mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(3p/nix): unvendor tvix 0.1

Browse source 
Nothing is using this now, and we'll likely never pick this up again,
but we learned a lot in the process.

Every now and then this breaks in some bizarre way on channel bumps
and it's just a waste of time to maintain that.

Change-Id: Idcf2f5acd4ca7070ce18d7149cbfc0d967dc0a44
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5632
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Autosubmit: tazjin <tazjin@tvl.su>
This commit is contained in:
Vincent Ambo 2022-05-18 17:39:39 +02:00 committed by clbot
parent c85291c602
commit d127f9bd0e
721 changed files with 0 additions and 104195 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
third_party/nix/.clang-format vendored
View file

@ -1,11 +0,0 @@
# Use the Google style in this project.
BasedOnStyle: Google
DerivePointerAlignment: false
PointerAlignment: Left
IncludeCategories:
- Regex: '^<.*\.h>'
Priority: 2
- Regex: '^<.*'
Priority: 1
- Regex: '.*'
Priority: 3

4
third_party/nix/.clang-tidy vendored
View file

@ -1,4 +0,0 @@
---
Checks: 'abseil-c*,clang-analyzer-security-*,bugprone-*,google-*,modernize-*,cppcoreguidelines-*,misc-*,-modernize-use-trailing-return-type'
WarningsAsErrors: 'abseil-*,clang-analyzer-security*'
...

1
third_party/nix/.dir-locals.el vendored
View file

@ -1 +0,0 @@
((c++-mode . ((c-file-style . "google"))))

27
third_party/nix/.github/ISSUE_TEMPLATE.md vendored
View file

@ -1,27 +0,0 @@
<!--
# Filing a Nix issue
*WAIT* Are you sure you're filing your issue in the right repository?
We appreciate you taking the time to tell us about issues you encounter, but routing the issue to the right place will get you help sooner and save everyone time.
This is the Nix repository, and issues here should be about Nix the build and package management *_tool_*.
If you have a problem with a specific package on NixOS or when using Nix, you probably want to file an issue with _nixpkgs_, whose issue tracker is over at https://github.com/NixOS/nixpkgs/issues.
Examples of _Nix_ issues:
- Nix segfaults when I run `nix-build -A blahblah`
- The Nix language needs a new builtin: `builtins.foobar`
- Regression in the behavior of `nix-env` in Nix 2.0
Examples of _nixpkgs_ issues:
- glibc is b0rked on aarch64
- chromium in NixOS doesn't support U2F but google-chrome does!
- The OpenJDK package on macOS is missing a key component
Chances are if you're a newcomer to the Nix world, you'll probably want the [nixpkgs tracker](https://github.com/NixOS/nixpkgs/issues). It also gets a lot more eyeball traffic so you'll probably get a response a lot more quickly.
-->

119
third_party/nix/.gitignore vendored
View file

@ -1,119 +0,0 @@
Makefile.config
perl/Makefile.config
# /
/aclocal.m4
/autom4te.cache
/configure
/nix.spec
/stamp-h1
/svn-revision
/build-gcc
/libtool
/corepkgs/config.nix
# /corepkgs/channels/
/corepkgs/channels/unpack.sh
# /corepkgs/nar/
/corepkgs/nar/nar.sh
/corepkgs/nar/unnar.sh
# /doc/manual/
/doc/manual/manual.html
/doc/manual/manual.xmli
/doc/manual/manual.pdf
/doc/manual/manual.is-valid
/doc/manual/*.1
/doc/manual/*.5
/doc/manual/*.8
/doc/manual/version.txt
# /scripts/
/scripts/nix-profile.sh
/scripts/nix-copy-closure
/scripts/nix-reduce-build
/scripts/nix-http-export.cgi
/scripts/nix-profile-daemon.sh
# /src/libexpr/
/src/libexpr/lexer-tab.cc
/src/libexpr/lexer-tab.hh
/src/libexpr/parser-tab.cc
/src/libexpr/parser-tab.hh
/src/libexpr/parser-tab.output
/src/libexpr/nix.tbl
# /src/libstore/
/src/libstore/*.gen.hh
/src/nix/nix
# /src/nix-env/
/src/nix-env/nix-env
# /src/nix-instantiate/
/src/nix-instantiate/nix-instantiate
# /src/nix-store/
/src/nix-store/nix-store
/src/nix-prefetch-url/nix-prefetch-url
# /src/nix-daemon/
/src/nix-daemon/nix-daemon
/src/nix-collect-garbage/nix-collect-garbage
# /src/nix-channel/
/src/nix-channel/nix-channel
# /src/nix-build/
/src/nix-build/nix-build
/src/nix-copy-closure/nix-copy-closure
/src/build-remote/build-remote
# /tests/
/tests/test-tmp
/tests/common.sh
/tests/dummy
/tests/result*
/tests/restricted-innocent
/tests/shell
/tests/shell.drv
# /tests/lang/
/tests/lang/*.out
/tests/lang/*.out.xml
/tests/lang/*.ast
/perl/lib/Nix/Config.pm
/perl/lib/Nix/Store.cc
/misc/systemd/nix-daemon.service
/misc/systemd/nix-daemon.socket
/misc/upstart/nix-daemon.conf
/src/resolve-system-dependencies/resolve-system-dependencies
inst/
*.a
*.o
*.so
*.dylib
*.dll
*.exe
*.dep
*~
*.pc
*.plist
# GNU Global
GPATH
GRTAGS
GSYMS
GTAGS

