about summary refs log tree commit diff
path: root/src/libstore/globals.hh
AgeCommit message (Collapse)AuthorFilesLines
2017-03-30 Add exec primop behind allow-unsafe-native-code-during-evaluation.Shea Levy1-2/+2
Execute a given program with the (optional) given arguments as the user running the evaluation, parsing stdout as an expression to be evaluated. There are many use cases for nix that would benefit from being able to run arbitrary code during evaluation, including but not limited to: * Automatic git fetching to get a sha256 from a git revision * git rev-parse HEAD * Automatic extraction of information from build specifications from other tools, particularly language-specific package managers like cabal or npm * Secrets decryption (e.g. with nixops) * Private repository fetching Ideally, we would add this functionality in a more principled way to nix, but in the mean time 'builtins.exec' can be used to get these tasks done. The primop is only available when the 'allow-unsafe-native-code-during-evaluation' nix option is true. That flag also enables the 'importNative' primop, which is strictly more powerful but less convenient (since it requires compiling a plugin against the running version of nix).
2017-03-15 Store: Add a method for getting build logsEelco Dolstra1-3/+0
This allows various Store implementations to provide different ways to get build logs. For example, BinaryCacheStore can get the build logs from the binary cache. Also, remove the log-servers option since we can use substituters for this.
2017-03-08 Add option to disable import-from-derivation completely, even if the drv is ↵Shea Levy1-0/+3
already realized
2017-03-06 Properly set the caFile for aws-sdk-cpp s3Shea Levy1-0/+3
2017-02-16 Move netrcFile to SettingsEelco Dolstra1-2/+4
Also get rid of Settings::processEnvironment(), it appears to be useless.
2016-12-06 nix-store --serve: Suppress log output on stderr when repeating a buildEelco Dolstra1-0/+5
2016-08-10 Remove $NIX_DB_DIREelco Dolstra1-3/+0
This variable has no reason to exist, given $NIX_STATE_DIR.
2016-04-29 Eliminate the substituter mechanismEelco Dolstra1-5/+0
Substitution is now simply a Store -> Store copy operation, most typically from BinaryCacheStore to LocalStore.
2016-04-25 Show the log tail when a build failsEelco Dolstra1-2/+6
If --no-build-output is given (which will become the default for the "nix" command at least), show the last 10 lines of the build output if the build fails.
2016-04-25 Remove --print-build-traceEelco Dolstra1-16/+0
This was added to support Hydra, but Hydra no longer uses it.
2016-04-25 Improved logging abstractionEelco Dolstra1-0/+1
This also gets rid of --log-type, since the nested log type isn't useful in a multi-threaded situation, and nobody cares about the "pretty" log type.
2016-04-08 Remove failed build cachingEelco Dolstra1-3/+0
This feature was implemented for Hydra, but Hydra no longer uses it.
2015-04-18 Add the pre-build hook.Shea Levy1-0/+4
This hook can be used to set system-specific per-derivation build settings that don't fit into the derivation model and are too complex or volatile to be hard-coded into nix. Currently, the pre-build hook can only add chroot dirs/files through the interface, but it also has full access to the chroot root. The specific use case for this is systems where the operating system ABI is more complex than just the kernel-support system calls. For example, on OS X there is a set of system-provided frameworks that can reliably be accessed by any program linked to them, no matter the version the program is running on. Unfortunately, those frameworks do not necessarily live in the same locations on each version of OS X, nor do their dependencies, and thus nix needs to know the specific version of OS X currently running in order to make those frameworks available. The pre-build hook is a perfect mechanism for doing just that.
2015-04-18 Revert "Add the pre-build hook."Shea Levy1-4/+0
Going to reimplement differently. This reverts commit 1e4a4a2e9fc382f47f58b448f3ee034cdd28218a.
