max/nix-super
1
0
Fork 0
mirror of https://github.com/privatevoid-net/nix-super.git synced 2024-11-10 08:16:15 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'nixos/master'

Browse source
This commit is contained in:
Max Headroom 2023-05-04 01:55:40 +02:00
commit a6bf675bc8
522 changed files with 13875 additions and 6668 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
.github/PULL_REQUEST_TEMPLATE.md vendored
View file

@ -23,6 +23,11 @@ Maintainers: tick if completed or explain if not relevant
- unit tests - `src/*/tests` - unit tests - `src/*/tests`
- integration tests - `tests/nixos/*` - integration tests - `tests/nixos/*`
- [ ] documentation in the manual - [ ] documentation in the manual
- [ ] documentation in the internal API docs
- [ ] code and comments are self-explanatory - [ ] code and comments are self-explanatory
- [ ] commit message explains why the change was made - [ ] commit message explains why the change was made
- [ ] new feature or incompatible change: updated release notes - [ ] new feature or incompatible change: updated release notes
# Priorities
Add :+1: to [pull requests you find important](https://github.com/NixOS/nix/pulls?q=is%3Aopen+sort%3Areactions-%2B1-desc).

11
.github/PULL_REQUEST_TEMPLATE/pull_request_template.md vendored
View file

@ -1,11 +0,0 @@
**Release Notes**
Please include relevant [release notes](https://github.com/NixOS/nix/blob/master/doc/manual/src/release-notes/rl-next.md) as needed.
**Testing**
If this issue is a regression or something that should block release, please consider including a test either in the [testsuite](https://github.com/NixOS/nix/tree/master/tests) or as a [hydraJob]( https://github.com/NixOS/nix/blob/master/flake.nix#L396) so that it can be part of the [automatic checks](https://hydra.nixos.org/jobset/nix/master).
**Priorities**
Add :+1: to [pull requests you find important](https://github.com/NixOS/nix/pulls?q=is%3Aopen+sort%3Areactions-%2B1-desc).

23
.github/labeler.yml vendored Normal file
View file

@ -0,0 +1,23 @@
"documentation":
- doc/manual/*
- src/nix/**/*.md
"store":
- src/libstore/store-api.*
- src/libstore/*-store.*
"fetching":
- src/libfetchers/**/*
"repl":
- src/libcmd/repl.*
- src/nix/repl.*
"new-cli":
- src/nix/**/*
"tests":
# Unit tests
- src/*/tests/**/*
# Functional and integration tests
- tests/**/*

2
.github/workflows/backport.yml vendored
View file

@ -21,7 +21,7 @@ jobs:
fetch-depth: 0 fetch-depth: 0
- name: Create backport PRs - name: Create backport PRs
# should be kept in sync with `version` # should be kept in sync with `version`
uses: zeebe-io/backport-action@v1.1.0 uses: zeebe-io/backport-action@v1.2.0
with: with:
# Config README: https://github.com/zeebe-io/backport-action#backport-action # Config README: https://github.com/zeebe-io/backport-action#backport-action
github_token: ${{ secrets.GITHUB_TOKEN }} github_token: ${{ secrets.GITHUB_TOKEN }}

14
.github/workflows/ci.yml vendored
View file

@ -19,7 +19,7 @@ jobs:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
with: with:
fetch-depth: 0 fetch-depth: 0
- uses: cachix/install-nix-action@v19 - uses: cachix/install-nix-action@v20
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- uses: cachix/cachix-action@v12 - uses: cachix/cachix-action@v12
if: needs.check_secrets.outputs.cachix == 'true' if: needs.check_secrets.outputs.cachix == 'true'
@ -58,7 +58,9 @@ jobs:
with: with:
fetch-depth: 0 fetch-depth: 0
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- uses: cachix/install-nix-action@v19 - uses: cachix/install-nix-action@v20
with:
install_url: https://releases.nixos.org/nix/nix-2.13.3/install
- uses: cachix/cachix-action@v12 - uses: cachix/cachix-action@v12
with: with:
name: '${{ env.CACHIX_NAME }}' name: '${{ env.CACHIX_NAME }}'
@ -77,7 +79,7 @@ jobs:
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- uses: cachix/install-nix-action@v19 - uses: cachix/install-nix-action@v20
with: with:
install_url: '${{needs.installer.outputs.installerURL}}' install_url: '${{needs.installer.outputs.installerURL}}'
install_options: "--tarball-url-prefix https://${{ env.CACHIX_NAME }}.cachix.org/serve" install_options: "--tarball-url-prefix https://${{ env.CACHIX_NAME }}.cachix.org/serve"
@ -89,6 +91,8 @@ jobs:
- run: exec sh -c "nix-instantiate -E 'builtins.currentTime' --eval" - run: exec sh -c "nix-instantiate -E 'builtins.currentTime' --eval"
- run: exec zsh -c "nix-instantiate -E 'builtins.currentTime' --eval" - run: exec zsh -c "nix-instantiate -E 'builtins.currentTime' --eval"
- run: exec fish -c "nix-instantiate -E 'builtins.currentTime' --eval" - run: exec fish -c "nix-instantiate -E 'builtins.currentTime' --eval"
- run: exec bash -c "nix-channel --add https://releases.nixos.org/nixos/unstable/nixos-23.05pre466020.60c1d71f2ba nixpkgs"
- run: exec bash -c "nix-channel --update && nix-env -iA nixpkgs.hello && hello"
docker_push_image: docker_push_image:
needs: [check_secrets, tests] needs: [check_secrets, tests]
@ -102,7 +106,9 @@ jobs:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
with: with:
fetch-depth: 0 fetch-depth: 0
- uses: cachix/install-nix-action@v19 - uses: cachix/install-nix-action@v20
with:
install_url: https://releases.nixos.org/nix/nix-2.13.3/install
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- run: echo NIX_VERSION="$(nix --experimental-features 'nix-command flakes' eval .\#default.version | tr -d \")" >> $GITHUB_ENV - run: echo NIX_VERSION="$(nix --experimental-features 'nix-command flakes' eval .\#default.version | tr -d \")" >> $GITHUB_ENV
- uses: cachix/cachix-action@v12 - uses: cachix/cachix-action@v12

24
.github/workflows/labels.yml vendored Normal file
View file

@ -0,0 +1,24 @@
name: "Label PR"
on:
pull_request_target:
types: [edited, opened, synchronize, reopened]
# WARNING:
# When extending this action, be aware that $GITHUB_TOKEN allows some write
# access to the GitHub API. This means that it should not evaluate user input in
# a way that allows code injection.
permissions:
contents: read
pull-requests: write
jobs:
labels:
runs-on: ubuntu-latest
if: github.repository_owner == 'NixOS'
steps:
- uses: actions/labeler@v4
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
sync-labels: true

3
.gitignore vendored
View file

@ -19,9 +19,12 @@ perl/Makefile.config
/doc/manual/nix.json /doc/manual/nix.json
/doc/manual/conf-file.json /doc/manual/conf-file.json
/doc/manual/builtins.json /doc/manual/builtins.json
/doc/manual/xp-features.json
/doc/manual/src/SUMMARY.md /doc/manual/src/SUMMARY.md
/doc/manual/src/command-ref/new-cli /doc/manual/src/command-ref/new-cli
/doc/manual/src/command-ref/conf-file.md /doc/manual/src/command-ref/conf-file.md
/doc/manual/src/command-ref/experimental-features-shortlist.md
/doc/manual/src/contributing/experimental-feature-descriptions.md
/doc/manual/src/language/builtins.md /doc/manual/src/language/builtins.md
# /scripts/ # /scripts/

2
.version
View file

@ -1 +1 @@
2.14.0 2.16.0

61
CONTRIBUTING.md Normal file
View file

@ -0,0 +1,61 @@
# Contributing to Nix
Welcome and thank you for your interest in contributing to Nix!
We appreciate your support.
Reading and following these guidelines will help us make the contribution process easy and effective for everyone involved.
## Report a bug
1. Check on the [GitHub issue tracker](https://github.com/NixOS/nix/issues) if your bug was already reported.
2. If you were not able to find the bug or feature [open a new issue](https://github.com/NixOS/nix/issues/new/choose)
3. The issue templates will guide you in specifying your issue.
The more complete the information you provide, the more likely it can be found by others and the more useful it is in the future.
Make sure reported bugs can be reproduced easily.
4. Once submitted, do not expect issues to be picked up or solved right away.
The only way to ensure this, is to [work on the issue yourself](#making-changes-to-nix).
## Report a security vulnerability
Check out the [security policy](https://github.com/NixOS/nix/security/policy).
## Making changes to Nix
1. Check for [pull requests](https://github.com/NixOS/nix/pulls) that might already cover the contribution you are about to make.
There are many open pull requests that might already do what you intent to work on.
You can use [labels](https://github.com/NixOS/nix/labels) to filter for relevant topics.
2. Search for related issues that cover what you're going to work on. It could help to mention there that you will work on the issue.
3. Check the [Nix reference manual](https://nixos.org/manual/nix/unstable/contributing/hacking.html) for information on building Nix and running its tests.
For contributions to the command line interface, please check the [CLI guidelines](https://nixos.org/manual/nix/unstable/contributing/cli-guideline.html).
4. Make your changes!
5. [Create a pull request](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request) for your changes.
* [Mark the pull request as draft](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) if you're not done with the changes.
* Make sure to have [a clean history of commits on your branch by using rebase](https://www.digitalocean.com/community/tutorials/how-to-rebase-and-update-a-pull-request).
* Link related issues in your pull request to inform interested parties and future contributors about your change.
If your pull request closes one or multiple issues, note that in the description using `Closes: #<number>`, as it will then happen automatically when your change is merged.
6. Do not expect your pull request to be reviewed immediately.
Nix maintainers follow a [structured process for reviews and design decisions](https://github.com/NixOS/nix/tree/master/maintainers#project-board-protocol), which may or may not prioritise your work.
7. If you need additional feedback or help to getting pull request into shape, ask other contributors using [@mentions](https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#mentioning-people-and-teams).
## Making changes to the Nix manual
The Nix reference manual is hosted on https://nixos.org/manual/nix.
The underlying source files are located in [`doc/manual/src`](./doc/manual/src).
For small changes you can [use GitHub to edit these files](https://docs.github.com/en/repositories/working-with-files/managing-files/editing-files)
For larger changes see the [Nix reference manual](https://nixos.org/manual/nix/unstable/contributing/hacking.html).
## Getting help
Whenever you're stuck or do not know how to proceed, you can always ask for help.
The appropriate channels to do so can be found on the [NixOS Community](https://nixos.org/community/) page.

18
Makefile
View file

@ -2,13 +2,10 @@ makefiles = \
mk/precompiled-headers.mk \ mk/precompiled-headers.mk \
local.mk \ local.mk \
src/libutil/local.mk \ src/libutil/local.mk \
src/libutil/tests/local.mk \
src/libstore/local.mk \ src/libstore/local.mk \
src/libstore/tests/local.mk \
src/libfetchers/local.mk \ src/libfetchers/local.mk \
src/libmain/local.mk \ src/libmain/local.mk \
src/libexpr/local.mk \ src/libexpr/local.mk \
src/libexpr/tests/local.mk \
src/libcmd/local.mk \ src/libcmd/local.mk \
src/nix/local.mk \ src/nix/local.mk \
src/resolve-system-dependencies/local.mk \ src/resolve-system-dependencies/local.mk \
@ -20,11 +17,22 @@ makefiles = \
misc/launchd/local.mk \ misc/launchd/local.mk \
misc/upstart/local.mk \ misc/upstart/local.mk \
doc/manual/local.mk \ doc/manual/local.mk \
tests/local.mk \ doc/internal-api/local.mk
tests/plugins/local.mk
-include Makefile.config -include Makefile.config
ifeq ($(tests), yes)
makefiles += \
src/libutil/tests/local.mk \
src/libstore/tests/local.mk \
src/libexpr/tests/local.mk \
tests/local.mk \
tests/plugins/local.mk
else
makefiles += \
mk/disable-tests.mk
endif
OPTIMIZE = 1 OPTIMIZE = 1
ifeq ($(OPTIMIZE), 1) ifeq ($(OPTIMIZE), 1)

3
Makefile.config.in
View file

@ -22,6 +22,7 @@ LOWDOWN_LIBS = @LOWDOWN_LIBS@
OPENSSL_LIBS = @OPENSSL_LIBS@ OPENSSL_LIBS = @OPENSSL_LIBS@
PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_VERSION = @PACKAGE_VERSION@ PACKAGE_VERSION = @PACKAGE_VERSION@
RAPIDCHECK_HEADERS = @RAPIDCHECK_HEADERS@
SHELL = @bash@ SHELL = @bash@
SODIUM_LIBS = @SODIUM_LIBS@ SODIUM_LIBS = @SODIUM_LIBS@
SQLITE3_LIBS = @SQLITE3_LIBS@ SQLITE3_LIBS = @SQLITE3_LIBS@
@ -45,3 +46,5 @@ sandbox_shell = @sandbox_shell@
storedir = @storedir@ storedir = @storedir@
sysconfdir = @sysconfdir@ sysconfdir = @sysconfdir@
system = @system@ system = @system@
tests = @tests@
internal_api_docs = @internal_api_docs@

22
boehmgc-coroutine-sp-fallback.diff
View file

@ -1,8 +1,8 @@
diff --git a/darwin_stop_world.c b/darwin_stop_world.c diff --git a/darwin_stop_world.c b/darwin_stop_world.c
index 3dbaa3fb..36a1d1f7 100644 index 0468aaec..b348d869 100644
--- a/darwin_stop_world.c --- a/darwin_stop_world.c
+++ b/darwin_stop_world.c +++ b/darwin_stop_world.c
@@ -352,6 +352,7 @@ GC_INNER void GC_push_all_stacks(void) @@ -356,6 +356,7 @@ GC_INNER void GC_push_all_stacks(void)
int nthreads = 0; int nthreads = 0;
word total_size = 0; word total_size = 0;
mach_msg_type_number_t listcount = (mach_msg_type_number_t)THREAD_TABLE_SZ; mach_msg_type_number_t listcount = (mach_msg_type_number_t)THREAD_TABLE_SZ;
@ -10,7 +10,7 @@ index 3dbaa3fb..36a1d1f7 100644
if (!EXPECT(GC_thr_initialized, TRUE)) if (!EXPECT(GC_thr_initialized, TRUE))
GC_thr_init(); GC_thr_init();
@@ -407,6 +408,19 @@ GC_INNER void GC_push_all_stacks(void) @@ -411,6 +412,19 @@ GC_INNER void GC_push_all_stacks(void)
GC_push_all_stack_sections(lo, hi, p->traced_stack_sect); GC_push_all_stack_sections(lo, hi, p->traced_stack_sect);
} }
if (altstack_lo) { if (altstack_lo) {
@ -30,6 +30,22 @@ index 3dbaa3fb..36a1d1f7 100644
total_size += altstack_hi - altstack_lo; total_size += altstack_hi - altstack_lo;
GC_push_all_stack(altstack_lo, altstack_hi); GC_push_all_stack(altstack_lo, altstack_hi);
} }
diff --git a/include/gc.h b/include/gc.h
index edab6c22..f2c61282 100644
--- a/include/gc.h
+++ b/include/gc.h
@@ -2172,6 +2172,11 @@ GC_API void GC_CALL GC_win32_free_heap(void);
(*GC_amiga_allocwrapper_do)(a,GC_malloc_atomic_ignore_off_page)
#endif /* _AMIGA && !GC_AMIGA_MAKINGLIB */
+#if !__APPLE__
+/* Patch doesn't work on apple */
+#define NIX_BOEHM_PATCH_VERSION 1
+#endif
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/pthread_stop_world.c b/pthread_stop_world.c diff --git a/pthread_stop_world.c b/pthread_stop_world.c
index b5d71e62..aed7b0bf 100644 index b5d71e62..aed7b0bf 100644
--- a/pthread_stop_world.c --- a/pthread_stop_world.c

34
configure.ac
View file

@ -145,6 +145,18 @@ if test "x$GCC_ATOMIC_BUILTINS_NEED_LIBATOMIC" = xyes; then
LDFLAGS="-latomic $LDFLAGS" LDFLAGS="-latomic $LDFLAGS"
fi fi
# Building without tests is useful for bootstrapping with a smaller footprint
# or running the tests in a separate derivation. Otherwise, we do compile and
# run them.
AC_ARG_ENABLE(tests, AS_HELP_STRING([--disable-tests],[Do not build the tests]),
tests=$enableval, tests=yes)
AC_SUBST(tests)
# Building without API docs is the default as Nix' C++ interfaces are internal and unstable.
AC_ARG_ENABLE(internal_api_docs, AS_HELP_STRING([--enable-internal-api-docs],[Build API docs for Nix's internal unstable C++ interfaces]),
internal_api_docs=$enableval, internal_api_docs=no)
AC_SUBST(internal_api_docs)
# LTO is currently broken with clang for unknown reasons; ld segfaults in the llvm plugin # LTO is currently broken with clang for unknown reasons; ld segfaults in the llvm plugin
AC_ARG_ENABLE(lto, AS_HELP_STRING([--enable-lto],[Enable LTO (only supported with GCC) [default=no]]), AC_ARG_ENABLE(lto, AS_HELP_STRING([--enable-lto],[Enable LTO (only supported with GCC) [default=no]]),
lto=$enableval, lto=no) lto=$enableval, lto=no)
@ -172,7 +184,7 @@ fi
# Look for OpenSSL, a required dependency. FIXME: this is only (maybe) # Look for OpenSSL, a required dependency. FIXME: this is only (maybe)
# used by S3BinaryCacheStore. # used by S3BinaryCacheStore.
PKG_CHECK_MODULES([OPENSSL], [libcrypto], [CXXFLAGS="$OPENSSL_CFLAGS $CXXFLAGS"]) PKG_CHECK_MODULES([OPENSSL], [libcrypto >= 1.1.1], [CXXFLAGS="$OPENSSL_CFLAGS $CXXFLAGS"])
# Look for libarchive. # Look for libarchive.
@ -270,18 +282,34 @@ if test "$gc" = yes; then
fi fi
if test "$tests" = yes; then
# Look for gtest. # Look for gtest.
PKG_CHECK_MODULES([GTEST], [gtest_main]) PKG_CHECK_MODULES([GTEST], [gtest_main])
# Look for rapidcheck. # Look for rapidcheck.
AC_ARG_VAR([RAPIDCHECK_HEADERS], [include path of gtest headers shipped by RAPIDCHECK])
# No pkg-config yet, https://github.com/emil-e/rapidcheck/issues/302 # No pkg-config yet, https://github.com/emil-e/rapidcheck/issues/302
AC_LANG_PUSH(C++) AC_LANG_PUSH(C++)
AC_SUBST(RAPIDCHECK_HEADERS)
[CXXFLAGS="-I $RAPIDCHECK_HEADERS $CXXFLAGS"]
[LIBS="-lrapidcheck -lgtest $LIBS"]
AC_CHECK_HEADERS([rapidcheck/gtest.h], [], [], [#include <gtest/gtest.h>]) AC_CHECK_HEADERS([rapidcheck/gtest.h], [], [], [#include <gtest/gtest.h>])
dnl No good for C++ libs with mangled symbols dnl AC_CHECK_LIB doesn't work for C++ libs with mangled symbols
dnl AC_CHECK_LIB([rapidcheck], []) AC_LINK_IFELSE([
AC_LANG_PROGRAM([[
#include <gtest/gtest.h>
#include <rapidcheck/gtest.h>
]], [[
return RUN_ALL_TESTS();
]])
],
[],
[AC_MSG_ERROR([librapidcheck is not found.])])
AC_LANG_POP(C++) AC_LANG_POP(C++)
fi
# Look for nlohmann/json. # Look for nlohmann/json.
PKG_CHECK_MODULES([NLOHMANN_JSON], [nlohmann_json >= 3.9]) PKG_CHECK_MODULES([NLOHMANN_JSON], [nlohmann_json >= 3.9])

13
default.nix
View file

@ -1,3 +1,10 @@
(import (fetchTarball "https://github.com/edolstra/flake-compat/archive/master.tar.gz") { (import
src = ./.; (
}).defaultNix let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash;
}
)
{ src = ./.; }
).defaultNix

3
doc/internal-api/.gitignore vendored Normal file
View file

@ -0,0 +1,3 @@
/doxygen.cfg
/html
/latex

63
doc/internal-api/doxygen.cfg.in Normal file
View file

@ -0,0 +1,63 @@
# Doxyfile 1.9.5
# The PROJECT_NAME tag is a single word (or a sequence of words surrounded by
# double-quotes, unless you are using Doxywizard) that should identify the
# project for which the documentation is generated. This name is used in the
# title of most generated pages and in a few other places.
# The default value is: My Project.
PROJECT_NAME = "Nix"
# The PROJECT_NUMBER tag can be used to enter a project or revision number. This
# could be handy for archiving the generated documentation or if some version
# control system is used.
PROJECT_NUMBER = @PACKAGE_VERSION@
# Using the PROJECT_BRIEF tag one can provide an optional one line description
# for a project that appears at the top of each page and should give viewer a
# quick idea about the purpose of the project. Keep the description short.
PROJECT_BRIEF = "Nix, the purely functional package manager; unstable internal interfaces"
# If the GENERATE_LATEX tag is set to YES, doxygen will generate LaTeX output.
# The default value is: YES.
GENERATE_LATEX = NO
# The INPUT tag is used to specify the files and/or directories that contain
# documented source files. You may enter file names like myfile.cpp or
# directories like /usr/src/myproject. Separate the files or directories with
# spaces. See also FILE_PATTERNS and EXTENSION_MAPPING
# Note: If this tag is empty the current directory is searched.
# FIXME Make this list more maintainable somehow. We could maybe generate this
# in the Makefile, but we would need to change how `.in` files are preprocessed
# so they can expand variables despite configure variables.
INPUT = \
src/libcmd \
src/libexpr \
src/libexpr/flake \
src/libexpr/tests \
src/libexpr/tests/value \
src/libexpr/value \
src/libfetchers \
src/libmain \
src/libstore \
src/libstore/build \
src/libstore/builtins \
src/libstore/tests \
src/libutil \
src/libutil/tests \
src/nix \
src/nix-env \
src/nix-store
# The INCLUDE_PATH tag can be used to specify one or more directories that
# contain include files that are not input files but should be processed by the
# preprocessor. Note that the INCLUDE_PATH is not recursive, so the setting of
# RECURSIVE has no effect here.
# This tag requires that the tag SEARCH_INCLUDES is set to YES.
INCLUDE_PATH = @RAPIDCHECK_HEADERS@

19
doc/internal-api/local.mk Normal file
View file

@ -0,0 +1,19 @@
.PHONY: internal-api-html
ifeq ($(internal_api_docs), yes)
$(docdir)/internal-api/html/index.html $(docdir)/internal-api/latex: $(d)/doxygen.cfg
mkdir -p $(docdir)/internal-api
{ cat $< ; echo "OUTPUT_DIRECTORY=$(docdir)/internal-api" ; } | doxygen -
# Generate the HTML API docs for Nix's unstable internal interfaces.
internal-api-html: $(docdir)/internal-api/html/index.html
else
# Make a nicer error message
internal-api-html:
@echo "Internal API docs are disabled. Configure with '--enable-internal-api-docs', or avoid calling 'make internal-api-html'."
@exit 1
endif

12
doc/manual/generate-builtins.nix
View file

@ -1,8 +1,12 @@
builtinsDump: let
inherit (builtins) concatStringsSep attrNames;
in
builtinsInfo:
let let
showBuiltin = name: showBuiltin = name:
let let
inherit (builtinsDump.${name}) doc args; inherit (builtinsInfo.${name}) doc args;
in in
'' ''
<dt id="builtins-${name}"> <dt id="builtins-${name}">
@ -14,7 +18,7 @@ let
</dd> </dd>
''; '';
listArgs = args: builtins.concatStringsSep " " (map (s: "<var>${s}</var>") args); listArgs = args: concatStringsSep " " (map (s: "<var>${s}</var>") args);
in in
with builtins; concatStringsSep "\n" (map showBuiltin (attrNames builtinsDump)) concatStringsSep "\n" (map showBuiltin (attrNames builtinsInfo))

75
doc/manual/generate-manpage.nix
View file

@ -1,15 +1,24 @@
{ toplevel }: let
inherit (builtins)
attrNames attrValues fromJSON listToAttrs mapAttrs
concatStringsSep concatMap length lessThan replaceStrings sort;
inherit (import ./utils.nix) concatStrings optionalString filterAttrs trim squash unique showSettings;
in
with builtins; commandDump:
with import ./utils.nix;
let let
commandInfo = fromJSON commandDump;
showCommand = { command, details, filename, toplevel }: showCommand = { command, details, filename, toplevel }:
let let
result = '' result = ''
> **Warning** \ > **Warning** \
> This program is **experimental** and its interface is subject to change. > This program is
> [**experimental**](@docroot@/contributing/experimental-features.md#xp-feature-nix-command)
> and its interface is subject to change.
# Name # Name
@ -25,59 +34,75 @@ let
${maybeOptions} ${maybeOptions}
''; '';
showSynopsis = command: args: showSynopsis = command: args:
let let
showArgument = arg: "*${arg.label}*" + (if arg ? arity then "" else "..."); showArgument = arg: "*${arg.label}*" + optionalString (! arg ? arity) "...";
arguments = concatStringsSep " " (map showArgument args); arguments = concatStringsSep " " (map showArgument args);
in '' in ''
`${command}` [*option*...] ${arguments} `${command}` [*option*...] ${arguments}
''; '';
maybeSubcommands = if details ? commands && details.commands != {}
then '' maybeSubcommands = optionalString (details ? commands && details.commands != {})
''
where *subcommand* is one of the following: where *subcommand* is one of the following:
${subcommands} ${subcommands}
'' '';
else "";
subcommands = if length categories > 1 subcommands = if length categories > 1
then listCategories then listCategories
else listSubcommands details.commands; else listSubcommands details.commands;
categories = sort (x: y: x.id < y.id) (unique (map (cmd: cmd.category) (attrValues details.commands))); categories = sort (x: y: x.id < y.id) (unique (map (cmd: cmd.category) (attrValues details.commands)));
listCategories = concatStrings (map showCategory categories); listCategories = concatStrings (map showCategory categories);
showCategory = cat: '' showCategory = cat: ''
**${toString cat.description}:** **${toString cat.description}:**
${listSubcommands (filterAttrs (n: v: v.category == cat) details.commands)} ${listSubcommands (filterAttrs (n: v: v.category == cat) details.commands)}
''; '';
listSubcommands = cmds: concatStrings (attrValues (mapAttrs showSubcommand cmds)); listSubcommands = cmds: concatStrings (attrValues (mapAttrs showSubcommand cmds));
showSubcommand = name: subcmd: '' showSubcommand = name: subcmd: ''
* [`${command} ${name}`](./${appendName filename name}.md) - ${subcmd.description} * [`${command} ${name}`](./${appendName filename name}.md) - ${subcmd.description}
''; '';
maybeDocumentation = if details ? doc then details.doc else "";
maybeOptions = if details.flags == {} then "" else '' maybeDocumentation = optionalString
(details ? doc)
(replaceStrings ["@stores@"] [storeDocs] details.doc);
maybeOptions = optionalString (details.flags != {}) ''
# Options # Options
${showOptions details.flags toplevel.flags} ${showOptions details.flags toplevel.flags}
''; '';
showOptions = options: commonOptions: showOptions = options: commonOptions:
let let
allOptions = options // commonOptions; allOptions = options // commonOptions;
showCategory = cat: '' showCategory = cat: ''
${if cat != "" then "**${cat}:**" else ""} ${optionalString (cat != "") "**${cat}:**"}
${listOptions (filterAttrs (n: v: v.category == cat) allOptions)} ${listOptions (filterAttrs (n: v: v.category == cat) allOptions)}
''; '';
listOptions = opts: concatStringsSep "\n" (attrValues (mapAttrs showOption opts)); listOptions = opts: concatStringsSep "\n" (attrValues (mapAttrs showOption opts));
showOption = name: option: showOption = name: option:
let let
shortName = if option ? shortName then "/ `-${option.shortName}`" else ""; shortName = optionalString
labels = if option ? labels then (concatStringsSep " " (map (s: "*${s}*") option.labels)) else ""; (option ? shortName)
("/ `-${option.shortName}`");
labels = optionalString
(option ? labels)
(concatStringsSep " " (map (s: "*${s}*") option.labels));
in trim '' in trim ''
- `--${name}` ${shortName} ${labels} - `--${name}` ${shortName} ${labels}
${option.description} ${option.description}
''; '';
categories = sort builtins.lessThan (unique (map (cmd: cmd.category) (attrValues allOptions))); categories = sort lessThan (unique (map (cmd: cmd.category) (attrValues allOptions)));
in concatStrings (map showCategory categories); in concatStrings (map showCategory categories);
in squash result; in squash result;
@ -98,13 +123,11 @@ let
}; };
in [ cmd ] ++ concatMap subcommand (attrNames details.commands or {}); in [ cmd ] ++ concatMap subcommand (attrNames details.commands or {});
parsedToplevel = builtins.fromJSON toplevel;
manpages = processCommand { manpages = processCommand {
command = "nix"; command = "nix";
details = parsedToplevel; details = commandInfo.args;
filename = "nix"; filename = "nix";
toplevel = parsedToplevel; toplevel = commandInfo.args;
}; };
tableOfContents = let tableOfContents = let
@ -112,4 +135,18 @@ let
" - [${page.command}](command-ref/new-cli/${page.name})"; " - [${page.command}](command-ref/new-cli/${page.name})";
in concatStringsSep "\n" (map showEntry manpages) + "\n"; in concatStringsSep "\n" (map showEntry manpages) + "\n";
storeDocs =
let
showStore = name: { settings, doc }:
''
## ${name}
${doc}
**Settings**:
${showSettings { useAnchors = false; } settings}
'';
in concatStrings (attrValues (mapAttrs showStore commandInfo.stores));
in (listToAttrs manpages) // { "SUMMARY.md" = tableOfContents; } in (listToAttrs manpages) // { "SUMMARY.md" = tableOfContents; }

41
doc/manual/generate-options.nix
View file

@ -1,41 +0,0 @@
let
inherit (builtins) attrNames concatStringsSep isAttrs isBool;
inherit (import ./utils.nix) concatStrings squash splitLines;
in
optionsInfo:
let
showOption = name:
let
inherit (optionsInfo.${name}) description documentDefault defaultValue aliases;
result = squash ''
- <span id="conf-${name}">[`${name}`](#conf-${name})</span>
${indent " " body}
'';
# separate body to cleanly handle indentation
body = ''
${description}
**Default:** ${showDefault documentDefault defaultValue}
${showAliases aliases}
'';
showDefault = documentDefault: defaultValue:
if documentDefault then
# a StringMap value type is specified as a string, but
# this shows the value type. The empty stringmap is `null` in
# JSON, but that converts to `{ }` here.
if defaultValue == "" || defaultValue == [] || isAttrs defaultValue
then "*empty*"
else if isBool defaultValue then
if defaultValue then "`true`" else "`false`"
else "`${toString defaultValue}`"
else "*machine-specific*";
showAliases = aliases:
if aliases == [] then "" else
"**Deprecated alias:** ${(concatStringsSep ", " (map (s: "`${s}`") aliases))}";
indent = prefix: s:
concatStringsSep "\n" (map (x: if x == "" then x else "${prefix}${x}") (splitLines s));
in result;
in concatStrings (map showOption (attrNames optionsInfo))

9
doc/manual/generate-xp-features-shortlist.nix Normal file
View file

@ -0,0 +1,9 @@
with builtins;
with import ./utils.nix;
let
showExperimentalFeature = name: doc:
''
- [`${name}`](@docroot@/contributing/experimental-features.md#xp-feature-${name})
'';
in xps: indent " " (concatStrings (attrValues (mapAttrs showExperimentalFeature xps)))

11
doc/manual/generate-xp-features.nix Normal file
View file

@ -0,0 +1,11 @@
with builtins;
with import ./utils.nix;
let
showExperimentalFeature = name: doc:
squash ''
## [`${name}`]{#xp-feature-${name}}
${doc}
'';
in xps: (concatStringsSep "\n" (attrValues (mapAttrs showExperimentalFeature xps)))