1
third_party/nix/.skip-subtree vendored
View file

@ -1 +0,0 @@
Third-party code with non-depot layout.

2
third_party/nix/.travis.yml vendored
View file

@ -1,2 +0,0 @@
os: osx
script: ./tests/install-darwin.sh

1
third_party/nix/.version vendored
View file

@ -1 +0,0 @@
2.3.4

77
third_party/nix/CMakeLists.txt vendored
View file

@ -1,77 +0,0 @@
# -*- mode: cmake; -*-
cmake_minimum_required(VERSION 3.16)
project(nix CXX)
set(CMAKE_CXX_STANDARD 17)
# Export compile_commands.json which can be used by tools such as
# clangd and clang-tidy.
set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
# Enable warnings
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Werror")
# Provide an output path for pkgconfig.
include(GNUInstallDirs)
set(PKGCONFIG_INSTALL_DIR ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
# The following lines import CMake-native dependencies which may
# contain useful definitions. Other dependencies are not treated
# specially by CMake and are only linked into the resulting binary.
find_package(BZip2)
find_package(Boost COMPONENTS context)
find_package(CURL)
find_package(LibLZMA)
find_package(Protobuf REQUIRED)
find_package(SQLite3)
find_package(Threads)
find_package(absl REQUIRED)
find_package(gRPC REQUIRED)
find_package(glog REQUIRED)
find_program(CLANG_TIDY_PATH clang-tidy)
if (CLANG_TIDY_PATH)
# TODO(kanepyork): figure out how to reenable
#message("Found clang-tidy: ${CLANG_TIDY_PATH}")
#set(CMAKE_CXX_CLANG_TIDY "${CLANG_TIDY_PATH};--line-filter=[{\"name\":\"src/cpptoml/cpptoml.h\"},{\"name\":\"google/protobuf/metadata_lite.h\"}]")
# nix's toolchain has a problem with system header includes, so clang-tidy requires a manual -isystem
if (DEFINED ENV{LIBCXX_INCLUDE})
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -isystem $ENV{LIBCXX_INCLUDE}")
endif()
endif()
if (DEFINED ENV{SANDBOX_SHELL})
message("Using SANDBOX_SHELL = $ENV{SANDBOX_SHELL}")
set(SANDBOX_SHELL "$ENV{SANDBOX_SHELL}")
else()
find_program(BUSYBOX busybox)
if (BUSYBOX)
set(SANDBOX_SHELL "${BUSYBOX}")
else()
message(FATAL_ERROR "Could not find busybox and SANDBOX_SHELL is not set")
endif()
endif()
# generate a configuration file (autoheader-style) to configure
# certain symbols that Nix depends on.
configure_file(config.h.in nix_config.h @ONLY)
INSTALL(FILES "${PROJECT_BINARY_DIR}/nix_config.h" DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}/nix")
# install corepkgs
configure_file(corepkgs/config.nix.in config.nix @ONLY)
INSTALL(DIRECTORY corepkgs
DESTINATION ${CMAKE_INSTALL_DATADIR}/nix
FILES_MATCHING
PATTERN "*.nix")
INSTALL(FILES "${PROJECT_BINARY_DIR}/config.nix" DESTINATION "${CMAKE_INSTALL_DATADIR}/nix/corepkgs")
# Conditionally run tests
option(PACKAGE_TESTS "Build the tests" ON)
if (PACKAGE_TESTS)
enable_testing()
find_package(GTest)
find_package(rapidcheck)
include(GoogleTest)
endif()
add_subdirectory(src)

