about summary refs log tree commit diff
path: root/src/libstore/remote-store.cc
AgeCommit message (Collapse)AuthorFilesLines
2016-08-10 RemoteStore / nix-daemon: Drop support for Nix < 1.0Eelco Dolstra1-19/+15
2016-07-11 Modernize AutoCloseFDShea Levy1-6/+6
2016-06-09 Use O_CLOEXEC in most placesEelco Dolstra1-1/+5
2016-06-01 Make the store directory a member variable of StoreEelco Dolstra1-20/+21
2016-05-31 nix-copy-closure / build-remote.pl: Disable signature checkingEelco Dolstra1-1/+2
This restores the Nix 1.11 behaviour.
2016-05-04 Do compression in a sinkEelco Dolstra1-1/+1
2016-05-04 Add a Store::addToStore() variant that accepts a NAREelco Dolstra1-19/+6
As a side effect, this ensures that signatures are propagated when copying paths between stores. Also refactored import/export to make use of this.
2016-05-04 Remove OpenSSL-based signingEelco Dolstra1-6/+3
2016-04-29 Allow parameters in store URIsEelco Dolstra1-0/+6
This is to allow store-specific configuration, e.g. s3://my-cache?compression=bzip2&secret-key=/path/to/key.
2016-04-25 Show the log tail when a build failsEelco Dolstra1-1/+1
If --no-build-output is given (which will become the default for the "nix" command at least), show the last 10 lines of the build output if the build fails.
2016-04-25 Remove --print-build-traceEelco Dolstra1-1/+1
This was added to support Hydra, but Hydra no longer uses it.
2016-04-25 Improved logging abstractionEelco Dolstra1-6/+4
This also gets rid of --log-type, since the nested log type isn't useful in a multi-threaded situation, and nobody cares about the "pretty" log type.
2016-04-20 RemoteStore: Propagate InvalidPath exceptions from the daemonEelco Dolstra1-1/+12
2016-04-20 Cache path info lookups in SQLiteEelco Dolstra1-1/+0
This re-implements the binary cache database in C++, allowing it to be used by other Store backends, in particular the S3 backend.
2016-04-19 Move path info caching from BinaryCacheStore to StoreEelco Dolstra1-44/+18
Caching path info is generally useful. For instance, it speeds up "nix path-info -rS /run/current-system" (i.e. showing the closure sizes of all paths in the closure of the current system) from 5.6s to 0.15s. This also eliminates some APIs like Store::queryDeriver() and Store::queryReferences().
2016-04-08 Remove failed build cachingEelco Dolstra1-17/+1
This feature was implemented for Hydra, but Hydra no longer uses it.
2016-04-05 Add "nix copy-sigs" commandEelco Dolstra1-0/+9
This imports signatures from one store into another. E.g. $ nix copy-sigs -r /run/current-system -s https://cache.nixos.org/ imported 595 signatures
2016-03-30 LocalStore: Keep track of ultimately trusted pathsEelco Dolstra1-0/+4
These are content-addressed paths or outputs of locally performed builds. They are trusted even if they don't have signatures, so "nix verify-paths" won't complain about them.
2016-03-23 Drop support for daemon socket path >= 108 charactersEelco Dolstra1-15/+3
Doing a chdir() is a bad idea in multi-threaded programs, leading to failures such as error: cannot connect to daemon at ‘/nix/var/nix/daemon-socket/socket’: No such file or directory Since Linux doesn't have a connectat() syscall like FreeBSD, there is no way we can support this in a race-free way.
2016-03-22 Don't overload dumpPath()Eelco Dolstra1-1/+1
2016-03-21 Add Store::dumpPath() methodEelco Dolstra1-1/+1
This allows applying nix-store --verify-path to binary cache stores: NIX_REMOTE=https://cache.nixos.org nix-store --verify-path /nix/store/s5c7...
2016-02-26 importPaths(): Optionally add NARs to binary cache accessorEelco Dolstra1-1/+2
This enables an optimisation in hydra-queue-runner, preventing a download of a NAR it just uploaded to the cache when reading files like hydra-build-products.
2016-02-24 Eliminate reserveSpace flagEelco Dolstra1-2/+2
2016-02-24 Remove bad daemon connections from the poolEelco Dolstra1-1/+5
This is necessary for long-running processes like hydra-queue-runner: if a nix-daemon worker is killed, we need to stop reusing that connection.
2016-02-23 Pool<T>: Allow a maximum pool sizeEelco Dolstra1-15/+15
2016-02-23 RemoteStore: Make thread-safeEelco Dolstra1-226/+221
This allows a RemoteStore object to be used safely from multiple threads concurrently. It will make multiple daemon connections if necessary. Note: pool.hh and sync.hh have been copied from the Hydra source tree.