112
doc/manual/local.mk
View file

@ -4,14 +4,21 @@ MANUAL_SRCS := \
$(call rwildcard, $(d)/src, *.md) \ $(call rwildcard, $(d)/src, *.md) \
$(call rwildcard, $(d)/src, */*.md) $(call rwildcard, $(d)/src, */*.md)
# Generate man pages.
man-pages := $(foreach n, \ man-pages := $(foreach n, \
nix-env.1 nix-build.1 nix-shell.1 nix-store.1 nix-instantiate.1 \ nix-env.1 nix-store.1 \
nix-build.1 nix-shell.1 nix-instantiate.1 \
nix-collect-garbage.1 \ nix-collect-garbage.1 \
nix-prefetch-url.1 nix-channel.1 \ nix-prefetch-url.1 nix-channel.1 \
nix-hash.1 nix-copy-closure.1 \ nix-hash.1 nix-copy-closure.1 \
nix.conf.5 nix-daemon.8, \ nix.conf.5 nix-daemon.8 \
$(d)/$(n)) , $(d)/$(n))
# man pages for subcommands
# convert from `$(d)/src/command-ref/nix-{1}/{2}.md` to `$(d)/nix-{1}-{2}.1`
# FIXME: unify with how nix3-cli man pages are generated
man-pages += $(foreach subcommand, \
$(filter-out %opt-common.md %env-common.md, $(wildcard $(d)/src/command-ref/nix-*/*.md)), \
$(d)/$(subst /,-,$(subst $(d)/src/command-ref/,,$(subst .md,.1,$(subcommand)))))
clean-files += $(d)/*.1 $(d)/*.5 $(d)/*.8 clean-files += $(d)/*.1 $(d)/*.5 $(d)/*.8
@ -26,9 +33,42 @@ dummy-env = env -i \
nix-eval = $(dummy-env) $(bindir)/nix eval --experimental-features nix-command -I nix/corepkgs=corepkgs --store dummy:// --impure --raw nix-eval = $(dummy-env) $(bindir)/nix eval --experimental-features nix-command -I nix/corepkgs=corepkgs --store dummy:// --impure --raw
# re-implement mdBook's include directive to make it usable for terminal output and for proper @docroot@ substitution
define process-includes
while read -r line; do \
set -euo pipefail; \
filename="$$(dirname $(1))/$$(sed 's/{{#include \(.*\)}}/\1/'<<< $$line)"; \
test -f "$$filename" || ( echo "#include-d file '$$filename' does not exist." >&2; exit 1; ); \
matchline="$$(sed 's|/|\\/|g' <<< $$line)"; \
sed -i "/$$matchline/r $$filename" $(2); \
sed -i "s/$$matchline//" $(2); \
done < <(grep '{{#include' $(1))
endef
$(d)/nix-env-%.1: $(d)/src/command-ref/nix-env/%.md
@printf "Title: %s\n\n" "$(subst nix-env-,nix-env --,$$(basename "$@" .1))" > $^.tmp
$(render-subcommand)
$(d)/nix-store-%.1: $(d)/src/command-ref/nix-store/%.md
@printf -- 'Title: %s\n\n' "$(subst nix-store-,nix-store --,$$(basename "$@" .1))" > $^.tmp
$(render-subcommand)
# FIXME: there surely is some more deduplication to be achieved here with even darker Make magic
define render-subcommand
@cat $^ >> $^.tmp
@$(call process-includes,$^,$^.tmp)
$(trace-gen) lowdown -sT man --nroff-nolinks -M section=1 $^.tmp -o $@
@# fix up `lowdown`'s automatic escaping of `--`
@# https://github.com/kristapsdz/lowdown/blob/edca6ce6d5336efb147321a43c47a698de41bb7c/entity.c#L202
@sed -i 's/\e\[u2013\]/--/' $@
@rm $^.tmp
endef
$(d)/%.1: $(d)/src/command-ref/%.md $(d)/%.1: $(d)/src/command-ref/%.md
@printf "Title: %s\n\n" "$$(basename $@ .1)" > $^.tmp @printf "Title: %s\n\n" "$$(basename $@ .1)" > $^.tmp
@cat $^ >> $^.tmp @cat $^ >> $^.tmp
@$(call process-includes,$^,$^.tmp)
$(trace-gen) lowdown -sT man --nroff-nolinks -M section=1 $^.tmp -o $@ $(trace-gen) lowdown -sT man --nroff-nolinks -M section=1 $^.tmp -o $@
@rm $^.tmp @rm $^.tmp
@ -41,40 +81,49 @@ $(d)/%.8: $(d)/src/command-ref/%.md
$(d)/nix.conf.5: $(d)/src/command-ref/conf-file.md $(d)/nix.conf.5: $(d)/src/command-ref/conf-file.md
@printf "Title: %s\n\n" "$$(basename $@ .5)" > $^.tmp @printf "Title: %s\n\n" "$$(basename $@ .5)" > $^.tmp
@cat $^ >> $^.tmp @cat $^ >> $^.tmp
@$(call process-includes,$^,$^.tmp)
$(trace-gen) lowdown -sT man --nroff-nolinks -M section=5 $^.tmp -o $@ $(trace-gen) lowdown -sT man --nroff-nolinks -M section=5 $^.tmp -o $@
@rm $^.tmp @rm $^.tmp
$(d)/src/SUMMARY.md: $(d)/src/SUMMARY.md.in $(d)/src/command-ref/new-cli $(d)/src/SUMMARY.md: $(d)/src/SUMMARY.md.in $(d)/src/command-ref/new-cli $(d)/src/contributing/experimental-feature-descriptions.md
$(trace-gen) cat doc/manual/src/SUMMARY.md.in | while IFS= read line; do if [[ $$line = @manpages@ ]]; then cat doc/manual/src/command-ref/new-cli/SUMMARY.md; else echo "$$line"; fi; done > $@.tmp @cp $< $@
@$(call process-includes,$@,$@)
$(d)/src/command-ref/new-cli: $(d)/nix.json $(d)/utils.nix $(d)/generate-manpage.nix $(bindir)/nix
@rm -rf $@ $@.tmp
$(trace-gen) $(nix-eval) --write-to $@.tmp --expr 'import doc/manual/generate-manpage.nix (builtins.readFile $<)'
@mv $@.tmp $@ @mv $@.tmp $@
$(d)/src/command-ref/new-cli: $(d)/nix.json $(d)/generate-manpage.nix $(bindir)/nix $(d)/src/command-ref/conf-file.md: $(d)/conf-file.json $(d)/utils.nix $(d)/src/command-ref/conf-file-prefix.md $(d)/src/command-ref/experimental-features-shortlist.md $(bindir)/nix
@rm -rf $@
$(trace-gen) $(nix-eval) --write-to $@.tmp --expr 'import doc/manual/generate-manpage.nix { toplevel = builtins.readFile $<; }'
@# @docroot@: https://nixos.org/manual/nix/unstable/contributing/hacking.html#docroot-variable
$(trace-gen) sed -i $@.tmp/*.md -e 's^@docroot@^../..^g'
@mv $@.tmp $@
$(d)/src/command-ref/conf-file.md: $(d)/conf-file.json $(d)/generate-options.nix $(d)/src/command-ref/conf-file-prefix.md $(bindir)/nix
@cat doc/manual/src/command-ref/conf-file-prefix.md > $@.tmp @cat doc/manual/src/command-ref/conf-file-prefix.md > $@.tmp
@# @docroot@: https://nixos.org/manual/nix/unstable/contributing/hacking.html#docroot-variable $(trace-gen) $(nix-eval) --expr '(import doc/manual/utils.nix).showSettings { useAnchors = true; } (builtins.fromJSON (builtins.readFile $<))' >> $@.tmp;
$(trace-gen) $(nix-eval) --expr 'import doc/manual/generate-options.nix (builtins.fromJSON (builtins.readFile $<))' \
| sed -e 's^@docroot@^..^g'>> $@.tmp
@mv $@.tmp $@ @mv $@.tmp $@
$(d)/nix.json: $(bindir)/nix $(d)/nix.json: $(bindir)/nix
$(trace-gen) $(dummy-env) $(bindir)/nix __dump-args > $@.tmp $(trace-gen) $(dummy-env) $(bindir)/nix __dump-cli > $@.tmp
@mv $@.tmp $@ @mv $@.tmp $@
$(d)/conf-file.json: $(bindir)/nix $(d)/conf-file.json: $(bindir)/nix
$(trace-gen) $(dummy-env) $(bindir)/nix show-config --json --experimental-features nix-command > $@.tmp $(trace-gen) $(dummy-env) $(bindir)/nix show-config --json --experimental-features nix-command > $@.tmp
@mv $@.tmp $@ @mv $@.tmp $@
$(d)/src/contributing/experimental-feature-descriptions.md: $(d)/xp-features.json $(d)/utils.nix $(d)/generate-xp-features.nix $(bindir)/nix
@rm -rf $@ $@.tmp
$(trace-gen) $(nix-eval) --write-to $@.tmp --expr 'import doc/manual/generate-xp-features.nix (builtins.fromJSON (builtins.readFile $<))'
@mv $@.tmp $@
$(d)/src/command-ref/experimental-features-shortlist.md: $(d)/xp-features.json $(d)/utils.nix $(d)/generate-xp-features-shortlist.nix $(bindir)/nix
@rm -rf $@ $@.tmp
$(trace-gen) $(nix-eval) --write-to $@.tmp --expr 'import doc/manual/generate-xp-features-shortlist.nix (builtins.fromJSON (builtins.readFile $<))'
@mv $@.tmp $@
$(d)/xp-features.json: $(bindir)/nix
$(trace-gen) $(dummy-env) NIX_PATH=nix/corepkgs=corepkgs $(bindir)/nix __dump-xp-features > $@.tmp
@mv $@.tmp $@
$(d)/src/language/builtins.md: $(d)/builtins.json $(d)/generate-builtins.nix $(d)/src/language/builtins-prefix.md $(bindir)/nix $(d)/src/language/builtins.md: $(d)/builtins.json $(d)/generate-builtins.nix $(d)/src/language/builtins-prefix.md $(bindir)/nix
@cat doc/manual/src/language/builtins-prefix.md > $@.tmp @cat doc/manual/src/language/builtins-prefix.md > $@.tmp
@# @docroot@: https://nixos.org/manual/nix/unstable/contributing/hacking.html#docroot-variable $(trace-gen) $(nix-eval) --expr 'import doc/manual/generate-builtins.nix (builtins.fromJSON (builtins.readFile $<))' >> $@.tmp;
$(trace-gen) $(nix-eval) --expr 'import doc/manual/generate-builtins.nix (builtins.fromJSON (builtins.readFile $<))' \
| sed -e 's^@docroot@^..^g' >> $@.tmp
@cat doc/manual/src/language/builtins-suffix.md >> $@.tmp @cat doc/manual/src/language/builtins-suffix.md >> $@.tmp
@mv $@.tmp $@ @mv $@.tmp $@
@ -83,7 +132,8 @@ $(d)/builtins.json: $(bindir)/nix
@mv $@.tmp $@ @mv $@.tmp $@
# Generate the HTML manual. # Generate the HTML manual.
html: $(docdir)/manual/index.html .PHONY: manual-html
manual-html: $(docdir)/manual/index.html
install: $(docdir)/manual/index.html install: $(docdir)/manual/index.html
# Generate 'nix' manpages. # Generate 'nix' manpages.
@ -91,6 +141,8 @@ install: $(mandir)/man1/nix3-manpages
man: doc/manual/generated/man1/nix3-manpages man: doc/manual/generated/man1/nix3-manpages
all: doc/manual/generated/man1/nix3-manpages all: doc/manual/generated/man1/nix3-manpages
# FIXME: unify with how the other man pages are generated.
# this one works differently and does not use any of the amenities provided by `/mk/lib.mk`.
$(mandir)/man1/nix3-manpages: doc/manual/generated/man1/nix3-manpages $(mandir)/man1/nix3-manpages: doc/manual/generated/man1/nix3-manpages
@mkdir -p $(DESTDIR)$$(dirname $@) @mkdir -p $(DESTDIR)$$(dirname $@)
$(trace-install) install -m 0644 $$(dirname $<)/* $(DESTDIR)$$(dirname $@) $(trace-install) install -m 0644 $$(dirname $<)/* $(DESTDIR)$$(dirname $@)
@ -108,11 +160,21 @@ doc/manual/generated/man1/nix3-manpages: $(d)/src/command-ref/new-cli
done done
@touch $@ @touch $@
$(docdir)/manual/index.html: $(MANUAL_SRCS) $(d)/book.toml $(d)/anchors.jq $(d)/custom.css $(d)/src/SUMMARY.md $(d)/src/command-ref/new-cli $(d)/src/command-ref/conf-file.md $(d)/src/language/builtins.md $(docdir)/manual/index.html: $(MANUAL_SRCS) $(d)/book.toml $(d)/anchors.jq $(d)/custom.css $(d)/src/SUMMARY.md $(d)/src/command-ref/new-cli $(d)/src/contributing/experimental-feature-descriptions.md $(d)/src/command-ref/conf-file.md $(d)/src/language/builtins.md
$(trace-gen) \ $(trace-gen) \
tmp="$$(mktemp -d)"; \
cp -r doc/manual "$$tmp"; \
find "$$tmp" -name '*.md' | while read -r file; do \
$(call process-includes,$$file,$$file); \
done; \
find "$$tmp" -name '*.md' | while read -r file; do \
docroot="$$(realpath --relative-to="$$(dirname "$$file")" $$tmp/manual/src)"; \
sed -i "s,@docroot@,$$docroot,g" "$$file"; \
done; \
set -euo pipefail; \ set -euo pipefail; \
RUST_LOG=warn mdbook build doc/manual -d $(DESTDIR)$(docdir)/manual.tmp 2>&1 \ RUST_LOG=warn mdbook build "$$tmp/manual" -d $(DESTDIR)$(docdir)/manual.tmp 2>&1 \
| { grep -Fv "because fragment resolution isn't implemented" || :; } | { grep -Fv "because fragment resolution isn't implemented" || :; }; \
rm -rf "$$tmp/manual"
@rm -rf $(DESTDIR)$(docdir)/manual @rm -rf $(DESTDIR)$(docdir)/manual
@mv $(DESTDIR)$(docdir)/manual.tmp/html $(DESTDIR)$(docdir)/manual @mv $(DESTDIR)$(docdir)/manual.tmp/html $(DESTDIR)$(docdir)/manual
@rm -rf $(DESTDIR)$(docdir)/manual.tmp @rm -rf $(DESTDIR)$(docdir)/manual.tmp

3
doc/manual/redirects.js
View file

@ -338,6 +338,9 @@ const redirects = {
"strings": "#string", "strings": "#string",
"lists": "#list", "lists": "#list",
"attribute-sets": "#attribute-set" "attribute-sets": "#attribute-set"
},
"installation/installing-binary.html": {
"uninstalling": "uninstall.html"
} }
}; };

39
doc/manual/src/SUMMARY.md.in
View file

@ -15,6 +15,7 @@
- [Multi-User Mode](installation/multi-user.md) - [Multi-User Mode](installation/multi-user.md)
- [Environment Variables](installation/env-variables.md) - [Environment Variables](installation/env-variables.md)
- [Upgrading Nix](installation/upgrading.md) - [Upgrading Nix](installation/upgrading.md)
- [Uninstalling Nix](installation/uninstall.md)
- [Package Management](package-management/package-management.md) - [Package Management](package-management/package-management.md)
- [Basic Package Management](package-management/basic-package-mgmt.md) - [Basic Package Management](package-management/basic-package-mgmt.md)
- [Profiles](package-management/profiles.md) - [Profiles](package-management/profiles.md)
@ -44,10 +45,41 @@
- [Common Options](command-ref/opt-common.md) - [Common Options](command-ref/opt-common.md)
- [Common Environment Variables](command-ref/env-common.md) - [Common Environment Variables](command-ref/env-common.md)
- [Main Commands](command-ref/main-commands.md) - [Main Commands](command-ref/main-commands.md)
- [nix-env](command-ref/nix-env.md)
- [nix-build](command-ref/nix-build.md) - [nix-build](command-ref/nix-build.md)
- [nix-shell](command-ref/nix-shell.md) - [nix-shell](command-ref/nix-shell.md)
- [nix-store](command-ref/nix-store.md) - [nix-store](command-ref/nix-store.md)
- [nix-store --add-fixed](command-ref/nix-store/add-fixed.md)
- [nix-store --add](command-ref/nix-store/add.md)
- [nix-store --delete](command-ref/nix-store/delete.md)
- [nix-store --dump-db](command-ref/nix-store/dump-db.md)
- [nix-store --dump](command-ref/nix-store/dump.md)
- [nix-store --export](command-ref/nix-store/export.md)
- [nix-store --gc](command-ref/nix-store/gc.md)
- [nix-store --generate-binary-cache-key](command-ref/nix-store/generate-binary-cache-key.md)
- [nix-store --import](command-ref/nix-store/import.md)
- [nix-store --load-db](command-ref/nix-store/load-db.md)
- [nix-store --optimise](command-ref/nix-store/optimise.md)
- [nix-store --print-env](command-ref/nix-store/print-env.md)
- [nix-store --query](command-ref/nix-store/query.md)
- [nix-store --read-log](command-ref/nix-store/read-log.md)
- [nix-store --realise](command-ref/nix-store/realise.md)
- [nix-store --repair-path](command-ref/nix-store/repair-path.md)
- [nix-store --restore](command-ref/nix-store/restore.md)
- [nix-store --serve](command-ref/nix-store/serve.md)
- [nix-store --verify-path](command-ref/nix-store/verify-path.md)
- [nix-store --verify](command-ref/nix-store/verify.md)
- [nix-env](command-ref/nix-env.md)
- [nix-env --delete-generations](command-ref/nix-env/delete-generations.md)
- [nix-env --install](command-ref/nix-env/install.md)
- [nix-env --list-generations](command-ref/nix-env/list-generations.md)
- [nix-env --query](command-ref/nix-env/query.md)
- [nix-env --rollback](command-ref/nix-env/rollback.md)
- [nix-env --set-flag](command-ref/nix-env/set-flag.md)
- [nix-env --set](command-ref/nix-env/set.md)
- [nix-env --switch-generation](command-ref/nix-env/switch-generation.md)
- [nix-env --switch-profile](command-ref/nix-env/switch-profile.md)
- [nix-env --uninstall](command-ref/nix-env/uninstall.md)
- [nix-env --upgrade](command-ref/nix-env/upgrade.md)
- [Utilities](command-ref/utilities.md) - [Utilities](command-ref/utilities.md)
- [nix-channel](command-ref/nix-channel.md) - [nix-channel](command-ref/nix-channel.md)
- [nix-collect-garbage](command-ref/nix-collect-garbage.md) - [nix-collect-garbage](command-ref/nix-collect-garbage.md)
@ -57,16 +89,19 @@
- [nix-instantiate](command-ref/nix-instantiate.md) - [nix-instantiate](command-ref/nix-instantiate.md)
- [nix-prefetch-url](command-ref/nix-prefetch-url.md) - [nix-prefetch-url](command-ref/nix-prefetch-url.md)
- [Experimental Commands](command-ref/experimental-commands.md) - [Experimental Commands](command-ref/experimental-commands.md)
@manpages@ {{#include ./command-ref/new-cli/SUMMARY.md}}
- [Files](command-ref/files.md) - [Files](command-ref/files.md)
- [nix.conf](command-ref/conf-file.md) - [nix.conf](command-ref/conf-file.md)
- [Architecture](architecture/architecture.md) - [Architecture](architecture/architecture.md)
- [Glossary](glossary.md) - [Glossary](glossary.md)
- [Contributing](contributing/contributing.md) - [Contributing](contributing/contributing.md)
- [Hacking](contributing/hacking.md) - [Hacking](contributing/hacking.md)
- [Experimental Features](contributing/experimental-features.md)
- [CLI guideline](contributing/cli-guideline.md) - [CLI guideline](contributing/cli-guideline.md)
- [Release Notes](release-notes/release-notes.md) - [Release Notes](release-notes/release-notes.md)
- [Release X.Y (202?-??-??)](release-notes/rl-next.md) - [Release X.Y (202?-??-??)](release-notes/rl-next.md)
- [Release 2.15 (2023-04-11)](release-notes/rl-2.15.md)
- [Release 2.14 (2023-02-28)](release-notes/rl-2.14.md)
- [Release 2.13 (2023-01-17)](release-notes/rl-2.13.md) - [Release 2.13 (2023-01-17)](release-notes/rl-2.13.md)
- [Release 2.12 (2022-12-06)](release-notes/rl-2.12.md) - [Release 2.12 (2022-12-06)](release-notes/rl-2.12.md)
- [Release 2.11 (2022-08-25)](release-notes/rl-2.11.md) - [Release 2.11 (2022-08-25)](release-notes/rl-2.11.md)

49
doc/manual/src/command-ref/env-common.md
View file

@ -2,18 +2,29 @@
Most Nix commands interpret the following environment variables: Most Nix commands interpret the following environment variables:
- [`IN_NIX_SHELL`]{#env-IN_NIX_SHELL}\ - <span id="env-IN_NIX_SHELL">[`IN_NIX_SHELL`](#env-IN_NIX_SHELL)</span>\
Indicator that tells if the current environment was set up by Indicator that tells if the current environment was set up by
`nix-shell`. It can have the values `pure` or `impure`. `nix-shell`. It can have the values `pure` or `impure`.
- [`NIX_PATH`]{#env-NIX_PATH}\ - <span id="env-NIX_PATH">[`NIX_PATH`](#env-NIX_PATH)</span>\
A colon-separated list of directories used to look up the location of Nix A colon-separated list of directories used to look up the location of Nix
expressions using [paths](../language/values.md#type-path) expressions using [paths](@docroot@/language/values.md#type-path)
enclosed in angle brackets (i.e., `<path>`), enclosed in angle brackets (i.e., `<path>`),
e.g. `/home/eelco/Dev:/etc/nixos`. It can be extended using the e.g. `/home/eelco/Dev:/etc/nixos`. It can be extended using the
[`-I` option](./opt-common.md#opt-I). [`-I` option](@docroot@/command-ref/opt-common.md#opt-I).
- [`NIX_IGNORE_SYMLINK_STORE`]{#env-NIX_IGNORE_SYMLINK_STORE}\ If `NIX_PATH` is not set at all, Nix will fall back to the following list in [impure](@docroot@/command-ref/conf-file.md#conf-pure-eval) and [unrestricted](@docroot@/command-ref/conf-file.md#conf-restrict-eval) evaluation mode:
1. `$HOME/.nix-defexpr/channels`
2. `nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixpkgs`
3. `/nix/var/nix/profiles/per-user/root/channels`
If `NIX_PATH` is set to an empty string, resolving search paths will always fail.
For example, attempting to use `<nixpkgs>` will produce:
error: file 'nixpkgs' was not found in the Nix search path
- <span id="env-NIX_IGNORE_SYMLINK_STORE">[`NIX_IGNORE_SYMLINK_STORE`](#env-NIX_IGNORE_SYMLINK_STORE)</span>\
Normally, the Nix store directory (typically `/nix/store`) is not Normally, the Nix store directory (typically `/nix/store`) is not
allowed to contain any symlink components. This is to prevent allowed to contain any symlink components. This is to prevent
“impure” builds. Builders sometimes “canonicalise” paths by “impure” builds. Builders sometimes “canonicalise” paths by
@ -35,58 +46,58 @@ Most Nix commands interpret the following environment variables:
Consult the mount 8 manual page for details. Consult the mount 8 manual page for details.
- [`NIX_STORE_DIR`]{#env-NIX_STORE_DIR}\ - <span id="env-NIX_STORE_DIR">[`NIX_STORE_DIR`](#env-NIX_STORE_DIR)</span>\
Overrides the location of the Nix store (default `prefix/store`). Overrides the location of the Nix store (default `prefix/store`).
- [`NIX_DATA_DIR`]{#env-NIX_DATA_DIR}\ - <span id="env-NIX_DATA_DIR">[`NIX_DATA_DIR`](#env-NIX_DATA_DIR)</span>\
Overrides the location of the Nix static data directory (default Overrides the location of the Nix static data directory (default
`prefix/share`). `prefix/share`).
- [`NIX_LOG_DIR`]{#env-NIX_LOG_DIR}\ - <span id="env-NIX_LOG_DIR">[`NIX_LOG_DIR`](#env-NIX_LOG_DIR)</span>\
Overrides the location of the Nix log directory (default Overrides the location of the Nix log directory (default
`prefix/var/log/nix`). `prefix/var/log/nix`).
- [`NIX_STATE_DIR`]{#env-NIX_STATE_DIR}\ - <span id="env-NIX_STATE_DIR">[`NIX_STATE_DIR`](#env-NIX_STATE_DIR)</span>\
Overrides the location of the Nix state directory (default Overrides the location of the Nix state directory (default
`prefix/var/nix`). `prefix/var/nix`).
- [`NIX_CONF_DIR`]{#env-NIX_CONF_DIR}\ - <span id="env-NIX_CONF_DIR">[`NIX_CONF_DIR`](#env-NIX_CONF_DIR)</span>\
Overrides the location of the system Nix configuration directory Overrides the location of the system Nix configuration directory
(default `prefix/etc/nix`). (default `prefix/etc/nix`).
- [`NIX_CONFIG`]{#env-NIX_CONFIG}\ - <span id="env-NIX_CONFIG">[`NIX_CONFIG`](#env-NIX_CONFIG)</span>\
Applies settings from Nix configuration from the environment. Applies settings from Nix configuration from the environment.
The content is treated as if it was read from a Nix configuration file. The content is treated as if it was read from a Nix configuration file.
Settings are separated by the newline character. Settings are separated by the newline character.
- [`NIX_USER_CONF_FILES`]{#env-NIX_USER_CONF_FILES}\ - <span id="env-NIX_USER_CONF_FILES">[`NIX_USER_CONF_FILES`](#env-NIX_USER_CONF_FILES)</span>\
Overrides the location of the user Nix configuration files to load Overrides the location of the user Nix configuration files to load
from (defaults to the XDG spec locations). The variable is treated from (defaults to the XDG spec locations). The variable is treated
as a list separated by the `:` token. as a list separated by the `:` token.
- [`TMPDIR`]{#env-TMPDIR}\ - <span id="env-TMPDIR">[`TMPDIR`](#env-TMPDIR)</span>\
Use the specified directory to store temporary files. In particular, Use the specified directory to store temporary files. In particular,
this includes temporary build directories; these can take up this includes temporary build directories; these can take up
substantial amounts of disk space. The default is `/tmp`. substantial amounts of disk space. The default is `/tmp`.
- [`NIX_REMOTE`]{#env-NIX_REMOTE}\ - <span id="env-NIX_REMOTE">[`NIX_REMOTE`](#env-NIX_REMOTE)</span>\
This variable should be set to `daemon` if you want to use the Nix This variable should be set to `daemon` if you want to use the Nix
daemon to execute Nix operations. This is necessary in [multi-user daemon to execute Nix operations. This is necessary in [multi-user
Nix installations](../installation/multi-user.md). If the Nix Nix installations](@docroot@/installation/multi-user.md). If the Nix
daemon's Unix socket is at some non-standard path, this variable daemon's Unix socket is at some non-standard path, this variable
should be set to `unix://path/to/socket`. Otherwise, it should be should be set to `unix://path/to/socket`. Otherwise, it should be
left unset. left unset.
- [`NIX_SHOW_STATS`]{#env-NIX_SHOW_STATS}\ - <span id="env-NIX_SHOW_STATS">[`NIX_SHOW_STATS`](#env-NIX_SHOW_STATS)</span>\
If set to `1`, Nix will print some evaluation statistics, such as If set to `1`, Nix will print some evaluation statistics, such as
the number of values allocated. the number of values allocated.
- [`NIX_COUNT_CALLS`]{#env-NIX_COUNT_CALLS}\ - <span id="env-NIX_COUNT_CALLS">[`NIX_COUNT_CALLS`](#env-NIX_COUNT_CALLS)</span>\
If set to `1`, Nix will print how often functions were called during If set to `1`, Nix will print how often functions were called during
Nix expression evaluation. This is useful for profiling your Nix Nix expression evaluation. This is useful for profiling your Nix
expressions. expressions.
- [`GC_INITIAL_HEAP_SIZE`]{#env-GC_INITIAL_HEAP_SIZE}\ - <span id="env-GC_INITIAL_HEAP_SIZE">[`GC_INITIAL_HEAP_SIZE`](#env-GC_INITIAL_HEAP_SIZE)</span>\
If Nix has been configured to use the Boehm garbage collector, this If Nix has been configured to use the Boehm garbage collector, this
variable sets the initial size of the heap in bytes. It defaults to variable sets the initial size of the heap in bytes. It defaults to
384 MiB. Setting it to a low value reduces memory consumption, but 384 MiB. Setting it to a low value reduces memory consumption, but
@ -103,4 +114,4 @@ New Nix commands conform to the [XDG Base Directory Specification], and use the
Classic Nix commands can also be made to follow this standard using the [`use-xdg-base-directories`] configuration option. Classic Nix commands can also be made to follow this standard using the [`use-xdg-base-directories`] configuration option.
[XDG Base Directory Specification]: https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html [XDG Base Directory Specification]: https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
[`use-xdg-base-directories`]: ../command-ref/conf-file.md#conf-use-xdg-base-directories [`use-xdg-base-directories`]: @docroot@/command-ref/conf-file.md#conf-use-xdg-base-directories

2
doc/manual/src/command-ref/experimental-commands.md
View file

@ -1,6 +1,6 @@
# Experimental Commands # Experimental Commands
This section lists experimental commands. This section lists [experimental commands](@docroot@/contributing/experimental-features.md#xp-feature-nix-command).
> **Warning** > **Warning**
> >

11
doc/manual/src/command-ref/nix-build.md
View file

@ -38,7 +38,7 @@ directory containing at least a file named `default.nix`.
`nix-build` is essentially a wrapper around `nix-build` is essentially a wrapper around
[`nix-instantiate`](nix-instantiate.md) (to translate a high-level Nix [`nix-instantiate`](nix-instantiate.md) (to translate a high-level Nix
expression to a low-level [store derivation]) and [`nix-store expression to a low-level [store derivation]) and [`nix-store
--realise`](nix-store.md#operation---realise) (to build the store --realise`](@docroot@/command-ref/nix-store/realise.md) (to build the store
derivation). derivation).
[store derivation]: ../glossary.md#gloss-store-derivation [store derivation]: ../glossary.md#gloss-store-derivation
@ -51,9 +51,8 @@ derivation).
# Options # Options
All options not listed here are passed to `nix-store All options not listed here are passed to `nix-store --realise`,
--realise`, except for `--arg` and `--attr` / `-A` which are passed to except for `--arg` and `--attr` / `-A` which are passed to `nix-instantiate`.
`nix-instantiate`.
- <span id="opt-no-out-link">[`--no-out-link`](#opt-no-out-link)<span> - <span id="opt-no-out-link">[`--no-out-link`](#opt-no-out-link)<span>
@ -70,7 +69,9 @@ All options not listed here are passed to `nix-store
Change the name of the symlink to the output path created from Change the name of the symlink to the output path created from
`result` to *outlink*. `result` to *outlink*.
The following common options are supported: {{#include ./opt-common.md}}
{{#include ./env-common.md}}
# Examples # Examples

8
doc/manual/src/command-ref/nix-channel.md
View file

@ -45,6 +45,10 @@ Note that `--add` does not automatically perform an update.
The list of subscribed channels is stored in `~/.nix-channels`. The list of subscribed channels is stored in `~/.nix-channels`.
{{#include ./opt-common.md}}
{{#include ./env-common.md}}
# Examples # Examples
To subscribe to the Nixpkgs channel and install the GNU Hello package: To subscribe to the Nixpkgs channel and install the GNU Hello package:
@ -70,7 +74,7 @@ $ nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
# Files # Files
- `/nix/var/nix/profiles/per-user/username/channels`\ - `${XDG_STATE_HOME-$HOME/.local/state}/nix/profiles/channels`\
`nix-channel` uses a `nix-env` profile to keep track of previous `nix-channel` uses a `nix-env` profile to keep track of previous
versions of the subscribed channels. Every time you run `nix-channel versions of the subscribed channels. Every time you run `nix-channel
--update`, a new channel generation (that is, a symlink to the --update`, a new channel generation (that is, a symlink to the
@ -79,7 +83,7 @@ $ nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
- `~/.nix-defexpr/channels`\ - `~/.nix-defexpr/channels`\
This is a symlink to This is a symlink to
`/nix/var/nix/profiles/per-user/username/channels`. It ensures that `${XDG_STATE_HOME-$HOME/.local/state}/nix/profiles/channels`. It ensures that
`nix-env` can find your channels. In a multi-user installation, you `nix-env` can find your channels. In a multi-user installation, you
may also have `~/.nix-defexpr/channels_root`, which links to the may also have `~/.nix-defexpr/channels_root`, which links to the
channels of the root user. channels of the root user.