504
third_party/nix/COPYING vendored
View file

@ -1,504 +0,0 @@
GNU LESSER GENERAL PUBLIC LICENSE
Version 2.1, February 1999
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
[This is the first released version of the Lesser GPL. It also counts
as the successor of the GNU Library Public License, version 2, hence
the version number 2.1.]
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
Licenses are intended to guarantee your freedom to share and change
free software--to make sure the software is free for all its users.
This license, the Lesser General Public License, applies to some
specially designated software packages--typically libraries--of the
Free Software Foundation and other authors who decide to use it. You
can use it too, but we suggest you first think carefully about whether
this license or the ordinary General Public License is the better
strategy to use in any particular case, based on the explanations below.
When we speak of free software, we are referring to freedom of use,
not price. Our General Public Licenses are designed to make sure that
you have the freedom to distribute copies of free software (and charge
for this service if you wish); that you receive source code or can get
it if you want it; that you can change the software and use pieces of
it in new free programs; and that you are informed that you can do
these things.
To protect your rights, we need to make restrictions that forbid
distributors to deny you these rights or to ask you to surrender these
rights. These restrictions translate to certain responsibilities for
you if you distribute copies of the library or if you modify it.
For example, if you distribute copies of the library, whether gratis
or for a fee, you must give the recipients all the rights that we gave
you. You must make sure that they, too, receive or can get the source
code. If you link other code with the library, you must provide
complete object files to the recipients, so that they can relink them
with the library after making changes to the library and recompiling
it. And you must show them these terms so they know their rights.
We protect your rights with a two-step method: (1) we copyright the
library, and (2) we offer you this license, which gives you legal
permission to copy, distribute and/or modify the library.
To protect each distributor, we want to make it very clear that
there is no warranty for the free library. Also, if the library is
modified by someone else and passed on, the recipients should know
that what they have is not the original version, so that the original
author's reputation will not be affected by problems that might be
introduced by others.
Finally, software patents pose a constant threat to the existence of
any free program. We wish to make sure that a company cannot
effectively restrict the users of a free program by obtaining a
restrictive license from a patent holder. Therefore, we insist that
any patent license obtained for a version of the library must be
consistent with the full freedom of use specified in this license.
Most GNU software, including some libraries, is covered by the
ordinary GNU General Public License. This license, the GNU Lesser
General Public License, applies to certain designated libraries, and
is quite different from the ordinary General Public License. We use
this license for certain libraries in order to permit linking those
libraries into non-free programs.
When a program is linked with a library, whether statically or using
a shared library, the combination of the two is legally speaking a
combined work, a derivative of the original library. The ordinary
General Public License therefore permits such linking only if the
entire combination fits its criteria of freedom. The Lesser General
Public License permits more lax criteria for linking other code with
the library.
We call this license the "Lesser" General Public License because it
does Less to protect the user's freedom than the ordinary General
Public License. It also provides other free software developers Less
of an advantage over competing non-free programs. These disadvantages
are the reason we use the ordinary General Public License for many
libraries. However, the Lesser license provides advantages in certain
special circumstances.
For example, on rare occasions, there may be a special need to
encourage the widest possible use of a certain library, so that it becomes
a de-facto standard. To achieve this, non-free programs must be
allowed to use the library. A more frequent case is that a free
library does the same job as widely used non-free libraries. In this
case, there is little to gain by limiting the free library to free
software only, so we use the Lesser General Public License.
In other cases, permission to use a particular library in non-free
programs enables a greater number of people to use a large body of
free software. For example, permission to use the GNU C Library in
non-free programs enables many more people to use the whole GNU
operating system, as well as its variant, the GNU/Linux operating
system.
Although the Lesser General Public License is Less protective of the
users' freedom, it does ensure that the user of a program that is
linked with the Library has the freedom and the wherewithal to run
that program using a modified version of the Library.
The precise terms and conditions for copying, distribution and
modification follow. Pay close attention to the difference between a
"work based on the library" and a "work that uses the library". The
former contains code derived from the library, whereas the latter must
be combined with the library in order to run.
GNU LESSER GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License Agreement applies to any software library or other
program which contains a notice placed by the copyright holder or
other authorized party saying it may be distributed under the terms of
this Lesser General Public License (also called "this License").
Each licensee is addressed as "you".
A "library" means a collection of software functions and/or data
prepared so as to be conveniently linked with application programs
(which use some of those functions and data) to form executables.
The "Library", below, refers to any such software library or work
which has been distributed under these terms. A "work based on the
Library" means either the Library or any derivative work under
copyright law: that is to say, a work containing the Library or a
portion of it, either verbatim or with modifications and/or translated
straightforwardly into another language. (Hereinafter, translation is
included without limitation in the term "modification".)
"Source code" for a work means the preferred form of the work for
making modifications to it. For a library, complete source code means
all the source code for all modules it contains, plus any associated
interface definition files, plus the scripts used to control compilation
