Why does HM build awscli2 when i can run it instantly with nix-shell?

vinylen · October 9, 2025, 6:27am

Hey!

If i run nix-shell -p awscli2 on my laptop, i instantly get the package and ready to go and use. However, if i declare that i want to install awscli2 permanently with home-manager, like this:

home.packages = with pkgs; [
awscli2
];

HM/Nix wants to build it from source:


these 6 derivations will be built:
  /nix/store/bvwaf7d8a2m49kpsmfjlmsng80fpbiyj-awscli2-2.30.6.drv
  /nix/store/4zfsms7qfyby5b0jnhkz4lgrfb51fvkn-home-manager-path.drv
  /nix/store/24fgb19zxi3z0z2pfc5bh1y3wyglmipc-activation-script.drv
  /nix/store/4jnglkkd061zfj0spa4jqwpccknd2nw0-hm_fontconfigconf.d10hmfonts.conf.drv
  /nix/store/g04icmfc6ks2m820mamzy3cryrlkn0c6-home-manager-files.drv
  /nix/store/kn1x8i13bshibpxvdavcf4r4crqiyd3i-home-manager-generation.drv
awscli2> building '/nix/store/bvwaf7d8a2m49kpsmfjlmsng80fpbiyj-awscli2-2.30.6.drv'
awscli2> Sourcing python-remove-tests-dir-hook
awscli2> Sourcing python-catch-conflicts-hook.sh
awscli2> Sourcing python-remove-bin-bytecode-hook.sh
awscli2> Sourcing pypa-build-hook
awscli2> Using pypaBuildPhase
awscli2> Sourcing python-runtime-deps-check-hook
awscli2> Using pythonRuntimeDepsCheckHook
awscli2> Sourcing pypa-install-hook
awscli2> Using pypaInstallPhase
awscli2> Sourcing python-imports-check-hook.sh
awscli2> Using pythonImportsCheckPhase
awscli2> Sourcing python-namespaces-hook
awscli2> Sourcing python-catch-conflicts-hook.sh
awscli2> Sourcing pytest-check-hook
awscli2> Using pytestCheckPhase
awscli2> Running phase: unpackPhase
awscli2> unpacking source archive /nix/store/f9jg7zmbgmpx7gdd0mgqfibakjhr6l93-source
awscli2> source root is source
awscli2> setting SOURCE_DATE_EPOCH to timestamp 315619200 of file "source/tox.ini"
awscli2> Running phase: patchPhase
awscli2> Running phase: updateAutotoolsGnuConfigScriptsPhase
awscli2> Running phase: configurePhase
awscli2> patching script interpreter paths in ./configure
awscli2> ./configure: interpreter directive changed from "#! /bin/sh" to "/nix/store/cl2gkgnh26mmpka81pc2g5bzjfrili92-bash-5.3p3/bin/sh"
awscli2> configure flags: --prefix=/nix/store/ndjw5xffc02r3myq627fxjiikkqc9g5l-awscli2-2.30.6 --bindir=/nix/store/ndjw5xffc02r3myq627fxjiikkqc9g5l-awscli2-2.30.6/bin --sbindir=/nix/store/ndjw5xffc02r3myq627fxjiikkqc9g5l-awscli2-2.30.6/sbin --includedir=/nix/store/ndjw5xffc02r3myq627fxjiikkqc9g5l-awscli2-2.30.6/include --mandir=/nix/store/ndjw5xffc02r3myq627fxjiikkqc9g5l-awscli2-2.30.6/share/man --infodir=/nix/store/ndjw5xffc02r3myq627fxjiikkqc9g5l-awscli2-2.30.6/share/info --docdir=/nix/store/ndjw5xffc02r3myq627fxjiikkqc9g5l-awscli2-2.30.6/share/doc/awscli --libdir=/nix/store/ndjw5xffc02r3myq627fxjiikkqc9g5l-awscli2-2.30.6/lib --libexecdir=/nix/store/ndjw5xffc02r3myq627fxjiikkqc9g5l-awscli2-2.30.6/libexec --localedir=/nix/store/ndjw5xffc02r3myq627fxjiikkqc9g5l-awscli2-2.30.6/share/locale
awscli2> checking for a Python interpreter with version >= 3.8... python
awscli2> checking for python... /nix/store/62fdlzq1x1ak2lsxp4ij7ip5k9nia3hc-python3-3.13.7/bin/python
awscli2> checking for python version... 3.13
awscli2> checking for python platform... linux
awscli2> checking for GNU default python prefix... ${prefix}
awscli2> checking for GNU default python exec_prefix... ${exec_prefix}
awscli2> checking for python script directory (pythondir)... ${PYTHON_PREFIX}/lib/python3.13/site-packages
awscli2> checking for python extension module directory (pyexecdir)... ${PYTHON_EXEC_PREFIX}/lib/python3.13/site-packages
awscli2> checking for sqlite3... yes
awscli2> checking for --with-install-type... system-sandbox
awscli2> checking for --with-download-deps... no
awscli2> configure: creating ./config.status
.....