6
doc/manual/src/command-ref/nix-collect-garbage.md
View file

@ -9,7 +9,7 @@
# Description # Description
The command `nix-collect-garbage` is mostly an alias of [`nix-store The command `nix-collect-garbage` is mostly an alias of [`nix-store
--gc`](nix-store.md#operation---gc), that is, it deletes all --gc`](@docroot@/command-ref/nix-store/gc.md), that is, it deletes all
unreachable paths in the Nix store to clean up your system. However, unreachable paths in the Nix store to clean up your system. However,
it provides two additional options: `-d` (`--delete-old`), which it provides two additional options: `-d` (`--delete-old`), which
deletes all old generations of all profiles in `/nix/var/nix/profiles` deletes all old generations of all profiles in `/nix/var/nix/profiles`
@ -20,6 +20,10 @@ and `--delete-older-than` *period*, where period is a value such as
of days in all profiles in `/nix/var/nix/profiles` (except for the of days in all profiles in `/nix/var/nix/profiles` (except for the
generations that were active at that point in time). generations that were active at that point in time).
{{#include ./opt-common.md}}
{{#include ./env-common.md}}
# Example # Example
To delete from the Nix store everything that is not used by the current To delete from the Nix store everything that is not used by the current

4
doc/manual/src/command-ref/nix-copy-closure.md
View file

@ -63,12 +63,16 @@ authentication, you can avoid typing the passphrase with `ssh-agent`.
- `-v`\ - `-v`\
Show verbose output. Show verbose output.
{{#include ./opt-common.md}}
# Environment variables # Environment variables
- `NIX_SSHOPTS`\ - `NIX_SSHOPTS`\
Additional options to be passed to `ssh` on the command Additional options to be passed to `ssh` on the command
line. line.
{{#include ./env-common.md}}
# Examples # Examples
Copy Firefox with all its dependencies to a remote machine: Copy Firefox with all its dependencies to a remote machine:

816
doc/manual/src/command-ref/nix-env.md
View file

@ -4,15 +4,14 @@
# Synopsis # Synopsis
`nix-env` `nix-env` *operation* [*options*] [*arguments…*]
[`--option` *name* *value*] [`--option` *name* *value*]
[`--arg` *name* *value*] [`--arg` *name* *value*]
[`--argstr` *name* *value*] [`--argstr` *name* *value*]
[{`--file` | `-f`} *path*] [{`--file` | `-f`} *path*]
[{`--profile` | `-p`} *path(] [{`--profile` | `-p`} *path*]
[`--system-filter` *system*] [`--system-filter` *system*]
[`--dry-run`] [`--dry-run`]
*operation* [*options…*] [*arguments…*]
# Description # Description
@ -24,7 +23,29 @@ environments: different users can have different environments, and
individual users can switch between different environments. individual users can switch between different environments.
`nix-env` takes exactly one *operation* flag which indicates the `nix-env` takes exactly one *operation* flag which indicates the
subcommand to be performed. These are documented below. subcommand to be performed. The following operations are available:
- [`--install`](./nix-env/install.md)
- [`--upgrade`](./nix-env/upgrade.md)
- [`--uninstall`](./nix-env/uninstall.md)
- [`--set`](./nix-env/set.md)
- [`--set-flag`](./nix-env/set-flag.md)
- [`--query`](./nix-env/query.md)
- [`--switch-profile`](./nix-env/switch-profile.md)
- [`--list-generations`](./nix-env/list-generations.md)
- [`--delete-generations`](./nix-env/delete-generations.md)
- [`--switch-generation`](./nix-env/switch-generation.md)
- [`--rollback`](./nix-env/rollback.md)
These pages can be viewed offline:
- `man nix-env-<operation>`.
Example: `man nix-env-install`
- `nix-env --help --<operation>`
Example: `nix-env --help --install`
# Selectors # Selectors
@ -60,46 +81,6 @@ match. Here are some examples:
Matches any package name containing the strings `firefox` or Matches any package name containing the strings `firefox` or
`chromium`. `chromium`.
# Common options
This section lists the options that are common to all operations. These
options are allowed for every subcommand, though they may not always
have an effect.
- `--file` / `-f` *path*\
Specifies the Nix expression (designated below as the *active Nix
expression*) used by the `--install`, `--upgrade`, and `--query
--available` operations to obtain derivations. The default is
`~/.nix-defexpr`.
If the argument starts with `http://` or `https://`, it is
interpreted as the URL of a tarball that will be downloaded and
unpacked to a temporary location. The tarball must include a single
top-level directory containing at least a file named `default.nix`.
- `--profile` / `-p` *path*\
Specifies the profile to be used by those operations that operate on
a profile (designated below as the *active profile*). A profile is a
sequence of user environments called *generations*, one of which is
the *current generation*.
- `--dry-run`\
For the `--install`, `--upgrade`, `--uninstall`,
`--switch-generation`, `--delete-generations` and `--rollback`
operations, this flag will cause `nix-env` to print what *would* be
done if this flag had not been specified, without actually doing it.
`--dry-run` also prints out which paths will be
[substituted](../glossary.md) (i.e., downloaded) and which paths
will be built from source (because no substitute is available).
- `--system-filter` *system*\
By default, operations such as `--query
--available` show derivations matching any platform. This option
allows you to use derivations for the specified platform *system*.
<!-- end list -->
# Files # Files
- `~/.nix-defexpr`\ - `~/.nix-defexpr`\
@ -145,750 +126,3 @@ have an effect.
symlink points to `prefix/var/nix/profiles/default`. The `PATH` symlink points to `prefix/var/nix/profiles/default`. The `PATH`
environment variable should include `~/.nix-profile/bin` for the environment variable should include `~/.nix-profile/bin` for the
user environment to be visible to the user. user environment to be visible to the user.
# Operation `--install`
## Synopsis
`nix-env` {`--install` | `-i`} *args…*
[{`--prebuilt-only` | `-b`}]
[{`--attr` | `-A`}]
[`--from-expression`] [`-E`]
[`--from-profile` *path*]
[`--preserve-installed` | `-P`]
[`--remove-all` | `-r`]
## Description
The install operation creates a new user environment, based on the
current generation of the active profile, to which a set of store paths
described by *args* is added. The arguments *args* map to store paths in
a number of possible ways:
- By default, *args* is a set of derivation names denoting derivations
in the active Nix expression. These are realised, and the resulting
output paths are installed. Currently installed derivations with a
name equal to the name of a derivation being added are removed
unless the option `--preserve-installed` is specified.
If there are multiple derivations matching a name in *args* that
have the same name (e.g., `gcc-3.3.6` and `gcc-4.1.1`), then the
derivation with the highest *priority* is used. A derivation can
define a priority by declaring the `meta.priority` attribute. This
attribute should be a number, with a higher value denoting a lower
priority. The default priority is `0`.
If there are multiple matching derivations with the same priority,
then the derivation with the highest version will be installed.
You can force the installation of multiple derivations with the same
name by being specific about the versions. For instance, `nix-env -i
gcc-3.3.6 gcc-4.1.1` will install both version of GCC (and will
probably cause a user environment conflict\!).
- If `--attr` (`-A`) is specified, the arguments are *attribute
paths* that select attributes from the top-level Nix
expression. This is faster than using derivation names and
unambiguous. To find out the attribute paths of available
packages, use `nix-env -qaP`.
- If `--from-profile` *path* is given, *args* is a set of names
denoting installed store paths in the profile *path*. This is an
easy way to copy user environment elements from one profile to
another.
- If `--from-expression` is given, *args* are Nix
[functions](../language/constructs.md#functions)
that are called with the active Nix expression as their single
argument. The derivations returned by those function calls are
installed. This allows derivations to be specified in an
unambiguous way, which is necessary if there are multiple
derivations with the same name.
- If *args* are [store derivation]s, then these are
[realised](nix-store.md#operation---realise), and the resulting output paths
are installed.
[store derivation]: ../glossary.md#gloss-store-derivation
- If *args* are store paths that are not store derivations, then these
are [realised](nix-store.md#operation---realise) and installed.
- By default all outputs are installed for each derivation. That can
be reduced by setting `meta.outputsToInstall`.
## Flags
- `--prebuilt-only` / `-b`\
Use only derivations for which a substitute is registered, i.e.,
there is a pre-built binary available that can be downloaded in lieu
of building the derivation. Thus, no packages will be built from
source.
- `--preserve-installed`; `-P`\
Do not remove derivations with a name matching one of the
derivations being installed. Usually, trying to have two versions of
the same package installed in the same generation of a profile will
lead to an error in building the generation, due to file name
clashes between the two versions. However, this is not the case for
all packages.
- `--remove-all`; `-r`\
Remove all previously installed packages first. This is equivalent
to running `nix-env -e '.*'` first, except that everything happens
in a single transaction.
## Examples
To install a package using a specific attribute path from the active Nix expression:
```console
$ nix-env -iA gcc40mips
installing `gcc-4.0.2'
$ nix-env -iA xorg.xorgserver
installing `xorg-server-1.2.0'
```
To install a specific version of `gcc` using the derivation name:
```console
$ nix-env --install gcc-3.3.2
installing `gcc-3.3.2'
uninstalling `gcc-3.1'
```
Using attribute path for selecting a package is preferred,
as it is much faster and there will not be multiple matches.
Note the previously installed version is removed, since
`--preserve-installed` was not specified.
To install an arbitrary version:
```console
$ nix-env --install gcc
installing `gcc-3.3.2'
```
To install all derivations in the Nix expression `foo.nix`:
```console
$ nix-env -f ~/foo.nix -i '.*'
```
To copy the store path with symbolic name `gcc` from another profile:
```console
$ nix-env -i --from-profile /nix/var/nix/profiles/foo gcc
```
To install a specific [store derivation] (typically created by
`nix-instantiate`):
```console
$ nix-env -i /nix/store/fibjb1bfbpm5mrsxc4mh2d8n37sxh91i-gcc-3.4.3.drv
```
To install a specific output path:
```console
$ nix-env -i /nix/store/y3cgx0xj1p4iv9x0pnnmdhr8iyg741vk-gcc-3.4.3
```
To install from a Nix expression specified on the command-line:
```console
$ nix-env -f ./foo.nix -i -E \
'f: (f {system = "i686-linux";}).subversionWithJava'
```
I.e., this evaluates to `(f: (f {system =
"i686-linux";}).subversionWithJava) (import ./foo.nix)`, thus selecting
the `subversionWithJava` attribute from the set returned by calling the
function defined in `./foo.nix`.
A dry-run tells you which paths will be downloaded or built from source:
```console
$ nix-env -f '<nixpkgs>' -iA hello --dry-run
(dry run; not doing anything)
installing hello-2.10
this path will be fetched (0.04 MiB download, 0.19 MiB unpacked):
/nix/store/wkhdf9jinag5750mqlax6z2zbwhqb76n-hello-2.10
...
```
To install Firefox from the latest revision in the Nixpkgs/NixOS 14.12
channel:
```console
$ nix-env -f https://github.com/NixOS/nixpkgs/archive/nixos-14.12.tar.gz -iA firefox
```
# Operation `--upgrade`
## Synopsis
`nix-env` {`--upgrade` | `-u`} *args*
[`--lt` | `--leq` | `--eq` | `--always`]
[{`--prebuilt-only` | `-b`}]
[{`--attr` | `-A`}]
[`--from-expression`] [`-E`]
[`--from-profile` *path*]
[`--preserve-installed` | `-P`]
## Description
The upgrade operation creates a new user environment, based on the
current generation of the active profile, in which all store paths are
replaced for which there are newer versions in the set of paths
described by *args*. Paths for which there are no newer versions are
left untouched; this is not an error. It is also not an error if an
element of *args* matches no installed derivations.
For a description of how *args* is mapped to a set of store paths, see
[`--install`](#operation---install). If *args* describes multiple
store paths with the same symbolic name, only the one with the highest
version is installed.
## Flags
- `--lt`\
Only upgrade a derivation to newer versions. This is the default.
- `--leq`\
In addition to upgrading to newer versions, also “upgrade” to
derivations that have the same version. Version are not a unique
identification of a derivation, so there may be many derivations
that have the same version. This flag may be useful to force
“synchronisation” between the installed and available derivations.
- `--eq`\
*Only* “upgrade” to derivations that have the same version. This may
not seem very useful, but it actually is, e.g., when there is a new
release of Nixpkgs and you want to replace installed applications
with the same versions built against newer dependencies (to reduce
the number of dependencies floating around on your system).
- `--always`\
In addition to upgrading to newer versions, also “upgrade” to
derivations that have the same or a lower version. I.e., derivations
may actually be downgraded depending on what is available in the
active Nix expression.
For the other flags, see `--install`.
## Examples
```console
$ nix-env --upgrade -A nixpkgs.gcc
upgrading `gcc-3.3.1' to `gcc-3.4'
```
When there are no updates available, nothing will happen:
```console
$ nix-env --upgrade -A nixpkgs.pan
```
Using `-A` is preferred when possible, as it is faster and unambiguous but
it is also possible to upgrade to a specific version by matching the derivation name:
```console
$ nix-env -u gcc-3.3.2 --always
upgrading `gcc-3.4' to `gcc-3.3.2'
```
To try to upgrade everything
(matching packages based on the part of the derivation name without version):
```console
$ nix-env -u
upgrading `hello-2.1.2' to `hello-2.1.3'
upgrading `mozilla-1.2' to `mozilla-1.4'
```
## Versions
The upgrade operation determines whether a derivation `y` is an upgrade
of a derivation `x` by looking at their respective `name` attributes.
The names (e.g., `gcc-3.3.1` are split into two parts: the package name
(`gcc`), and the version (`3.3.1`). The version part starts after the
first dash not followed by a letter. `y` is considered an upgrade of `x`
if their package names match, and the version of `y` is higher than that
of `x`.
The versions are compared by splitting them into contiguous components
of numbers and letters. E.g., `3.3.1pre5` is split into `[3, 3, 1,
"pre", 5]`. These lists are then compared lexicographically (from left
to right). Corresponding components `a` and `b` are compared as follows.
If they are both numbers, integer comparison is used. If `a` is an empty
string and `b` is a number, `a` is considered less than `b`. The special
string component `pre` (for *pre-release*) is considered to be less than
other components. String components are considered less than number
components. Otherwise, they are compared lexicographically (i.e., using
case-sensitive string comparison).
This is illustrated by the following examples:
1.0 < 2.3
2.1 < 2.3
2.3 = 2.3
2.5 > 2.3
3.1 > 2.3
2.3.1 > 2.3
2.3.1 > 2.3a
2.3pre1 < 2.3
2.3pre3 < 2.3pre12
2.3a < 2.3c
2.3pre1 < 2.3c
2.3pre1 < 2.3q
# Operation `--uninstall`
## Synopsis
`nix-env` {`--uninstall` | `-e`} *drvnames…*
## Description
The uninstall operation creates a new user environment, based on the
current generation of the active profile, from which the store paths
designated by the symbolic names *drvnames* are removed.
## Examples
```console
$ nix-env --uninstall gcc
$ nix-env -e '.*' (remove everything)
```
# Operation `--set`
## Synopsis
`nix-env` `--set` *drvname*
## Description
The `--set` operation modifies the current generation of a profile so
that it contains exactly the specified derivation, and nothing else.
## Examples
The following updates a profile such that its current generation will
contain just Firefox:
```console
$ nix-env -p /nix/var/nix/profiles/browser --set firefox
```
# Operation `--set-flag`
## Synopsis
`nix-env` `--set-flag` *name* *value* *drvnames*
## Description
The `--set-flag` operation allows meta attributes of installed packages
to be modified. There are several attributes that can be usefully
modified, because they affect the behaviour of `nix-env` or the user
environment build script:
- `priority` can be changed to resolve filename clashes. The user
environment build script uses the `meta.priority` attribute of
derivations to resolve filename collisions between packages. Lower
priority values denote a higher priority. For instance, the GCC
wrapper package and the Binutils package in Nixpkgs both have a file
`bin/ld`, so previously if you tried to install both you would get a
collision. Now, on the other hand, the GCC wrapper declares a higher
priority than Binutils, so the formers `bin/ld` is symlinked in the
user environment.
- `keep` can be set to `true` to prevent the package from being
upgraded or replaced. This is useful if you want to hang on to an
older version of a package.
- `active` can be set to `false` to “disable” the package. That is, no
symlinks will be generated to the files of the package, but it
remains part of the profile (so it wont be garbage-collected). It
can be set back to `true` to re-enable the package.
## Examples
To prevent the currently installed Firefox from being upgraded:
```console
$ nix-env --set-flag keep true firefox
```
After this, `nix-env -u` will ignore Firefox.
To disable the currently installed Firefox, then install a new Firefox
while the old remains part of the profile:
```console
$ nix-env -q
firefox-2.0.0.9 (the current one)
$ nix-env --preserve-installed -i firefox-2.0.0.11
installing `firefox-2.0.0.11'
building path(s) `/nix/store/myy0y59q3ig70dgq37jqwg1j0rsapzsl-user-environment'
collision between `/nix/store/...-firefox-2.0.0.11/bin/firefox'
and `/nix/store/...-firefox-2.0.0.9/bin/firefox'.
(i.e., cant have two active at the same time)
$ nix-env --set-flag active false firefox
setting flag on `firefox-2.0.0.9'
$ nix-env --preserve-installed -i firefox-2.0.0.11
installing `firefox-2.0.0.11'
$ nix-env -q
firefox-2.0.0.11 (the enabled one)
firefox-2.0.0.9 (the disabled one)
```
To make files from `binutils` take precedence over files from `gcc`:
```console
$ nix-env --set-flag priority 5 binutils
$ nix-env --set-flag priority 10 gcc
```
# Operation `--query`
## Synopsis
`nix-env` {`--query` | `-q`} *names…*
[`--installed` | `--available` | `-a`]
[{`--status` | `-s`}]
[{`--attr-path` | `-P`}]
[`--no-name`]
[{`--compare-versions` | `-c`}]
[`--system`]
[`--drv-path`]
[`--out-path`]
[`--description`]
[`--meta`]
[`--xml`]
[`--json`]
[{`--prebuilt-only` | `-b`}]
[{`--attr` | `-A`} *attribute-path*]
## Description
The query operation displays information about either the store paths
that are installed in the current generation of the active profile
(`--installed`), or the derivations that are available for installation
in the active Nix expression (`--available`). It only prints information
about derivations whose symbolic name matches one of *names*.
The derivations are sorted by their `name` attributes.
## Source selection
The following flags specify the set of things on which the query
operates.
- `--installed`\
The query operates on the store paths that are installed in the
current generation of the active profile. This is the default.
- `--available`; `-a`\
The query operates on the derivations that are available in the
active Nix expression.
## Queries
The following flags specify what information to display about the
selected derivations. Multiple flags may be specified, in which case the
information is shown in the order given here. Note that the name of the
derivation is shown unless `--no-name` is specified.
- `--xml`\
Print the result in an XML representation suitable for automatic
processing by other tools. The root element is called `items`, which
contains a `item` element for each available or installed
derivation. The fields discussed below are all stored in attributes
of the `item` elements.
- `--json`\
Print the result in a JSON representation suitable for automatic
processing by other tools.
- `--prebuilt-only` / `-b`\
Show only derivations for which a substitute is registered, i.e.,
there is a pre-built binary available that can be downloaded in lieu
of building the derivation. Thus, this shows all packages that
probably can be installed quickly.
- `--status`; `-s`\
Print the *status* of the derivation. The status consists of three
characters. The first is `I` or `-`, indicating whether the
derivation is currently installed in the current generation of the
active profile. This is by definition the case for `--installed`,
but not for `--available`. The second is `P` or `-`, indicating
whether the derivation is present on the system. This indicates
whether installation of an available derivation will require the
derivation to be built. The third is `S` or `-`, indicating whether
a substitute is available for the derivation.
- `--attr-path`; `-P`\
Print the *attribute path* of the derivation, which can be used to
unambiguously select it using the `--attr` option available in
commands that install derivations like `nix-env --install`. This
option only works together with `--available`
- `--no-name`\
Suppress printing of the `name` attribute of each derivation.
- `--compare-versions` / `-c`\
Compare installed versions to available versions, or vice versa (if
`--available` is given). This is useful for quickly seeing whether
upgrades for installed packages are available in a Nix expression. A
column is added with the following meaning:
- `<` *version*\
A newer version of the package is available or installed.
- `=` *version*\
At most the same version of the package is available or
installed.
- `>` *version*\
Only older versions of the package are available or installed.
- `- ?`\
No version of the package is available or installed.
- `--system`\
Print the `system` attribute of the derivation.
- `--drv-path`\
Print the path of the [store derivation].
- `--out-path`\
Print the output path of the derivation.
- `--description`\
Print a short (one-line) description of the derivation, if
available. The description is taken from the `meta.description`
attribute of the derivation.
- `--meta`\
Print all of the meta-attributes of the derivation. This option is
only available with `--xml` or `--json`.
## Examples
To show installed packages:
```console
$ nix-env -q
bison-1.875c
docbook-xml-4.2
firefox-1.0.4
MPlayer-1.0pre7
ORBit2-2.8.3
```
To show available packages:
```console
$ nix-env -qa
firefox-1.0.7
GConf-2.4.0.1
MPlayer-1.0pre7
ORBit2-2.8.3
```
To show the status of available packages:
```console
$ nix-env -qas
-P- firefox-1.0.7 (not installed but present)
--S GConf-2.4.0.1 (not present, but there is a substitute for fast installation)
--S MPlayer-1.0pre3 (i.e., this is not the installed MPlayer, even though the version is the same!)
IP- ORBit2-2.8.3 (installed and by definition present)
```
To show available packages in the Nix expression `foo.nix`:
```console
$ nix-env -f ./foo.nix -qa
foo-1.2.3
```
To compare installed versions to whats available:
```console
$ nix-env -qc
...
acrobat-reader-7.0 - ? (package is not available at all)
autoconf-2.59 = 2.59 (same version)
firefox-1.0.4 < 1.0.7 (a more recent version is available)
...
```
To show all packages with “`zip`” in the name:
```console
$ nix-env -qa '.*zip.*'
bzip2-1.0.6
gzip-1.6
zip-3.0
```
To show all packages with “`firefox`” or “`chromium`” in the name:
```console
$ nix-env -qa '.*(firefox|chromium).*'
chromium-37.0.2062.94
chromium-beta-38.0.2125.24
firefox-32.0.3
firefox-with-plugins-13.0.1
```
To show all packages in the latest revision of the Nixpkgs repository:
```console
$ nix-env -f https://github.com/NixOS/nixpkgs/archive/master.tar.gz -qa
```
# Operation `--switch-profile`
## Synopsis
`nix-env` {`--switch-profile` | `-S`} *path*
## Description
This operation makes *path* the current profile for the user. That is,
the symlink `~/.nix-profile` is made to point to *path*.
## Examples
```console
$ nix-env -S ~/my-profile
```
# Operation `--list-generations`
## Synopsis
`nix-env` `--list-generations`
## Description
This operation print a list of all the currently existing generations
for the active profile. These may be switched to using the
`--switch-generation` operation. It also prints the creation date of the
generation, and indicates the current generation.
## Examples
```console
$ nix-env --list-generations
95 2004-02-06 11:48:24
96 2004-02-06 11:49:01
97 2004-02-06 16:22:45
98 2004-02-06 16:24:33 (current)
```
# Operation `--delete-generations`
## Synopsis
`nix-env` `--delete-generations` *generations*
## Description
This operation deletes the specified generations of the current profile.
The generations can be a list of generation numbers, the special value
`old` to delete all non-current generations, a value such as `30d` to
delete all generations older than the specified number of days (except
for the generation that was active at that point in time), or a value
such as `+5` to keep the last `5` generations ignoring any newer than
current, e.g., if `30` is the current generation `+5` will delete
generation `25` and all older generations. Periodically deleting old
generations is important to make garbage collection effective.
## Examples
```console
$ nix-env --delete-generations 3 4 8
```
```console
$ nix-env --delete-generations +5
```
```console
$ nix-env --delete-generations 30d
```
```console
$ nix-env -p other_profile --delete-generations old
```
# Operation `--switch-generation`
## Synopsis
`nix-env` {`--switch-generation` | `-G`} *generation*
## Description
This operation makes generation number *generation* the current
generation of the active profile. That is, if the `profile` is the path
to the active profile, then the symlink `profile` is made to point to
`profile-generation-link`, which is in turn a symlink to the actual user
environment in the Nix store.
Switching will fail if the specified generation does not exist.
## Examples
```console
$ nix-env -G 42
switching from generation 50 to 42
```
# Operation `--rollback`
## Synopsis
`nix-env` `--rollback`
## Description
This operation switches to the “previous” generation of the active
profile, that is, the highest numbered generation lower than the current
generation, if it exists. It is just a convenience wrapper around
`--list-generations` and `--switch-generation`.
## Examples
```console
$ nix-env --rollback
switching from generation 92 to 91
```
```console
$ nix-env --rollback
error: no generation older than the current (91) exists
```
# Environment variables
- `NIX_PROFILE`\
Location of the Nix profile. Defaults to the target of the symlink
`~/.nix-profile`, if it exists, or `/nix/var/nix/profiles/default`
otherwise.

46
doc/manual/src/command-ref/nix-env/delete-generations.md Normal file
View file

@ -0,0 +1,46 @@
# Name
`nix-env --delete-generations` - delete profile generations
# Synopsis
`nix-env` `--delete-generations` *generations*
# Description
This operation deletes the specified generations of the current profile.
The generations can be a list of generation numbers, the special value
`old` to delete all non-current generations, a value such as `30d` to
delete all generations older than the specified number of days (except
for the generation that was active at that point in time), or a value
such as `+5` to keep the last `5` generations ignoring any newer than
current, e.g., if `30` is the current generation `+5` will delete
generation `25` and all older generations. Periodically deleting old
generations is important to make garbage collection effective.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ./env-common.md}}
{{#include ../env-common.md}}
# Examples
```console
$ nix-env --delete-generations 3 4 8
```
```console
$ nix-env --delete-generations +5
```
```console
$ nix-env --delete-generations 30d
```
```console
$ nix-env -p other_profile --delete-generations old
```

6
doc/manual/src/command-ref/nix-env/env-common.md Normal file
View file

@ -0,0 +1,6 @@
# Environment variables
- `NIX_PROFILE`\
Location of the Nix profile. Defaults to the target of the symlink
`~/.nix-profile`, if it exists, or `/nix/var/nix/profiles/default`
otherwise.

187
doc/manual/src/command-ref/nix-env/install.md Normal file
View file

@ -0,0 +1,187 @@
# Name
`nix-env --install` - add packages to user environment
# Synopsis
`nix-env` {`--install` | `-i`} *args…*
[{`--prebuilt-only` | `-b`}]
[{`--attr` | `-A`}]
[`--from-expression`] [`-E`]
[`--from-profile` *path*]
[`--preserve-installed` | `-P`]
[`--remove-all` | `-r`]
# Description
The install operation creates a new user environment, based on the
current generation of the active profile, to which a set of store paths
described by *args* is added. The arguments *args* map to store paths in
a number of possible ways:
- By default, *args* is a set of derivation names denoting derivations
in the active Nix expression. These are realised, and the resulting
output paths are installed. Currently installed derivations with a
name equal to the name of a derivation being added are removed
unless the option `--preserve-installed` is specified.
If there are multiple derivations matching a name in *args* that
have the same name (e.g., `gcc-3.3.6` and `gcc-4.1.1`), then the
derivation with the highest *priority* is used. A derivation can
define a priority by declaring the `meta.priority` attribute. This
attribute should be a number, with a higher value denoting a lower
priority. The default priority is `0`.
If there are multiple matching derivations with the same priority,
then the derivation with the highest version will be installed.
You can force the installation of multiple derivations with the same
name by being specific about the versions. For instance, `nix-env -i
gcc-3.3.6 gcc-4.1.1` will install both version of GCC (and will
probably cause a user environment conflict\!).
- If `--attr` (`-A`) is specified, the arguments are *attribute
paths* that select attributes from the top-level Nix
expression. This is faster than using derivation names and
unambiguous. To find out the attribute paths of available
packages, use `nix-env -qaP`.
- If `--from-profile` *path* is given, *args* is a set of names
denoting installed store paths in the profile *path*. This is an
easy way to copy user environment elements from one profile to
another.
- If `--from-expression` is given, *args* are Nix
[functions](@docroot@/language/constructs.md#functions)
that are called with the active Nix expression as their single
argument. The derivations returned by those function calls are
installed. This allows derivations to be specified in an
unambiguous way, which is necessary if there are multiple
derivations with the same name.
- If *args* are [store derivations](@docroot@/glossary.md#gloss-store-derivation), then these are
[realised](@docroot@/command-ref/nix-store/realise.md), and the resulting output paths
are installed.
- If *args* are store paths that are not store derivations, then these
are [realised](@docroot@/command-ref/nix-store/realise.md) and installed.
- By default all outputs are installed for each derivation. That can
be reduced by setting `meta.outputsToInstall`.
# Flags
- `--prebuilt-only` / `-b`\
Use only derivations for which a substitute is registered, i.e.,
there is a pre-built binary available that can be downloaded in lieu
of building the derivation. Thus, no packages will be built from
source.
- `--preserve-installed` / `-P`\
Do not remove derivations with a name matching one of the
derivations being installed. Usually, trying to have two versions of
the same package installed in the same generation of a profile will
lead to an error in building the generation, due to file name
clashes between the two versions. However, this is not the case for
all packages.
- `--remove-all` / `-r`\
Remove all previously installed packages first. This is equivalent
to running `nix-env -e '.*'` first, except that everything happens
in a single transaction.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ./env-common.md}}
{{#include ../env-common.md}}
# Examples
To install a package using a specific attribute path from the active Nix expression:
```console
$ nix-env -iA gcc40mips
installing `gcc-4.0.2'
$ nix-env -iA xorg.xorgserver
installing `xorg-server-1.2.0'
```
To install a specific version of `gcc` using the derivation name:
```console
$ nix-env --install gcc-3.3.2
installing `gcc-3.3.2'
uninstalling `gcc-3.1'
```
Using attribute path for selecting a package is preferred,
as it is much faster and there will not be multiple matches.
Note the previously installed version is removed, since
`--preserve-installed` was not specified.
To install an arbitrary version:
```console
$ nix-env --install gcc
installing `gcc-3.3.2'
```
To install all derivations in the Nix expression `foo.nix`:
```console
$ nix-env -f ~/foo.nix -i '.*'
```
To copy the store path with symbolic name `gcc` from another profile:
```console
$ nix-env -i --from-profile /nix/var/nix/profiles/foo gcc
```
To install a specific [store derivation] (typically created by
`nix-instantiate`):
```console
$ nix-env -i /nix/store/fibjb1bfbpm5mrsxc4mh2d8n37sxh91i-gcc-3.4.3.drv
```
To install a specific output path:
```console
$ nix-env -i /nix/store/y3cgx0xj1p4iv9x0pnnmdhr8iyg741vk-gcc-3.4.3
```
To install from a Nix expression specified on the command-line:
```console
$ nix-env -f ./foo.nix -i -E \
'f: (f {system = "i686-linux";}).subversionWithJava'
```
I.e., this evaluates to `(f: (f {system =
"i686-linux";}).subversionWithJava) (import ./foo.nix)`, thus selecting
the `subversionWithJava` attribute from the set returned by calling the
function defined in `./foo.nix`.
A dry-run tells you which paths will be downloaded or built from source:
```console
$ nix-env -f '<nixpkgs>' -iA hello --dry-run
(dry run; not doing anything)
installing hello-2.10
this path will be fetched (0.04 MiB download, 0.19 MiB unpacked):
/nix/store/wkhdf9jinag5750mqlax6z2zbwhqb76n-hello-2.10
...
```
To install Firefox from the latest revision in the Nixpkgs/NixOS 14.12
channel:
```console
$ nix-env -f https://github.com/NixOS/nixpkgs/archive/nixos-14.12.tar.gz -iA firefox
```

33
doc/manual/src/command-ref/nix-env/list-generations.md Normal file
View file

@ -0,0 +1,33 @@
# Name
`nix-env --list-generations` - list profile generations
# Synopsis
`nix-env` `--list-generations`
# Description
This operation print a list of all the currently existing generations
for the active profile. These may be switched to using the
`--switch-generation` operation. It also prints the creation date of the
generation, and indicates the current generation.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ./env-common.md}}
{{#include ../env-common.md}}
# Examples
```console
$ nix-env --list-generations
95 2004-02-06 11:48:24
96 2004-02-06 11:49:01
97 2004-02-06 16:22:45
98 2004-02-06 16:24:33 (current)
```

35
doc/manual/src/command-ref/nix-env/opt-common.md Normal file
View file

@ -0,0 +1,35 @@
# Options
The following options are allowed for all `nix-env` operations, but may not always have an effect.
- `--file` / `-f` *path*\
Specifies the Nix expression (designated below as the *active Nix
expression*) used by the `--install`, `--upgrade`, and `--query
--available` operations to obtain derivations. The default is
`~/.nix-defexpr`.
If the argument starts with `http://` or `https://`, it is
interpreted as the URL of a tarball that will be downloaded and
unpacked to a temporary location. The tarball must include a single
top-level directory containing at least a file named `default.nix`.
- `--profile` / `-p` *path*\
Specifies the profile to be used by those operations that operate on
a profile (designated below as the *active profile*). A profile is a
sequence of user environments called *generations*, one of which is
the *current generation*.
- `--dry-run`\
For the `--install`, `--upgrade`, `--uninstall`,
`--switch-generation`, `--delete-generations` and `--rollback`
operations, this flag will cause `nix-env` to print what *would* be
done if this flag had not been specified, without actually doing it.
`--dry-run` also prints out which paths will be
[substituted](@docroot@/glossary.md) (i.e., downloaded) and which paths
will be built from source (because no substitute is available).
- `--system-filter` *system*\
By default, operations such as `--query
--available` show derivations matching any platform. This option
allows you to use derivations for the specified platform *system*.