and installation of the library.
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running a program using the Library is not restricted, and output from
such a program is covered only if its contents constitute a work based
on the Library (independent of the use of the Library in a tool for
writing it). Whether that is true depends on what the Library does
and what the program that uses the Library does.
1. You may copy and distribute verbatim copies of the Library's
complete source code as you receive it, in any medium, provided that
you conspicuously and appropriately publish on each copy an
appropriate copyright notice and disclaimer of warranty; keep intact
all the notices that refer to this License and to the absence of any
warranty; and distribute a copy of this License along with the
Library.
You may charge a fee for the physical act of transferring a copy,
and you may at your option offer warranty protection in exchange for a
fee.
2. You may modify your copy or copies of the Library or any portion
of it, thus forming a work based on the Library, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) The modified work must itself be a software library.
b) You must cause the files modified to carry prominent notices
stating that you changed the files and the date of any change.
c) You must cause the whole of the work to be licensed at no
charge to all third parties under the terms of this License.
d) If a facility in the modified Library refers to a function or a
table of data to be supplied by an application program that uses
the facility, other than as an argument passed when the facility
is invoked, then you must make a good faith effort to ensure that,
in the event an application does not supply such function or
table, the facility still operates, and performs whatever part of
its purpose remains meaningful.
(For example, a function in a library to compute square roots has
a purpose that is entirely well-defined independent of the
application. Therefore, Subsection 2d requires that any
application-supplied function or table used by this function must
be optional: if the application does not supply it, the square
root function must still compute square roots.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Library,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Library, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote
it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Library.
In addition, mere aggregation of another work not based on the Library
with the Library (or with a work based on the Library) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may opt to apply the terms of the ordinary GNU General Public
License instead of this License to a given copy of the Library. To do
this, you must alter all the notices that refer to this License, so
that they refer to the ordinary GNU General Public License, version 2,
instead of to this License. (If a newer version than version 2 of the
ordinary GNU General Public License has appeared, then you can specify
that version instead if you wish.) Do not make any other change in
these notices.
Once this change is made in a given copy, it is irreversible for
that copy, so the ordinary GNU General Public License applies to all
subsequent copies and derivative works made from that copy.
This option is useful when you wish to copy part of the code of
the Library into a program that is not a library.
4. You may copy and distribute the Library (or a portion or
derivative of it, under Section 2) in object code or executable form
under the terms of Sections 1 and 2 above provided that you accompany
it with the complete corresponding machine-readable source code, which
must be distributed under the terms of Sections 1 and 2 above on a
medium customarily used for software interchange.
If distribution of object code is made by offering access to copy
from a designated place, then offering equivalent access to copy the
source code from the same place satisfies the requirement to
distribute the source code, even though third parties are not
compelled to copy the source along with the object code.
5. A program that contains no derivative of any portion of the
Library, but is designed to work with the Library by being compiled or
linked with it, is called a "work that uses the Library". Such a
work, in isolation, is not a derivative work of the Library, and
therefore falls outside the scope of this License.
However, linking a "work that uses the Library" with the Library
creates an executable that is a derivative of the Library (because it
contains portions of the Library), rather than a "work that uses the
library". The executable is therefore covered by this License.
Section 6 states terms for distribution of such executables.
When a "work that uses the Library" uses material from a header file
that is part of the Library, the object code for the work may be a
derivative work of the Library even though the source code is not.
Whether this is true is especially significant if the work can be
linked without the Library, or if the work is itself a library. The
threshold for this to be true is not precisely defined by law.
If such an object file uses only numerical parameters, data
structure layouts and accessors, and small macros and small inline
functions (ten lines or less in length), then the use of the object
file is unrestricted, regardless of whether it is legally a derivative
work. (Executables containing this object code plus portions of the
Library will still fall under Section 6.)
Otherwise, if the work is a derivative of the Library, you may
distribute the object code for the work under the terms of Section 6.
Any executables containing that work also fall under Section 6,
whether or not they are linked directly with the Library itself.
6. As an exception to the Sections above, you may also combine or
link a "work that uses the Library" with the Library to produce a
work containing portions of the Library, and distribute that work
under terms of your choice, provided that the terms permit
modification of the work for the customer's own use and reverse
engineering for debugging such modifications.
You must give prominent notice with each copy of the work that the
Library is used in it and that the Library and its use are covered by
this License. You must supply a copy of this License. If the work
during execution displays copyright notices, you must include the
copyright notice for the Library among them, as well as a reference
directing the user to the copy of this License. Also, you must do one
of these things:
a) Accompany the work with the complete corresponding
machine-readable source code for the Library including whatever
changes were used in the work (which must be distributed under
Sections 1 and 2 above); and, if the work is an executable linked
with the Library, with the complete machine-readable "work that