2016-02-16 Rename ValidPathInfo::hash -> narHash for consistencyEelco Dolstra1-1/+1
2016-01-31 Use the daemon when we don't have write access to the Nix databaseEelco Dolstra1-8/+2
2015-12-02 daemon: Add 'buildMode' parameter to 'buildPaths' RPCLudovic Courtès1-3/+9
2015-09-03 Implement buildDerivation() via the daemonEelco Dolstra1-1/+9
2015-07-20 More cleanupEelco Dolstra1-102/+63
2015-07-17 OCD: foreach -> C++11 ranged forEelco Dolstra1-14/+14
2015-07-17 Allow remote builds without sending the derivation closureEelco Dolstra1-0/+7
Previously, to build a derivation remotely, we had to copy the entire closure of the .drv file to the remote machine, even though we only need the top-level derivation. This is very wasteful: the closure can contain thousands of store paths, and in some Hydra use cases, include source paths that are very large (e.g. Git/Mercurial checkouts). So now there is a new operation, StoreAPI::buildDerivation(), that performs a build from an in-memory representation of a derivation (BasicDerivation) rather than from a on-disk .drv file. The only files that need to be in the Nix store are the sources of the derivation (drv.inputSrcs), and the needed output paths of the dependencies (as described by drv.inputDrvs). "nix-store --serve" exposes this interface. Note that this is a privileged operation, because you can construct a derivation that builds any store path whatsoever. Fixing this will require changing the hashing scheme (i.e., the output paths should be computed from the other fields in BasicDerivation, allowing them to be verified without access to other derivations). However, this would be quite nice because it would allow .drv-free building (e.g. "nix-env -i" wouldn't have to write any .drv files to disk). Fixes #173.
2015-06-02 Add a ‘verifyStore’ RPCLudovic Courtès1-0/+10
Hello! The patch below adds a ‘verifyStore’ RPC with the same signature as the current LocalStore::verifyStore method. Thanks, Ludo’. >From aef46c03ca77eb6344f4892672eb6d9d06432041 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org> Date: Mon, 1 Jun 2015 23:17:10 +0200 Subject: [PATCH] Add a 'verifyStore' remote procedure call.
2015-03-25 addToStore(): Take explicit name argumentEelco Dolstra1-2/+2
2014-12-14 Merge branch 'cygwin-master' of https://github.com/ternaris/nixEelco Dolstra1-0/+1
2014-12-13 Better error messageEelco Dolstra1-1/+1
2014-12-12 Silence some warnings on GCC 4.9Eelco Dolstra1-1/+1
2014-12-09 Explicitly include required C headersMarko Durkovic1-0/+1
2014-10-31 Improve error message if the daemon worker fails to startEelco Dolstra1-2/+1
2014-09-01 Add an 'optimiseStore' remote procedure call.Ludovic Courtès1-0/+7
2014-08-20 Use proper quotes everywhereEelco Dolstra1-3/+3
2014-07-25 nix-daemon: Pass on the user's $SSH_AUTH_SOCK to the SSH substituterEelco Dolstra1-0/+2
2014-07-23 Remove dead codeEelco Dolstra1-2/+0
2014-07-14 build-remote.pl: Fix building multiple output derivationsEelco Dolstra1-1/+0
We were importing paths without sorting them topologically, leading to "path is not valid" errors. See e.g. http://hydra.nixos.org/build/12451761
2014-07-11 build-remote.pl: Use ‘nix-store --serve’ on the remote sideEelco Dolstra1-0/+1
This makes things more efficient (we don't need to use an SSH master connection, and we only start a single remote process) and gets rid of locking issues (the remote nix-store process will keep inputs and outputs locked as long as they're needed). It also makes it more or less secure to connect directly to the root account on the build machine, using a forced command (e.g. ‘command="nix-store --serve --write"’). This bypasses the Nix daemon and is therefore more efficient. Also, don't call nix-store to import the output paths.
2014-06-10 Report daemon OOM betterEelco Dolstra1-5/+17
When copying a large path causes the daemon to run out of memory, you now get: error: Nix daemon out of memory instead of: error: writing to file: Broken pipe
2014-06-10 Print a warning when loading a large path into memoryEelco Dolstra1-0/+3
I.e. if you have a derivation with src = ./huge-directory; you'll get a warning that this is not a good idea.
2014-02-18 Add a flag ‘--check’ to verify build determinismEelco Dolstra1-2/+2
The flag ‘--check’ to ‘nix-store -r’ or ‘nix-build’ will cause Nix to redo the build of a derivation whose output paths are already valid. If the new output differs from the original output, an error is printed. This makes it easier to test if a build is deterministic. (Obviously this cannot catch all sources of non-determinism, but it catches the most common one, namely the current time.) For example: $ nix-build '<nixpkgs>' -A patchelf ... $ nix-build '<nixpkgs>' -A patchelf --check error: derivation `/nix/store/1ipvxsdnbhl1rw6siz6x92s7sc8nwkkb-patchelf-0.6' may not be deterministic: hash mismatch in output `/nix/store/4pc1dmw5xkwmc6q3gdc9i5nbjl4dkjpp-patchelf-0.6.drv' The --check build fails if not all outputs are valid. Thus the first call to nix-build is necessary to ensure that all outputs are valid. The current outputs are left untouched: the new outputs are either put in a chroot or diverted to a different location in the store using hash rewriting.
2013-09-06 Don't apply the CPU affinity hack to nix-shell (and other Perl programs)Eelco Dolstra1-1/+1
As discovered by Todd Veldhuizen, the shell started by nix-shell has its affinity set to a single CPU. This is because nix-shell connects to the Nix daemon, which causes the affinity hack to be applied. So we turn this off for Perl programs.