215
doc/manual/src/command-ref/nix-env/query.md Normal file
View file

@ -0,0 +1,215 @@
# Name
`nix-env --query` - display information about packages
# Synopsis
`nix-env` {`--query` | `-q`} *names…*
[`--installed` | `--available` | `-a`]
[{`--status` | `-s`}]
[{`--attr-path` | `-P`}]
[`--no-name`]
[{`--compare-versions` | `-c`}]
[`--system`]
[`--drv-path`]
[`--out-path`]
[`--description`]
[`--meta`]
[`--xml`]
[`--json`]
[{`--prebuilt-only` | `-b`}]
[{`--attr` | `-A`} *attribute-path*]
# Description
The query operation displays information about either the store paths
that are installed in the current generation of the active profile
(`--installed`), or the derivations that are available for installation
in the active Nix expression (`--available`). It only prints information
about derivations whose symbolic name matches one of *names*.
The derivations are sorted by their `name` attributes.
# Source selection
The following flags specify the set of things on which the query
operates.
- `--installed`\
The query operates on the store paths that are installed in the
current generation of the active profile. This is the default.
- `--available`; `-a`\
The query operates on the derivations that are available in the
active Nix expression.
# Queries
The following flags specify what information to display about the
selected derivations. Multiple flags may be specified, in which case the
information is shown in the order given here. Note that the name of the
derivation is shown unless `--no-name` is specified.
- `--xml`\
Print the result in an XML representation suitable for automatic
processing by other tools. The root element is called `items`, which
contains a `item` element for each available or installed
derivation. The fields discussed below are all stored in attributes
of the `item` elements.
- `--json`\
Print the result in a JSON representation suitable for automatic
processing by other tools.
- `--prebuilt-only` / `-b`\
Show only derivations for which a substitute is registered, i.e.,
there is a pre-built binary available that can be downloaded in lieu
of building the derivation. Thus, this shows all packages that
probably can be installed quickly.
- `--status`; `-s`\
Print the *status* of the derivation. The status consists of three
characters. The first is `I` or `-`, indicating whether the
derivation is currently installed in the current generation of the
active profile. This is by definition the case for `--installed`,
but not for `--available`. The second is `P` or `-`, indicating
whether the derivation is present on the system. This indicates
whether installation of an available derivation will require the
derivation to be built. The third is `S` or `-`, indicating whether
a substitute is available for the derivation.
- `--attr-path`; `-P`\
Print the *attribute path* of the derivation, which can be used to
unambiguously select it using the `--attr` option available in
commands that install derivations like `nix-env --install`. This
option only works together with `--available`
- `--no-name`\
Suppress printing of the `name` attribute of each derivation.
- `--compare-versions` / `-c`\
Compare installed versions to available versions, or vice versa (if
`--available` is given). This is useful for quickly seeing whether
upgrades for installed packages are available in a Nix expression. A
column is added with the following meaning:
- `<` *version*\
A newer version of the package is available or installed.
- `=` *version*\
At most the same version of the package is available or
installed.
- `>` *version*\
Only older versions of the package are available or installed.
- `- ?`\
No version of the package is available or installed.
- `--system`\
Print the `system` attribute of the derivation.
- `--drv-path`\
Print the path of the [store derivation](@docroot@/glossary.md#gloss-store-derivation).
- `--out-path`\
Print the output path of the derivation.
- `--description`\
Print a short (one-line) description of the derivation, if
available. The description is taken from the `meta.description`
attribute of the derivation.
- `--meta`\
Print all of the meta-attributes of the derivation. This option is
only available with `--xml` or `--json`.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ./env-common.md}}
{{#include ../env-common.md}}
# Examples
To show installed packages:
```console
$ nix-env -q
bison-1.875c
docbook-xml-4.2
firefox-1.0.4
MPlayer-1.0pre7
ORBit2-2.8.3
```
To show available packages:
```console
$ nix-env -qa
firefox-1.0.7
GConf-2.4.0.1
MPlayer-1.0pre7
ORBit2-2.8.3
```
To show the status of available packages:
```console
$ nix-env -qas
-P- firefox-1.0.7 (not installed but present)
--S GConf-2.4.0.1 (not present, but there is a substitute for fast installation)
--S MPlayer-1.0pre3 (i.e., this is not the installed MPlayer, even though the version is the same!)
IP- ORBit2-2.8.3 (installed and by definition present)
```
To show available packages in the Nix expression `foo.nix`:
```console
$ nix-env -f ./foo.nix -qa
foo-1.2.3
```
To compare installed versions to whats available:
```console
$ nix-env -qc
...
acrobat-reader-7.0 - ? (package is not available at all)
autoconf-2.59 = 2.59 (same version)
firefox-1.0.4 < 1.0.7 (a more recent version is available)
...
```
To show all packages with “`zip`” in the name:
```console
$ nix-env -qa '.*zip.*'
bzip2-1.0.6
gzip-1.6
zip-3.0
```
To show all packages with “`firefox`” or “`chromium`” in the name:
```console
$ nix-env -qa '.*(firefox|chromium).*'
chromium-37.0.2062.94
chromium-beta-38.0.2125.24
firefox-32.0.3
firefox-with-plugins-13.0.1
```
To show all packages in the latest revision of the Nixpkgs repository:
```console
$ nix-env -f https://github.com/NixOS/nixpkgs/archive/master.tar.gz -qa
```

34
doc/manual/src/command-ref/nix-env/rollback.md Normal file
View file

@ -0,0 +1,34 @@
# Name
`nix-env --rollback` - set user environment to previous generation
# Synopsis
`nix-env` `--rollback`
# Description
This operation switches to the “previous” generation of the active
profile, that is, the highest numbered generation lower than the current
generation, if it exists. It is just a convenience wrapper around
`--list-generations` and `--switch-generation`.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ./env-common.md}}
{{#include ../env-common.md}}
# Examples
```console
$ nix-env --rollback
switching from generation 92 to 91
```
```console
$ nix-env --rollback
error: no generation older than the current (91) exists
```

82
doc/manual/src/command-ref/nix-env/set-flag.md Normal file
View file

@ -0,0 +1,82 @@
# Name
`nix-env --set-flag` - modify meta attributes of installed packages
# Synopsis
`nix-env` `--set-flag` *name* *value* *drvnames*
# Description
The `--set-flag` operation allows meta attributes of installed packages
to be modified. There are several attributes that can be usefully
modified, because they affect the behaviour of `nix-env` or the user
environment build script:
- `priority` can be changed to resolve filename clashes. The user
environment build script uses the `meta.priority` attribute of
derivations to resolve filename collisions between packages. Lower
priority values denote a higher priority. For instance, the GCC
wrapper package and the Binutils package in Nixpkgs both have a file
`bin/ld`, so previously if you tried to install both you would get a
collision. Now, on the other hand, the GCC wrapper declares a higher
priority than Binutils, so the formers `bin/ld` is symlinked in the
user environment.
- `keep` can be set to `true` to prevent the package from being
upgraded or replaced. This is useful if you want to hang on to an
older version of a package.
- `active` can be set to `false` to “disable” the package. That is, no
symlinks will be generated to the files of the package, but it
remains part of the profile (so it wont be garbage-collected). It
can be set back to `true` to re-enable the package.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
# Examples
To prevent the currently installed Firefox from being upgraded:
```console
$ nix-env --set-flag keep true firefox
```
After this, `nix-env -u` will ignore Firefox.
To disable the currently installed Firefox, then install a new Firefox
while the old remains part of the profile:
```console
$ nix-env -q
firefox-2.0.0.9 (the current one)
$ nix-env --preserve-installed -i firefox-2.0.0.11
installing `firefox-2.0.0.11'
building path(s) `/nix/store/myy0y59q3ig70dgq37jqwg1j0rsapzsl-user-environment'
collision between `/nix/store/...-firefox-2.0.0.11/bin/firefox'
and `/nix/store/...-firefox-2.0.0.9/bin/firefox'.
(i.e., cant have two active at the same time)
$ nix-env --set-flag active false firefox
setting flag on `firefox-2.0.0.9'
$ nix-env --preserve-installed -i firefox-2.0.0.11
installing `firefox-2.0.0.11'
$ nix-env -q
firefox-2.0.0.11 (the enabled one)
firefox-2.0.0.9 (the disabled one)
```
To make files from `binutils` take precedence over files from `gcc`:
```console
$ nix-env --set-flag priority 5 binutils
$ nix-env --set-flag priority 10 gcc
```

30
doc/manual/src/command-ref/nix-env/set.md Normal file
View file

@ -0,0 +1,30 @@
# Name
`nix-env --set` - set profile to contain a specified derivation
## Synopsis
`nix-env` `--set` *drvname*
## Description
The `--set` operation modifies the current generation of a profile so
that it contains exactly the specified derivation, and nothing else.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ./env-common.md}}
{{#include ../env-common.md}}
## Examples
The following updates a profile such that its current generation will
contain just Firefox:
```console
$ nix-env -p /nix/var/nix/profiles/browser --set firefox
```

33
doc/manual/src/command-ref/nix-env/switch-generation.md Normal file
View file

@ -0,0 +1,33 @@
# Name
`nix-env --switch-generation` - set user environment to given profile generation
# Synopsis
`nix-env` {`--switch-generation` | `-G`} *generation*
# Description
This operation makes generation number *generation* the current
generation of the active profile. That is, if the `profile` is the path
to the active profile, then the symlink `profile` is made to point to
`profile-generation-link`, which is in turn a symlink to the actual user
environment in the Nix store.
Switching will fail if the specified generation does not exist.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ./env-common.md}}
{{#include ../env-common.md}}
# Examples
```console
$ nix-env -G 42
switching from generation 50 to 42
```

26
doc/manual/src/command-ref/nix-env/switch-profile.md Normal file
View file

@ -0,0 +1,26 @@
# Name
`nix-env --switch-profile` - set user environment to given profile
# Synopsis
`nix-env` {`--switch-profile` | `-S`} *path*
# Description
This operation makes *path* the current profile for the user. That is,
the symlink `~/.nix-profile` is made to point to *path*.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ./env-common.md}}
{{#include ../env-common.md}}
# Examples
```console
$ nix-env -S ~/my-profile
```

28
doc/manual/src/command-ref/nix-env/uninstall.md Normal file
View file

@ -0,0 +1,28 @@
# Name
`nix-env --uninstall` - remove packages from user environment
# Synopsis
`nix-env` {`--uninstall` | `-e`} *drvnames…*
# Description
The uninstall operation creates a new user environment, based on the
current generation of the active profile, from which the store paths
designated by the symbolic names *drvnames* are removed.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ./env-common.md}}
{{#include ../env-common.md}}
# Examples
```console
$ nix-env --uninstall gcc
$ nix-env -e '.*' (remove everything)
```

141
doc/manual/src/command-ref/nix-env/upgrade.md Normal file
View file

@ -0,0 +1,141 @@
# Name
`nix-env --upgrade` - upgrade packages in user environment
# Synopsis
`nix-env` {`--upgrade` | `-u`} *args*
[`--lt` | `--leq` | `--eq` | `--always`]
[{`--prebuilt-only` | `-b`}]
[{`--attr` | `-A`}]
[`--from-expression`] [`-E`]
[`--from-profile` *path*]
[`--preserve-installed` | `-P`]
# Description
The upgrade operation creates a new user environment, based on the
current generation of the active profile, in which all store paths are
replaced for which there are newer versions in the set of paths
described by *args*. Paths for which there are no newer versions are
left untouched; this is not an error. It is also not an error if an
element of *args* matches no installed derivations.
For a description of how *args* is mapped to a set of store paths, see
[`--install`](#operation---install). If *args* describes multiple
store paths with the same symbolic name, only the one with the highest
version is installed.
# Flags
- `--lt`\
Only upgrade a derivation to newer versions. This is the default.
- `--leq`\
In addition to upgrading to newer versions, also “upgrade” to
derivations that have the same version. Version are not a unique
identification of a derivation, so there may be many derivations
that have the same version. This flag may be useful to force
“synchronisation” between the installed and available derivations.
- `--eq`\
*Only* “upgrade” to derivations that have the same version. This may
not seem very useful, but it actually is, e.g., when there is a new
release of Nixpkgs and you want to replace installed applications
with the same versions built against newer dependencies (to reduce
the number of dependencies floating around on your system).
- `--always`\
In addition to upgrading to newer versions, also “upgrade” to
derivations that have the same or a lower version. I.e., derivations
may actually be downgraded depending on what is available in the
active Nix expression.
- `--prebuilt-only` / `-b`\
Use only derivations for which a substitute is registered, i.e.,
there is a pre-built binary available that can be downloaded in lieu
of building the derivation. Thus, no packages will be built from
source.
- `--preserve-installed` / `-P`\
Do not remove derivations with a name matching one of the
derivations being installed. Usually, trying to have two versions of
the same package installed in the same generation of a profile will
lead to an error in building the generation, due to file name
clashes between the two versions. However, this is not the case for
all packages.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ./env-common.md}}
{{#include ../env-common.md}}
# Examples
```console
$ nix-env --upgrade -A nixpkgs.gcc
upgrading `gcc-3.3.1' to `gcc-3.4'
```
When there are no updates available, nothing will happen:
```console
$ nix-env --upgrade -A nixpkgs.pan
```
Using `-A` is preferred when possible, as it is faster and unambiguous but
it is also possible to upgrade to a specific version by matching the derivation name:
```console
$ nix-env -u gcc-3.3.2 --always
upgrading `gcc-3.4' to `gcc-3.3.2'
```
To try to upgrade everything
(matching packages based on the part of the derivation name without version):
```console
$ nix-env -u
upgrading `hello-2.1.2' to `hello-2.1.3'
upgrading `mozilla-1.2' to `mozilla-1.4'
```
# Versions
The upgrade operation determines whether a derivation `y` is an upgrade
of a derivation `x` by looking at their respective `name` attributes.
The names (e.g., `gcc-3.3.1` are split into two parts: the package name
(`gcc`), and the version (`3.3.1`). The version part starts after the
first dash not followed by a letter. `y` is considered an upgrade of `x`
if their package names match, and the version of `y` is higher than that
of `x`.
The versions are compared by splitting them into contiguous components
of numbers and letters. E.g., `3.3.1pre5` is split into `[3, 3, 1,
"pre", 5]`. These lists are then compared lexicographically (from left
to right). Corresponding components `a` and `b` are compared as follows.
If they are both numbers, integer comparison is used. If `a` is an empty
string and `b` is a number, `a` is considered less than `b`. The special
string component `pre` (for *pre-release*) is considered to be less than
other components. String components are considered less than number
components. Otherwise, they are compared lexicographically (i.e., using
case-sensitive string comparison).
This is illustrated by the following examples:
1.0 < 2.3
2.1 < 2.3
2.3 = 2.3
2.5 > 2.3
3.1 > 2.3
2.3.1 > 2.3
2.3.1 > 2.3a
2.3pre1 < 2.3
2.3pre3 < 2.3pre12
2.3a < 2.3c
2.3pre1 < 2.3c
2.3pre1 < 2.3q

46
doc/manual/src/command-ref/nix-hash.md
View file

@ -6,9 +6,7 @@
`nix-hash` [`--flat`] [`--base32`] [`--truncate`] [`--type` *hashAlgo*] *path…* `nix-hash` [`--flat`] [`--base32`] [`--truncate`] [`--type` *hashAlgo*] *path…*
`nix-hash` `--to-base16` *hash…* `nix-hash` [`--to-base16`|`--to-base32`|`--to-base64`|`--to-sri`] [`--type` *hashAlgo*] *hash…*
`nix-hash` `--to-base32` *hash…*
# Description # Description
@ -23,7 +21,7 @@ The hash is computed over a *serialisation* of each path: a dump of
the file system tree rooted at the path. This allows directories and the file system tree rooted at the path. This allows directories and
symlinks to be hashed as well as regular files. The dump is in the symlinks to be hashed as well as regular files. The dump is in the
*NAR format* produced by [`nix-store *NAR format* produced by [`nix-store
--dump`](nix-store.md#operation---dump). Thus, `nix-hash path` --dump`](@docroot@/command-ref/nix-store/dump.md). Thus, `nix-hash path`
yields the same cryptographic hash as `nix-store --dump path | yields the same cryptographic hash as `nix-store --dump path |
md5sum`. md5sum`.
@ -35,11 +33,23 @@ md5sum`.
The result is identical to that produced by the GNU commands The result is identical to that produced by the GNU commands
`md5sum` and `sha1sum`. `md5sum` and `sha1sum`.
- `--base16`\
Print the hash in a hexadecimal representation (default).
- `--base32`\ - `--base32`\
Print the hash in a base-32 representation rather than hexadecimal. Print the hash in a base-32 representation rather than hexadecimal.
This base-32 representation is more compact and can be used in Nix This base-32 representation is more compact and can be used in Nix
expressions (such as in calls to `fetchurl`). expressions (such as in calls to `fetchurl`).
- `--base64`\
Similar to --base32, but print the hash in a base-64 representation,
which is more compact than the base-32 one.
- `--sri`\
Print the hash in SRI format with base-64 encoding.
The type of hash algorithm will be prepended to the hash string,
followed by a hyphen (-) and the base-64 hash body.
- `--truncate`\ - `--truncate`\
Truncate hashes longer than 160 bits (such as SHA-256) to 160 bits. Truncate hashes longer than 160 bits (such as SHA-256) to 160 bits.
@ -55,6 +65,14 @@ md5sum`.
Dont hash anything, but convert the hexadecimal hash representation Dont hash anything, but convert the hexadecimal hash representation
*hash* to base-32. *hash* to base-32.
- `--to-base64`\
Dont hash anything, but convert the hexadecimal hash representation
*hash* to base-64.
- `--to-sri`\
Dont hash anything, but convert the hexadecimal hash representation
*hash* to SRI.
# Examples # Examples
Computing the same hash as `nix-prefetch-url`: Computing the same hash as `nix-prefetch-url`:
@ -81,9 +99,18 @@ $ nix-store --dump test/ | md5sum (for comparison)
$ nix-hash --type sha1 test/ $ nix-hash --type sha1 test/
e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6 e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6
$ nix-hash --type sha1 --base16 test/
e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6
$ nix-hash --type sha1 --base32 test/ $ nix-hash --type sha1 --base32 test/
nvd61k9nalji1zl9rrdfmsmvyyjqpzg4 nvd61k9nalji1zl9rrdfmsmvyyjqpzg4
$ nix-hash --type sha1 --base64 test/
5P2Lpfe76upazon+ECVVNs1g2rY=
$ nix-hash --type sha1 --sri test/
sha1-5P2Lpfe76upazon+ECVVNs1g2rY=
$ nix-hash --type sha256 --flat test/ $ nix-hash --type sha256 --flat test/
error: reading file `test/': Is a directory error: reading file `test/': Is a directory
@ -91,7 +118,7 @@ $ nix-hash --type sha256 --flat test/world
5891b5b522d5df086d0ff0b110fbd9d21bb4fc7163af34d08286a2e846f6be03 5891b5b522d5df086d0ff0b110fbd9d21bb4fc7163af34d08286a2e846f6be03
``` ```
Converting between hexadecimal and base-32: Converting between hexadecimal, base-32, base-64, and SRI:
```console ```console
$ nix-hash --type sha1 --to-base32 e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6 $ nix-hash --type sha1 --to-base32 e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6
@ -99,4 +126,13 @@ nvd61k9nalji1zl9rrdfmsmvyyjqpzg4
$ nix-hash --type sha1 --to-base16 nvd61k9nalji1zl9rrdfmsmvyyjqpzg4 $ nix-hash --type sha1 --to-base16 nvd61k9nalji1zl9rrdfmsmvyyjqpzg4
e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6 e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6
$ nix-hash --type sha1 --to-base64 e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6
5P2Lpfe76upazon+ECVVNs1g2rY=
$ nix-hash --type sha1 --to-sri nvd61k9nalji1zl9rrdfmsmvyyjqpzg4
sha1-5P2Lpfe76upazon+ECVVNs1g2rY=
$ nix-hash --to-base16 sha1-5P2Lpfe76upazon+ECVVNs1g2rY=
e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6
``` ```

4
doc/manual/src/command-ref/nix-instantiate.md
View file

@ -76,7 +76,9 @@ standard input.
this option is not enabled, there may be uninstantiated store paths this option is not enabled, there may be uninstantiated store paths
in the final output. in the final output.
<!-- end list --> {{#include ./opt-common.md}}
{{#include ./env-common.md}}
# Examples # Examples

7
doc/manual/src/command-ref/nix-shell.md
View file

@ -101,7 +101,7 @@ All options not listed here are passed to `nix-store
When a `--pure` shell is started, keep the listed environment When a `--pure` shell is started, keep the listed environment
variables. variables.
The following common options are supported: {{#include ./opt-common.md}}
# Environment variables # Environment variables
@ -110,6 +110,8 @@ The following common options are supported:
`bash` found in `<nixpkgs>`, falling back to the `bash` found in `bash` found in `<nixpkgs>`, falling back to the `bash` found in
`PATH` if not found. `PATH` if not found.
{{#include ./env-common.md}}
# Examples # Examples
To build the dependencies of the package Pan, and start an interactive To build the dependencies of the package Pan, and start an interactive
@ -118,7 +120,8 @@ shell in which to build it:
```console ```console
$ nix-shell '<nixpkgs>' -A pan $ nix-shell '<nixpkgs>' -A pan
[nix-shell]$ eval ${unpackPhase:-unpackPhase} [nix-shell]$ eval ${unpackPhase:-unpackPhase}
[nix-shell]$ cd pan-* [nix-shell]$ cd $sourceRoot
[nix-shell]$ eval ${patchPhase:-patchPhase}
[nix-shell]$ eval ${configurePhase:-configurePhase} [nix-shell]$ eval ${configurePhase:-configurePhase}
[nix-shell]$ eval ${buildPhase:-buildPhase} [nix-shell]$ eval ${buildPhase:-buildPhase}
[nix-shell]$ ./pan/gui/pan [nix-shell]$ ./pan/gui/pan