uses the Library", as object code and/or source code, so that the
user can modify the Library and then relink to produce a modified
executable containing the modified Library. (It is understood
that the user who changes the contents of definitions files in the
Library will not necessarily be able to recompile the application
to use the modified definitions.)
b) Use a suitable shared library mechanism for linking with the
Library. A suitable mechanism is one that (1) uses at run time a
copy of the library already present on the user's computer system,
rather than copying library functions into the executable, and (2)
will operate properly with a modified version of the library, if
the user installs one, as long as the modified version is
interface-compatible with the version that the work was made with.
c) Accompany the work with a written offer, valid for at
least three years, to give the same user the materials
specified in Subsection 6a, above, for a charge no more
than the cost of performing this distribution.
d) If distribution of the work is made by offering access to copy
from a designated place, offer equivalent access to copy the above
specified materials from the same place.
e) Verify that the user has already received a copy of these
materials or that you have already sent this user a copy.
For an executable, the required form of the "work that uses the
Library" must include any data and utility programs needed for
reproducing the executable from it. However, as a special exception,
the materials to be distributed need not include anything that is
normally distributed (in either source or binary form) with the major
components (compiler, kernel, and so on) of the operating system on
which the executable runs, unless that component itself accompanies
the executable.
It may happen that this requirement contradicts the license
restrictions of other proprietary libraries that do not normally
accompany the operating system. Such a contradiction means you cannot
use both them and the Library together in an executable that you
distribute.
7. You may place library facilities that are a work based on the
Library side-by-side in a single library together with other library
facilities not covered by this License, and distribute such a combined
library, provided that the separate distribution of the work based on
the Library and of the other library facilities is otherwise
permitted, and provided that you do these two things:
a) Accompany the combined library with a copy of the same work
based on the Library, uncombined with any other library
facilities. This must be distributed under the terms of the
Sections above.
b) Give prominent notice with the combined library of the fact
that part of it is a work based on the Library, and explaining
where to find the accompanying uncombined form of the same work.
8. You may not copy, modify, sublicense, link with, or distribute
the Library except as expressly provided under this License. Any
attempt otherwise to copy, modify, sublicense, link with, or
distribute the Library is void, and will automatically terminate your
rights under this License. However, parties who have received copies,
or rights, from you under this License will not have their licenses
terminated so long as such parties remain in full compliance.
9. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Library or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Library (or any work based on the
Library), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Library or works based on it.
10. Each time you redistribute the Library (or any work based on the
Library), the recipient automatically receives a license from the
original licensor to copy, distribute, link with or modify the Library
subject to these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties with
this License.
11. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Library at all. For example, if a patent
license would not permit royalty-free redistribution of the Library by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Library.
If any portion of this section is held invalid or unenforceable under any
particular circumstance, the balance of the section is intended to apply,
and the section as a whole is intended to apply in other circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
12. If the distribution and/or use of the Library is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Library under this License may add
an explicit geographical distribution limitation excluding those countries,
so that distribution is permitted only in or among countries not thus
excluded. In such case, this License incorporates the limitation as if
written in the body of this License.
13. The Free Software Foundation may publish revised and/or new
versions of the Lesser General Public License from time to time.
Such new versions will be similar in spirit to the present version,
but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Library
specifies a version number of this License which applies to it and
"any later version", you have the option of following the terms and
conditions either of that version or of any later version published by
the Free Software Foundation. If the Library does not specify a
license version number, you may choose any version ever published by
the Free Software Foundation.
14. If you wish to incorporate parts of the Library into other free
programs whose distribution conditions are incompatible with these,
write to the author to ask for permission. For software which is
copyrighted by the Free Software Foundation, write to the Free
Software Foundation; we sometimes make exceptions for this. Our
decision will be guided by the two goals of preserving the free status
of all derivatives of our free software and of promoting the sharing
and reuse of software generally.
NO WARRANTY
15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Libraries
If you develop a new library, and you want it to be of the greatest
possible use to the public, we recommend making it free software that
everyone can redistribute and change. You can do so by permitting
redistribution under these terms (or, alternatively, under the terms of the
ordinary General Public License).
To apply these terms, attach the following notices to the library. It is
safest to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least the
"copyright" line and a pointer to where the full notice is found.
<one line to give the library's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Also add information on how to contact you by electronic and paper mail.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the library, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the
library `Frob' (a library for tweaking knobs) written by James Random Hacker.
<signature of Ty Coon>, 1 April 1990
Ty Coon, President of Vice
That's all there is to it!

