rarias/jungle-website
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

WIP: Add guide on using nix in marenostrum 5 #3

Draft
abonerib wants to merge 1 commits from mn5-guide into master
pull from: mn5-guide
merge into: rarias:master
Conversation 0 Commits 1 Files Changed 1 +147
1 changed files with 147 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
content/doc/mn5.md Normal file
View File

@@ -0,0 +1,147 @@
---
title: "Using nix in marenostrum"
description: "How to use nix-portable to run nix on marenostrum without privileges"
date: 2026-03-04
---
# Obtaining nix-portable
[nix-portable][1] provides a static nix with a virtualised `/nix/store` that
allows running `nix` without root.
There is version already installed in `/gpfs/projects/bsc15/nix-portable/bin`,
you can use that and skip to [Set up](#set-up).
If you want to obtain it yourself by following the instructions on [nix-portable][1]
summarized below:
```bash
curl -L https://github.com/DavHau/nix-portable/releases/latest/download/nix-portable-$(uname -m) > ./nix-portable
chmod +x ./nix-portable
ln -s nix-portable nix
ln -s nix-portable nix-build
ln -s nix-portable nix-channel
ln -s nix-portable nix-collect-garbage
ln -s nix-portable nix-copy-closure
ln -s nix-portable nix-daemon
ln -s nix-portable nix-env
ln -s nix-portable nix-hash
ln -s nix-portable nix-instantiate
ln -s nix-portable nix-prefetch-url
ln -s nix-portable nix-shell
ln -s nix-portable nix-store
```
# Set up
Add `nix-portable` and the symlinks to your `$PATH`. The default virtualisation
method does not work, so you must set `NP_RUNTIME` to `bwrap` to override it. If
that is not set, you will get an error when setting up the namespace.
Optionally, you can set `NP_LOCATION` to change the location of your `/nix/store`.
By default it will be at `$HOME/.nix-portable`:
```bash
export PATH="$PATH:/gpfs/projects/bsc15/nix-portable/bin" # or the path of your install
export NP_RUNTIME=bwrap
export NP_LOCATION="$HOME" # defaults to $HOME if not set
```
## Configuring nix
After its first run, `nix-portable` will download and populate a local
`/nix/store` along with `bwrap`, `busybox` and all the other tools it needs.
These files are located inside `$NP_LOCATION/.nix-portable` with the nix store in `$NP_LOCATION/.nix-portable/nix` and the nix configuration file (`man nix.conf`)
in `$NP_LOCATION/.nix-portable/conf/nix.conf`.
When using jungle, we recommend adding our substituter to `nix.conf` with:
```ini
extra-substituters = https://jungle.bsc.es/cache
extra-trusted-public-keys = jungle.bsc.es:pEc7MlAT0HEwLQYPtpkPLwRsGf80ZI26aj29zMw/HH0=
```
See [hut#binary-cache][2] for more details.
Additionally, you can add an registry entry for jungle:
```
nix registry add jungle git+https://jungle.bsc.es/git/rarias/jungle
```
This should allow running builds with: `nix build jungle#<package>`.
**NOTE:** This does not pin jungle to any commit, and it may move once
the repository changes. To have proper reproducible builds, use [flakes][3].
# Building and Running
If everything has gone well, you should now be able to use nix in marenostrum,
provided your node has internet access.
```bash
nix build nixpkgs#hello
```
Keep in mind that the resulting symlink will be broken, since it requires the
`nix-portable` virtualised filesystem to run:
```console
$ file result
result: broken symbolic link to /nix/store/8qi947kixhz1nw83dkwxm6d0wndprqkj-hello-2.12.2
```
You will have to either use `nix run` to run the binary through nix or enter
a shell with `nix shell/develop` where `/nix/store` will be available:
```console
$ nix run nixpkgs#hello
Hello, world!
$ nix shell nixpkgs#hello
bash-5.1$ hello
Hello, world!
bash-5.1$ exit
$ nix run nixpkgs#bashInteractive
[user@glogin4 ~]$ readlink -f result
/nix/store/8qi947kixhz1nw83dkwxm6d0wndprqkj-hello-2.12.2
[user@glogin4 ~]$ ./result/bin/hello
Hello, world!
[user@glogin4 ~]$ exit
```
# Transferring derivations
You can transfer derivations between your local machine and marenostrum. You can
check if communication works with `nix store info`:
```console
$ nix store info --store ssh-ng://<user>@glogin1.bsc.es
Store URL: ssh://<user>@glogin1.bsc.es
Version: 2.20.6
Trusted: 1
```
Then, you can send derivations between mn5 and another nix machine through ssh
with:
```bash
nix copy --to ssh-ng://<user>@glogin1.bsc.es jungle#ovni
nix copy --from ssh-ng://<user>@glogin1.bsc.es /nix/store/<path>
```
Note that when copying *from* mn5, you must provide the full path in the nix
store.
# Known issues
- `builtins.fetchGit` is currently broken due to permission issues with the ssh
configuration files.
[1]: https://github.com/DavHau/nix-portable
[2]: /hut/#binary-cache
[3]: /doc/quickstart/#creating-a-flakenix