862
doc/manual/src/command-ref/nix-store.md
View file

@ -13,833 +13,35 @@
The command `nix-store` performs primitive operations on the Nix store. The command `nix-store` performs primitive operations on the Nix store.
You generally do not need to run this command manually. You generally do not need to run this command manually.
`nix-store` takes exactly one *operation* flag which indicates the `nix-store` takes exactly one *operation* flag which indicates the subcommand to be performed. The following operations are available:
subcommand to be performed. These are documented below.
- [`--realise`](./nix-store/realise.md)
# Common options - [`--serve`](./nix-store/serve.md)
- [`--gc`](./nix-store/gc.md)
This section lists the options that are common to all operations. These - [`--delete`](./nix-store/delete.md)
options are allowed for every subcommand, though they may not always - [`--query`](./nix-store/query.md)
have an effect. - [`--add`](./nix-store/add.md)
- [`--add-fixed`](./nix-store/add-fixed.md)
- <span id="opt-add-root">[`--add-root`](#opt-add-root)</span> *path* - [`--verify`](./nix-store/verify.md)
- [`--verify-path`](./nix-store/verify-path.md)
Causes the result of a realisation (`--realise` and - [`--repair-path`](./nix-store/repair-path.md)
`--force-realise`) to be registered as a root of the garbage - [`--dump`](./nix-store/dump.md)
collector. *path* will be created as a symlink to the resulting - [`--restore`](./nix-store/restore.md)
store path. In addition, a uniquely named symlink to *path* will - [`--export`](./nix-store/export.md)
be created in `/nix/var/nix/gcroots/auto/`. For instance, - [`--import`](./nix-store/import.md)
- [`--optimise`](./nix-store/optimise.md)
```console - [`--read-log`](./nix-store/read-log.md)
$ nix-store --add-root /home/eelco/bla/result -r ... - [`--dump-db`](./nix-store/dump-db.md)
- [`--load-db`](./nix-store/load-db.md)
$ ls -l /nix/var/nix/gcroots/auto - [`--print-env`](./nix-store/print-env.md)
lrwxrwxrwx 1 ... 2005-03-13 21:10 dn54lcypm8f8... -> /home/eelco/bla/result - [`--generate-binary-cache-key`](./nix-store/generate-binary-cache-key.md)
$ ls -l /home/eelco/bla/result These pages can be viewed offline:
lrwxrwxrwx 1 ... 2005-03-13 21:10 /home/eelco/bla/result -> /nix/store/1r11343n6qd4...-f-spot-0.0.10
``` - `man nix-store-<operation>`.
Thus, when `/home/eelco/bla/result` is removed, the GC root in the Example: `man nix-store-realise`
`auto` directory becomes a dangling symlink and will be ignored by
the collector. - `nix-store --help --<operation>`
> **Warning** Example: `nix-store --help --realise`
>
> Note that it is not possible to move or rename GC roots, since
> the symlink in the `auto` directory will still point to the old
> location.
If there are multiple results, then multiple symlinks will be
created by sequentially numbering symlinks beyond the first one
(e.g., `foo`, `foo-2`, `foo-3`, and so on).
# Operation `--realise`
## Synopsis
`nix-store` {`--realise` | `-r`} *paths…* [`--dry-run`]
## Description
The operation `--realise` essentially “builds” the specified store
paths. Realisation is a somewhat overloaded term:
- If the store path is a *derivation*, realisation ensures that the
output paths of the derivation are [valid] (i.e.,
the output path and its closure exist in the file system). This
can be done in several ways. First, it is possible that the
outputs are already valid, in which case we are done
immediately. Otherwise, there may be [substitutes]
that produce the outputs (e.g., by downloading them). Finally, the
outputs can be produced by running the build task described
by the derivation.
- If the store path is not a derivation, realisation ensures that the
specified path is valid (i.e., it and its closure exist in the file
system). If the path is already valid, we are done immediately.
Otherwise, the path and any missing paths in its closure may be
produced through substitutes. If there are no (successful)
substitutes, realisation fails.
[valid]: ../glossary.md#gloss-validity
[substitutes]: ../glossary.md#gloss-substitute
The output path of each derivation is printed on standard output. (For
non-derivations argument, the argument itself is printed.)
The following flags are available:
- `--dry-run`\
Print on standard error a description of what packages would be
built or downloaded, without actually performing the operation.
- `--ignore-unknown`\
If a non-derivation path does not have a substitute, then silently
ignore it.
- `--check`\
This option allows you to check whether a derivation is
deterministic. It rebuilds the specified derivation and checks
whether the result is bitwise-identical with the existing outputs,
printing an error if thats not the case. The outputs of the
specified derivation must already exist. When used with `-K`, if an
output path is not identical to the corresponding output from the
previous build, the new output path is left in
`/nix/store/name.check.`
Special exit codes:
- `100`\
Generic build failure, the builder process returned with a non-zero
exit code.
- `101`\
Build timeout, the build was aborted because it did not complete
within the specified `timeout`.
- `102`\
Hash mismatch, the build output was rejected because it does not
match the [`outputHash` attribute of the
derivation](../language/advanced-attributes.md).
- `104`\
Not deterministic, the build succeeded in check mode but the
resulting output is not binary reproducible.
With the `--keep-going` flag it's possible for multiple failures to
occur, in this case the 1xx status codes are or combined using binary
or.
1100100
^^^^
|||`- timeout
||`-- output hash mismatch
|`--- build failure
`---- not deterministic
## Examples
This operation is typically used to build [store derivation]s produced by
[`nix-instantiate`](./nix-instantiate.md):
[store derivation]: ../glossary.md#gloss-store-derivation
```console
$ nix-store -r $(nix-instantiate ./test.nix)
/nix/store/31axcgrlbfsxzmfff1gyj1bf62hvkby2-aterm-2.3.1
```
This is essentially what [`nix-build`](nix-build.md) does.
To test whether a previously-built derivation is deterministic:
```console
$ nix-build '<nixpkgs>' -A hello --check -K
```
Use [`--read-log`](#operation---read-log) to show the stderr and stdout of a build:
```console
$ nix-store --read-log $(nix-instantiate ./test.nix)
```
# Operation `--serve`
## Synopsis
`nix-store` `--serve` [`--write`]
## Description
The operation `--serve` provides access to the Nix store over stdin and
stdout, and is intended to be used as a means of providing Nix store
access to a restricted ssh user.
The following flags are available:
- `--write`\
Allow the connected client to request the realization of
derivations. In effect, this can be used to make the host act as a
remote builder.
## Examples
To turn a host into a build server, the `authorized_keys` file can be
used to provide build access to a given SSH public key:
```console
$ cat <<EOF >>/root/.ssh/authorized_keys
command="nice -n20 nix-store --serve --write" ssh-rsa AAAAB3NzaC1yc2EAAAA...
EOF
```
# Operation `--gc`
## Synopsis
`nix-store` `--gc` [`--print-roots` | `--print-live` | `--print-dead`] [`--max-freed` *bytes*]
## Description
Without additional flags, the operation `--gc` performs a garbage
collection on the Nix store. That is, all paths in the Nix store not
reachable via file system references from a set of “roots”, are deleted.
The following suboperations may be specified:
- `--print-roots`\
This operation prints on standard output the set of roots used by
the garbage collector.
- `--print-live`\
This operation prints on standard output the set of “live” store
paths, which are all the store paths reachable from the roots. Live
paths should never be deleted, since that would break consistency —
it would become possible that applications are installed that
reference things that are no longer present in the store.
- `--print-dead`\
This operation prints out on standard output the set of “dead” store
paths, which is just the opposite of the set of live paths: any path
in the store that is not live (with respect to the roots) is dead.
By default, all unreachable paths are deleted. The following options
control what gets deleted and in what order:
- `--max-freed` *bytes*\
Keep deleting paths until at least *bytes* bytes have been deleted,
then stop. The argument *bytes* can be followed by the
multiplicative suffix `K`, `M`, `G` or `T`, denoting KiB, MiB, GiB
or TiB units.
The behaviour of the collector is also influenced by the
`keep-outputs` and `keep-derivations` settings in the Nix
configuration file.
By default, the collector prints the total number of freed bytes when it
finishes (or when it is interrupted). With `--print-dead`, it prints the
number of bytes that would be freed.
## Examples
To delete all unreachable paths, just do:
```console
$ nix-store --gc
deleting `/nix/store/kq82idx6g0nyzsp2s14gfsc38npai7lf-cairo-1.0.4.tar.gz.drv'
...
8825586 bytes freed (8.42 MiB)
```
To delete at least 100 MiBs of unreachable paths:
```console
$ nix-store --gc --max-freed $((100 * 1024 * 1024))
```
# Operation `--delete`
## Synopsis
`nix-store` `--delete` [`--ignore-liveness`] *paths…*
## Description
The operation `--delete` deletes the store paths *paths* from the Nix
store, but only if it is safe to do so; that is, when the path is not
reachable from a root of the garbage collector. This means that you can
only delete paths that would also be deleted by `nix-store --gc`. Thus,
`--delete` is a more targeted version of `--gc`.
With the option `--ignore-liveness`, reachability from the roots is
ignored. However, the path still wont be deleted if there are other
paths in the store that refer to it (i.e., depend on it).
## Example
```console
$ nix-store --delete /nix/store/zq0h41l75vlb4z45kzgjjmsjxvcv1qk7-mesa-6.4
0 bytes freed (0.00 MiB)
error: cannot delete path `/nix/store/zq0h41l75vlb4z45kzgjjmsjxvcv1qk7-mesa-6.4' since it is still alive
```
# Operation `--query`
## Synopsis
`nix-store` {`--query` | `-q`}
{`--outputs` | `--requisites` | `-R` | `--references` |
`--referrers` | `--referrers-closure` | `--deriver` | `-d` |
`--graph` | `--tree` | `--binding` *name* | `-b` *name* | `--hash` |
`--size` | `--roots`}
[`--use-output`] [`-u`] [`--force-realise`] [`-f`]
*paths…*
## Description
The operation `--query` displays information about [store path]s.
The queries are described below. At most one query can be
specified. The default query is `--outputs`.
The paths *paths* may also be symlinks from outside of the Nix store, to
the Nix store. In that case, the query is applied to the target of the
symlink.
## Common query options
- `--use-output`; `-u`\
For each argument to the query that is a [store derivation], apply the
query to the output path of the derivation instead.
- `--force-realise`; `-f`\
Realise each argument to the query first (see [`nix-store
--realise`](#operation---realise)).
## Queries
- `--outputs`\
Prints out the [output path]s of the store
derivations *paths*. These are the paths that will be produced when
the derivation is built.
- `--requisites`; `-R`\
Prints out the [closure] of the given *paths*.
This query has one option:
- `--include-outputs`
Also include the existing output paths of [store derivation]s,
and their closures.
This query can be used to implement various kinds of deployment. A
*source deployment* is obtained by distributing the closure of a
store derivation. A *binary deployment* is obtained by distributing
the closure of an output path. A *cache deployment* (combined
source/binary deployment, including binaries of build-time-only
dependencies) is obtained by distributing the closure of a store
derivation and specifying the option `--include-outputs`.
- `--references`\
Prints the set of [references]s of the store paths
*paths*, that is, their immediate dependencies. (For *all*
dependencies, use `--requisites`.)
[reference]: ../glossary.md#gloss-reference
- `--referrers`\
Prints the set of *referrers* of the store paths *paths*, that is,
the store paths currently existing in the Nix store that refer to
one of *paths*. Note that contrary to the references, the set of
referrers is not constant; it can change as store paths are added or
removed.
- `--referrers-closure`\
Prints the closure of the set of store paths *paths* under the
referrers relation; that is, all store paths that directly or
indirectly refer to one of *paths*. These are all the path currently
in the Nix store that are dependent on *paths*.
- `--deriver`; `-d`\
Prints the [deriver] of the store paths *paths*. If
the path has no deriver (e.g., if it is a source file), or if the
deriver is not known (e.g., in the case of a binary-only
deployment), the string `unknown-deriver` is printed.
[deriver]: ../glossary.md#gloss-deriver
- `--graph`\
Prints the references graph of the store paths *paths* in the format
of the `dot` tool of AT\&T's [Graphviz
package](http://www.graphviz.org/). This can be used to visualise
dependency graphs. To obtain a build-time dependency graph, apply
this to a store derivation. To obtain a runtime dependency graph,
apply it to an output path.
- `--tree`\
Prints the references graph of the store paths *paths* as a nested
ASCII tree. References are ordered by descending closure size; this
tends to flatten the tree, making it more readable. The query only
recurses into a store path when it is first encountered; this
prevents a blowup of the tree representation of the graph.
- `--graphml`\
Prints the references graph of the store paths *paths* in the
[GraphML](http://graphml.graphdrawing.org/) file format. This can be
used to visualise dependency graphs. To obtain a build-time
dependency graph, apply this to a [store derivation]. To obtain a
runtime dependency graph, apply it to an output path.
- `--binding` *name*; `-b` *name*\
Prints the value of the attribute *name* (i.e., environment
variable) of the [store derivation]s *paths*. It is an error for a
derivation to not have the specified attribute.
- `--hash`\
Prints the SHA-256 hash of the contents of the store paths *paths*
(that is, the hash of the output of `nix-store --dump` on the given
paths). Since the hash is stored in the Nix database, this is a fast
operation.
- `--size`\
Prints the size in bytes of the contents of the store paths *paths*
— to be precise, the size of the output of `nix-store --dump` on
the given paths. Note that the actual disk space required by the
store paths may be higher, especially on filesystems with large
cluster sizes.
- `--roots`\
Prints the garbage collector roots that point, directly or
indirectly, at the store paths *paths*.
## Examples
Print the closure (runtime dependencies) of the `svn` program in the
current user environment:
```console
$ nix-store -qR $(which svn)
/nix/store/5mbglq5ldqld8sj57273aljwkfvj22mc-subversion-1.1.4
/nix/store/9lz9yc6zgmc0vlqmn2ipcpkjlmbi51vv-glibc-2.3.4
...
```
Print the build-time dependencies of `svn`:
```console
$ nix-store -qR $(nix-store -qd $(which svn))
/nix/store/02iizgn86m42q905rddvg4ja975bk2i4-grep-2.5.1.tar.bz2.drv
/nix/store/07a2bzxmzwz5hp58nf03pahrv2ygwgs3-gcc-wrapper.sh
/nix/store/0ma7c9wsbaxahwwl04gbw3fcd806ski4-glibc-2.3.4.drv
... lots of other paths ...
```
The difference with the previous example is that we ask the closure of
the derivation (`-qd`), not the closure of the output path that contains
`svn`.
Show the build-time dependencies as a tree:
```console
$ nix-store -q --tree $(nix-store -qd $(which svn))
/nix/store/7i5082kfb6yjbqdbiwdhhza0am2xvh6c-subversion-1.1.4.drv
+---/nix/store/d8afh10z72n8l1cr5w42366abiblgn54-builder.sh
+---/nix/store/fmzxmpjx2lh849ph0l36snfj9zdibw67-bash-3.0.drv
| +---/nix/store/570hmhmx3v57605cqg9yfvvyh0nnb8k8-bash
| +---/nix/store/p3srsbd8dx44v2pg6nbnszab5mcwx03v-builder.sh
...
```
Show all paths that depend on the same OpenSSL library as `svn`:
```console
$ nix-store -q --referrers $(nix-store -q --binding openssl $(nix-store -qd $(which svn)))
/nix/store/23ny9l9wixx21632y2wi4p585qhva1q8-sylpheed-1.0.0
/nix/store/5mbglq5ldqld8sj57273aljwkfvj22mc-subversion-1.1.4
/nix/store/dpmvp969yhdqs7lm2r1a3gng7pyq6vy4-subversion-1.1.3
/nix/store/l51240xqsgg8a7yrbqdx1rfzyv6l26fx-lynx-2.8.5
```
Show all paths that directly or indirectly depend on the Glibc (C
library) used by `svn`:
```console
$ nix-store -q --referrers-closure $(ldd $(which svn) | grep /libc.so | awk '{print $3}')
/nix/store/034a6h4vpz9kds5r6kzb9lhh81mscw43-libgnomeprintui-2.8.2
/nix/store/15l3yi0d45prm7a82pcrknxdh6nzmxza-gawk-3.1.4
...
```
Note that `ldd` is a command that prints out the dynamic libraries used
by an ELF executable.
Make a picture of the runtime dependency graph of the current user
environment:
```console
$ nix-store -q --graph ~/.nix-profile | dot -Tps > graph.ps
$ gv graph.ps
```
Show every garbage collector root that points to a store path that
depends on `svn`:
```console
$ nix-store -q --roots $(which svn)
/nix/var/nix/profiles/default-81-link
/nix/var/nix/profiles/default-82-link
/nix/var/nix/profiles/per-user/eelco/profile-97-link
```
# Operation `--add`
## Synopsis
`nix-store` `--add` *paths…*
## Description
The operation `--add` adds the specified paths to the Nix store. It
prints the resulting paths in the Nix store on standard output.
## Example
```console
$ nix-store --add ./foo.c
/nix/store/m7lrha58ph6rcnv109yzx1nk1cj7k7zf-foo.c
```
# Operation `--add-fixed`
## Synopsis
`nix-store` `--add-fixed` [`--recursive`] *algorithm* *paths…*
## Description
The operation `--add-fixed` adds the specified paths to the Nix store.
Unlike `--add` paths are registered using the specified hashing
algorithm, resulting in the same output path as a fixed-output
derivation. This can be used for sources that are not available from a
public url or broke since the download expression was written.
This operation has the following options:
- `--recursive`\
Use recursive instead of flat hashing mode, used when adding
directories to the store.
## Example
```console
$ nix-store --add-fixed sha256 ./hello-2.10.tar.gz
/nix/store/3x7dwzq014bblazs7kq20p9hyzz0qh8g-hello-2.10.tar.gz
```
# Operation `--verify`
## Synopsis
`nix-store` `--verify` [`--check-contents`] [`--repair`]
## Description
The operation `--verify` verifies the internal consistency of the Nix
database, and the consistency between the Nix database and the Nix
store. Any inconsistencies encountered are automatically repaired.
Inconsistencies are generally the result of the Nix store or database
being modified by non-Nix tools, or of bugs in Nix itself.
This operation has the following options:
- `--check-contents`\
Checks that the contents of every valid store path has not been
altered by computing a SHA-256 hash of the contents and comparing it
with the hash stored in the Nix database at build time. Paths that
have been modified are printed out. For large stores,
`--check-contents` is obviously quite slow.
- `--repair`\
If any valid path is missing from the store, or (if
`--check-contents` is given) the contents of a valid path has been
modified, then try to repair the path by redownloading it. See
`nix-store --repair-path` for details.
# Operation `--verify-path`
## Synopsis
`nix-store` `--verify-path` *paths…*
## Description
The operation `--verify-path` compares the contents of the given store
paths to their cryptographic hashes stored in Nixs database. For every
changed path, it prints a warning message. The exit status is 0 if no
path has changed, and 1 otherwise.
## Example
To verify the integrity of the `svn` command and all its dependencies:
```console
$ nix-store --verify-path $(nix-store -qR $(which svn))
```
# Operation `--repair-path`
## Synopsis
`nix-store` `--repair-path` *paths…*
## Description
The operation `--repair-path` attempts to “repair” the specified paths
by redownloading them using the available substituters. If no
substitutes are available, then repair is not possible.
> **Warning**
>
> During repair, there is a very small time window during which the old
> path (if it exists) is moved out of the way and replaced with the new
> path. If repair is interrupted in between, then the system may be left
> in a broken state (e.g., if the path contains a critical system
> component like the GNU C Library).
## Example
```console
$ nix-store --verify-path /nix/store/dj7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13
path `/nix/store/dj7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13' was modified!
expected hash `2db57715ae90b7e31ff1f2ecb8c12ec1cc43da920efcbe3b22763f36a1861588',
got `481c5aa5483ebc97c20457bb8bca24deea56550d3985cda0027f67fe54b808e4'
$ nix-store --repair-path /nix/store/dj7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13
fetching path `/nix/store/d7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13'...
```
# Operation `--dump`
## Synopsis
`nix-store` `--dump` *path*
## Description
The operation `--dump` produces a NAR (Nix ARchive) file containing the
contents of the file system tree rooted at *path*. The archive is
written to standard output.
A NAR archive is like a TAR or Zip archive, but it contains only the
information that Nix considers important. For instance, timestamps are
elided because all files in the Nix store have their timestamp set to 1
anyway. Likewise, all permissions are left out except for the execute
bit, because all files in the Nix store have 444 or 555 permission.
Also, a NAR archive is *canonical*, meaning that “equal” paths always
produce the same NAR archive. For instance, directory entries are
always sorted so that the actual on-disk order doesnt influence the
result. This means that the cryptographic hash of a NAR dump of a
path is usable as a fingerprint of the contents of the path. Indeed,
the hashes of store paths stored in Nixs database (see `nix-store -q
--hash`) are SHA-256 hashes of the NAR dump of each store path.
NAR archives support filenames of unlimited length and 64-bit file
sizes. They can contain regular files, directories, and symbolic links,
but not other types of files (such as device nodes).
A Nix archive can be unpacked using `nix-store
--restore`.
# Operation `--restore`
## Synopsis
`nix-store` `--restore` *path*
## Description
The operation `--restore` unpacks a NAR archive to *path*, which must
not already exist. The archive is read from standard input.
# Operation `--export`
## Synopsis
`nix-store` `--export` *paths…*
## Description
The operation `--export` writes a serialisation of the specified store
paths to standard output in a format that can be imported into another
Nix store with `nix-store --import`. This is like `nix-store
--dump`, except that the NAR archive produced by that command doesnt
contain the necessary meta-information to allow it to be imported into
another Nix store (namely, the set of references of the path).
This command does not produce a *closure* of the specified paths, so if
a store path references other store paths that are missing in the target
Nix store, the import will fail. To copy a whole closure, do something
like:
```console
$ nix-store --export $(nix-store -qR paths) > out
```
To import the whole closure again, run:
```console
$ nix-store --import < out
```
# Operation `--import`
## Synopsis
`nix-store` `--import`
## Description
The operation `--import` reads a serialisation of a set of store paths
produced by `nix-store --export` from standard input and adds those
store paths to the Nix store. Paths that already exist in the Nix store
are ignored. If a path refers to another path that doesnt exist in the
Nix store, the import fails.
# Operation `--optimise`
## Synopsis
`nix-store` `--optimise`
## Description
The operation `--optimise` reduces Nix store disk space usage by finding
identical files in the store and hard-linking them to each other. It
typically reduces the size of the store by something like 25-35%. Only
regular files and symlinks are hard-linked in this manner. Files are
considered identical when they have the same NAR archive serialisation:
that is, regular files must have the same contents and permission
(executable or non-executable), and symlinks must have the same
contents.
After completion, or when the command is interrupted, a report on the
achieved savings is printed on standard error.
Use `-vv` or `-vvv` to get some progress indication.
## Example
```console
$ nix-store --optimise
hashing files in `/nix/store/qhqx7l2f1kmwihc9bnxs7rc159hsxnf3-gcc-4.1.1'
...
541838819 bytes (516.74 MiB) freed by hard-linking 54143 files;
there are 114486 files with equal contents out of 215894 files in total
```
# Operation `--read-log`
## Synopsis
`nix-store` {`--read-log` | `-l`} *paths…*
## Description
The operation `--read-log` prints the build log of the specified store
paths on standard output. The build log is whatever the builder of a
derivation wrote to standard output and standard error. If a store path
is not a derivation, the deriver of the store path is used.
Build logs are kept in `/nix/var/log/nix/drvs`. However, there is no
guarantee that a build log is available for any particular store path.
For instance, if the path was downloaded as a pre-built binary through a
substitute, then the log is unavailable.
## Example
```console
$ nix-store -l $(which ktorrent)
building /nix/store/dhc73pvzpnzxhdgpimsd9sw39di66ph1-ktorrent-2.2.1
unpacking sources
unpacking source archive /nix/store/p8n1jpqs27mgkjw07pb5269717nzf5f8-ktorrent-2.2.1.tar.gz
ktorrent-2.2.1/
ktorrent-2.2.1/NEWS
...
```
# Operation `--dump-db`
## Synopsis
`nix-store` `--dump-db` [*paths…*]
## Description
The operation `--dump-db` writes a dump of the Nix database to standard
output. It can be loaded into an empty Nix store using `--load-db`. This
is useful for making backups and when migrating to different database
schemas.
By default, `--dump-db` will dump the entire Nix database. When one or
more store paths is passed, only the subset of the Nix database for
those store paths is dumped. As with `--export`, the user is responsible
for passing all the store paths for a closure. See `--export` for an
example.
# Operation `--load-db`
## Synopsis
`nix-store` `--load-db`
## Description
The operation `--load-db` reads a dump of the Nix database created by
`--dump-db` from standard input and loads it into the Nix database.
# Operation `--print-env`
## Synopsis
`nix-store` `--print-env` *drvpath*
## Description
The operation `--print-env` prints out the environment of a derivation
in a format that can be evaluated by a shell. The command line arguments
of the builder are placed in the variable `_args`.
## Example
```console
$ nix-store --print-env $(nix-instantiate '<nixpkgs>' -A firefox)
export src; src='/nix/store/plpj7qrwcz94z2psh6fchsi7s8yihc7k-firefox-12.0.source.tar.bz2'
export stdenv; stdenv='/nix/store/7c8asx3yfrg5dg1gzhzyq2236zfgibnn-stdenv'
export system; system='x86_64-linux'
export _args; _args='-e /nix/store/9krlzvny65gdc8s7kpb6lkx8cd02c25c-default-builder.sh'
```
# Operation `--generate-binary-cache-key`
## Synopsis
`nix-store` `--generate-binary-cache-key` *key-name* *secret-key-file* *public-key-file*
## Description
This command generates an [Ed25519 key pair](http://ed25519.cr.yp.to/)
that can be used to create a signed binary cache. It takes three
mandatory parameters:
1. A key name, such as `cache.example.org-1`, that is used to look up
keys on the client when it verifies signatures. It can be anything,
but its suggested to use the host name of your cache (e.g.
`cache.example.org`) with a suffix denoting the number of the key
(to be incremented every time you need to revoke a key).
2. The file name where the secret key is to be stored.
3. The file name where the public key is to be stored.

35
doc/manual/src/command-ref/nix-store/add-fixed.md Normal file
View file

@ -0,0 +1,35 @@
# Name
`nix-store --add-fixed` - add paths to store using given hashing algorithm
## Synopsis
`nix-store` `--add-fixed` [`--recursive`] *algorithm* *paths…*
## Description
The operation `--add-fixed` adds the specified paths to the Nix store.
Unlike `--add` paths are registered using the specified hashing
algorithm, resulting in the same output path as a fixed-output
derivation. This can be used for sources that are not available from a
public url or broke since the download expression was written.
This operation has the following options:
- `--recursive`\
Use recursive instead of flat hashing mode, used when adding
directories to the store.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
## Example
```console
$ nix-store --add-fixed sha256 ./hello-2.10.tar.gz
/nix/store/3x7dwzq014bblazs7kq20p9hyzz0qh8g-hello-2.10.tar.gz
```

25
doc/manual/src/command-ref/nix-store/add.md Normal file
View file

@ -0,0 +1,25 @@
# Name
`nix-store --add` - add paths to Nix store
# Synopsis
`nix-store` `--add` *paths…*
# Description
The operation `--add` adds the specified paths to the Nix store. It
prints the resulting paths in the Nix store on standard output.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
# Example
```console
$ nix-store --add ./foo.c
/nix/store/m7lrha58ph6rcnv109yzx1nk1cj7k7zf-foo.c
```

33
doc/manual/src/command-ref/nix-store/delete.md Normal file
View file

@ -0,0 +1,33 @@
# Name
`nix-store --delete` - delete store paths
# Synopsis
`nix-store` `--delete` [`--ignore-liveness`] *paths…*
# Description
The operation `--delete` deletes the store paths *paths* from the Nix
store, but only if it is safe to do so; that is, when the path is not
reachable from a root of the garbage collector. This means that you can
only delete paths that would also be deleted by `nix-store --gc`. Thus,
`--delete` is a more targeted version of `--gc`.
With the option `--ignore-liveness`, reachability from the roots is
ignored. However, the path still wont be deleted if there are other
paths in the store that refer to it (i.e., depend on it).
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
# Example
```console
$ nix-store --delete /nix/store/zq0h41l75vlb4z45kzgjjmsjxvcv1qk7-mesa-6.4
0 bytes freed (0.00 MiB)
error: cannot delete path `/nix/store/zq0h41l75vlb4z45kzgjjmsjxvcv1qk7-mesa-6.4' since it is still alive
```

26
doc/manual/src/command-ref/nix-store/dump-db.md Normal file
View file

@ -0,0 +1,26 @@
# Name
`nix-store --dump-db` - export Nix database
# Synopsis
`nix-store` `--dump-db` [*paths…*]
# Description
The operation `--dump-db` writes a dump of the Nix database to standard
output. It can be loaded into an empty Nix store using `--load-db`. This
is useful for making backups and when migrating to different database
schemas.
By default, `--dump-db` will dump the entire Nix database. When one or
more store paths is passed, only the subset of the Nix database for
those store paths is dumped. As with `--export`, the user is responsible
for passing all the store paths for a closure. See `--export` for an
example.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}

40
doc/manual/src/command-ref/nix-store/dump.md Normal file
View file

@ -0,0 +1,40 @@
# Name
`nix-store --dump` - write a single path to a Nix Archive
## Synopsis
`nix-store` `--dump` *path*
## Description
The operation `--dump` produces a NAR (Nix ARchive) file containing the
contents of the file system tree rooted at *path*. The archive is
written to standard output.
A NAR archive is like a TAR or Zip archive, but it contains only the
information that Nix considers important. For instance, timestamps are
elided because all files in the Nix store have their timestamp set to 0
anyway. Likewise, all permissions are left out except for the execute
bit, because all files in the Nix store have 444 or 555 permission.
Also, a NAR archive is *canonical*, meaning that “equal” paths always
produce the same NAR archive. For instance, directory entries are
always sorted so that the actual on-disk order doesnt influence the
result. This means that the cryptographic hash of a NAR dump of a
path is usable as a fingerprint of the contents of the path. Indeed,
the hashes of store paths stored in Nixs database (see `nix-store -q
--hash`) are SHA-256 hashes of the NAR dump of each store path.
NAR archives support filenames of unlimited length and 64-bit file
sizes. They can contain regular files, directories, and symbolic links,
but not other types of files (such as device nodes).
A Nix archive can be unpacked using `nix-store
--restore`.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}

41
doc/manual/src/command-ref/nix-store/export.md Normal file
View file

@ -0,0 +1,41 @@
# Name
`nix-store --export` - export store paths to a Nix Archive
## Synopsis
`nix-store` `--export` *paths…*
## Description
The operation `--export` writes a serialisation of the specified store
paths to standard output in a format that can be imported into another
Nix store with `nix-store --import`. This is like `nix-store
--dump`, except that the NAR archive produced by that command doesnt
contain the necessary meta-information to allow it to be imported into
another Nix store (namely, the set of references of the path).
This command does not produce a *closure* of the specified paths, so if
a store path references other store paths that are missing in the target
Nix store, the import will fail.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
# Examples
To copy a whole closure, do something
like:
```console
$ nix-store --export $(nix-store -qR paths) > out
```
To import the whole closure again, run:
```console
$ nix-store --import < out
```

72
doc/manual/src/command-ref/nix-store/gc.md Normal file
View file

@ -0,0 +1,72 @@
# Name
`nix-store --gc` - run garbage collection
# Synopsis
`nix-store` `--gc` [`--print-roots` | `--print-live` | `--print-dead`] [`--max-freed` *bytes*]
# Description
Without additional flags, the operation `--gc` performs a garbage
collection on the Nix store. That is, all paths in the Nix store not
reachable via file system references from a set of “roots”, are deleted.
The following suboperations may be specified:
- `--print-roots`\
This operation prints on standard output the set of roots used by
the garbage collector.
- `--print-live`\
This operation prints on standard output the set of “live” store
paths, which are all the store paths reachable from the roots. Live
paths should never be deleted, since that would break consistency —
it would become possible that applications are installed that
reference things that are no longer present in the store.
- `--print-dead`\
This operation prints out on standard output the set of “dead” store
paths, which is just the opposite of the set of live paths: any path
in the store that is not live (with respect to the roots) is dead.
By default, all unreachable paths are deleted. The following options
control what gets deleted and in what order:
- `--max-freed` *bytes*\
Keep deleting paths until at least *bytes* bytes have been deleted,
then stop. The argument *bytes* can be followed by the
multiplicative suffix `K`, `M`, `G` or `T`, denoting KiB, MiB, GiB
or TiB units.
The behaviour of the collector is also influenced by the
`keep-outputs` and `keep-derivations` settings in the Nix
configuration file.
By default, the collector prints the total number of freed bytes when it
finishes (or when it is interrupted). With `--print-dead`, it prints the
number of bytes that would be freed.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
# Examples
To delete all unreachable paths, just do:
```console
$ nix-store --gc
deleting `/nix/store/kq82idx6g0nyzsp2s14gfsc38npai7lf-cairo-1.0.4.tar.gz.drv'
...
8825586 bytes freed (8.42 MiB)
```
To delete at least 100 MiBs of unreachable paths:
```console
$ nix-store --gc --max-freed $((100 * 1024 * 1024))
```

29
doc/manual/src/command-ref/nix-store/generate-binary-cache-key.md Normal file
View file

@ -0,0 +1,29 @@
# Name
`nix-store --generate-binary-cache-key` - generate key pair to use for a binary cache
## Synopsis
`nix-store` `--generate-binary-cache-key` *key-name* *secret-key-file* *public-key-file*
## Description
This command generates an [Ed25519 key pair](http://ed25519.cr.yp.to/)
that can be used to create a signed binary cache. It takes three
mandatory parameters:
1. A key name, such as `cache.example.org-1`, that is used to look up
keys on the client when it verifies signatures. It can be anything,
but its suggested to use the host name of your cache (e.g.
`cache.example.org`) with a suffix denoting the number of the key
(to be incremented every time you need to revoke a key).
2. The file name where the secret key is to be stored.
3. The file name where the public key is to be stored.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}

21
doc/manual/src/command-ref/nix-store/import.md Normal file
View file

@ -0,0 +1,21 @@
# Name
`nix-store --import` - import Nix Archive into the store
# Synopsis
`nix-store` `--import`
# Description
The operation `--import` reads a serialisation of a set of store paths
produced by `nix-store --export` from standard input and adds those
store paths to the Nix store. Paths that already exist in the Nix store
are ignored. If a path refers to another path that doesnt exist in the
Nix store, the import fails.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}

18
doc/manual/src/command-ref/nix-store/load-db.md Normal file
View file

@ -0,0 +1,18 @@
# Name
`nix-store --load-db` - import Nix database
# Synopsis
`nix-store` `--load-db`
# Description
The operation `--load-db` reads a dump of the Nix database created by
`--dump-db` from standard input and loads it into the Nix database.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}

36
doc/manual/src/command-ref/nix-store/opt-common.md Normal file
View file

@ -0,0 +1,36 @@
# Options
The following options are allowed for all `nix-store` operations, but may not always have an effect.
- <span id="opt-add-root">[`--add-root`](#opt-add-root)</span> *path*
Causes the result of a realisation (`--realise` and
`--force-realise`) to be registered as a root of the garbage
collector. *path* will be created as a symlink to the resulting
store path. In addition, a uniquely named symlink to *path* will
be created in `/nix/var/nix/gcroots/auto/`. For instance,
```console
$ nix-store --add-root /home/eelco/bla/result -r ...
$ ls -l /nix/var/nix/gcroots/auto
lrwxrwxrwx 1 ... 2005-03-13 21:10 dn54lcypm8f8... -> /home/eelco/bla/result
$ ls -l /home/eelco/bla/result
lrwxrwxrwx 1 ... 2005-03-13 21:10 /home/eelco/bla/result -> /nix/store/1r11343n6qd4...-f-spot-0.0.10
```
Thus, when `/home/eelco/bla/result` is removed, the GC root in the
`auto` directory becomes a dangling symlink and will be ignored by
the collector.
> **Warning**
>
> Note that it is not possible to move or rename GC roots, since
> the symlink in the `auto` directory will still point to the old
> location.
If there are multiple results, then multiple symlinks will be
created by sequentially numbering symlinks beyond the first one
(e.g., `foo`, `foo-2`, `foo-3`, and so on).

40
doc/manual/src/command-ref/nix-store/optimise.md Normal file
View file

@ -0,0 +1,40 @@
# Name
`nix-store --optimise` - reduce disk space usage
## Synopsis
`nix-store` `--optimise`
## Description
The operation `--optimise` reduces Nix store disk space usage by finding
identical files in the store and hard-linking them to each other. It
typically reduces the size of the store by something like 25-35%. Only
regular files and symlinks are hard-linked in this manner. Files are
considered identical when they have the same NAR archive serialisation:
that is, regular files must have the same contents and permission
(executable or non-executable), and symlinks must have the same
contents.
After completion, or when the command is interrupted, a report on the
achieved savings is printed on standard error.
Use `-vv` or `-vvv` to get some progress indication.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
## Example
```console
$ nix-store --optimise
hashing files in `/nix/store/qhqx7l2f1kmwihc9bnxs7rc159hsxnf3-gcc-4.1.1'
...
541838819 bytes (516.74 MiB) freed by hard-linking 54143 files;
there are 114486 files with equal contents out of 215894 files in total
```

31
doc/manual/src/command-ref/nix-store/print-env.md Normal file
View file

@ -0,0 +1,31 @@
# Name
`nix-store --print-env` - print the build environment of a derivation
## Synopsis
`nix-store` `--print-env` *drvpath*
## Description
The operation `--print-env` prints out the environment of a derivation
in a format that can be evaluated by a shell. The command line arguments
of the builder are placed in the variable `_args`.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
## Example
```console
$ nix-store --print-env $(nix-instantiate '<nixpkgs>' -A firefox)
export src; src='/nix/store/plpj7qrwcz94z2psh6fchsi7s8yihc7k-firefox-12.0.source.tar.bz2'
export stdenv; stdenv='/nix/store/7c8asx3yfrg5dg1gzhzyq2236zfgibnn-stdenv'
export system; system='x86_64-linux'
export _args; _args='-e /nix/store/9krlzvny65gdc8s7kpb6lkx8cd02c25c-default-builder.sh'
```