How come that makes a difference and is there a way to prevent this? I just had a build of awscli2 take over 25 minutes and then it failed some test

withakay · October 9, 2025, 7:47am

The first thing I would suspect is that you are not using the same version of nixpkgs for HM and nix-shell.

nix-shell generally uses nix-channel version, unless you’ve set your NIX_PATH explicitly. What do nix-instantiate '<nixpkgs>' --eval 'lib.version' and echo $NIX_PATH say?

HM can be set up a lot of ways – are you running it as a NixOS module? Standalone? Flake vs non-flake? Are you setting nix.nixPath manually?

vinylen · October 9, 2025, 8:30am

Thanks for the reply!

nix-instantiate '<nixpkgs>' --eval 'lib.version'
unpacking 'https://flakehub.com/f/DeterminateSystems/nixpkgs-weekly/%2A.tar.gz' into the Git cache...
<LAMBDA>
error: path '/home/vicnil/lib.version' does not exist

echo $NIX_PATH results in nothing, so it’s not set.

I am running Fedora with Determinate Nix installed, and Home-manager installed standalone.

tejing · October 9, 2025, 8:33am

Try nix-instantiate '<nixpkgs>' --eval -A 'lib.version'

vinylen · October 9, 2025, 8:35am

Thanks! That worked

nix-instantiate '<nixpkgs>' --eval -A 'lib.version'
"25.11pre-git"

tejing · October 9, 2025, 8:36am

Now for the other questions. How does your home-manager config get its nixpkgs? Is your HM config in a flake? Is it standalone or a nixos module?

vinylen · October 9, 2025, 8:43am

I keep everything with flakes, this is my flake.nix:

{
  description = "Home Manager configuration";

  inputs = {
    # Increment release branch for NixOS
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
    nixpkgs-stable = {
      url = "github:nixos/nixpkgs/nixos-25.05";
    };
    home-manager = {
      # Follow corresponding `release` branch from Home Manager
      url = "github:nix-community/home-manager/master";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nvf.url = "github:notashelf/nvf/v0.8";
  };

  outputs =
    {
      nixpkgs,
      nixpkgs-stable,
      home-manager,
      nvf,
      ...
    }@inputs:
    let
      lib = nixpkgs.lib;
      system = "x86_64-linux";
      pkgs = import nixpkgs {
        inherit system;
        config.allowUnfree = true;
      };
    in
    {
      homeConfigurations."vicnil" = home-manager.lib.homeManagerConfiguration {
        inherit pkgs;
        extraSpecialArgs = {
          inherit inputs;
        };
        modules = [
          nvf.homeManagerModules.default
          ./home.nix
        ];
      };
    };
}

I’m guessing that 25.11pre-git comes from pinning home-manager to the master branch?

tejing · October 9, 2025, 8:46am

No, it’s nothing to do with that.

