os,homeanddarwinsubcommands now accept a--profileflag.- For
nh ossubcommands,--profileallows you to override the default system profile path for all system operations, including builds, rollbacks, and generation queries. If the flag is not set, the default system profile is used. If the path does not exist, nh will error out. - For
nh homeandnh darwin,--profilesimilarly overrides the default profile path for home-manager and nix-darwin operations, with the same fallback and error behavior.
- For
- Nh checks are now more robust in the sense that unnecessary features will not be required when the underlying command does not depend on them.
- The
--update-inputflag now supports being specified multiple times. - The
--update-inputflag no longer requires--updatein order to take effect, and both flags are now considered mutually exclusive. If you specify the--updateflag, all flake inputs will be updated. If you specify the--update-input NAMEflag, only the specified flake(s) will be updated. nh darwin switchnow shows the output from thedarwin-rebuildactivation. This allows you to see more details about the activation fromnix-darwin, as well asHome Manager.nvdis replaced bydix, resulting in saner and faster diffing.- Nh now supports a new
--diffflag, which takes one ofautoalwaysneverand toggles displaying the package diff after a build. - Manpages have been added to nh, and will be available as
man 1 nhif the package vendor provides them. nh cleanwill now skip directories that are checked and don't exist. Instead of throwing an error, it will print a warning about which directories were skipped.- nh's verbosity flag can now be passed multiple times for more verbose debug output.
nh searchwill now use the system trust store for it's HTTPS requests.- Error handling has been improved across the board, with more contextful errors replacing direct error propagation or unwraps.
- The directory traversal during
nh cleanhas been improved slightly and relevant bits of the clean module has been sped up.- It's roughly %4 faster according to testing, but IO is still a limiting factor and results may differ.
- Added more context to some minor debug messages across platform commands.
- Nh now supports alternative privilege escalation methods. Namely
doas,run0and a fallbackpkexecstrategies will be attempted if the system does not usesudo. - Nh will correctly prompt you for your
sudopassword while deploying remotely. This helps mitigate the need to allow password-lesssudoon the target host to deploy remotely.
- Nh will now correctly detect non-semver version strings, such as
x.ygit. Instead of failing the check, we now try to normalize the string and simply skip the check with a warning. - In the case system switch is disabled (
system.switch enable = false;) Nh will provide a more descriptive error message hinting at what might be the issue. (#331)- We cannot accurately guess what the issue is, but this should be more graceful than simply throwing an error about a missing path (what path?)
- Nh will now carefully pick environment variables passed to individual
commands. This resolves the "
$HOMEis not owned by you!" error, but it's also a part of a larger refactor that involves only providing relevant variables to individual commands. This is an experimental change, please let us know if you face any new bugs. (#314) - Fixed a tempdir race condition causing activation failures. #386
- The environment and Nix feature checks have been made more robust, which
should allow false positives caused by the initial implementation
- Version normalization for the Nix version is now much more robust. This gets
rid of unexpected breakage when using, e.g.,
pkgs.nixVersions.git
- Version normalization for the Nix version is now much more robust. This gets
rid of unexpected breakage when using, e.g.,
- Support for additional Nix variants have been added. This allows for us to handle non-supported Nix variants gracefully, treating them as mainline Nix.
- Version check regex in checks module is now compiled only once, instead of in a loop.
-
Nh is now built on Cargo 2024 edition. This does not imply any changes for the users, but contributors might need to adapt.
-
nh os buildandnh os build-vmnow default to placing the output at./resultinstead of a temp directory.
- The Elasticsearch backend version has been updated to v43, which fixes failing search commands (#316)
-
A new
nh os rollbacksubcommand has been added to allow rolling back a generation, or to a specific generation with the--toflag. Seenh os rollback --helpfor more details on this subcommand. -
Nh now supports the
--build-hostand--target-hostcli arguments -
Nh now checks if the current Nix implementation has necessary experimental features enabled. In mainline Nix (CppNix, etc.) we check for
nix-commandandflakesbeing set. In Lix, we also userepl-flakeas it is still provided as an experimental feature in versions below 2.93.0. -
Nh will now check if you are using the latest stable, or "recommended," version of Nix (or Lix.) This check has been placed to make it clear we do not support legacy/vulnerable versions of Nix, and encourage users to update if they have not yet done so.
-
NixOS: Nh now accepts the subcommand
nh os build-vm, which builds a virtual machine image activation script instead of a full system. This includes a new option--with-bootloader/-Bthat applies to just build-vm, to build a VM with a bootloader.
- Darwin: Use
darwin-rebuilddirectly for activation instead of old scripts - Darwin: Future-proof handling of
activate-userscript removal - Darwin: Improve compatibility with root-only activation in newer nix-darwin versions
- NixOS: Check if the target hostname matches the running system hostname before
running
nvdto compare them.
- Nh now supports specifying
NH_SUDO_ASKPASSto pass a custom value toSUDO_ASKPASSin self-elevation. If specified,sudowill be called with-Aand theNH_SUDO_ASKPASSwill beSUDO_ASKPASSlocally.
- Fix
--configurationbeing ignored innh home switch(#262)
- Add
--jsontonh search, which will return results in JSON format. Useful for parsing the output ofnh searchwith, e.g., jq.
- NixOS 24.05 is now marked as deprecated, and will emit an error if the search command attempts to use it for the channel. While the Elasticsearch backend still seems to support 24.05, it is deprecated in Nixpkgs and is actively discouraged. Please update your system at your earliest convenience.