Merge pull request #8706 from fricklerhandwerk/doc-system-features

document system features
2024-11-22 05:56:15 +02:00 · 2023-09-26 04:21:31 +02:00 · 2023-09-26 04:21:31 +02:00 · 60a155d01c
commit 60a155d01c
parent b17f200b11 880fef9cdf
4 changed files with 53 additions and 16 deletions
--- a/doc/manual/src/language/advanced-attributes.md
+++ b/doc/manual/src/language/advanced-attributes.md
@ -229,6 +229,8 @@ Derivations can declare some infrequently used optional attributes.
    [`outputHashAlgo`](#adv-attr-outputHashAlgo)
    like for *fixed-output derivations* (see above).

+    It also implicitly requires that the machine to build the derivation must have the `ca-derivations` [system feature](@docroot@/command-ref/conf-file.md#conf-system-features).
+
  - [`passAsFile`]{#adv-attr-passAsFile}\
    A list of names of attributes that should be passed via files rather
    than environment variables. For example, if you have
@ -335,3 +337,15 @@ Derivations can declare some infrequently used optional attributes.
    This is useful, for example, when generating self-contained filesystem images with
    their own embedded Nix store: hashes found inside such an image refer
    to the embedded store and not to the host's Nix store.
+
+- [`requiredSystemFeatures`]{#adv-attr-requiredSystemFeatures}\
+
+  If a derivation has the `requiredSystemFeatures` attribute, then Nix will only build it on a machine that has the corresponding features set in its [`system-features` configuration](@docroot@/command-ref/conf-file.md#conf-system-features).
+
+  For example, setting
+
+  ```nix
+  requiredSystemFeatures = [ "kvm" ];
+  ```
+
+  ensures that the derivation can only be built on a machine with the `kvm` feature.
--- a/doc/manual/src/release-notes/rl-2.12.md
+++ b/doc/manual/src/release-notes/rl-2.12.md
@ -2,7 +2,6 @@

 * On Linux, Nix can now run builds in a user namespace where they run
  as root (UID 0) and have 65,536 UIDs available.
-  <!-- FIXME: move this to its own section about system features -->
  This is primarily useful for running containers such as `systemd-nspawn`
  inside a Nix build. For an example, see [`tests/systemd-nspawn/nix`][nspawn].

--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@ -343,7 +343,7 @@ public:
          users in `build-users-group`.

          UIDs are allocated starting at 872415232 (0x34000000) on Linux and 56930 on macOS.
-        )"};
+        )", {}, true, Xp::AutoAllocateUids};

    Setting<uint32_t> startId{this,
        #if __linux__
@ -697,19 +697,40 @@ public:
        getDefaultSystemFeatures(),
        "system-features",
        R"(
-          A set of system “features” supported by this machine, e.g. `kvm`.
-          Derivations can express a dependency on such features through the
-          derivation attribute `requiredSystemFeatures`. For example, the
-          attribute
+          A set of system “features” supported by this machine.

-              requiredSystemFeatures = [ "kvm" ];
+          This complements the [`system`](#conf-system) and [`extra-platforms`](#conf-extra-platforms) configuration options and the corresponding [`system`](@docroot@/language/derivations.md#attr-system) attribute on derivations.

-          ensures that the derivation can only be built on a machine with the
-          `kvm` feature.
+          A derivation can require system features in the [`requiredSystemFeatures` attribute](@docroot@/language/advanced-attributes.md#adv-attr-requiredSystemFeatures), and the machine to build the derivation must have them.

-          This setting by default includes `kvm` if `/dev/kvm` is accessible,
-          and the pseudo-features `nixos-test`, `benchmark` and `big-parallel`
-          that are used in Nixpkgs to route builds to specific machines.
+          System features are user-defined, but Nix sets the following defaults:
+
+          - `kvm`
+
+            Included by default if `/dev/kvm` is accessible.
+
+          - `nixos-test`, `benchmark`, `big-parallel`
+
+            These historical pseudo-features are always enabled for backwards compatibility, as they are used in Nixpkgs to route Hydra builds to specific machines.
+
+          - `ca-derivations`
+
+            Included by default if the [`ca-derivations` experimental feature](@docroot@/contributing/experimental-features.md#xp-feature-ca-derivations) is enabled.
+
+            This system feature is implicitly required by derivations with the [`__contentAddressed` attribute](@docroot@/language/advanced-attributes.md#adv-attr-__contentAddressed).
+
+          - `recursive-nix`
+
+            Included by default if the [`recursive-nix` experimental feature](@docroot@/contributing/experimental-features.md#xp-feature-recursive-nix) is enabled.
+
+          - `uid-range`
+
+            On Linux, Nix can run builds in a user namespace where they run as root (UID 0) and have 65,536 UIDs available.
+            This is primarily useful for running containers such as `systemd-nspawn` inside a Nix build. For an example, see [`tests/systemd-nspawn/nix`][nspawn].
+
+            [nspawn]: https://github.com/NixOS/nix/blob/67bcb99700a0da1395fa063d7c6586740b304598/tests/systemd-nspawn.nix.
+
+            Included by default on Linux if the [`auto-allocate-uids`](#conf-auto-allocate-uids) setting is enabled.
        )", {}, false};

    Setting<Strings> substituters{
--- a/src/libstore/store-api.hh
+++ b/src/libstore/store-api.hh
@ -153,19 +153,22 @@ struct StoreConfig : public Config

    Setting<int> priority{this, 0, "priority",
        R"(
-          Priority of this store when used as a substituter. A lower value means a higher priority.
+          Priority of this store when used as a [substituter](@docroot@/command-ref/conf-file.md#conf-substituters).
+          A lower value means a higher priority.
        )"};

    Setting<bool> wantMassQuery{this, false, "want-mass-query",
        R"(
-          Whether this store (when used as a substituter) can be
-          queried efficiently for path validity.
+          Whether this store can be queried efficiently for path validity when used as a [substituter](@docroot@/command-ref/conf-file.md#conf-substituters).
        )"};

    Setting<StringSet> systemFeatures{this, getDefaultSystemFeatures(),
        "system-features",
-        "Optional features that the system this store builds on implements (like \"kvm\")."};
+        R"(
+          Optional [system features](@docroot@/command-ref/conf-file.md#conf-system-features) available on the system this store uses to build derivations.

+          Example: `"kvm"`
+        )" };
 };

 class Store : public std::enable_shared_from_this<Store>, public virtual StoreConfig