wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-07-07 01:51:47 +02:00
Code Activity

Merge remote-tracking branch 'origin/master' into lazy-trees

Browse source
This commit is contained in:
Eelco Dolstra 2023-02-08 14:05:16 +01:00
commit bb421ac80b
108 changed files with 1242 additions and 452 deletions
Download patch file Download diff file Expand all files Collapse all files

2
doc/manual/src/command-ref/nix-store.md
View file

@ -633,7 +633,7 @@ written to standard output.
A NAR archive is like a TAR or Zip archive, but it contains only the
information that Nix considers important. For instance, timestamps are
elided because all files in the Nix store have their timestamp set to 0
elided because all files in the Nix store have their timestamp set to 1
anyway. Likewise, all permissions are left out except for the execute
bit, because all files in the Nix store have 444 or 555 permission.

6
doc/manual/src/contributing/hacking.md
View file

@ -45,13 +45,13 @@ To get a shell with a different compilation environment (e.g. stdenv,
gccStdenv, clangStdenv, clang11Stdenv, ccacheStdenv):
```console
$ nix-shell -A devShells.x86_64-linux.clang11StdenvPackages
$ nix-shell -A devShells.x86_64-linux.clang11Stdenv
```
or if you have a flake-enabled nix:
```console
$ nix develop .#clang11StdenvPackages
$ nix develop .#clang11Stdenv
```
Note: you can use `ccacheStdenv` to drastically improve rebuild
@ -219,7 +219,7 @@ After the CI run completes, you can check the output to extract the installer UR
5. To generate an install command, plug this `install_url` and your GitHub username into this template:
```console
sh <(curl -L <install_url>) --tarball-url-prefix https://<github-username>-nix-install-tests.cachix.org/serve
curl -L <install_url> | sh -s -- --tarball-url-prefix https://<github-username>-nix-install-tests.cachix.org/serve
```
<!-- #### Manually generating test installers

7
doc/manual/src/glossary.md
View file

@ -19,6 +19,13 @@
[store derivation]: #gloss-store-derivation
- [instantiate]{#gloss-instantiate}, instantiation\
Translate a [derivation] into a [store derivation].
See [`nix-instantiate`](./command-ref/nix-instantiate.md).
[instantiate]: #gloss-instantiate
- [realise]{#gloss-realise}, realisation\
Ensure a [store path] is [valid][validity].