2015-04-16 Fix using restricted mode with chrootsEelco Dolstra1-0/+2
2015-04-12 Add the pre-build hook.Shea Levy1-0/+4
This hook can be used to set system specific per-derivation build settings that don't fit into the derivation model and are too complex or volatile to be hard-coded into nix. Currently, the pre-build hook can only add chroot dirs/files. The specific use case for this is systems where the operating system ABI is more complex than just the kernel-supported system calls. For example, on OS X there is a set of system-provided frameworks that can reliably be accessed by any program linked to them, no matter the version the program is running on. Unfortunately, those frameworks do not necessarily live in the same locations on each version of OS X, nor do their dependencies, and thus nix needs to know the specific version of OS X currently running in order to make those frameworks available. The pre-build hook is a perfect mechanism for doing just that.
2015-04-09 Implement a TTL on cached fetchurl/fetchTarball resultsEelco Dolstra1-0/+2
This is because we don't want to do HTTP requests on every evaluation, even though we can prevent a full redownload via the cached ETag. The default is one hour.
2015-02-23 Use chroots for all derivationsEelco Dolstra1-3/+0
If ‘build-use-chroot’ is set to ‘true’, fixed-output derivations are now also chrooted. However, unlike normal derivations, they don't get a private network namespace, so they can still access the network. Also, the use of the ‘__noChroot’ derivation attribute is no longer allowed. Setting ‘build-use-chroot’ to ‘relaxed’ gives the old behaviour.
2014-09-17 Settings: Add bool get()Eelco Dolstra1-0/+2
2014-08-05 DohEelco Dolstra1-9/+0
2014-08-04 Move some options out of globalsEelco Dolstra1-1/+3
2014-08-04 RefactorEelco Dolstra1-5/+5
2014-08-04 Add option ‘build-extra-chroot-dirs’Eelco Dolstra1-4/+0
This is useful for extending (rather than overriding) the default set of chroot paths.
2014-07-25 nix-daemon: Pass on the user's $SSH_AUTH_SOCK to the SSH substituterEelco Dolstra1-0/+2
2014-07-17 nix-daemon: Add trusted-users and allowed-users optionsEelco Dolstra1-0/+9
‘trusted-users’ is a list of users and groups that have elevated rights, such as the ability to specify binary caches. It defaults to ‘root’. A typical value would be ‘@wheel’ to specify all users in the wheel group. ‘allowed-users’ is a list of users and groups that are allowed to connect to the daemon. It defaults to ‘*’. A typical value would be ‘@users’ to specify the ‘users’ group.
2014-06-24 Only add the importNative primop if the ↵Shea Levy1-0/+3
allow-arbitrary-code-during-evaluation option is true (default false)
2014-05-21 nix-store -l: Fetch build logs from the InternetEelco Dolstra1-0/+3
If a build log is not available locally, then ‘nix-store -l’ will now try to download it from the servers listed in the ‘log-servers’ option in nix.conf. For instance, if you have: log-servers = http://hydra.nixos.org/log then it will try to get logs from http://hydra.nixos.org/log/<base name of the store path>. So you can do things like: $ nix-store -l $(which xterm) and get a log even if xterm wasn't built locally.
2014-02-26 Add use-ssh-substituter setting.Shea Levy1-0/+3
It defaults to false and can be overridden by RemoteStore. Untested currently, just quickly put this together
2014-02-14 Minor style fixesEelco Dolstra1-1/+1
2014-02-10 Pass in params by const refShea Levy1-1/+1
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-08 Add download-via-ssh substituterShea Levy1-0/+6
This substituter connects to a remote host, runs nix-store --serve there, and then forwards substituter commands on to the remote host and sends their results to the calling program. The ssh-substituter-hosts option can be specified as a list of hosts to try. This is an initial implementation and, while it works, it has some limitations: * Only the first host is used * There is no caching of query results (all queries are sent to the remote machine) * There is no informative output (such as progress bars) * Some failure modes may cause unhelpful error messages * There is no concept of trusted-ssh-substituter-hosts Signed-off-by: Shea Levy <shea@shealevy.com>
2013-11-12 Make function calls show up in stack traces againEelco Dolstra1-0/+3
Note that adding --show-trace prevents functions calls from being tail-recursive, so an expression that evaluates without --show-trace may fail with a stack overflow if --show-trace is given.
2013-09-06 Don't apply the CPU affinity hack to nix-shell (and other Perl programs)Eelco Dolstra1-0/+3
As discovered by Todd Veldhuizen, the shell started by nix-shell has its affinity set to a single CPU. This is because nix-shell connects to the Nix daemon, which causes the affinity hack to be applied. So we turn this off for Perl programs.