220
doc/manual/src/command-ref/nix-store/query.md Normal file
View file

@ -0,0 +1,220 @@
# Name
`nix-store --query` - display information about store paths
# Synopsis
`nix-store` {`--query` | `-q`}
{`--outputs` | `--requisites` | `-R` | `--references` |
`--referrers` | `--referrers-closure` | `--deriver` | `-d` |
`--graph` | `--tree` | `--binding` *name* | `-b` *name* | `--hash` |
`--size` | `--roots`}
[`--use-output`] [`-u`] [`--force-realise`] [`-f`]
*paths…*
# Description
The operation `--query` displays various bits of information about the
store paths . The queries are described below. At most one query can be
specified. The default query is `--outputs`.
The paths *paths* may also be symlinks from outside of the Nix store, to
the Nix store. In that case, the query is applied to the target of the
symlink.
# Common query options
- `--use-output`; `-u`\
For each argument to the query that is a [store derivation], apply the
query to the output path of the derivation instead.
- `--force-realise`; `-f`\
Realise each argument to the query first (see [`nix-store --realise`](./realise.md)).
[store derivation]: @docroot@/glossary.md#gloss-store-derivation
# Queries
- `--outputs`\
Prints out the [output paths] of the store
derivations *paths*. These are the paths that will be produced when
the derivation is built.
[output paths]: ../../glossary.md#gloss-output-path
- `--requisites`; `-R`\
Prints out the [closure] of the store path *paths*.
[closure]: ../../glossary.md#gloss-closure
This query has one option:
- `--include-outputs`
Also include the existing output paths of [store derivation]s,
and their closures.
This query can be used to implement various kinds of deployment. A
*source deployment* is obtained by distributing the closure of a
store derivation. A *binary deployment* is obtained by distributing
the closure of an output path. A *cache deployment* (combined
source/binary deployment, including binaries of build-time-only
dependencies) is obtained by distributing the closure of a store
derivation and specifying the option `--include-outputs`.
- `--references`\
Prints the set of [references] of the store paths
*paths*, that is, their immediate dependencies. (For *all*
dependencies, use `--requisites`.)
[references]: ../../glossary.md#gloss-reference
- `--referrers`\
Prints the set of *referrers* of the store paths *paths*, that is,
the store paths currently existing in the Nix store that refer to
one of *paths*. Note that contrary to the references, the set of
referrers is not constant; it can change as store paths are added or
removed.
- `--referrers-closure`\
Prints the closure of the set of store paths *paths* under the
referrers relation; that is, all store paths that directly or
indirectly refer to one of *paths*. These are all the path currently
in the Nix store that are dependent on *paths*.
- `--deriver`; `-d`\
Prints the [deriver] of the store paths *paths*. If
the path has no deriver (e.g., if it is a source file), or if the
deriver is not known (e.g., in the case of a binary-only
deployment), the string `unknown-deriver` is printed.
[deriver]: ../../glossary.md#gloss-deriver
- `--graph`\
Prints the references graph of the store paths *paths* in the format
of the `dot` tool of AT\&T's [Graphviz
package](http://www.graphviz.org/). This can be used to visualise
dependency graphs. To obtain a build-time dependency graph, apply
this to a store derivation. To obtain a runtime dependency graph,
apply it to an output path.
- `--tree`\
Prints the references graph of the store paths *paths* as a nested
ASCII tree. References are ordered by descending closure size; this
tends to flatten the tree, making it more readable. The query only
recurses into a store path when it is first encountered; this
prevents a blowup of the tree representation of the graph.
- `--graphml`\
Prints the references graph of the store paths *paths* in the
[GraphML](http://graphml.graphdrawing.org/) file format. This can be
used to visualise dependency graphs. To obtain a build-time
dependency graph, apply this to a [store derivation]. To obtain a
runtime dependency graph, apply it to an output path.
- `--binding` *name*; `-b` *name*\
Prints the value of the attribute *name* (i.e., environment
variable) of the [store derivation]s *paths*. It is an error for a
derivation to not have the specified attribute.
- `--hash`\
Prints the SHA-256 hash of the contents of the store paths *paths*
(that is, the hash of the output of `nix-store --dump` on the given
paths). Since the hash is stored in the Nix database, this is a fast
operation.
- `--size`\
Prints the size in bytes of the contents of the store paths *paths*
— to be precise, the size of the output of `nix-store --dump` on
the given paths. Note that the actual disk space required by the
store paths may be higher, especially on filesystems with large
cluster sizes.
- `--roots`\
Prints the garbage collector roots that point, directly or
indirectly, at the store paths *paths*.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
# Examples
Print the closure (runtime dependencies) of the `svn` program in the
current user environment:
```console
$ nix-store -qR $(which svn)
/nix/store/5mbglq5ldqld8sj57273aljwkfvj22mc-subversion-1.1.4
/nix/store/9lz9yc6zgmc0vlqmn2ipcpkjlmbi51vv-glibc-2.3.4
...
```
Print the build-time dependencies of `svn`:
```console
$ nix-store -qR $(nix-store -qd $(which svn))
/nix/store/02iizgn86m42q905rddvg4ja975bk2i4-grep-2.5.1.tar.bz2.drv
/nix/store/07a2bzxmzwz5hp58nf03pahrv2ygwgs3-gcc-wrapper.sh
/nix/store/0ma7c9wsbaxahwwl04gbw3fcd806ski4-glibc-2.3.4.drv
... lots of other paths ...
```
The difference with the previous example is that we ask the closure of
the derivation (`-qd`), not the closure of the output path that contains
`svn`.
Show the build-time dependencies as a tree:
```console
$ nix-store -q --tree $(nix-store -qd $(which svn))
/nix/store/7i5082kfb6yjbqdbiwdhhza0am2xvh6c-subversion-1.1.4.drv
+---/nix/store/d8afh10z72n8l1cr5w42366abiblgn54-builder.sh
+---/nix/store/fmzxmpjx2lh849ph0l36snfj9zdibw67-bash-3.0.drv
| +---/nix/store/570hmhmx3v57605cqg9yfvvyh0nnb8k8-bash
| +---/nix/store/p3srsbd8dx44v2pg6nbnszab5mcwx03v-builder.sh
...
```
Show all paths that depend on the same OpenSSL library as `svn`:
```console
$ nix-store -q --referrers $(nix-store -q --binding openssl $(nix-store -qd $(which svn)))
/nix/store/23ny9l9wixx21632y2wi4p585qhva1q8-sylpheed-1.0.0
/nix/store/5mbglq5ldqld8sj57273aljwkfvj22mc-subversion-1.1.4
/nix/store/dpmvp969yhdqs7lm2r1a3gng7pyq6vy4-subversion-1.1.3
/nix/store/l51240xqsgg8a7yrbqdx1rfzyv6l26fx-lynx-2.8.5
```
Show all paths that directly or indirectly depend on the Glibc (C
library) used by `svn`:
```console
$ nix-store -q --referrers-closure $(ldd $(which svn) | grep /libc.so | awk '{print $3}')
/nix/store/034a6h4vpz9kds5r6kzb9lhh81mscw43-libgnomeprintui-2.8.2
/nix/store/15l3yi0d45prm7a82pcrknxdh6nzmxza-gawk-3.1.4
...
```
Note that `ldd` is a command that prints out the dynamic libraries used
by an ELF executable.
Make a picture of the runtime dependency graph of the current user
environment:
```console
$ nix-store -q --graph ~/.nix-profile | dot -Tps > graph.ps
$ gv graph.ps
```
Show every garbage collector root that points to a store path that
depends on `svn`:
```console
$ nix-store -q --roots $(which svn)
/nix/var/nix/profiles/default-81-link
/nix/var/nix/profiles/default-82-link
/home/eelco/.local/state/nix/profiles/profile-97-link
```

38
doc/manual/src/command-ref/nix-store/read-log.md Normal file
View file

@ -0,0 +1,38 @@
# Name
`nix-store --read-log` - print build log
# Synopsis
`nix-store` {`--read-log` | `-l`} *paths…*
# Description
The operation `--read-log` prints the build log of the specified store
paths on standard output. The build log is whatever the builder of a
derivation wrote to standard output and standard error. If a store path
is not a derivation, the deriver of the store path is used.
Build logs are kept in `/nix/var/log/nix/drvs`. However, there is no
guarantee that a build log is available for any particular store path.
For instance, if the path was downloaded as a pre-built binary through a
substitute, then the log is unavailable.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
# Example
```console
$ nix-store -l $(which ktorrent)
building /nix/store/dhc73pvzpnzxhdgpimsd9sw39di66ph1-ktorrent-2.2.1
unpacking sources
unpacking source archive /nix/store/p8n1jpqs27mgkjw07pb5269717nzf5f8-ktorrent-2.2.1.tar.gz
ktorrent-2.2.1/
ktorrent-2.2.1/NEWS
...
```

118
doc/manual/src/command-ref/nix-store/realise.md Normal file
View file

@ -0,0 +1,118 @@
# Name
`nix-store --realise` - realise specified store paths
# Synopsis
`nix-store` {`--realise` | `-r`} *paths…* [`--dry-run`]
# Description
The operation `--realise` essentially “builds” the specified store
paths. Realisation is a somewhat overloaded term:
- If the store path is a *derivation*, realisation ensures that the
output paths of the derivation are [valid] (i.e.,
the output path and its closure exist in the file system). This
can be done in several ways. First, it is possible that the
outputs are already valid, in which case we are done
immediately. Otherwise, there may be [substitutes]
that produce the outputs (e.g., by downloading them). Finally, the
outputs can be produced by running the build task described
by the derivation.
- If the store path is not a derivation, realisation ensures that the
specified path is valid (i.e., it and its closure exist in the file
system). If the path is already valid, we are done immediately.
Otherwise, the path and any missing paths in its closure may be
produced through substitutes. If there are no (successful)
substitutes, realisation fails.
[valid]: @docroot@/glossary.md#gloss-validity
[substitutes]: @docroot@/glossary.md#gloss-substitute
The output path of each derivation is printed on standard output. (For
non-derivations argument, the argument itself is printed.)
The following flags are available:
- `--dry-run`\
Print on standard error a description of what packages would be
built or downloaded, without actually performing the operation.
- `--ignore-unknown`\
If a non-derivation path does not have a substitute, then silently
ignore it.
- `--check`\
This option allows you to check whether a derivation is
deterministic. It rebuilds the specified derivation and checks
whether the result is bitwise-identical with the existing outputs,
printing an error if thats not the case. The outputs of the
specified derivation must already exist. When used with `-K`, if an
output path is not identical to the corresponding output from the
previous build, the new output path is left in
`/nix/store/name.check.`
Special exit codes:
- `100`\
Generic build failure, the builder process returned with a non-zero
exit code.
- `101`\
Build timeout, the build was aborted because it did not complete
within the specified `timeout`.
- `102`\
Hash mismatch, the build output was rejected because it does not
match the [`outputHash` attribute of the
derivation](@docroot@/language/advanced-attributes.md).
- `104`\
Not deterministic, the build succeeded in check mode but the
resulting output is not binary reproducible.
With the `--keep-going` flag it's possible for multiple failures to
occur, in this case the 1xx status codes are or combined using binary
or.
1100100
^^^^
|||`- timeout
||`-- output hash mismatch
|`--- build failure
`---- not deterministic
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
# Examples
This operation is typically used to build [store derivation]s produced by
[`nix-instantiate`](@docroot@/command-ref/nix-instantiate.md):
[store derivation]: @docroot@/glossary.md#gloss-store-derivation
```console
$ nix-store -r $(nix-instantiate ./test.nix)
/nix/store/31axcgrlbfsxzmfff1gyj1bf62hvkby2-aterm-2.3.1
```
This is essentially what [`nix-build`](@docroot@/command-ref/nix-build.md) does.
To test whether a previously-built derivation is deterministic:
```console
$ nix-build '<nixpkgs>' -A hello --check -K
```
Use [`nix-store --read-log`](./read-log.md) to show the stderr and stdout of a build:
```console
$ nix-store --read-log $(nix-instantiate ./test.nix)
```

35
doc/manual/src/command-ref/nix-store/repair-path.md Normal file
View file

@ -0,0 +1,35 @@
# Name
`nix --repair-path` - re-download path from substituter
# Synopsis
`nix-store` `--repair-path` *paths…*
# Description
The operation `--repair-path` attempts to “repair” the specified paths
by redownloading them using the available substituters. If no
substitutes are available, then repair is not possible.
> **Warning**
>
> During repair, there is a very small time window during which the old
> path (if it exists) is moved out of the way and replaced with the new
> path. If repair is interrupted in between, then the system may be left
> in a broken state (e.g., if the path contains a critical system
> component like the GNU C Library).
# Example
```console
$ nix-store --verify-path /nix/store/dj7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13
path `/nix/store/dj7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13' was modified!
expected hash `2db57715ae90b7e31ff1f2ecb8c12ec1cc43da920efcbe3b22763f36a1861588',
got `481c5aa5483ebc97c20457bb8bca24deea56550d3985cda0027f67fe54b808e4'
$ nix-store --repair-path /nix/store/dj7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13
fetching path `/nix/store/d7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13'...
```

18
doc/manual/src/command-ref/nix-store/restore.md Normal file
View file

@ -0,0 +1,18 @@
# Name
`nix-store --restore` - extract a Nix archive
## Synopsis
`nix-store` `--restore` *path*
## Description
The operation `--restore` unpacks a NAR archive to *path*, which must
not already exist. The archive is read from standard input.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}

38
doc/manual/src/command-ref/nix-store/serve.md Normal file
View file

@ -0,0 +1,38 @@
# Name
`nix-store --serve` - serve local Nix store over SSH
# Synopsis
`nix-store` `--serve` [`--write`]
# Description
The operation `--serve` provides access to the Nix store over stdin and
stdout, and is intended to be used as a means of providing Nix store
access to a restricted ssh user.
The following flags are available:
- `--write`\
Allow the connected client to request the realization of
derivations. In effect, this can be used to make the host act as a
remote builder.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
# Examples
To turn a host into a build server, the `authorized_keys` file can be
used to provide build access to a given SSH public key:
```console
$ cat <<EOF >>/root/.ssh/authorized_keys
command="nice -n20 nix-store --serve --write" ssh-rsa AAAAB3NzaC1yc2EAAAA...
EOF
```

29
doc/manual/src/command-ref/nix-store/verify-path.md Normal file
View file

@ -0,0 +1,29 @@
# Name
`nix-store --verify-path` - check path contents against Nix database
## Synopsis
`nix-store` `--verify-path` *paths…*
## Description
The operation `--verify-path` compares the contents of the given store
paths to their cryptographic hashes stored in Nixs database. For every
changed path, it prints a warning message. The exit status is 0 if no
path has changed, and 1 otherwise.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}
## Example
To verify the integrity of the `svn` command and all its dependencies:
```console
$ nix-store --verify-path $(nix-store -qR $(which svn))
```

36
doc/manual/src/command-ref/nix-store/verify.md Normal file
View file

@ -0,0 +1,36 @@
# Name
`nix-store --verify` - check Nix database for consistency
# Synopsis
`nix-store` `--verify` [`--check-contents`] [`--repair`]
# Description
The operation `--verify` verifies the internal consistency of the Nix
database, and the consistency between the Nix database and the Nix
store. Any inconsistencies encountered are automatically repaired.
Inconsistencies are generally the result of the Nix store or database
being modified by non-Nix tools, or of bugs in Nix itself.
This operation has the following options:
- `--check-contents`\
Checks that the contents of every valid store path has not been
altered by computing a SHA-256 hash of the contents and comparing it
with the hash stored in the Nix database at build time. Paths that
have been modified are printed out. For large stores,
`--check-contents` is obviously quite slow.
- `--repair`\
If any valid path is missing from the store, or (if
`--check-contents` is given) the contents of a valid path has been
modified, then try to repair the path by redownloading it. See
`nix-store --repair-path` for details.
{{#include ./opt-common.md}}
{{#include ../opt-common.md}}
{{#include ../env-common.md}}

55
doc/manual/src/command-ref/opt-common.md
View file

@ -2,13 +2,13 @@
Most Nix commands accept the following command-line options: Most Nix commands accept the following command-line options:
- [`--help`]{#opt-help}\ - <span id="opt-help">[`--help`](#opt-help)</span>\
Prints out a summary of the command syntax and exits. Prints out a summary of the command syntax and exits.
- [`--version`]{#opt-version}\ - <span id="opt-version">[`--version`](#opt-version)</span>\
Prints out the Nix version number on standard output and exits. Prints out the Nix version number on standard output and exits.
- [`--verbose`]{#opt-verbose} / `-v`\ - <span id="opt-verbose">[`--verbose`](#opt-verbose)</span> / `-v`\
Increases the level of verbosity of diagnostic messages printed on Increases the level of verbosity of diagnostic messages printed on
standard error. For each Nix operation, the information printed on standard error. For each Nix operation, the information printed on
standard output is well-defined; any diagnostic information is standard output is well-defined; any diagnostic information is
@ -37,14 +37,14 @@ Most Nix commands accept the following command-line options:
- 5\ - 5\
“Vomit”: print vast amounts of debug information. “Vomit”: print vast amounts of debug information.
- [`--quiet`]{#opt-quiet}\ - <span id="opt-quiet">[`--quiet`](#opt-quiet)</span>\
Decreases the level of verbosity of diagnostic messages printed on Decreases the level of verbosity of diagnostic messages printed on
standard error. This is the inverse option to `-v` / `--verbose`. standard error. This is the inverse option to `-v` / `--verbose`.
This option may be specified repeatedly. See the previous verbosity This option may be specified repeatedly. See the previous verbosity
levels list. levels list.
- [`--log-format`]{#opt-log-format} *format*\ - <span id="opt-log-format">[`--log-format`](#opt-log-format)</span> *format*\
This option can be used to change the output of the log format, with This option can be used to change the output of the log format, with
*format* being one of: *format* being one of:
@ -66,14 +66,14 @@ Most Nix commands accept the following command-line options:
- bar-with-logs\ - bar-with-logs\
Display the raw logs, with the progress bar at the bottom. Display the raw logs, with the progress bar at the bottom.
- [`--no-build-output`]{#opt-no-build-output} / `-Q`\ - <span id="opt-no-build-output">[`--no-build-output`](#opt-no-build-output)</span> / `-Q`\
By default, output written by builders to standard output and By default, output written by builders to standard output and
standard error is echoed to the Nix command's standard error. This standard error is echoed to the Nix command's standard error. This
option suppresses this behaviour. Note that the builder's standard option suppresses this behaviour. Note that the builder's standard
output and error are always written to a log file in output and error are always written to a log file in
`prefix/nix/var/log/nix`. `prefix/nix/var/log/nix`.
- [`--max-jobs`]{#opt-max-jobs} / `-j` *number*\ - <span id="opt-max-jobs">[`--max-jobs`](#opt-max-jobs)</span> / `-j` *number*\
Sets the maximum number of build jobs that Nix will perform in Sets the maximum number of build jobs that Nix will perform in
parallel to the specified number. Specify `auto` to use the number parallel to the specified number. Specify `auto` to use the number
of CPUs in the system. The default is specified by the `max-jobs` of CPUs in the system. The default is specified by the `max-jobs`
@ -83,7 +83,7 @@ Most Nix commands accept the following command-line options:
Setting it to `0` disallows building on the local machine, which is Setting it to `0` disallows building on the local machine, which is
useful when you want builds to happen only on remote builders. useful when you want builds to happen only on remote builders.
- [`--cores`]{#opt-cores}\ - <span id="opt-cores">[`--cores`](#opt-cores)</span>\
Sets the value of the `NIX_BUILD_CORES` environment variable in Sets the value of the `NIX_BUILD_CORES` environment variable in
the invocation of builders. Builders can use this variable at the invocation of builders. Builders can use this variable at
their discretion to control the maximum amount of parallelism. For their discretion to control the maximum amount of parallelism. For
@ -94,18 +94,18 @@ Most Nix commands accept the following command-line options:
means that the builder should use all available CPU cores in the means that the builder should use all available CPU cores in the
system. system.
- [`--max-silent-time`]{#opt-max-silent-time}\ - <span id="opt-max-silent-time">[`--max-silent-time`](#opt-max-silent-time)</span>\
Sets the maximum number of seconds that a builder can go without Sets the maximum number of seconds that a builder can go without
producing any data on standard output or standard error. The producing any data on standard output or standard error. The
default is specified by the `max-silent-time` configuration default is specified by the `max-silent-time` configuration
setting. `0` means no time-out. setting. `0` means no time-out.
- [`--timeout`]{#opt-timeout}\ - <span id="opt-timeout">[`--timeout`](#opt-timeout)</span>\
Sets the maximum number of seconds that a builder can run. The Sets the maximum number of seconds that a builder can run. The
default is specified by the `timeout` configuration setting. `0` default is specified by the `timeout` configuration setting. `0`
means no timeout. means no timeout.
- [`--keep-going`]{#opt-keep-going} / `-k`\ - <span id="opt-keep-going">[`--keep-going`](#opt-keep-going)</span> / `-k`\
Keep going in case of failed builds, to the greatest extent Keep going in case of failed builds, to the greatest extent
possible. That is, if building an input of some derivation fails, possible. That is, if building an input of some derivation fails,
Nix will still build the other inputs, but not the derivation Nix will still build the other inputs, but not the derivation
@ -113,13 +113,13 @@ Most Nix commands accept the following command-line options:
for builds of substitutes), possibly killing builds in progress (in for builds of substitutes), possibly killing builds in progress (in
case of parallel or distributed builds). case of parallel or distributed builds).
- [`--keep-failed`]{#opt-keep-failed} / `-K`\ - <span id="opt-keep-failed">[`--keep-failed`](#opt-keep-failed)</span> / `-K`\
Specifies that in case of a build failure, the temporary directory Specifies that in case of a build failure, the temporary directory
(usually in `/tmp`) in which the build takes place should not be (usually in `/tmp`) in which the build takes place should not be
deleted. The path of the build directory is printed as an deleted. The path of the build directory is printed as an
informational message. informational message.
- [`--fallback`]{#opt-fallback}\ - <span id="opt-fallback">[`--fallback`](#opt-fallback)</span>\
Whenever Nix attempts to build a derivation for which substitutes Whenever Nix attempts to build a derivation for which substitutes
are known for each output path, but realising the output paths are known for each output path, but realising the output paths
through the substitutes fails, fall back on building the derivation. through the substitutes fails, fall back on building the derivation.
@ -134,18 +134,18 @@ Most Nix commands accept the following command-line options:
failure in obtaining the substitutes to lead to a full build from failure in obtaining the substitutes to lead to a full build from
source (with the related consumption of resources). source (with the related consumption of resources).
- [`--readonly-mode`]{#opt-readonly-mode}\ - <span id="opt-readonly-mode">[`--readonly-mode`](#opt-readonly-mode)</span>\
When this option is used, no attempt is made to open the Nix When this option is used, no attempt is made to open the Nix
database. Most Nix operations do need database access, so those database. Most Nix operations do need database access, so those
operations will fail. operations will fail.
- [`--arg`]{#opt-arg} *name* *value*\ - <span id="opt-arg">[`--arg`](#opt-arg)</span> *name* *value*\
This option is accepted by `nix-env`, `nix-instantiate`, This option is accepted by `nix-env`, `nix-instantiate`,
`nix-shell` and `nix-build`. When evaluating Nix expressions, the `nix-shell` and `nix-build`. When evaluating Nix expressions, the
expression evaluator will automatically try to call functions that expression evaluator will automatically try to call functions that
it encounters. It can automatically call functions for which every it encounters. It can automatically call functions for which every
argument has a [default argument has a [default
value](../language/constructs.md#functions) (e.g., value](@docroot@/language/constructs.md#functions) (e.g.,
`{ argName ? defaultValue }: ...`). With `--arg`, you can also `{ argName ? defaultValue }: ...`). With `--arg`, you can also
call functions that have arguments without a default value (or call functions that have arguments without a default value (or
override a default value). That is, if the evaluator encounters a override a default value). That is, if the evaluator encounters a
@ -164,26 +164,26 @@ Most Nix commands accept the following command-line options:
So if you call this Nix expression (e.g., when you do `nix-env -iA So if you call this Nix expression (e.g., when you do `nix-env -iA
pkgname`), the function will be called automatically using the pkgname`), the function will be called automatically using the
value [`builtins.currentSystem`](../language/builtins.md) for value [`builtins.currentSystem`](@docroot@/language/builtins.md) for
the `system` argument. You can override this using `--arg`, e.g., the `system` argument. You can override this using `--arg`, e.g.,
`nix-env -iA pkgname --arg system \"i686-freebsd\"`. (Note that `nix-env -iA pkgname --arg system \"i686-freebsd\"`. (Note that
since the argument is a Nix string literal, you have to escape the since the argument is a Nix string literal, you have to escape the
quotes.) quotes.)
- [`--argstr`]{#opt-argstr} *name* *value*\ - <span id="opt-argstr">[`--argstr`](#opt-argstr)</span> *name* *value*\
This option is like `--arg`, only the value is not a Nix This option is like `--arg`, only the value is not a Nix
expression but a string. So instead of `--arg system expression but a string. So instead of `--arg system
\"i686-linux\"` (the outer quotes are to keep the shell happy) you \"i686-linux\"` (the outer quotes are to keep the shell happy) you
can say `--argstr system i686-linux`. can say `--argstr system i686-linux`.
- [`--attr`]{#opt-attr} / `-A` *attrPath*\ - <span id="opt-attr">[`--attr`](#opt-attr)</span> / `-A` *attrPath*\
Select an attribute from the top-level Nix expression being Select an attribute from the top-level Nix expression being
evaluated. (`nix-env`, `nix-instantiate`, `nix-build` and evaluated. (`nix-env`, `nix-instantiate`, `nix-build` and
`nix-shell` only.) The *attribute path* *attrPath* is a sequence `nix-shell` only.) The *attribute path* *attrPath* is a sequence
of attribute names separated by dots. For instance, given a of attribute names separated by dots. For instance, given a
top-level Nix expression *e*, the attribute path `xorg.xorgserver` top-level Nix expression *e*, the attribute path `xorg.xorgserver`
would cause the expression `e.xorg.xorgserver` to be used. See would cause the expression `e.xorg.xorgserver` to be used. See
[`nix-env --install`](nix-env.md#operation---install) for some [`nix-env --install`](@docroot@/command-ref/nix-env/install.md) for some
concrete examples. concrete examples.
In addition to attribute names, you can also specify array indices. In addition to attribute names, you can also specify array indices.
@ -191,7 +191,7 @@ Most Nix commands accept the following command-line options:
attribute of the fourth element of the array in the `foo` attribute attribute of the fourth element of the array in the `foo` attribute
of the top-level expression. of the top-level expression.
- [`--expr`]{#opt-expr} / `-E`\ - <span id="opt-expr">[`--expr`](#opt-expr)</span> / `-E`\
Interpret the command line arguments as a list of Nix expressions to Interpret the command line arguments as a list of Nix expressions to
be parsed and evaluated, rather than as a list of file names of Nix be parsed and evaluated, rather than as a list of file names of Nix
expressions. (`nix-instantiate`, `nix-build` and `nix-shell` only.) expressions. (`nix-instantiate`, `nix-build` and `nix-shell` only.)
@ -202,17 +202,16 @@ Most Nix commands accept the following command-line options:
use, give your expression to the `nix-shell -p` convenience flag use, give your expression to the `nix-shell -p` convenience flag
instead. instead.
- [`-I`]{#opt-I} *path*\ - <span id="opt-I">[`-I`](#opt-I)</span> *path*\
Add a path to the Nix expression search path. This option may be Add an entry to the [Nix expression search path](@docroot@/command-ref/conf-file.md#conf-nix-path).
given multiple times. See the `NIX_PATH` environment variable for This option may be given multiple times.
information on the semantics of the Nix search path. Paths added Paths added through `-I` take precedence over [`NIX_PATH`](@docroot@/command-ref/env-common.md#env-NIX_PATH).
through `-I` take precedence over `NIX_PATH`.
- [`--option`]{#opt-option} *name* *value*\ - <span id="opt-option">[`--option`](#opt-option)</span> *name* *value*\
Set the Nix configuration option *name* to *value*. This overrides Set the Nix configuration option *name* to *value*. This overrides
settings in the Nix configuration file (see nix.conf5). settings in the Nix configuration file (see nix.conf5).
- [`--repair`]{#opt-repair}\ - <span id="opt-repair">[`--repair`](#opt-repair)</span>\
Fix corrupted or missing store paths by redownloading or rebuilding Fix corrupted or missing store paths by redownloading or rebuilding
them. Note that this is slow because it requires computing a them. Note that this is slow because it requires computing a
cryptographic hash of the contents of every path in the closure of cryptographic hash of the contents of every path in the closure of

82
doc/manual/src/contributing/cli-guideline.md
View file

@ -389,6 +389,88 @@ colors, no emojis and using ASCII instead of Unicode symbols). The same should
happen when TTY is not detected on STDERR. We should not display progress / happen when TTY is not detected on STDERR. We should not display progress /
status section, but only print warnings and errors. status section, but only print warnings and errors.
## Returning future proof JSON
The schema of JSON output should allow for backwards compatible extension. This section explains how to achieve this.
Two definitions are helpful here, because while JSON only defines one "key-value"
object type, we use it to cover two use cases:
- **dictionary**: a map from names to value that all have the same type. In
C++ this would be a `std::map` with string keys.
- **record**: a fixed set of attributes each with their own type. In C++, this
would be represented by a `struct`.
It is best not to mix these use cases, as that may lead to incompatibilities when the schema changes. For example, adding a record field to a dictionary breaks consumers that assume all JSON object fields to have the same meaning and type.
This leads to the following guidelines:
- The top-level (root) value must be a record.
Otherwise, one can not change the structure of a command's output.
- The value of a dictionary item must be a record.
Otherwise, the item type can not be extended.
- List items should be records.
Otherwise, one can not change the structure of the list items.
If the order of the items does not matter, and each item has a unique key that is a string, consider representing the list as a dictionary instead. If the order of the items needs to be preserved, return a list of records.
- Streaming JSON should return records.
An example of a streaming JSON format is [JSON lines](https://jsonlines.org/), where each line represents a JSON value. These JSON values can be considered top-level values or list items, and they must be records.
### Examples
This is bad, because all keys must be assumed to be store implementations:
```json
{
"local": { ... },
"remote": { ... },
"http": { ... }
}
```
This is good, because the it is extensible at the root, and is somewhat self-documenting:
```json
{
"storeTypes": { "local": { ... }, ... },
"pluginSupport": true
}
```
While the dictionary of store types seems like a very complete response at first, a use case may arise that warrants returning additional information.
For example, the presence of plugin support may be crucial information for a client to proceed when their desired store type is missing.
The following representation is bad because it is not extensible:
```json
{ "outputs": [ "out" "bin" ] }
```
However, simply converting everything to records is not enough, because the order of outputs must be preserved:
```json
{ "outputs": { "bin": {}, "out": {} } }
```
The first item is the default output. Deriving this information from the outputs ordering is not great, but this is how Nix currently happens to work.
While it is possible for a JSON parser to preserve the order of fields, we can not rely on this capability to be present in all JSON libraries.
This representation is extensible and preserves the ordering:
```json
{ "outputs": [ { "outputName": "out" }, { "outputName": "bin" } ] }
```
## Dialog with the user ## Dialog with the user
CLIs don't always make it clear when an action has taken place. For every CLIs don't always make it clear when an action has taken place. For every

95
doc/manual/src/contributing/experimental-features.md Normal file
View file

@ -0,0 +1,95 @@
This section describes the notion of *experimental features*, and how it fits into the big picture of the development of Nix.
# What are experimental features?
Experimental features are considered unstable, which means that they can be changed or removed at any time.
Users must explicitly enable them by toggling the associated [experimental feature flags](@docroot@/command-ref/conf-file.md#conf-experimental-features).
This allows accessing unstable functionality without unwittingly relying on it.
Experimental feature flags were first introduced in [Nix 2.4](@docroot@/release-notes/rl-2.4.md).
Before that, Nix did have experimental features, but they were not guarded by flags and were merely documented as unstable.
This was a source of confusion and controversy.
# When should a new feature be marked experimental?
A change in the Nix codebase should be guarded by an experimental feature flag if it is considered likely to be reverted or adapted in a backwards-incompatible manner after gathering more experience with it in practice.
Examples:
- Changes to the Nix language, such as new built-ins, syntactic or semantic changes, etc.
- Changes to the command-line interface
# Lifecycle of an experimental feature
Experimental features have to be treated on a case-by-case basis.
However, the standard workflow for an experimental feature is as follows:
- A new feature is implemented in a *pull request*
- It is guarded by an experimental feature flag that is disabled by default
- The pull request is merged, the *experimental* feature ends up in a release
- Using the feature requires explicitly enabling it, signifying awareness of the potential risks
- Being experimental, the feature can still be changed arbitrarily
- The feature can be *removed*
- The associated experimental feature flag is also removed
- The feature can be declared *stable*
- The associated experimental feature flag is removed
- There should be enough evidence of users having tried the feature, such as feedback, fixed bugs, demonstrations of how it is put to use
- Maintainers must feel confident that:
- The feature is designed and implemented sensibly, that it is fit for purpose
- Potential interactions are well-understood
- Stabilising the feature will not incur an outsized maintenance burden in the future
The following diagram illustrates the process:
```
.------.
| idea |
'------'
|
discussion, design, implementation
|
| .-------.
| | |
v v |
.--------------. review
| pull request | |
'--------------' |
| ^ | |
| | '-------'
.---' '----.
| |
merge user feedback,
| (breaking) changes
| |
'---. .----'
| |
v |
+--------------+
.---| experimental |----.
| +--------------+ |
| |
decision to stabilise decision against
| keeping the feature
| |
v v
+--------+ +---------+
| stable | | removed |
+--------+ +---------+
```
# Relation to the RFC process
Experimental features and [RFCs](https://github.com/NixOS/rfcs/) both allow approaching substantial changes while minimizing the risk.
However they serve different purposes:
- An experimental feature enables developers to iterate on and deliver a new idea without committing to it or requiring a costly long-running fork.
It is primarily an issue of *implementation*, targeting Nix developers and early testers.
- The goal of an RFC is to make explicit all the implications of a change:
Explain why it is wanted, which new use-cases it enables, which interface changes it requires, etc.
It is primarily an issue of *design* and *communication*, targeting the broader community.
This means that experimental features and RFCs are orthogonal mechanisms, and can be used independently or together as needed.
# Currently available experimental features
{{#include ./experimental-feature-descriptions.md}}

32
doc/manual/src/contributing/hacking.md
View file

@ -389,3 +389,35 @@ If a broken link occurs in a snippet that was inserted into multiple generated f
If the `@docroot@` literal appears in an error message from the `mdbook-linkcheck` tool, the `@docroot@` replacement needs to be applied to the generated source file that mentions it. If the `@docroot@` literal appears in an error message from the `mdbook-linkcheck` tool, the `@docroot@` replacement needs to be applied to the generated source file that mentions it.
See existing `@docroot@` logic in the [Makefile]. See existing `@docroot@` logic in the [Makefile].
Regular markdown files used for the manual have a base path of their own and they can use relative paths instead of `@docroot@`. Regular markdown files used for the manual have a base path of their own and they can use relative paths instead of `@docroot@`.
## API documentation
Doxygen API documentation is [available
online](https://hydra.nixos.org/job/nix/master/internal-api-docs/latest/download-by-type/doc/internal-api-docs). You
can also build and view it yourself:
```console
# nix build .#hydraJobs.internal-api-docs
# xdg-open ./result/share/doc/nix/internal-api/html/index.html
```
or inside a `nix develop` shell by running:
```
# make internal-api-html
# xdg-open ./outputs/doc/share/doc/nix/internal-api/html/index.html
```
## Coverage analysis
A coverage analysis report is [available
online](https://hydra.nixos.org/job/nix/master/coverage/latest/download-by-type/report/coverage). You
can build it yourself:
```
# nix build .#hydraJobs.coverage
# xdg-open ./result/coverage/index.html
```
Metrics about the change in line/function coverage over time are also
[available](https://hydra.nixos.org/job/nix/master/coverage#tabs-charts).