4
doc/manual/src/installation/env-variables.md
View file

@ -27,7 +27,7 @@ Set the environment variable and install Nix
```console
$ export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt
$ sh <(curl -L https://nixos.org/nix/install)
$ curl -L https://nixos.org/nix/install | sh
```
In the shell profile and rc files (for example, `/etc/bashrc`,
@ -38,7 +38,7 @@ export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt
```
> **Note**
>
>
> You must not add the export and then do the install, as the Nix
> installer will detect the presence of Nix configuration, and abort.

40
doc/manual/src/installation/installation.md
View file

@ -1,2 +1,38 @@
This section describes how to install and configure Nix for first-time
use.
# Installation
This section describes how to install and configure Nix for first-time use.
The current recommended option on Linux and MacOS is [multi-user](#multi-user).
## Multi-user
This installation offers better sharing, improved isolation, and more security
over a single user installation.
This option requires either:
* Linux running systemd, with SELinux disabled
* MacOS
```console
$ bash <(curl -L https://nixos.org/nix/install) --daemon
```
## Single-user
> Single-user is not supported on Mac.
This installation has less requirements than the multi-user install, however it
cannot offer equivalent sharing, isolation, or security.
This option is suitable for systems without systemd.
```console
$ bash <(curl -L https://nixos.org/nix/install) --no-daemon
```
## Distributions
The Nix community maintains installers for several distributions.
They can be found in the [`nix-community/nix-installers`](https://github.com/nix-community/nix-installers) repository.

8
doc/manual/src/installation/installing-binary.md
View file

@ -3,7 +3,7 @@
The easiest way to install Nix is to run the following command:
```console
$ sh <(curl -L https://nixos.org/nix/install)
$ curl -L https://nixos.org/nix/install | sh
```
This will run the installer interactively (causing it to explain what
@ -27,7 +27,7 @@ you can authenticate with `sudo`.
To explicitly select a single-user installation on your system:
```console
$ sh <(curl -L https://nixos.org/nix/install) --no-daemon
$ curl -L https://nixos.org/nix/install | sh -s -- --no-daemon
```
This will perform a single-user installation of Nix, meaning that `/nix`
@ -66,7 +66,7 @@ You can instruct the installer to perform a multi-user installation on
your system:
```console
$ sh <(curl -L https://nixos.org/nix/install) --daemon
$ curl -L https://nixos.org/nix/install | sh -s -- --daemon
```
The multi-user installation of Nix will create build users between the
@ -287,7 +287,7 @@ These install scripts can be used the same as the main NixOS.org
installation script:
```console
$ sh <(curl -L https://nixos.org/nix/install)
$ curl -L https://nixos.org/nix/install | sh
```
In the same directory of the install script are sha256 sums, and gpg

81
doc/manual/src/language/advanced-attributes.md
View file

@ -207,13 +207,13 @@ Derivations can declare some infrequently used optional attributes.
the hash in either hexadecimal or base-32 notation. (See the
[`nix-hash` command](../command-ref/nix-hash.md) for information
about converting to and from base-32 notation.)
- [`__contentAddressed`]{#adv-attr-__contentAddressed}
If this **experimental** attribute is set to true, then the derivation
outputs will be stored in a content-addressed location rather than the
traditional input-addressed one.
This only has an effect if the `ca-derivation` experimental feature is enabled.
This only has an effect if the `ca-derivations` experimental feature is enabled.
Setting this attribute also requires setting `outputHashMode` and `outputHashAlgo` like for *fixed-output derivations* (see above).
- [`passAsFile`]{#adv-attr-passAsFile}\
@ -255,3 +255,78 @@ Derivations can declare some infrequently used optional attributes.
> substituted. Thus it is usually a good idea to align `system` with
> `builtins.currentSystem` when setting `allowSubstitutes` to
> `false`. For most trivial derivations this should be the case.
- [`__structuredAttrs`]{#adv-attr-structuredAttrs}\
If the special attribute `__structuredAttrs` is set to `true`, the other derivation
attributes are serialised in JSON format and made available to the
builder via the file `.attrs.json` in the builders temporary
directory. This obviates the need for [`passAsFile`](#adv-attr-passAsFile) since JSON files
have no size restrictions, unlike process environments.
It also makes it possible to tweak derivation settings in a structured way; see
[`outputChecks`](#adv-attr-outputChecks) for example.
As a convenience to Bash builders,
Nix writes a script named `.attrs.sh` to the builders directory
that initialises shell variables corresponding to all attributes
that are representable in Bash. This includes non-nested
