ng/nixos-rebuild.8.scd Outdated
Instead of building a new configuration as specified by
_/etc/nixos/configuration.nix_, roll back to the previous configuration.
(The previous configuration is defined as the one before the current
(The previous configuration is defined as the one before the "current"
Copy link
Copy Markdown
Contributor

@thiagokokada thiagokokada Jan 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any reason for changing the quotes here? Quasi-quotes is generally used consistently in this document.

Copy link
Copy Markdown
Member Author

@zimbatm zimbatm Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

force of habit, reverted :)

thiagokokada
thiagokokada reviewed Jan 21, 2026
View reviewed changes
pkgs/by-name/ni/nixos-rebuild-ng/src/nixos_rebuild/__init__.py Outdated
Comment on lines +289 to +290
# Disable flake auto-detection since we're using a pre-built store path
args.flake = False
Copy link
Copy Markdown
Contributor

@thiagokokada thiagokokada Jan 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't like this. If --flake is incompatible with --store-path I would prefer to raise an error here.

Copy link
Copy Markdown
Member Author

@zimbatm zimbatm Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The check is there as well, so this only has an effect if flake == None. The intent was to disable the flake auto-detection.

I changed the code to be a bit more explicit.

thiagokokada
thiagokokada reviewed Jan 21, 2026
View reviewed changes
pkgs/by-name/ni/nixos-rebuild-ng/src/nixos_rebuild/services.py Outdated
target_host=target_host,
profile=profile,
)
elif args.store_path:
Copy link
Copy Markdown
Contributor

@thiagokokada thiagokokada Jan 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not that this matters too much because of the flags parsing, but I would prefer to check this condition first and them check for --rollout next.

Copy link
Copy Markdown
Member Author

@zimbatm zimbatm Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, fixed

thiagokokada
thiagokokada reviewed Jan 21, 2026
View reviewed changes
pkgs/by-name/ni/nixos-rebuild-ng/src/nixos_rebuild/services.py Outdated
Comment on lines +302 to +308
# Copy closure to target host if needed
if target_host:
nix.copy_closure(
path_to_config,
to_host=target_host,
copy_flags=grouped_nix_args.copy_flags,
)
Copy link
Copy Markdown
Contributor

@thiagokokada thiagokokada Jan 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No need to check target_host here. nix.copy_closure() should do the right thing already.

Copy link
Copy Markdown
Member Author

@zimbatm zimbatm Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks, fixed

phaer
phaer approved these changes Jan 21, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@phaer phaer left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Useful Feature! Code LGTM, quick manual test and vmtest suggest it works as intended.

Should probably target staging?

@nixpkgs-ci nixpkgs-ci bot added the 12.approvals: 1 This PR was reviewed and approved by one person. label Jan 21, 2026
zimbatm added a commit to zimbatm/nixpkgs that referenced this pull request Jan 22, 2026
@zimbatm
fixup! nixos-rebuild-ng: allow deploying closures
a782b5e 
Fixes NixOS#482430 (comment)
zimbatm added a commit to zimbatm/nixpkgs that referenced this pull request Jan 22, 2026
@zimbatm
fixup! nixos-rebuild-ng: allow deploying closures
8db9147 
Fixes NixOS#482430 (comment)
zimbatm added a commit to zimbatm/nixpkgs that referenced this pull request Jan 22, 2026
@zimbatm
fixup! nixos-rebuild-ng: allow deploying closures
c5ab639 
Fixes NixOS#482430 (comment)
zimbatm added a commit to zimbatm/nixpkgs that referenced this pull request Jan 22, 2026
@zimbatm
fixup! nixos-rebuild-ng: allow deploying closures
c1366c7 
Fixes NixOS#482430 (comment)
@github-actions github-actions bot dismissed their stale review January 22, 2026 10:10

Review dismissed automatically

github-actions[bot]

This comment was marked as outdated.

Sign in to view

@zimbatm zimbatm changed the base branch from master to staging-nixos January 22, 2026 10:15
@nixpkgs-ci nixpkgs-ci bot closed this Jan 22, 2026
@nixpkgs-ci nixpkgs-ci bot reopened this Jan 22, 2026
@zimbatm
nixos-rebuild-ng: allow deploying closures
978a08c 
Tools that want to deploy NixOS all re-implement the same core logic
available in `nixos-rebuild-ng` (bin/switch-to-configuration + nix-env
-p) because they want to be able to deploy specific system closures.

By adding a `--store-path` flag, tools can now directly invoke
nixos-rebuild-ng instead.