56
doc/manual/src/glossary.md
View file

@ -15,7 +15,7 @@
Example: `/nix/store/g946hcz4c8mdvq2g8vxx42z51qb71rvp-git-2.38.1.drv` Example: `/nix/store/g946hcz4c8mdvq2g8vxx42z51qb71rvp-git-2.38.1.drv`
See [`nix show-derivation`](./command-ref/new-cli/nix3-show-derivation.md) (experimental) for displaying the contents of store derivations. See [`nix derivation show`](./command-ref/new-cli/nix3-derivation-show.md) (experimental) for displaying the contents of store derivations.
[store derivation]: #gloss-store-derivation [store derivation]: #gloss-store-derivation
@ -31,7 +31,7 @@
This means either running the `builder` executable as specified in the corresponding [derivation] or fetching a pre-built [store object] from a [substituter]. This means either running the `builder` executable as specified in the corresponding [derivation] or fetching a pre-built [store object] from a [substituter].
See [`nix-build`](./command-ref/nix-build.md) and [`nix-store --realise`](./command-ref/nix-store.md#operation---realise). See [`nix-build`](./command-ref/nix-build.md) and [`nix-store --realise`](@docroot@/command-ref/nix-store/realise.md).
See [`nix build`](./command-ref/new-cli/nix3-build.md) (experimental). See [`nix build`](./command-ref/new-cli/nix3-build.md) (experimental).
@ -54,7 +54,7 @@
invoked, the Nix store can be referred to invoked, the Nix store can be referred to
as a "_local_" or a "_remote_" one: as a "_local_" or a "_remote_" one:
+ A *local store* exists on the filesystem of + A [local store]{#gloss-local-store} exists on the filesystem of
the machine where Nix is invoked. You can use other the machine where Nix is invoked. You can use other
local stores by passing the `--store` flag to the local stores by passing the `--store` flag to the
`nix` command. Local stores can be used for building derivations. `nix` command. Local stores can be used for building derivations.
@ -65,17 +65,17 @@
served by the `nix-serve` Perl script. served by the `nix-serve` Perl script.
[store]: #gloss-store [store]: #gloss-store
[local store]: #gloss-local-store
- [chroot store]{#gloss-chroot-store}\ - [chroot store]{#gloss-chroot-store}\
A local store whose canonical path is anything other than `/nix/store`. A [local store] whose canonical path is anything other than `/nix/store`.
- [binary cache]{#gloss-binary-cache}\ - [binary cache]{#gloss-binary-cache}\
A *binary cache* is a Nix store which uses a different format: its A *binary cache* is a Nix store which uses a different format: its
metadata and signatures are kept in `.narinfo` files rather than in a metadata and signatures are kept in `.narinfo` files rather than in a
Nix database. This different format simplifies serving store objects [Nix database]. This different format simplifies serving store objects
over the network, but cannot host builds. Examples of binary caches over the network, but cannot host builds. Examples of binary caches
include S3 buckets and the [NixOS binary include S3 buckets and the [NixOS binary cache](https://cache.nixos.org).
cache](https://cache.nixos.org).
- [store path]{#gloss-store-path}\ - [store path]{#gloss-store-path}\
The location of a [store object] in the file system, i.e., an The location of a [store object] in the file system, i.e., an
@ -108,7 +108,7 @@
[fixed-output derivations](#gloss-fixed-output-derivation). [fixed-output derivations](#gloss-fixed-output-derivation).
- [substitute]{#gloss-substitute}\ - [substitute]{#gloss-substitute}\
A substitute is a command invocation stored in the Nix database that A substitute is a command invocation stored in the [Nix database] that
describes how to build a store object, bypassing the normal build describes how to build a store object, bypassing the normal build
mechanism (i.e., derivations). Typically, the substitute builds the mechanism (i.e., derivations). Typically, the substitute builds the
store object by downloading a pre-built version of the store object store object by downloading a pre-built version of the store object
@ -127,6 +127,14 @@
builder can rely on external inputs such as the network or the builder can rely on external inputs such as the network or the
system time) but the Nix model assumes it. system time) but the Nix model assumes it.
- [Nix database]{#gloss-nix-database}\
An SQlite database to track [reference]s between [store object]s.
This is an implementation detail of the [local store].
Default location: `/nix/var/nix/db`.
[Nix database]: #gloss-nix-database
- [Nix expression]{#gloss-nix-expression}\ - [Nix expression]{#gloss-nix-expression}\
A high-level description of software packages and compositions A high-level description of software packages and compositions
thereof. Deploying software using Nix entails writing Nix thereof. Deploying software using Nix entails writing Nix
@ -135,14 +143,13 @@
then be built. then be built.
- [reference]{#gloss-reference}\ - [reference]{#gloss-reference}\
A store path `P` is said to have a reference to a store path `Q` if A [store object] `O` is said to have a *reference* to a store object `P` if a [store path] to `P` appears in the contents of `O`.
the store object at `P` contains the path `Q` somewhere. The
*references* of a store path are the set of store paths to which it
has a reference.
A derivation can reference other derivations and sources (but not Store objects can refer to both other store objects and themselves.
output paths), whereas an output path only references other output References from a store object to itself are called *self-references*.
paths. References other than a self-reference must not form a cycle.
[reference]: #gloss-reference
- [reachable]{#gloss-reachable}\ - [reachable]{#gloss-reachable}\
A store path `Q` is reachable from another store path `P` if `Q` A store path `Q` is reachable from another store path `P` if `Q`
@ -159,8 +166,8 @@
files could be missing. The command `nix-store -qR` prints out files could be missing. The command `nix-store -qR` prints out
closures of store paths. closures of store paths.
As an example, if the store object at path `P` contains a reference As an example, if the [store object] at path `P` contains a [reference]
to path `Q`, then `Q` is in the closure of `P`. Further, if `Q` to a store object at path `Q`, then `Q` is in the closure of `P`. Further, if `Q`
references `R` then `R` is also in the closure of `P`. references `R` then `R` is also in the closure of `P`.
[closure]: #gloss-closure [closure]: #gloss-closure
@ -176,9 +183,9 @@
- [validity]{#gloss-validity}\ - [validity]{#gloss-validity}\
A store path is valid if all [store object]s in its [closure] can be read from the [store]. A store path is valid if all [store object]s in its [closure] can be read from the [store].
For a local store, this means: For a [local store], this means:
- The store path leads to an existing [store object] in that [store]. - The store path leads to an existing [store object] in that [store].
- The store path is listed in the Nix database as being valid. - The store path is listed in the [Nix database] as being valid.
- All paths in the store path's [closure] are valid. - All paths in the store path's [closure] are valid.
[validity]: #gloss-validity [validity]: #gloss-validity
@ -193,6 +200,11 @@
A symlink to the current *user environment* of a user, e.g., A symlink to the current *user environment* of a user, e.g.,
`/nix/var/nix/profiles/default`. `/nix/var/nix/profiles/default`.
- [installable]{#gloss-installable}\
Something that can be realised in the Nix store.
See [installables](./command-ref/new-cli/nix.md#installables) for [`nix` commands](./command-ref/new-cli/nix.md) (experimental) for details.
- [NAR]{#gloss-nar}\ - [NAR]{#gloss-nar}\
A *N*ix *AR*chive. This is a serialisation of a path in the Nix A *N*ix *AR*chive. This is a serialisation of a path in the Nix
store. It can contain regular files, directories and symbolic store. It can contain regular files, directories and symbolic
@ -213,3 +225,9 @@
[string]: ./language/values.md#type-string [string]: ./language/values.md#type-string
[path]: ./language/values.md#type-path [path]: ./language/values.md#type-path
[attribute name]: ./language/values.md#attribute-set [attribute name]: ./language/values.md#attribute-set
- [experimental feature]{#gloss-experimental-feature}\
Not yet stabilized functionality guarded by named experimental feature flags.
These flags are enabled or disabled with the [`experimental-features`](./command-ref/conf-file.html#conf-experimental-features) setting.
See the contribution guide on the [purpose and lifecycle of experimental feaures](@docroot@/contributing/experimental-features.md).

11
doc/manual/src/installation/env-variables.md
View file

@ -42,14 +42,11 @@ export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt
> You must not add the export and then do the install, as the Nix > You must not add the export and then do the install, as the Nix
> installer will detect the presence of Nix configuration, and abort. > installer will detect the presence of Nix configuration, and abort.
## `NIX_SSL_CERT_FILE` with macOS and the Nix daemon If you use the Nix daemon, you should also add the following to
`/etc/nix/nix.conf`:
On macOS you must specify the environment variable for the Nix daemon ```
service, then restart it: ssl-cert-file = /etc/ssl/my-certificate-bundle.crt
```console
$ sudo launchctl setenv NIX_SSL_CERT_FILE /etc/ssl/my-certificate-bundle.crt
$ sudo launchctl kickstart -k system/org.nixos.nix-daemon
``` ```
## Proxy Environment Variables ## Proxy Environment Variables

167
doc/manual/src/installation/installing-binary.md
View file

@ -47,12 +47,6 @@ The install script will modify the first writable file from amongst
`NIX_INSTALLER_NO_MODIFY_PROFILE` environment variable before executing `NIX_INSTALLER_NO_MODIFY_PROFILE` environment variable before executing
the install script to disable this behaviour. the install script to disable this behaviour.
You can uninstall Nix simply by running:
```console
$ rm -rf /nix
```
# Multi User Installation # Multi User Installation
The multi-user Nix installation creates system users, and a system The multi-user Nix installation creates system users, and a system
@ -84,154 +78,8 @@ The installer will modify `/etc/bashrc`, and `/etc/zshrc` if they exist.
The installer will first back up these files with a `.backup-before-nix` The installer will first back up these files with a `.backup-before-nix`
extension. The installer will also create `/etc/profile.d/nix.sh`. extension. The installer will also create `/etc/profile.d/nix.sh`.
## Uninstalling
### Linux
If you are on Linux with systemd:
1. Remove the Nix daemon service:
```console
sudo systemctl stop nix-daemon.service
sudo systemctl disable nix-daemon.socket nix-daemon.service
sudo systemctl daemon-reload
```
1. Remove systemd service files:
```console
sudo rm /etc/systemd/system/nix-daemon.service /etc/systemd/system/nix-daemon.socket
```
1. The installer script uses systemd-tmpfiles to create the socket directory.
You may also want to remove the configuration for that:
```console
sudo rm /etc/tmpfiles.d/nix-daemon.conf
```
Remove files created by Nix:
```console
sudo rm -rf /nix /etc/nix /etc/profile/nix.sh ~root/.nix-profile ~root/.nix-defexpr ~root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels
```
Remove build users and their group:
```console
for i in $(seq 1 32); do
sudo userdel nixbld$i
done
sudo groupdel nixbld
```
There may also be references to Nix in
- `/etc/profile`
- `/etc/bashrc`
- `/etc/zshrc`
which you may remove.
### macOS
1. Edit `/etc/zshrc` and `/etc/bashrc` to remove the lines sourcing
`nix-daemon.sh`, which should look like this:
```bash
# Nix
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
. '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi
# End Nix
```
If these files haven't been altered since installing Nix you can simply put
the backups back in place:
```console
sudo mv /etc/zshrc.backup-before-nix /etc/zshrc
sudo mv /etc/bashrc.backup-before-nix /etc/bashrc
```
This will stop shells from sourcing the file and bringing everything you
installed using Nix in scope.
2. Stop and remove the Nix daemon services:
```console
sudo launchctl unload /Library/LaunchDaemons/org.nixos.nix-daemon.plist
sudo rm /Library/LaunchDaemons/org.nixos.nix-daemon.plist
sudo launchctl unload /Library/LaunchDaemons/org.nixos.darwin-store.plist
sudo rm /Library/LaunchDaemons/org.nixos.darwin-store.plist
```
This stops the Nix daemon and prevents it from being started next time you
boot the system.
3. Remove the `nixbld` group and the `_nixbuildN` users:
```console
sudo dscl . -delete /Groups/nixbld
for u in $(sudo dscl . -list /Users | grep _nixbld); do sudo dscl . -delete /Users/$u; done
```
This will remove all the build users that no longer serve a purpose.
4. Edit fstab using `sudo vifs` to remove the line mounting the Nix Store
volume on `/nix`, which looks like
`UUID=<uuid> /nix apfs rw,noauto,nobrowse,suid,owners` or
`LABEL=Nix\040Store /nix apfs rw,nobrowse`. This will prevent automatic
mounting of the Nix Store volume.
5. Edit `/etc/synthetic.conf` to remove the `nix` line. If this is the only
line in the file you can remove it entirely, `sudo rm /etc/synthetic.conf`.
This will prevent the creation of the empty `/nix` directory to provide a
mountpoint for the Nix Store volume.
6. Remove the files Nix added to your system:
```console
sudo rm -rf /etc/nix /var/root/.nix-profile /var/root/.nix-defexpr /var/root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels
```
This gets rid of any data Nix may have created except for the store which is
removed next.
7. Remove the Nix Store volume:
```console
sudo diskutil apfs deleteVolume /nix
```
This will remove the Nix Store volume and everything that was added to the
store.
If the output indicates that the command couldn't remove the volume, you should
make sure you don't have an _unmounted_ Nix Store volume. Look for a
"Nix Store" volume in the output of the following command:
```console
diskutil list
```
If you _do_ see a "Nix Store" volume, delete it by re-running the diskutil
deleteVolume command, but replace `/nix` with the store volume's `diskXsY`
identifier.
> **Note**
>
> After you complete the steps here, you will still have an empty `/nix`
> directory. This is an expected sign of a successful uninstall. The empty
> `/nix` directory will disappear the next time you reboot.
>
> You do not have to reboot to finish uninstalling Nix. The uninstall is
> complete. macOS (Catalina+) directly controls root directories and its
> read-only root will prevent you from manually deleting the empty `/nix`
> mountpoint.
# macOS Installation # macOS Installation
[]{#sect-macos-installation-change-store-prefix}[]{#sect-macos-installation-encrypted-volume}[]{#sect-macos-installation-symlink}[]{#sect-macos-installation-recommended-notes} []{#sect-macos-installation-change-store-prefix}[]{#sect-macos-installation-encrypted-volume}[]{#sect-macos-installation-symlink}[]{#sect-macos-installation-recommended-notes}
<!-- Note: anchors above to catch permalinks to old explanations --> <!-- Note: anchors above to catch permalinks to old explanations -->
@ -280,19 +128,16 @@ this to run the installer, but it may help if you run into trouble:
# Installing a pinned Nix version from a URL # Installing a pinned Nix version from a URL
NixOS.org hosts version-specific installation URLs for all Nix versions Version-specific installation URLs for all Nix versions
since 1.11.16, at `https://releases.nixos.org/nix/nix-version/install`. since 1.11.16 can be found at [releases.nixos.org](https://releases.nixos.org/?prefix=nix/).
The corresponding SHA-256 hash can be found in the directory for the given version.
These install scripts can be used the same as the main NixOS.org These install scripts can be used the same as usual:
installation script:
```console ```console
$ curl -L https://nixos.org/nix/install | sh $ curl -L https://releases.nixos.org/nix/nix-<version>/install | sh
``` ```
In the same directory of the install script are sha256 sums, and gpg
signature files.
# Installing from a binary tarball # Installing from a binary tarball
You can also download a binary tarball that contains Nix and all its You can also download a binary tarball that contains Nix and all its

5
doc/manual/src/installation/prerequisites-source.md
View file

@ -71,3 +71,8 @@
<http://libcpuid.sourceforge.net>. <http://libcpuid.sourceforge.net>.
This is an optional dependency and can be disabled This is an optional dependency and can be disabled
by providing a `--disable-cpuid` to the `configure` script. by providing a `--disable-cpuid` to the `configure` script.
- Unless `./configure --disable-tests` is specified, GoogleTest (GTest) and
RapidCheck are required, which are available at
<https://google.github.io/googletest/> and
<https://github.com/emil-e/rapidcheck> respectively.

159
doc/manual/src/installation/uninstall.md Normal file
View file

@ -0,0 +1,159 @@
# Uninstalling Nix
## Single User
If you have a [single-user installation](./installing-binary.md#single-user-installation) of Nix, uninstall it by running:
```console
$ rm -rf /nix
```
## Multi User
Removing a [multi-user installation](./installing-binary.md#multi-user-installation) of Nix is more involved, and depends on the operating system.
### Linux
If you are on Linux with systemd:
1. Remove the Nix daemon service:
```console
sudo systemctl stop nix-daemon.service
sudo systemctl disable nix-daemon.socket nix-daemon.service
sudo systemctl daemon-reload
```
1. Remove systemd service files:
```console
sudo rm /etc/systemd/system/nix-daemon.service /etc/systemd/system/nix-daemon.socket
```
1. The installer script uses systemd-tmpfiles to create the socket directory.
You may also want to remove the configuration for that:
```console
sudo rm /etc/tmpfiles.d/nix-daemon.conf
```
Remove files created by Nix:
```console
sudo rm -rf /nix /etc/nix /etc/profile/nix.sh ~root/.nix-profile ~root/.nix-defexpr ~root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels
```
Remove build users and their group:
```console
for i in $(seq 1 32); do
sudo userdel nixbld$i
done
sudo groupdel nixbld
```
There may also be references to Nix in
- `/etc/profile`
- `/etc/bashrc`
- `/etc/zshrc`
which you may remove.
### macOS
1. Edit `/etc/zshrc`, `/etc/bashrc`, and `/etc/bash.bashrc` to remove the lines sourcing `nix-daemon.sh`, which should look like this:
```bash
# Nix
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
. '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi
# End Nix
```
If these files haven't been altered since installing Nix you can simply put
the backups back in place:
```console
sudo mv /etc/zshrc.backup-before-nix /etc/zshrc
sudo mv /etc/bashrc.backup-before-nix /etc/bashrc
sudo mv /etc/bash.bashrc.backup-before-nix /etc/bash.bashrc
```
This will stop shells from sourcing the file and bringing everything you
installed using Nix in scope.
2. Stop and remove the Nix daemon services:
```console
sudo launchctl unload /Library/LaunchDaemons/org.nixos.nix-daemon.plist
sudo rm /Library/LaunchDaemons/org.nixos.nix-daemon.plist
sudo launchctl unload /Library/LaunchDaemons/org.nixos.darwin-store.plist
sudo rm /Library/LaunchDaemons/org.nixos.darwin-store.plist
```
This stops the Nix daemon and prevents it from being started next time you
boot the system.
3. Remove the `nixbld` group and the `_nixbuildN` users:
```console
sudo dscl . -delete /Groups/nixbld
for u in $(sudo dscl . -list /Users | grep _nixbld); do sudo dscl . -delete /Users/$u; done
```
This will remove all the build users that no longer serve a purpose.
4. Edit fstab using `sudo vifs` to remove the line mounting the Nix Store
volume on `/nix`, which looks like
`UUID=<uuid> /nix apfs rw,noauto,nobrowse,suid,owners` or
`LABEL=Nix\040Store /nix apfs rw,nobrowse`. This will prevent automatic
mounting of the Nix Store volume.
5. Edit `/etc/synthetic.conf` to remove the `nix` line. If this is the only
line in the file you can remove it entirely, `sudo rm /etc/synthetic.conf`.
This will prevent the creation of the empty `/nix` directory to provide a
mountpoint for the Nix Store volume.
6. Remove the files Nix added to your system:
```console
sudo rm -rf /etc/nix /var/root/.nix-profile /var/root/.nix-defexpr /var/root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels
```
This gets rid of any data Nix may have created except for the store which is
removed next.
7. Remove the Nix Store volume:
```console
sudo diskutil apfs deleteVolume /nix
```
This will remove the Nix Store volume and everything that was added to the
store.
If the output indicates that the command couldn't remove the volume, you should
make sure you don't have an _unmounted_ Nix Store volume. Look for a
"Nix Store" volume in the output of the following command:
```console
diskutil list
```
If you _do_ see a "Nix Store" volume, delete it by re-running the diskutil
deleteVolume command, but replace `/nix` with the store volume's `diskXsY`
identifier.
> **Note**
>
> After you complete the steps here, you will still have an empty `/nix`
> directory. This is an expected sign of a successful uninstall. The empty
> `/nix` directory will disappear the next time you reboot.
>
> You do not have to reboot to finish uninstalling Nix. The uninstall is
> complete. macOS (Catalina+) directly controls root directories and its
> read-only root will prevent you from manually deleting the empty `/nix`
> mountpoint.

29
doc/manual/src/language/advanced-attributes.md
View file

@ -198,8 +198,7 @@ Derivations can declare some infrequently used optional attributes.
- `"recursive"`\ - `"recursive"`\
The hash is computed over the NAR archive dump of the output The hash is computed over the NAR archive dump of the output
(i.e., the result of [`nix-store (i.e., the result of [`nix-store --dump`](@docroot@/command-ref/nix-store/dump.md)). In
--dump`](../command-ref/nix-store.md#operation---dump)). In
this case, the output can be anything, including a directory this case, the output can be anything, including a directory
tree. tree.
@ -209,12 +208,26 @@ Derivations can declare some infrequently used optional attributes.
about converting to and from base-32 notation.) about converting to and from base-32 notation.)
- [`__contentAddressed`]{#adv-attr-__contentAddressed} - [`__contentAddressed`]{#adv-attr-__contentAddressed}
If this **experimental** attribute is set to true, then the derivation > **Warning**
> This attribute is part of an [experimental feature](@docroot@/contributing/experimental-features.md).
>
> To use this attribute, you must enable the
> [`ca-derivations`](@docroot@/contributing/experimental-features.md#xp-feature-ca-derivations) experimental feature.
> For example, in [nix.conf](../command-ref/conf-file.md) you could add:
>
> ```
> extra-experimental-features = ca-derivations
> ```
If this attribute is set to `true`, then the derivation
outputs will be stored in a content-addressed location rather than the outputs will be stored in a content-addressed location rather than the
traditional input-addressed one. traditional input-addressed one.
This only has an effect if the `ca-derivations` experimental feature is enabled.
Setting this attribute also requires setting `outputHashMode` and `outputHashAlgo` like for *fixed-output derivations* (see above). Setting this attribute also requires setting
[`outputHashMode`](#adv-attr-outputHashMode)
and
[`outputHashAlgo`](#adv-attr-outputHashAlgo)
like for *fixed-output derivations* (see above).
- [`passAsFile`]{#adv-attr-passAsFile}\ - [`passAsFile`]{#adv-attr-passAsFile}\
A list of names of attributes that should be passed via files rather A list of names of attributes that should be passed via files rather
@ -308,9 +321,11 @@ Derivations can declare some infrequently used optional attributes.
- [`unsafeDiscardReferences`]{#adv-attr-unsafeDiscardReferences}\ - [`unsafeDiscardReferences`]{#adv-attr-unsafeDiscardReferences}\
> **Warning** > **Warning**
> This is an experimental feature. > This attribute is part of an [experimental feature](@docroot@/contributing/experimental-features.md).
> >
> To enable it, add the following to [nix.conf](../command-ref/conf-file.md): > To use this attribute, you must enable the
> [`discard-references`](@docroot@/contributing/experimental-features.md#xp-feature-discard-references) experimental feature.
> For example, in [nix.conf](../command-ref/conf-file.md) you could add:
> >
> ``` > ```
> extra-experimental-features = discard-references > extra-experimental-features = discard-references

4
doc/manual/src/language/operators.md
View file

@ -43,8 +43,8 @@ If the attribute doesnt exist, return *value* if provided, otherwise abort ev
An attribute path is a dot-separated list of attribute names. An attribute path is a dot-separated list of attribute names.
An attribute name can be an identifier or a string. An attribute name can be an identifier or a string.
> *attrpath* = *name* [ `.` *name* ]... > *attrpath* = *name* [ `.` *name* ]... \
> *name* = *identifier* | *string* > *name* = *identifier* | *string* \
> *identifier* ~ `[a-zA-Z_][a-zA-Z0-9_'-]*` > *identifier* ~ `[a-zA-Z_][a-zA-Z0-9_'-]*`
[Attribute selection]: #attribute-selection [Attribute selection]: #attribute-selection

2
doc/manual/src/language/values.md
View file

@ -205,7 +205,7 @@ You can use arbitrary double-quoted strings as attribute names:
``` ```
```nix ```nix
let bar = "bar"; let bar = "bar"; in
{ "foo ${bar}" = 123; }."foo ${bar}" { "foo ${bar}" = 123; }."foo ${bar}"
``` ```

34
doc/manual/src/package-management/s3-substituter.md
View file

@ -1,41 +1,11 @@
# Serving a Nix store via S3 # Serving a Nix store via S3
Nix has built-in support for storing and fetching store paths from Nix has [built-in support](@docroot@/command-ref/new-cli/nix3-help-stores.md#s3-binary-cache-store)
for storing and fetching store paths from
Amazon S3 and S3-compatible services. This uses the same *binary* Amazon S3 and S3-compatible services. This uses the same *binary*
cache mechanism that Nix usually uses to fetch prebuilt binaries from cache mechanism that Nix usually uses to fetch prebuilt binaries from
[cache.nixos.org](https://cache.nixos.org/). [cache.nixos.org](https://cache.nixos.org/).
The following options can be specified as URL parameters to the S3 URL:
- `profile`\
The name of the AWS configuration profile to use. By default Nix
will use the `default` profile.
- `region`\
The region of the S3 bucket. `useast-1` by default.
If your bucket is not in `useast-1`, you should always explicitly
specify the region parameter.
- `endpoint`\
The URL to your S3-compatible service, for when not using Amazon S3.
Do not specify this value if you're using Amazon S3.
> **Note**
>
> This endpoint must support HTTPS and will use path-based
> addressing instead of virtual host based addressing.
- `scheme`\
The scheme used for S3 requests, `https` (default) or `http`. This
option allows you to disable HTTPS for binary caches which don't
support it.
> **Note**
>
> HTTPS should be used if the cache might contain sensitive
> information.
In this example we will use the bucket named `example-nix-cache`. In this example we will use the bucket named `example-nix-cache`.
## Anonymous Reads to your S3-compatible binary cache ## Anonymous Reads to your S3-compatible binary cache

12
doc/manual/src/quick-start.md
View file

@ -19,7 +19,7 @@ to subsequent chapters.
channel: channel:
```console ```console
$ nix-env -qaP $ nix-env --query --available --attr-path
nixpkgs.docbook_xml_dtd_43 docbook-xml-4.3 nixpkgs.docbook_xml_dtd_43 docbook-xml-4.3
nixpkgs.docbook_xml_dtd_45 docbook-xml-4.5 nixpkgs.docbook_xml_dtd_45 docbook-xml-4.5
nixpkgs.firefox firefox-33.0.2 nixpkgs.firefox firefox-33.0.2
@ -31,7 +31,7 @@ to subsequent chapters.
1. Install some packages from the channel: 1. Install some packages from the channel:
```console ```console
$ nix-env -iA nixpkgs.hello $ nix-env --install --attr nixpkgs.hello
``` ```
This should download pre-built packages; it should not build them This should download pre-built packages; it should not build them
@ -49,13 +49,13 @@ to subsequent chapters.
1. Uninstall a package: 1. Uninstall a package:
```console ```console
$ nix-env -e hello $ nix-env --uninstall hello
``` ```
1. You can also test a package without installing it: 1. You can also test a package without installing it:
```console ```console
$ nix-shell -p hello $ nix-shell --packages hello
``` ```
This builds or downloads GNU Hello and its dependencies, then drops This builds or downloads GNU Hello and its dependencies, then drops
@ -76,7 +76,7 @@ to subsequent chapters.
```console ```console
$ nix-channel --update nixpkgs $ nix-channel --update nixpkgs
$ nix-env -u '*' $ nix-env --upgrade '*'
``` ```
The latter command will upgrade each installed package for which The latter command will upgrade each installed package for which
@ -95,5 +95,5 @@ to subsequent chapters.
them: them:
```console ```console
$ nix-collect-garbage -d $ nix-collect-garbage --delete-old
``` ```

22
doc/manual/src/release-notes/rl-2.14.md Normal file
View file

@ -0,0 +1,22 @@
# Release 2.14 (2023-02-28)
* A new function `builtins.readFileType` is available. It is similar to
`builtins.readDir` but acts on a single file or directory.
* In flakes, the `.outPath` attribute of a flake now always refers to
the directory containing the `flake.nix`. This was not the case for
when `flake.nix` was in a subdirectory of e.g. a Git repository.
The root of the source of a flake in a subdirectory is still
available in `.sourceInfo.outPath`.
* In derivations that use structured attributes, you can now use `unsafeDiscardReferences`
to disable scanning a given output for runtime dependencies:
```nix
__structuredAttrs = true;
unsafeDiscardReferences.out = true;
```
This is useful e.g. when generating self-contained filesystem images with
their own embedded Nix store: hashes found inside such an image refer
to the embedded store and not to the host's Nix store.
This requires the `discard-references` experimental feature.

58
doc/manual/src/release-notes/rl-2.15.md Normal file
View file

@ -0,0 +1,58 @@
# Release 2.15 (2023-04-11)
* Commands which take installables on the command line can now read them from the standard input if
passed the `--stdin` flag. This is primarily useful when you have a large amount of paths which
exceed the OS argument limit.
* The `nix-hash` command now supports Base64 and SRI. Use the flags `--base64`
or `--sri` to specify the format of output hash as Base64 or SRI, and `--to-base64`
or `--to-sri` to convert a hash to Base64 or SRI format, respectively.
As the choice of hash formats is no longer binary, the `--base16` flag is also added
to explicitly specify the Base16 format, which is still the default.
* The special handling of an [installable](../command-ref/new-cli/nix.md#installables) with `.drv` suffix being interpreted as all of the given [store derivation](../glossary.md#gloss-store-derivation)'s output paths is removed, and instead taken as the literal store path that it represents.
The new `^` syntax for store paths introduced in Nix 2.13 allows explicitly referencing output paths of a derivation.
Using this is better and more clear than relying on the now-removed `.drv` special handling.
For example,
```shell-session
$ nix path-info /nix/store/gzaflydcr6sb3567hap9q6srzx8ggdgg-glibc-2.33-78.drv
```
now gives info about the derivation itself, while
```shell-session
$ nix path-info /nix/store/gzaflydcr6sb3567hap9q6srzx8ggdgg-glibc-2.33-78.drv^*
```
provides information about each of its outputs.
* The experimental command `nix describe-stores` has been removed.
* Nix stores and their settings are now documented in [`nix help-stores`](@docroot@/command-ref/new-cli/nix3-help-stores.md).
* Documentation for operations of `nix-store` and `nix-env` are now available on separate pages of the manual.
They include all common options that can be specified and common environment variables that affect these commands.
These pages can be viewed offline with `man` using
* `man nix-store-<operation>` and `man nix-env-<operation>`
* `nix-store --help --<operation>` and `nix-env --help --<operation>`.
* Nix when used as a client now checks whether the store (the server) trusts the client.
(The store always had to check whether it trusts the client, but now the client is informed of the store's decision.)
This is useful for scripting interactions with (non-legacy-ssh) remote Nix stores.
`nix store ping` and `nix doctor` now display this information.
* The new command `nix derivation add` allows adding derivations to the store without involving the Nix language.
It exists to round out our collection of basic utility/plumbing commands, and allow for a low barrier-to-entry way of experimenting with alternative front-ends to the Nix Store.
It uses the same JSON layout as `nix derivation show`, and is its inverse.
* `nix show-derivation` has been renamed to `nix derivation show`.
This matches `nix derivation add`, and avoids bloating the top-level namespace.
The old name is still kept as an alias for compatibility, however.
* The `nix derivation {add,show}` JSON format now includes the derivation name as a top-level field.
This is useful in general, but especially necessary for the `add` direction, as otherwise we would need to pass in the name out of band for certain cases.

