1 files changed, 46 insertions, 0 deletions

diff --git a/system/nix/README b/system/nix/README
new file mode 100644
index 0000000000..e59a68ec39
--- /dev/null
+++ b/system/nix/README
@@ -0,0 +1,46 @@
+nix (functional package manager)
+
+Nix is a purely functional package manager. This means that it treats packages
+like values in purely functional programming languages such as Haskell -- they
+are built by functions that don't have side-effects, and they never change
+after they have been built. Nix stores packages in the Nix store, usually the
+directory /nix/store, where each package has its own unique subdirectory such
+as
+
+	/nix/store/b6gvzjyb2pg0kjfwrjmg1vfhh54ad73z-firefox-33.1/
+
+where b6gvzjyb2pg0... is a unique identifier for the package that captures all
+its dependencies (it's a cryptographic hash of the package's build dependency
+graph).
+
+Nix may be run in single or multi-user mode (which requires the nix-daemon). To
+have the nix daemon start and stop with your host, add to /etc/rc.d/rc.local:
+
+	if [ -x /etc/rc.d/rc.nix ]; then
+		/etc/rc.d/rc.nix start
+	fi
+
+and to /etc/rc.d/rc.local_shutdown (creating it if needed):
+
+	if [ -x /etc/rc.d/rc.nix ]; then
+		/etc/rc.d/rc.nix stop
+	fi
+
+The daemon requires users for building the nix packages, which should be added
+under the 'nixbld' group.
+
+	groupadd -g 314 nixbld
+	for n in $(seq 1 10); do useradd -c "Nix build user $n" \
+	    -d /var/empty -g nixbld -G nixbld -M -N -r -s "$(which nologin)" \
+	    nixbld$n; done
+
+Restricting access to the daemon is acheived by setting file permissions for
+the daemon's socket's folder.
+
+	chgrp nix-users /nix/var/nix/daemon-socket
+	chmod ug=rwx,o= /nix/var/nix/daemon-socket
+
+Correct permissions must also be set for the following profile directories to give users access.
+
+	/nix/var/nix/profiles
+	/var/nix/profiles