2013-09-02 Add an option to limit the log output of buildersEelco Dolstra1-0/+4
This is mostly useful for Hydra to deal with builders that get stuck in an infinite loop writing data to stdout/stderr.
2013-03-08 Revert "Prevent config.h from being clobbered"Eelco Dolstra1-0/+3
This reverts commit 28bba8c44f484eae38e8a15dcec73cfa999156f6.
2013-03-07 Prevent config.h from being clobberedEelco Dolstra1-3/+0
2013-02-19 Add `Settings::nixDaemonSocketFile'.Ludovic Courtès1-0/+3
2012-12-29 Allow mounting a path in a different location in the chrootEelco Dolstra1-2/+2
Fixes #24.
2012-11-27 Add builtin constants ‘langVersion’ and ‘nixVersion’Eelco Dolstra1-0/+3
The integer constant ‘langVersion’ denotes the current language version. It gets increased every time a language feature is added/changed/removed. It's currently 1. The string constant ‘nixVersion’ contains the current Nix version, e.g. "1.2pre2980_9de6bc5".
2012-09-25 Include <sys/types.h> for off_tEelco Dolstra1-0/+1
Reported by "gio" on IRC.
2012-07-31 Pass all --option flags to the daemonEelco Dolstra1-3/+5
2012-07-30 Refactor settings processingEelco Dolstra1-76/+145
Put all Nix configuration flags in a Settings object.
2012-07-30 Pass configuration settings to the substitutersEelco Dolstra1-0/+2
Previously substituters could read nix.conf themselves, but this didn't take --option flags into account.
2012-07-18 Use "#pragma once" to prevent repeated header file inclusionEelco Dolstra1-5/+1
2011-11-22 * Move initialisation of variables like nixConfDir from libmain toEelco Dolstra1-1/+3
libstore so that the Perl bindings can use it as well. It's vital that the Perl bindings use the configuration file, because otherwise nix-copy-closure will fail with a ‘database locked’ message if the value of ‘use-sqlite-wal’ is changed from the default.
2011-06-30 Add support for the `build-timeout' and `--timeout' options.Ludovic Courtès1-0/+4
2010-06-23 Added support for passing an (impure) NIX_BUILD_CORES variable to build ↵Peter Simons1-0/+5
expressions. This patch adds the configuration file variable "build-cores" and the command line argument "--cores". These settings specify the number of CPU cores to utilize for parallel building within a job, i.e. by passing an appropriate "-j" flag to GNU Make. The default value is 1, which means that parallel building is *disabled*. If the number of build cores is specified as 0 (synonymously: "guess" or "auto"), then the actual value is supposed to be auto-detected by builders at run-time, i.e by calling the nproc(1) utility from coreutils. The environment variable $NIX_BUILD_CORES is available to builders, but the contents of that variable does *not* influence the hash that goes into the $out store path, i.e. the number of build cores to be utilized can be changed at will without requiring any re-builds.
2009-03-23 * No longer block while waiting for a lock on a store path. InsteadEelco Dolstra1-1/+1
poll for it (i.e. if we can't acquire the lock, then let the main select() loop wait for at most a few seconds and then try again). This improves parallelism: if two nix-store processes are both trying to build a path at the same time, the second one shouldn't block; it should first see if it can build other goals. Also, it prevents the deadlocks that have been occuring in Hydra lately, where a process waits for a lock held by another process that's waiting for a lock held by the first. The downside is that polling isn't really elegant, but POSIX doesn't provide a way to wait for locks in a select() loop. The only solution would be to spawn a thread for each lock to do a blocking fcntl() and then signal the main thread, but that would require pthreads.
2009-02-27 * Allow options from the Nix config file to be overriden from theEelco Dolstra1-0/+2
command line (e.g. "--option build-use-chroot true").
2008-12-11 * Revert r13150: now that we use private namespaces for the chroot, weEelco Dolstra1-6/+0
don't have to put the chroot in /nix/var/nix/chroots anymore. They're back in /tmp now.