20
doc/manual/src/release-notes/rl-next.md
View file

@ -1,22 +1,2 @@
# Release X.Y (202?-??-??) # Release X.Y (202?-??-??)
* A new function `builtins.readFileType` is available. It is similar to
`builtins.readDir` but acts on a single file or directory.
* The `builtins.readDir` function has been optimized when encountering not-yet-known
file types from POSIX's `readdir`. In such cases the type of each file is/was
discovered by making multiple syscalls. This change makes these operations
lazy such that these lookups will only be performed if the attribute is used.
This optimization affects a minority of filesystems and operating systems.
* In derivations that use structured attributes, you can now use `unsafeDiscardReferences`
to disable scanning a given output for runtime dependencies:
```nix
__structuredAttrs = true;
unsafeDiscardReferences.out = true;
```
This is useful e.g. when generating self-contained filesystem images with
their own embedded Nix store: hashes found inside such an image refer
to the embedded store and not to the host's Nix store.
This requires the `discard-references` experimental feature.

65
doc/manual/utils.nix
View file

@ -5,6 +5,9 @@ rec {
concatStrings = concatStringsSep ""; concatStrings = concatStringsSep "";
attrsToList = a:
map (name: { inherit name; value = a.${name}; }) (builtins.attrNames a);
replaceStringsRec = from: to: string: replaceStringsRec = from: to: string:
# recursively replace occurrences of `from` with `to` within `string` # recursively replace occurrences of `from` with `to` within `string`
# example: # example:
@ -38,4 +41,66 @@ rec {
filterAttrs = pred: set: filterAttrs = pred: set:
listToAttrs (concatMap (name: let v = set.${name}; in if pred name v then [(nameValuePair name v)] else []) (attrNames set)); listToAttrs (concatMap (name: let v = set.${name}; in if pred name v then [(nameValuePair name v)] else []) (attrNames set));
optionalString = cond: string: if cond then string else "";
showSetting = { useAnchors }: name: { description, documentDefault, defaultValue, aliases, value, experimentalFeature }:
let
result = squash ''
- ${if useAnchors
then ''<span id="conf-${name}">[`${name}`](#conf-${name})</span>''
else ''`${name}`''}
${indent " " body}
'';
experimentalFeatureNote = optionalString (experimentalFeature != null) ''
> **Warning**
> This setting is part of an
> [experimental feature](@docroot@/contributing/experimental-features.md).
To change this setting, you need to make sure the corresponding experimental feature,
[`${experimentalFeature}`](@docroot@/contributing/experimental-features.md#xp-feature-${experimentalFeature}),
is enabled.
For example, include the following in [`nix.conf`](#):
```
extra-experimental-features = ${experimentalFeature}
${name} = ...
```
'';
# separate body to cleanly handle indentation
body = ''
${description}
${experimentalFeatureNote}
**Default:** ${showDefault documentDefault defaultValue}
${showAliases aliases}
'';
showDefault = documentDefault: defaultValue:
if documentDefault then
# a StringMap value type is specified as a string, but
# this shows the value type. The empty stringmap is `null` in
# JSON, but that converts to `{ }` here.
if defaultValue == "" || defaultValue == [] || isAttrs defaultValue
then "*empty*"
else if isBool defaultValue then
if defaultValue then "`true`" else "`false`"
else "`${toString defaultValue}`"
else "*machine-specific*";
showAliases = aliases:
optionalString (aliases != [])
"**Deprecated alias:** ${(concatStringsSep ", " (map (s: "`${s}`") aliases))}";
in result;
indent = prefix: s:
concatStringsSep "\n" (map (x: if x == "" then x else "${prefix}${x}") (splitLines s));
showSettings = args: settingsInfo: concatStrings (attrValues (mapAttrs (showSetting args) settingsInfo));
} }

12
docker.nix
View file

@ -8,6 +8,7 @@
, extraPkgs ? [] , extraPkgs ? []
, maxLayers ? 100 , maxLayers ? 100
, nixConf ? {} , nixConf ? {}
, flake-registry ? null
}: }:
let let
defaultPkgs = with pkgs; [ defaultPkgs = with pkgs; [
@ -247,7 +248,16 @@ let
mkdir -p $out/bin $out/usr/bin mkdir -p $out/bin $out/usr/bin
ln -s ${pkgs.coreutils}/bin/env $out/usr/bin/env ln -s ${pkgs.coreutils}/bin/env $out/usr/bin/env
ln -s ${pkgs.bashInteractive}/bin/bash $out/bin/sh ln -s ${pkgs.bashInteractive}/bin/bash $out/bin/sh
'';
'' + (lib.optionalString (flake-registry != null) ''
nixCacheDir="/root/.cache/nix"
mkdir -p $out$nixCacheDir
globalFlakeRegistryPath="$nixCacheDir/flake-registry.json"
ln -s ${flake-registry}/flake-registry.json $out$globalFlakeRegistryPath
mkdir -p $out/nix/var/nix/gcroots/auto
rootName=$(${pkgs.nix}/bin/nix --extra-experimental-features nix-command hash file --type sha1 --base32 <(echo -n $globalFlakeRegistryPath))
ln -s $globalFlakeRegistryPath $out/nix/var/nix/gcroots/auto/$rootName
'');
in in
pkgs.dockerTools.buildLayeredImageWithNixDb { pkgs.dockerTools.buildLayeredImageWithNixDb {

17
flake.lock
View file

@ -1,5 +1,21 @@
{ {
"nodes": { "nodes": {
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"lowdown-src": { "lowdown-src": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -50,6 +66,7 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"flake-compat": "flake-compat",
"lowdown-src": "lowdown-src", "lowdown-src": "lowdown-src",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-regression": "nixpkgs-regression" "nixpkgs-regression": "nixpkgs-regression"

112
flake.nix
View file

@ -4,8 +4,9 @@
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11-small"; inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11-small";
inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2"; inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2";
inputs.lowdown-src = { url = "github:kristapsdz/lowdown"; flake = false; }; inputs.lowdown-src = { url = "github:kristapsdz/lowdown"; flake = false; };
inputs.flake-compat = { url = "github:edolstra/flake-compat"; flake = false; };
outputs = { self, nixpkgs, nixpkgs-regression, lowdown-src }: outputs = { self, nixpkgs, nixpkgs-regression, lowdown-src, flake-compat }:
let let
inherit (nixpkgs) lib; inherit (nixpkgs) lib;
@ -89,9 +90,7 @@
}); });
configureFlags = configureFlags =
[ lib.optionals stdenv.isLinux [
"CXXFLAGS=-I${lib.getDev rapidcheck}/extras/gtest/include"
] ++ lib.optionals stdenv.isLinux [
"--with-boost=${boost}/lib" "--with-boost=${boost}/lib"
"--with-sandbox-shell=${sh}/bin/busybox" "--with-sandbox-shell=${sh}/bin/busybox"
] ]
@ -99,6 +98,14 @@
"LDFLAGS=-fuse-ld=gold" "LDFLAGS=-fuse-ld=gold"
]; ];
testConfigureFlags = [
"RAPIDCHECK_HEADERS=${lib.getDev rapidcheck}/extras/gtest/include"
];
internalApiDocsConfigureFlags = [
"--enable-internal-api-docs"
];
nativeBuildDeps = nativeBuildDeps =
[ [
buildPackages.bison buildPackages.bison
@ -124,13 +131,20 @@
libarchive libarchive
boost boost
lowdown-nix lowdown-nix
gtest
rapidcheck
] ]
++ lib.optionals stdenv.isLinux [libseccomp] ++ lib.optionals stdenv.isLinux [libseccomp]
++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium ++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium
++ lib.optional stdenv.hostPlatform.isx86_64 libcpuid; ++ lib.optional stdenv.hostPlatform.isx86_64 libcpuid;
checkDeps = [
gtest
rapidcheck
];
internalApiDocsDeps = [
buildPackages.doxygen
];
awsDeps = lib.optional (stdenv.isLinux || stdenv.isDarwin) awsDeps = lib.optional (stdenv.isLinux || stdenv.isDarwin)
(aws-sdk-cpp.override { (aws-sdk-cpp.override {
apis = ["s3" "transfer"]; apis = ["s3" "transfer"];
@ -200,11 +214,12 @@
VERSION_SUFFIX = versionSuffix; VERSION_SUFFIX = versionSuffix;
nativeBuildInputs = nativeBuildDeps; nativeBuildInputs = nativeBuildDeps;
buildInputs = buildDeps ++ awsDeps; buildInputs = buildDeps ++ awsDeps ++ checkDeps;
propagatedBuildInputs = propagatedDeps; propagatedBuildInputs = propagatedDeps;
enableParallelBuilding = true; enableParallelBuilding = true;
configureFlags = testConfigureFlags; # otherwise configure fails
dontBuild = true; dontBuild = true;
doInstallCheck = true; doInstallCheck = true;
@ -305,12 +320,18 @@
}; };
let let
canRunInstalled = currentStdenv.buildPlatform.canExecute currentStdenv.hostPlatform; canRunInstalled = currentStdenv.buildPlatform.canExecute currentStdenv.hostPlatform;
in currentStdenv.mkDerivation {
sourceByRegexInverted = rxs: origSrc: final.lib.cleanSourceWith {
filter = (path: type:
let relPath = final.lib.removePrefix (toString origSrc + "/") (toString path);
in ! lib.any (re: builtins.match re relPath != null) rxs);
src = origSrc;
};
in currentStdenv.mkDerivation (finalAttrs: {
name = "nix-super-${version}"; name = "nix-super-${version}";
inherit version; inherit version;
src = self; src = sourceByRegexInverted [ "tests/nixos/.*" "tests/installer/.*" ] self;
VERSION_SUFFIX = versionSuffix; VERSION_SUFFIX = versionSuffix;
outputs = [ "out" "dev" "doc" ]; outputs = [ "out" "dev" "doc" ];
@ -318,7 +339,8 @@
nativeBuildInputs = nativeBuildDeps; nativeBuildInputs = nativeBuildDeps;
buildInputs = buildDeps buildInputs = buildDeps
# There have been issues building these dependencies # There have been issues building these dependencies
++ lib.optionals (currentStdenv.hostPlatform == currentStdenv.buildPlatform) awsDeps; ++ lib.optionals (currentStdenv.hostPlatform == currentStdenv.buildPlatform) awsDeps
++ lib.optionals finalAttrs.doCheck checkDeps;
propagatedBuildInputs = propagatedDeps; propagatedBuildInputs = propagatedDeps;
@ -348,6 +370,8 @@
configureFlags = configureFlags ++ configureFlags = configureFlags ++
[ "--sysconfdir=/etc" ] ++ [ "--sysconfdir=/etc" ] ++
lib.optional stdenv.hostPlatform.isStatic "--enable-embedded-sandbox-shell" ++ lib.optional stdenv.hostPlatform.isStatic "--enable-embedded-sandbox-shell" ++
[ (lib.enableFeature finalAttrs.doCheck "tests") ] ++
lib.optionals finalAttrs.doCheck testConfigureFlags ++
lib.optional (!canRunInstalled) "--disable-doc-gen"; lib.optional (!canRunInstalled) "--disable-doc-gen";
enableParallelBuilding = true; enableParallelBuilding = true;
@ -361,6 +385,10 @@
postInstall = '' postInstall = ''
mkdir -p $doc/nix-support mkdir -p $doc/nix-support
echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products
${lib.optionalString currentStdenv.hostPlatform.isStatic ''
mkdir -p $out/nix-support
echo "file binary-dist $out/bin/nix" >> $out/nix-support/hydra-build-products
''}
${lib.optionalString currentStdenv.isDarwin '' ${lib.optionalString currentStdenv.isDarwin ''
install_name_tool \ install_name_tool \
-change ${boost}/lib/libboost_context.dylib \ -change ${boost}/lib/libboost_context.dylib \
@ -369,8 +397,9 @@
''} ''}
''; '';
doInstallCheck = true; doInstallCheck = finalAttrs.doCheck;
installCheckFlags = "sysconfdir=$(out)/etc"; installCheckFlags = "sysconfdir=$(out)/etc";
installCheckTarget = "installcheck"; # work around buggy detection in stdenv
separateDebugInfo = !currentStdenv.hostPlatform.isStatic; separateDebugInfo = !currentStdenv.hostPlatform.isStatic;
@ -411,7 +440,7 @@
}); });
meta.platforms = lib.platforms.unix; meta.platforms = lib.platforms.unix;
}; });
lowdown-nix = with final; currentStdenv.mkDerivation rec { lowdown-nix = with final; currentStdenv.mkDerivation rec {
name = "lowdown-0.9.0"; name = "lowdown-0.9.0";
@ -444,8 +473,6 @@
}; };
in { in {
inherit nixpkgsFor;
# A Nixpkgs overlay that overrides the 'nix' and # A Nixpkgs overlay that overrides the 'nix' and
# 'nix.perl-bindings' packages. # 'nix.perl-bindings' packages.
overlays.default = overlayFor (p: p.stdenv); overlays.default = overlayFor (p: p.stdenv);
@ -462,6 +489,14 @@
buildNoGc = forAllSystems (system: self.packages.${system}.nix.overrideAttrs (a: { configureFlags = (a.configureFlags or []) ++ ["--enable-gc=no"];})); buildNoGc = forAllSystems (system: self.packages.${system}.nix.overrideAttrs (a: { configureFlags = (a.configureFlags or []) ++ ["--enable-gc=no"];}));
buildNoTests = forAllSystems (system:
self.packages.${system}.nix.overrideAttrs (a: {
doCheck =
assert ! a?dontCheck;
false;
})
);
# Perl bindings for various platforms. # Perl bindings for various platforms.
perlBindings = forAllSystems (system: nixpkgsFor.${system}.native.nix.perl-bindings); perlBindings = forAllSystems (system: nixpkgsFor.${system}.native.nix.perl-bindings);
@ -496,25 +531,48 @@
src = self; src = self;
configureFlags = [ configureFlags = testConfigureFlags;
"CXXFLAGS=-I${lib.getDev pkgs.rapidcheck}/extras/gtest/include"
];
enableParallelBuilding = true; enableParallelBuilding = true;
nativeBuildInputs = nativeBuildDeps; nativeBuildInputs = nativeBuildDeps;
buildInputs = buildDeps ++ propagatedDeps ++ awsDeps; buildInputs = buildDeps ++ propagatedDeps ++ awsDeps ++ checkDeps;
dontInstall = false; dontInstall = false;
doInstallCheck = true; doInstallCheck = true;
installCheckTarget = "installcheck"; # work around buggy detection in stdenv
lcovFilter = [ "*/boost/*" "*-tab.*" ]; lcovFilter = [ "*/boost/*" "*-tab.*" ];
# We call `dot', and even though we just use it to hardeningDisable = ["fortify"];
# syntax-check generated dot files, it still requires some };
# fonts. So provide those.
FONTCONFIG_FILE = texFunctions.fontsConf; # API docs for Nix's unstable internal C++ interfaces.
internal-api-docs =
with nixpkgsFor.x86_64-linux.native;
with commonDeps { inherit pkgs; };
stdenv.mkDerivation {
pname = "nix-internal-api-docs";
inherit version;
src = self;
configureFlags = testConfigureFlags ++ internalApiDocsConfigureFlags;
nativeBuildInputs = nativeBuildDeps;
buildInputs = buildDeps ++ propagatedDeps
++ awsDeps ++ checkDeps ++ internalApiDocsDeps;
dontBuild = true;
installTargets = [ "internal-api-html" ];
postInstall = ''
mkdir -p $out/nix-support
echo "doc internal-api-docs $out/share/doc/nix/internal-api/html" >> $out/nix-support/hydra-build-products
'';
}; };
# System tests. # System tests.
@ -524,6 +582,8 @@
tests.nix-copy-closure = runNixOSTestFor "x86_64-linux" ./tests/nixos/nix-copy-closure.nix; tests.nix-copy-closure = runNixOSTestFor "x86_64-linux" ./tests/nixos/nix-copy-closure.nix;
tests.nix-copy = runNixOSTestFor "x86_64-linux" ./tests/nixos/nix-copy.nix;
tests.nssPreload = runNixOSTestFor "x86_64-linux" ./tests/nixos/nss-preload.nix; tests.nssPreload = runNixOSTestFor "x86_64-linux" ./tests/nixos/nss-preload.nix;
tests.githubFlakes = runNixOSTestFor "x86_64-linux" ./tests/nixos/github-flakes.nix; tests.githubFlakes = runNixOSTestFor "x86_64-linux" ./tests/nixos/github-flakes.nix;
@ -634,9 +694,11 @@
nativeBuildInputs = nativeBuildDeps nativeBuildInputs = nativeBuildDeps
++ (lib.optionals stdenv.cc.isClang [ pkgs.bear pkgs.clang-tools ]); ++ (lib.optionals stdenv.cc.isClang [ pkgs.bear pkgs.clang-tools ]);
buildInputs = buildDeps ++ propagatedDeps ++ awsDeps; buildInputs = buildDeps ++ propagatedDeps
++ awsDeps ++ checkDeps ++ internalApiDocsDeps;
inherit configureFlags; configureFlags = configureFlags
++ testConfigureFlags ++ internalApiDocsConfigureFlags;
enableParallelBuilding = true; enableParallelBuilding = true;

4
local.mk
View file

@ -1,6 +1,8 @@
clean-files += Makefile.config clean-files += Makefile.config
GLOBAL_CXXFLAGS += -Wno-deprecated-declarations GLOBAL_CXXFLAGS += -Wno-deprecated-declarations -Werror=switch
# Allow switch-enum to be overridden for files that do not support it, usually because of dependency headers.
ERROR_SWITCH_ENUM = -Werror=switch-enum
$(foreach i, config.h $(wildcard src/lib*/*.hh), \ $(foreach i, config.h $(wildcard src/lib*/*.hh), \
$(eval $(call install-file-in, $(i), $(includedir)/nix, 0644))) $(eval $(call install-file-in, $(i), $(includedir)/nix, 0644)))

62
maintainers/README.md
View file

@ -2,7 +2,30 @@
## Motivation ## Motivation
The goal of the team is to help other people to contribute to Nix. The team's main responsibility is to set a direction for the development of Nix and ensure that the code is in good shape.
We aim to achieve this by improving the contributor experience and attracting more maintainers that is, by helping other people contributing to Nix and eventually taking responsibility in order to scale the development process to match users' needs.
### Objectives
- It is obvious what is worthwhile to work on.
- It is easy to find the right place in the code to make a change.
- It is clear what is expected of a pull request.
- It is predictable how to get a change merged and released.
### Tasks
- Establish, communicate, and maintain a technical roadmap
- Improve documentation targeted at contributors
- Record architecture and design decisions
- Elaborate contribution guides and abide to them
- Define and assert quality criteria for contributions
- Maintain the issue tracker and triage pull requests
- Help contributors succeed with pull requests that address roadmap milestones
- Manage the release lifecycle
- Regularly publish reports on work done
- Engage with third parties in the interest of the project
- Ensure the required maintainer capacity for all of the above
## Members ## Members
@ -11,6 +34,7 @@ The goal of the team is to help other people to contribute to Nix.
- Valentin Gagarin (@fricklerhandwerk) - Valentin Gagarin (@fricklerhandwerk)
- Thomas Bereknyei (@tomberek) - Thomas Bereknyei (@tomberek)
- Robert Hensing (@roberth) - Robert Hensing (@roberth)
- John Ericson (@Ericson2314)
## Meeting protocol ## Meeting protocol
@ -18,12 +42,12 @@ The team meets twice a week:
- Discussion meeting: [Fridays 13:00-14:00 CET](https://calendar.google.com/calendar/event?eid=MHNtOGVuNWtrZXNpZHR2bW1sM3QyN2ZjaGNfMjAyMjExMjVUMTIwMDAwWiBiOW81MmZvYnFqYWs4b3E4bGZraGczdDBxZ0Bn) - Discussion meeting: [Fridays 13:00-14:00 CET](https://calendar.google.com/calendar/event?eid=MHNtOGVuNWtrZXNpZHR2bW1sM3QyN2ZjaGNfMjAyMjExMjVUMTIwMDAwWiBiOW81MmZvYnFqYWs4b3E4bGZraGczdDBxZ0Bn)
1. Triage issues and pull requests from the _No Status_ column (30 min) 1. Triage issues and pull requests from the [No Status](#no-status) column (30 min)
2. Discuss issues and pull requests from the _To discuss_ column (30 min) 2. Discuss issues and pull requests from the [To discuss](#to-discuss) column (30 min)
- Work meeting: [Mondays 13:00-15:00 CET](https://calendar.google.com/calendar/event?eid=NTM1MG1wNGJnOGpmOTZhYms3bTB1bnY5cWxfMjAyMjExMjFUMTIwMDAwWiBiOW81MmZvYnFqYWs4b3E4bGZraGczdDBxZ0Bn) - Work meeting: [Mondays 13:00-15:00 CET](https://calendar.google.com/calendar/event?eid=NTM1MG1wNGJnOGpmOTZhYms3bTB1bnY5cWxfMjAyMjExMjFUMTIwMDAwWiBiOW81MmZvYnFqYWs4b3E4bGZraGczdDBxZ0Bn)
1. Code review on pull requests from _In review_. 1. Code review on pull requests from [In review](#in-review).
2. Other chores and tasks. 2. Other chores and tasks.
Meeting notes are collected on a [collaborative scratchpad](https://pad.lassul.us/Cv7FpYx-Ri-4VjUykQOLAw), and published on Discourse under the [Nix category](https://discourse.nixos.org/c/dev/nix/50). Meeting notes are collected on a [collaborative scratchpad](https://pad.lassul.us/Cv7FpYx-Ri-4VjUykQOLAw), and published on Discourse under the [Nix category](https://discourse.nixos.org/c/dev/nix/50).
@ -32,9 +56,9 @@ Meeting notes are collected on a [collaborative scratchpad](https://pad.lassul.u
The team uses a [GitHub project board](https://github.com/orgs/NixOS/projects/19/views/1) for tracking its work. The team uses a [GitHub project board](https://github.com/orgs/NixOS/projects/19/views/1) for tracking its work.
Issues on the board progress through the following states: Items on the board progress through the following states:
- No Status ### No Status
During the discussion meeting, the team triages new items. During the discussion meeting, the team triages new items.
To be considered, issues and pull requests must have a high-level description to provide the whole team with the necessary context at a glance. To be considered, issues and pull requests must have a high-level description to provide the whole team with the necessary context at a glance.
@ -45,6 +69,7 @@ Issues on the board progress through the following states:
2. [security](https://github.com/NixOS/nix/labels/security) 2. [security](https://github.com/NixOS/nix/labels/security)
3. [regression](https://github.com/NixOS/nix/labels/regression) 3. [regression](https://github.com/NixOS/nix/labels/regression)
4. [bug](https://github.com/NixOS/nix/issues?q=is%3Aopen+label%3Abug+sort%3Areactions-%2B1-desc) 4. [bug](https://github.com/NixOS/nix/issues?q=is%3Aopen+label%3Abug+sort%3Areactions-%2B1-desc)
5. [tests of existing functionality](https://github.com/NixOS/nix/issues?q=is%3Aopen+label%3Atests+-label%3Afeature+sort%3Areactions-%2B1-desc)
- [oldest pull requests](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+sort%3Acreated-asc) - [oldest pull requests](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+sort%3Acreated-asc)
- [most popular pull requests](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+sort%3Areactions-%2B1-desc) - [most popular pull requests](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+sort%3Areactions-%2B1-desc)
@ -52,10 +77,21 @@ Issues on the board progress through the following states:
- [most popular issues](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc) - [most popular issues](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc)
Team members can also add pull requests or issues they would like the whole team to consider. Team members can also add pull requests or issues they would like the whole team to consider.
To ensure process quality and reliability, all non-trivial pull requests must be triaged before merging.
If there is disagreement on the general idea behind an issue or pull request, it is moved to _To discuss_, otherwise to _In review_. If there is disagreement on the general idea behind an issue or pull request, it is moved to [To discuss](#to-discuss).
Otherwise, the issue or pull request in questions get the label [`idea approved`](https://github.com/NixOS/nix/labels/idea%20approved).
For issues this means that an implementation is welcome and will be prioritised for review.
For pull requests this means that:
- Unfinished work is encouraged to be continued.
- A reviewer is assigned to take responsibility for getting the pull request merged.
The item is moved to the [Assigned](#assigned) column.
- If needed, the team can decide to do a collarorative review.
Then the item is moved to the [In review](#in-review) column, and review session is scheduled.
- To discuss What constitutes a trivial pull request is up to maintainers' judgement.
### To discuss
Pull requests and issues that are deemed important and controversial are discussed by the team during discussion meetings. Pull requests and issues that are deemed important and controversial are discussed by the team during discussion meetings.
@ -67,7 +103,7 @@ Issues on the board progress through the following states:
Contributors who took the time to implement concrete change proposals should not wait indefinitely. Contributors who took the time to implement concrete change proposals should not wait indefinitely.
- Prioritise fixing bugs over documentation, improvements or new features - Prioritise fixing bugs and testing over documentation, improvements or new features
The team values stability and accessibility higher than raw functionality. The team values stability and accessibility higher than raw functionality.
@ -75,19 +111,21 @@ Issues on the board progress through the following states:
This way issues without attempts at a solution get a chance to get addressed. This way issues without attempts at a solution get a chance to get addressed.
- In review ### In review
Pull requests in this column are reviewed together during work meetings. Pull requests in this column are reviewed together during work meetings.
This is both for spreading implementation knowledge and for establishing common values in code reviews. This is both for spreading implementation knowledge and for establishing common values in code reviews.
When the overall direction is agreed upon, even when further changes are required, the pull request is assigned to one team member. When the overall direction is agreed upon, even when further changes are required, the pull request is assigned to one team member.
- Assigned for merging ### Assigned
One team member is assigned to each of these pull requests. One team member is assigned to each of these pull requests.
They will communicate with the authors, and make the final approval once all remaining issues are addressed. They will communicate with the authors, and make the final approval once all remaining issues are addressed.
If more substantive issues arise, the assignee can move the pull request back to _To discuss_ to involve the team again. If more substantive issues arise, the assignee can move the pull request back to [To discuss](#to-discuss) or [In review](#in-review) to involve the team again.
### Flowchart
The process is illustrated in the following diagram: The process is illustrated in the following diagram:

3
maintainers/release-process.md
View file

@ -123,6 +123,7 @@ release:
`/home/eelco/Dev/nixpkgs-pristine`. `/home/eelco/Dev/nixpkgs-pristine`.
TODO: trigger nixos.org netlify: https://docs.netlify.com/configure-builds/build-hooks/ TODO: trigger nixos.org netlify: https://docs.netlify.com/configure-builds/build-hooks/
* Prepare for the next point release by editing `.version` to * Prepare for the next point release by editing `.version` to
e.g. e.g.
@ -152,7 +153,7 @@ release:
from the previous milestone, and close the previous milestone. Set from the previous milestone, and close the previous milestone. Set
the date for the next milestone 6 weeks from now. the date for the next milestone 6 weeks from now.
* Create a backport label * Create a backport label.
* Post an [announcement on Discourse](https://discourse.nixos.org/c/announcements/8), including the contents of * Post an [announcement on Discourse](https://discourse.nixos.org/c/announcements/8), including the contents of
`rl-$VERSION.md`. `rl-$VERSION.md`.

2
misc/launchd/org.nixos.nix-daemon.plist.in
View file

@ -4,8 +4,6 @@
<dict> <dict>
<key>EnvironmentVariables</key> <key>EnvironmentVariables</key>
<dict> <dict>
<key>NIX_SSL_CERT_FILE</key>
<string>/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt</string>
<key>OBJC_DISABLE_INITIALIZE_FORK_SAFETY</key> <key>OBJC_DISABLE_INITIALIZE_FORK_SAFETY</key>
<string>YES</string> <string>YES</string>
</dict> </dict>

2
mk/debug-test.sh
View file

@ -1,6 +1,6 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -eu set -eu -o pipefail
test=$1 test=$1

12
mk/disable-tests.mk Normal file
View file

@ -0,0 +1,12 @@
# This file is only active for `./configure --disable-tests`.
# Running `make check` or `make installcheck` would indicate a mistake in the
# caller.
installcheck:
@echo "Tests are disabled. Configure without '--disable-tests', or avoid calling 'make installcheck'."
@exit 1
# This currently has little effect.
check:
@echo "Tests are disabled. Configure without '--disable-tests', or avoid calling 'make check'."
@exit 1

2
mk/libraries.mk
View file

@ -126,7 +126,7 @@ define build-library
$(1)_PATH := $$(_d)/$$($(1)_NAME).a $(1)_PATH := $$(_d)/$$($(1)_NAME).a
$$($(1)_PATH): $$($(1)_OBJS) | $$(_d)/ $$($(1)_PATH): $$($(1)_OBJS) | $$(_d)/
+$$(trace-ld) $(LD) -Ur -o $$(_d)/$$($(1)_NAME).o $$^ $$(trace-ld) $(LD) $$(ifndef $(HOST_DARWIN),-U) -r -o $$(_d)/$$($(1)_NAME).o $$^
$$(trace-ar) $(AR) crs $$@ $$(_d)/$$($(1)_NAME).o $$(trace-ar) $(AR) crs $$@ $$(_d)/$$($(1)_NAME).o
$(1)_LDFLAGS_USE += $$($(1)_PATH) $$($(1)_LDFLAGS) $$(foreach lib, $$($(1)_LIBS), $$($$(lib)_LDFLAGS_USE)) $(1)_LDFLAGS_USE += $$($(1)_PATH) $$($(1)_LDFLAGS) $$(foreach lib, $$($(1)_LIBS), $$($$(lib)_LDFLAGS_USE))

4
mk/patterns.mk
View file

@ -1,10 +1,10 @@
$(buildprefix)%.o: %.cc $(buildprefix)%.o: %.cc
@mkdir -p "$(dir $@)" @mkdir -p "$(dir $@)"
$(trace-cxx) $(CXX) -o $@ -c $< $(CPPFLAGS) $(GLOBAL_CXXFLAGS_PCH) $(GLOBAL_CXXFLAGS) $(CXXFLAGS) $($@_CXXFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP $(trace-cxx) $(CXX) -o $@ -c $< $(CPPFLAGS) $(GLOBAL_CXXFLAGS_PCH) $(GLOBAL_CXXFLAGS) $(CXXFLAGS) $($@_CXXFLAGS) $(ERROR_SWITCH_ENUM) -MMD -MF $(call filename-to-dep, $@) -MP
$(buildprefix)%.o: %.cpp $(buildprefix)%.o: %.cpp
@mkdir -p "$(dir $@)" @mkdir -p "$(dir $@)"
$(trace-cxx) $(CXX) -o $@ -c $< $(CPPFLAGS) $(GLOBAL_CXXFLAGS_PCH) $(GLOBAL_CXXFLAGS) $(CXXFLAGS) $($@_CXXFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP $(trace-cxx) $(CXX) -o $@ -c $< $(CPPFLAGS) $(GLOBAL_CXXFLAGS_PCH) $(GLOBAL_CXXFLAGS) $(CXXFLAGS) $($@_CXXFLAGS) $(ERROR_SWITCH_ENUM) -MMD -MF $(call filename-to-dep, $@) -MP
$(buildprefix)%.o: %.c $(buildprefix)%.o: %.c
@mkdir -p "$(dir $@)" @mkdir -p "$(dir $@)"

17
mk/run-test.sh
View file

@ -1,6 +1,6 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -u set -eu -o pipefail
red="" red=""
green="" green=""
@ -22,24 +22,11 @@ fi
run_test () { run_test () {
(init_test 2>/dev/null > /dev/null) (init_test 2>/dev/null > /dev/null)
log="$(run_test_proper 2>&1)" log="$(run_test_proper 2>&1)" && status=0 || status=$?
status=$?
} }
run_test run_test
# Hack: Retry the test if it fails with “unexpected EOF reading a line” as these
# appear randomly without anyone knowing why.
# See https://github.com/NixOS/nix/issues/3605 for more info
if [[ $status -ne 0 && $status -ne 99 && \
"$(uname)" == "Darwin" && \
"$log" =~ "unexpected EOF reading a line" \
]]; then
echo "$post_run_msg [${yellow}FAIL$normal] (possibly flaky, so will be retried)"
echo "$log" | sed 's/^/ /'
run_test
fi
if [ $status -eq 0 ]; then if [ $status -eq 0 ]; then
echo "$post_run_msg [${green}PASS$normal]" echo "$post_run_msg [${green}PASS$normal]"
elif [ $status -eq 99 ]; then elif [ $status -eq 99 ]; then

Some files were not shown because too many files have changed in this diff Show more