mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2024-11-27 00:06:16 +02:00
188 lines
6.2 KiB
XML
188 lines
6.2 KiB
XML
<refentry xmlns="http://docbook.org/ns/docbook"
|
||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||
xmlns:xi="http://www.w3.org/2001/XInclude"
|
||
xml:id="sec-nix-copy-closure">
|
||
|
||
<refmeta>
|
||
<refentrytitle>nix-copy-closure</refentrytitle>
|
||
<manvolnum>1</manvolnum>
|
||
<refmiscinfo class="source">Nix</refmiscinfo>
|
||
<refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo>
|
||
</refmeta>
|
||
|
||
<refnamediv>
|
||
<refname>nix-copy-closure</refname>
|
||
<refpurpose>copy a closure to or from a remote machine via SSH</refpurpose>
|
||
</refnamediv>
|
||
|
||
<refsynopsisdiv>
|
||
<cmdsynopsis>
|
||
<command>nix-copy-closure</command>
|
||
<group>
|
||
<arg choice='plain'><option>--to</option></arg>
|
||
<arg choice='plain'><option>--from</option></arg>
|
||
</group>
|
||
<arg><option>--sign</option></arg>
|
||
<arg><option>--gzip</option></arg>
|
||
<arg><option>--bzip2</option></arg>
|
||
<arg><option>--xz</option></arg>
|
||
<arg><option>--show-progress</option></arg>
|
||
<arg><option>--include-outputs</option></arg>
|
||
<arg><option>--use-substitutes</option></arg>
|
||
<arg><option>-s</option></arg>
|
||
<arg choice='plain'>
|
||
<replaceable>user@</replaceable><replaceable>machine</replaceable>
|
||
</arg>
|
||
<arg choice='plain'><replaceable>paths</replaceable></arg>
|
||
</cmdsynopsis>
|
||
</refsynopsisdiv>
|
||
|
||
|
||
<refsection><title>Description</title>
|
||
|
||
<para><command>nix-copy-closure</command> gives you an easy and
|
||
efficient way to exchange software between machines. Given one or
|
||
more Nix store paths <replaceable>paths</replaceable> on the local
|
||
machine, <command>nix-copy-closure</command> computes the closure of
|
||
those paths (i.e. all their dependencies in the Nix store), and copies
|
||
all paths in the closure to the remote machine via the
|
||
<command>ssh</command> (Secure Shell) command. With the
|
||
<option>--from</option>, the direction is reversed:
|
||
the closure of <replaceable>paths</replaceable> on a remote machine is
|
||
copied to the Nix store on the local machine.</para>
|
||
|
||
<para>This command is efficient because it only sends the store paths
|
||
that are missing on the target machine.</para>
|
||
|
||
<para>Since <command>nix-copy-closure</command> calls
|
||
<command>ssh</command>, you may be asked to type in the appropriate
|
||
password or passphrase. In fact, you may be asked
|
||
<emphasis>twice</emphasis> because <command>nix-copy-closure</command>
|
||
currently connects twice to the remote machine, first to get the set
|
||
of paths missing on the target machine, and second to send the dump of
|
||
those paths. If this bothers you, use
|
||
<command>ssh-agent</command>.</para>
|
||
|
||
|
||
<refsection><title>Options</title>
|
||
|
||
<variablelist>
|
||
|
||
<varlistentry><term><option>--to</option></term>
|
||
|
||
<listitem><para>Copy the closure of
|
||
<replaceable>paths</replaceable> from the local Nix store to the
|
||
Nix store on <replaceable>machine</replaceable>. This is the
|
||
default.</para></listitem>
|
||
|
||
</varlistentry>
|
||
|
||
<varlistentry><term><option>--from</option></term>
|
||
|
||
<listitem><para>Copy the closure of
|
||
<replaceable>paths</replaceable> from the Nix store on
|
||
<replaceable>machine</replaceable> to the local Nix
|
||
store.</para></listitem>
|
||
|
||
</varlistentry>
|
||
|
||
<varlistentry><term><option>--sign</option></term>
|
||
|
||
<listitem><para>Let the sending machine cryptographically sign the
|
||
dump of each path with the key in
|
||
<filename><replaceable>sysconfdir</replaceable>/nix/signing-key.sec</filename>.