However, if your home-manager config is flake-based, then the nixpkgs in your channels is totally irrelevant to where home-manager is getting its packages. Can you do a nix flake metadata and see if the date on your nixpkgs input to your flake looks recent? You need to be running nix flake update regularly to ensure that your packages installed through home-manager get updated.

vinylen · October 9, 2025, 8:51am

nix flake metadata
warning: Git tree '/home/vicnil/debnix' has uncommitted changes
Resolved URL:  git+file:///home/vicnil/debnix
Description:   Home Manager configuration
Revision:      4e41092bbab8b2f2d968437f3a9cec040609f368-dirty
Last modified: 2025-10-06 07:43:26
Fingerprint:   3a720e95ab847bc8b68a118a34c6a65a19d28e49bbf3fff0e7611b99aead7944
Inputs:
├───home-manager: github:nix-community/home-manager/1a09eb84fa9e33748432a5253102d01251f72d6d?narHash=sha256-uqbhyXtqMbYIiMqVqUhNdSuh9AEEkiasoK3mIPIVRhk%3D (2025-10-07 16:06:11)
│   └───nixpkgs follows input 'nixpkgs'
├───nixpkgs: github:NixOS/nixpkgs/c9b6fb798541223bbb396d287d16f43520250518?narHash=sha256-vgPm2xjOmKdZ0xKA6yLXPJpjOtQPHfaZDRtH%2B47XEBo%3D (2025-10-07 10:12:45)
├───nixpkgs-stable: github:nixos/nixpkgs/20c4598c84a671783f741e02bf05cbfaf4907cff?narHash=sha256-a0%2Bh02lyP2KwSNrZz4wLJTu9ikujNsTWIC874Bv7IJ0%3D (2025-10-06 07:29:46)
└───nvf: github:notashelf/nvf/dde524f7cc4b9e56cf45223a23e1b598f68848d7?narHash=sha256-rEfJ6jyHvjpOyK5oA3rNFN4j/RPMKD2P0RnT0HzUNMc%3D (2025-10-03 17:20:48)
    ├───flake-compat: git+https://git.lix.systems/lix-project/flake-compat.git?ref=refs/heads/main&rev=549f2762aebeff29a2e5ece7a7dc0f955281a1d1 (2025-07-05 03:26:14)
    ├───flake-parts: github:hercules-ci/flake-parts/758cf7296bee11f1706a574c77d072b8a7baa881?narHash=sha256-wfG0S7pltlYyZTM%2BqqlhJ7GMw2fTF4mLKCIVhLii/4M%3D (2025-10-01 23:44:24)
    │   └───nixpkgs-lib follows input 'nvf/nixpkgs'
    ├───mnw: github:Gerg-L/mnw/cfbc7d1cc832e318d0863a5fc91d940a96034001?narHash=sha256-Y7IvY4F8vajZyp3WGf%2BKaiIVwondEkMFkt92Cr9NZmg%3D (2025-09-25 21:13:54)
    ├───nixpkgs: github:nixos/nixpkgs/625ad6366178f03acd79f9e3822606dd7985b657?narHash=sha256-wg1Lz/1FC5Q13R%2BmM5a2oTV9TA9L/CHHTm3/PiLayfA%3D (2025-10-02 06:31:14)
    └───systems: github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e?narHash=sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768%3D (2023-04-09 08:27:08)

I am using nh on my laptop, so i am running nh home switch -u which i thought updated the nix flakes

tejing · October 9, 2025, 8:55am

Yeah, it’s from 2 days ago. Looks fine. Then I suppose the reason you’re having trouble is because the package doesn’t build properly on current unstable… Yup. You can wait for that to get fixed, or you could downgrade your nixpkgs to a previous commit where it worked.

tejing · October 9, 2025, 8:59am

Looks like the most recent successful hydra build was from nixpkgs commit e643668fd71b949c53f8626614b21ff71a07379d.

vinylen · October 9, 2025, 9:25am

Alright thank you all for your help! I will pin the package to the stable version of nixpkgs

waffle8946 · October 9, 2025, 2:00pm

You can also just use that commit specifically for now (github:NixOS/nixpkgs/e643668fd71b949c53f8626614b21ff71a07379d)