From e139e4afdf10c44ddc8c2bc8fa147e9b4b2e2d76 Mon Sep 17 00:00:00 2001
From: Iulian Meghea <iulian@plumelo.com>
Date: Tue, 10 Feb 2026 13:38:36 +0000
Subject: [PATCH] fix: grant coder user ownership of /nix for single-user mode

The Nix store database (/nix/var/nix/db/) is owned by root after image
build, causing 'Permission denied' when the coder user runs nix commands
like 'nix develop'. Grant ownership of the entire /nix tree to the coder
user (uid 1000) so single-user Nix operations can acquire locks and
write to the store without requiring a daemon.
---
 images/nix/flake.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/images/nix/flake.nix b/images/nix/flake.nix
index c5429ef..8590f33 100644
--- a/images/nix/flake.nix
+++ b/images/nix/flake.nix
@@ -230,6 +230,11 @@ eval "$(direnv hook bash)"
             chmod 0440 ./etc/sudoers.d/nopasswd
             chown 0:0 ./etc/sudoers.d/nopasswd
 
+            # Nix store: grant the coder user ownership of the entire /nix tree
+            # so that single-user Nix commands (nix develop, nix build, etc.)
+            # can acquire locks and write to the store/db without the daemon.
+            chown -R 1000:1000 ./nix
+
             # nix-ld: create the dynamic linker shim at the standard FHS path
             # so unpatched binaries can find the interpreter
             mkdir -p ./lib64