|
||
If the user on the target machine does not have direct access to
|
||
the Nix store (i.e., if the target machine has a multi-user Nix
|
||
installation), then the target machine will check the dump against
|
||
<filename><replaceable>sysconfdir</replaceable>/nix/signing-key.pub</filename>
|
||
before unpacking it in its Nix store. This allows secure sharing
|
||
of store paths between untrusted users on two machines, provided
|
||
that there is a trust relation between the Nix installations on
|
||
both machines (namely, they have matching public/secret
|
||
keys).</para></listitem>
|
||
|
||
</varlistentry>
|
||
|
||
<varlistentry><term><option>--gzip</option> / <option>--bzip2</option> / <option>--xz</option></term>
|
||
|
||
<listitem><para>Compress the dump of each path with respectively
|
||
<command>gzip</command>, <command>bzip2</command> or
|
||
<command>xz</command> before sending it. The corresponding
|
||
decompression program must be installed on the target
|
||
machine.</para></listitem>
|
||
|
||
</varlistentry>
|
||
|
||
<varlistentry><term><option>--show-progress</option></term>
|
||
|
||
<listitem><para>Show the progress of each path's transfer as it's made.
|
||
This requires the <command>pv</command> utility to be in <envar>PATH</envar>.</para></listitem>
|
||
|
||
</varlistentry>
|
||
|
||
<varlistentry><term><option>--include-outputs</option></term>
|
||
|
||
<listitem><para>Also copy the outputs of store derivations
|
||
included in the closure.</para></listitem>
|
||
|
||
</varlistentry>
|
||
|
||
<varlistentry><term><option>--use-substitutes</option> / <option>-s</option></term>
|
||
|
||
<listitem><para>Attempt to download missing paths on the target
|
||
machine using Nix’s substitute mechanism. Any paths that cannot
|
||
be substituted on the target are still copied normally from the
|
||
source. This is useful, for instance, if the connection between
|
||
the source and target machine is slow, but the connection between
|
||
the target machine and <literal>nixos.org</literal> (the default
|
||
binary cache server) is fast.</para></listitem>
|
||
|
||
</varlistentry>
|
||
|
||
</variablelist>
|
||
|
||
</refsection>
|
||
|
||
|
||
<refsection><title>Environment variables</title>
|
||
|
||
<variablelist>
|
||
|
||
<varlistentry><term><envar>NIX_SSHOPTS</envar></term>
|
||
|
||
<listitem><para>Additional options to be passed to
|
||
<command>ssh</command> on the command line.</para></listitem>
|
||
|
||
</varlistentry>
|
||
|
||
</variablelist>
|
||
|
||
</refsection>
|
||
|
||
|
||
<refsection><title>Examples</title>
|
||
|
||
<para>Copy Firefox with all its dependencies to a remote machine:
|
||
|
||
<screen>
|
||
$ nix-copy-closure --to alice@itchy.labs $(type -tP firefox)</screen>
|
||
|
||
</para>
|
||
|
||
<para>Copy Subversion from a remote machine and then install it into a
|
||
user environment:
|
||
|
||
<screen>
|
||
$ nix-copy-closure --from alice@itchy.labs \
|
||
/nix/store/0dj0503hjxy5mbwlafv1rsbdiyx1gkdy-subversion-1.4.4
|
||
$ nix-env -i /nix/store/0dj0503hjxy5mbwlafv1rsbdiyx1gkdy-subversion-1.4.4
|
||
</screen>
|
||
|
||
</para>
|
||
|
||
</refsection>
|
||
|
||
|
||
</refsection>
|
||
|
||
</refentry>
|