5
third_party/nix/OWNERS vendored
View file

@ -1,5 +0,0 @@
inherited: true
owners:
- grfn
- tazjin
- kanepyork

179
third_party/nix/README.md vendored
View file

@ -1,179 +0,0 @@
Tvix, also known as TVL's fork of Nix
-------------------------------------
Nix is a new take on package management that is fairly unique. Because
of its purity aspects, a lot of issues found in traditional package
managers don't appear with Nix.
To find out more about the tool, usage and installation instructions,
please read the manual, which is available on the Nix website at
<http://nixos.org/nix/manual>.
This repository is [TVL's](https://tvl.fyi)'s fork of Nix, which we lovingly
refer to as Tvix.
## Fork background
Nix is a fantastic project with over a decade of demonstrated
real-world usage, but also with quite a few problems.
First of all, the project consists of two main components: The Nix
package collection ("[nixpkgs][]") and the package manager itself.
The package collection is an enormous effort with hundreds of
thousands of commits, encoding expert knowledge about lots of
different software and ways of building and managing it. It is a very
valuable piece of software.
The package manager however is an old C++ project with severe code
quality issues, little to no documentation, no consistent style and no
unit test coverage.
Its codebase is larger than it needs to be (often due to custom
reimplementations of basic functionality) and is mostly ad-hoc
structured, making it difficult to correctly implement large-scale
improvements.
In addition, the upstream Nix project is diverging from the opinions
of some community members via the introduction of concepts such as Nix
flakes.
To counteract these things we have decided to fork Nix.
## Fork goals
The things listed here are explicitly in-scope for work on the fork.
This list is not exhaustive, and it is very likely that many other
smaller things will be discovered along the way.
### nixpkgs compatibility
This fork will maintain compatibility with nixpkgs as much as
possible. If at any point we do need to diverge, we will do it in a
way that is backwards compatible.
### Code quality improvements
Code quality encompasses several different issues.
One goal is to slowly bring the codebase in line with the [Google C++
style guide][google-style]. Apart from the trivial reformatting (which
is already done), this means slowly chipping away at incorrectly
structured type hierarchies, usage of exceptions, usage of raw
pointers, global mutability and so on.
Another goal is to reduce the amount of code in Nix by removing custom
reimplementations of basic functionality (such as string splitting or
reading files).
For functionality that is not part of the C++17 standard library,
[Abseil][] will be the primary external library used.
### Explicit RPC mechanisms
Nix currently uses homegrown mechanisms of interacting with other Nix
binaries, for example for remote builds or interaction between the CLI
and the Nix daemon.
This will be replaced with [gRPC][].
### New sandboxing mechanism
Nix implements its own sandboxing mechanism. This was probably the
correct decision at the time, but is not necessary anymore because
Linux containers have become massively popular and lots of new tooling
is now available.
The goal is to replace the custom sandboxing implementation with
pluggable [OCI runtimes][oci], which will make it possible to use
arbitrary container runtimes such as [gVisor][] or [systemd-nspawn][]
### Pluggable Nix store backends
The current Nix store implementation will be removed from Nix' core
and instead be refactored into a gRPC API that can be implemented by
different backends.