Bringing the interface to a higher level allows us to incorporate ideas
such as health checks and auto-rollbacks that are harder to achieve on
the lower layer.
@zimbatm zimbatm force-pushed the nixos-rebuild-store-path branch from c1366c7 to 978a08c Compare January 22, 2026 10:16
@github-actions github-actions bot dismissed their stale review January 22, 2026 10:17

Review dismissed automatically

@nixpkgs-ci nixpkgs-ci bot added the 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS label Jan 22, 2026
@zimbatm
Copy link
Copy Markdown
Member Author

zimbatm commented Jan 22, 2026

@thiagokokada back to you :)

@phaer phaer requested a review from thiagokokada January 22, 2026 13:21
thiagokokada
thiagokokada approved these changes Jan 22, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@thiagokokada thiagokokada left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@nixpkgs-ci nixpkgs-ci bot added 12.approvals: 2 This PR was reviewed and approved by two persons. and removed 12.approvals: 1 This PR was reviewed and approved by one person. labels Jan 22, 2026
@nixpkgs-ci nixpkgs-ci bot added the 12.approved-by: package-maintainer This PR was reviewed and approved by a maintainer listed in any of the changed packages. label Jan 22, 2026
@phaer phaer added this pull request to the merge queue Jan 22, 2026
Merged via the queue into NixOS:staging-nixos with commit d8fe9f4 Jan 22, 2026
30 of 34 checks passed
@zimbatm zimbatm deleted the nixos-rebuild-store-path branch January 22, 2026 14:26
@thiagokokada thiagokokada mentioned this pull request Jan 22, 2026
Closed
13 tasks
@arianvp
Copy link
Copy Markdown
Member

arianvp commented Jan 22, 2026

I think we should've named this --system|--closure to be congruent with nixos-install. As I have in this PR that has been open for 3 years (In draft ; so sorry about that) #220705

https://github.com/NixOS/nixpkgs/blob/master/pkgs/by-name/ni/nixos-install/nixos-install.sh#L39-L41

@arianvp arianvp mentioned this pull request Jan 22, 2026
Closed
12 tasks
@thiagokokada
Copy link
Copy Markdown
Contributor

thiagokokada commented Jan 22, 2026

I think we should've named this --system|--closure to be congruent with nixos-install. As I have in this PR that has been open for 3 years (In draft ; so sorry about that) #220705

https://github.com/NixOS/nixpkgs/blob/master/pkgs/by-name/ni/nixos-install/nixos-install.sh#L39-L41

If you want to open a PR to fix this we can merge ASAP (before people start relying on the flag).

@phaer
Copy link
Copy Markdown
Member

phaer commented Jan 22, 2026
edited
Loading

Yeah, it's still in nixos-staging only at time of writing. So I think the chance that anything relies on it is about 0 yet.

That being said, I think both --system and --closure are strictly worse than store-path.
system is already a heavily overloaded term. It would make it congruent with nixos-install but would have an entirely different meaning compared to --system on all of the "new style" cli commands.

--closure does not seem to be a thing on nixos-install either (edit: hadn't clicked the link, its just not in the man page) and IMO would be equally confusing, as --flake, --file and --attr are deploying closures.

Arguably, --store-path would be better, at least more intuitive name, for nixos-install --system. As an alias due to backwards compatibility. But that's a different discussion :)

EDIT: prebuilt-closure as in #464490 would at least be precise.

@arianvp
Copy link
Copy Markdown
Member

arianvp commented Jan 22, 2026

Oh if it's not in the nixos-install man page perhaps I'll rest my bike shedding case. I do think it'd be nice to be consistent though. Perhaps we add the new name to nixos-install instead

phaer added a commit to phaer/nixpkgs that referenced this pull request Jan 23, 2026
@phaer
nixos-install: add --store-path
b399852 
as yet another alias for `--system/--closure`, but it's at least
consistent with the recently added `--store-path` flag in
`nixos-rebuild` (NixOS#482430)
@phaer phaer mentioned this pull request Jan 23, 2026
Merged
13 tasks
phaer added a commit to phaer/nixpkgs that referenced this pull request Jan 23, 2026
@phaer
nixos-install: add --store-path
5c2ff9d 
as yet another alias for `--system/--closure`, but it's at least
consistent with the recently added `--store-path` flag in
`nixos-rebuild` (NixOS#482430)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@phaer phaer phaer approved these changes

@thiagokokada thiagokokada thiagokokada approved these changes

@github-actions github-actions[bot] github-actions[bot] left review comments

Assignees

No one assigned

Labels

6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-nixos-tests This PR causes rebuilds for all NixOS tests and should normally target the staging branches. 12.approvals: 2 This PR was reviewed and approved by two persons. 12.approved-by: package-maintainer This PR was reviewed and approved by a maintainer listed in any of the changed packages.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@zimbatm @arianvp @thiagokokada @phaer