(associative) arrays. For example, the attribute `hardening.format = true`
ends up as the Bash associative array element `${hardening[format]}`.
- [`outputChecks`]{#adv-attr-outputChecks}\
When using [structured attributes](#adv-attr-structuredAttrs), the `outputChecks`
attribute allows defining checks per-output.
In addition to
[`allowedReferences`](#adv-attr-allowedReferences), [`allowedRequisites`](#adv-attr-allowedRequisites),
[`disallowedReferences`](#adv-attr-disallowedReferences) and [`disallowedRequisites`](#adv-attr-disallowedRequisites),
the following attributes are available:
- `maxSize` defines the maximum size of the resulting [store object](../glossary.md#gloss-store-object).
- `maxClosureSize` defines the maximum size of the output's closure.
- `ignoreSelfRefs` controls whether self-references should be considered when
checking for allowed references/requisites.
Example:
```nix
__structuredAttrs = true;
outputChecks.out = {
# The closure of 'out' must not be larger than 256 MiB.
maxClosureSize = 256 * 1024 * 1024;
# It must not refer to the C compiler or to the 'dev' output.
disallowedRequisites = [ stdenv.cc "dev" ];
};
outputChecks.dev = {
# The 'dev' output must not be larger than 128 KiB.
maxSize = 128 * 1024;
};
```
- [`unsafeDiscardReferences`]{#adv-attr-unsafeDiscardReferences}\
> **Warning**
> This is an experimental feature.
>
> To enable it, add the following to [nix.conf](../command-ref/conf-file.md):
>
> ```
> extra-experimental-features = discard-references
> ```
When using [structured attributes](#adv-attr-structuredAttrs), the
attribute `unsafeDiscardReferences` is an attribute set with a boolean value for each output name.
If set to `true`, it disables scanning the output for runtime dependencies.
Example:
```nix
__structuredAttrs = true;
unsafeDiscardReferences.out = true;
```
This is useful, for example, when generating self-contained filesystem images with
their own embedded Nix store: hashes found inside such an image refer
to the embedded store and not to the host's Nix store.

6
doc/manual/src/language/operators.md
View file

@ -24,7 +24,7 @@
| [Equality] | *expr* `==` *expr* | none | 11 |
| Inequality | *expr* `!=` *expr* | none | 11 |
| Logical conjunction (`AND`) | *bool* `&&` *bool* | left | 12 |
| Logical disjunction (`OR`) | *bool* `\|\|` *bool* | left | 13 |
| Logical disjunction (`OR`) | *bool* <code>\|\|</code> *bool* | left | 13 |
| [Logical implication] | *bool* `->` *bool* | none | 14 |
[string]: ./values.md#type-string
@ -116,7 +116,7 @@ The result is a string.
[store path]: ../glossary.md#gloss-store-path
[store]: ../glossary.md#gloss-store
[Path and string concatenation]: #path-and-string-concatenation
[String and path concatenation]: #string-and-path-concatenation
## Update
@ -133,7 +133,7 @@ If an attribute name is present in both, the attribute value from the latter is
Comparison is
- [arithmetic] for [number]s
- [arithmetic] for [number]s
- lexicographic for [string]s and [path]s
- item-wise lexicographic for [list]s:
elements at the same index in both lists are compared according to their type and skipped if they are equal.

12
doc/manual/src/quick-start.md
View file

@ -4,16 +4,16 @@ This chapter is for impatient people who don't like reading
documentation. For more in-depth information you are kindly referred
to subsequent chapters.
1. Install single-user Nix by running the following:
1. Install Nix by running the following:
```console
$ bash <(curl -L https://nixos.org/nix/install)
$ curl -L https://nixos.org/nix/install | sh
```
This will install Nix in `/nix`. The install script will create
`/nix` using `sudo`, so make sure you have sufficient rights. (For
other installation methods, see
[here](installation/installation.md).)
The install script will use `sudo`, so make sure you have sufficient rights.
On Linux, `--daemon` can be omitted for a single-user install.
For other installation methods, see [here](installation/installation.md).
1. See what installable packages are currently available in the
channel:

12
doc/manual/src/release-notes/rl-next.md
View file

@ -8,3 +8,15 @@
discovered by making multiple syscalls. This change makes these operations
lazy such that these lookups will only be performed if the attribute is used.
This optimization affects a minority of filesystems and operating systems.
* In derivations that use structured attributes, you can now use `unsafeDiscardReferences`
to disable scanning a given output for runtime dependencies:
```nix
__structuredAttrs = true;
unsafeDiscardReferences.out = true;
```
This is useful e.g. when generating self-contained filesystem images with
their own embedded Nix store: hashes found inside such an image refer
to the embedded store and not to the host's Nix store.
This requires the `discard-references` experimental feature.