### Builds as graph reductions
A Nix derivation that should be instantiated describes a build graph.
This graph will become a first-class citizen, making it possible to
distribute different parts of the computation to different nodes.
Implementing this properly will also allow us to improve the
implementation of import-from-derivation by explicitly moving through
different graph reduction stages.
## Fork non-goals
To set expectations, there are some explicit non-goals, too.
* Merging these changes back into upstream is not a goal, and maybe
not even feasible. The core work has not even started yet and just
basic cleanup has already created a diff of over 40 000 lines.
This would likely also turn into a political effort, which we have
no interest in.
* Improved performance is not an (initial) goal. Nix performance is
very unevenly distributed across the codebase (some things have seen
a lot of ad-hoc optimisation, others are written like inefficient
toy implementations) and we simply don't know what effect the
cleanup will have.
Once the codebase is in a better state we will be able to start
optimising it again while retaining readability, but this is not a
goal until a later point in time.
* Compatibility with new upstream features is not a goal. Specifically
we do not want Nix flakes, but other changes upstream makes will be
considered for inclusion.
* Support for non-Linux systems. Currently Nix support Mac OS and
potentially other systems, but this support will be dropped.
Once we have OCI-compatible sandboxes and a store protocol it will
be possible to reintroduce these with less friction.
## Building
To build the project, set up an out-of-tree cmake directory and run cmake in
nix-shell.
```
mkdir ~/build/tvix
cd ~/build/tvix
nix-shell $DEPOT_PATH -A third_party.nix.build-shell
# Disable clang-tidy for quicker builds
cmake $DEPOT_PATH/third_party/nix/ -DCLANG_TIDY_PATH=""
make -j16 -l12
# Run tests
make test
```
## Contributing to the fork
The TVL depot's default [contribution guidelines][contributing] apply.
In addition, please make sure that submitted code builds and is
formatted with `clang-format`, using the configuration found in this
folder.
## License
Nix is released under the LGPL v2.1
This product includes software developed by the OpenSSL Project for
use in the [OpenSSL Toolkit](http://www.OpenSSL.org/).
[nixpkgs]: https://github.com/NixOS/nixpkgs
[google-style]: https://google.github.io/styleguide/cppguide.html
[Abseil]: https://abseil.io/
[gRPC]: https://grpc.io/
[oci]: https://www.opencontainers.org/
[gVisor]: https://gvisor.dev/
[systemd-nspawn]: https://www.freedesktop.org/software/systemd/man/systemd-nspawn.html
[contributing]: https://cs.tvl.fyi/depot/-/blob/docs/CONTRIBUTING.md

30
third_party/nix/clangd.nix vendored
View file

@ -1,30 +0,0 @@
# Create a clangd wrapper script that can be used with this project.
# The default Nix wrapper only works with C projects, not C++
# projects.
#
# The CPATH construction logic is lifted from the original wrapper
# script.
pkgs:
pkgs.writeShellScriptBin "nix-clangd" ''
buildcpath() {
local path
while (( $# )); do
case $1 in
-isystem)
shift
path=$path''${path:+':'}$1
esac
shift
done
echo $path
}
export CPATH=''${CPATH}''${CPATH:+':'}:$(buildcpath ''${NIX_CFLAGS_COMPILE})
export CPATH=${pkgs.glibc.dev}/include''${CPATH:+':'}''${CPATH}
export CPLUS_INCLUDE_PATH=${pkgs.llvmPackages_11.libcxx}/include/c++/v1:''${CPATH}
# TODO(tazjin): Configurable commands directory?
exec -a clangd ${pkgs.llvmPackages_11.clang-unwrapped}/bin/clangd -cross-file-rename $@
''

130
third_party/nix/config.h.in vendored
View file

@ -1,130 +0,0 @@
// This file configures various build-time settings in Nix. In
// previous iterations it was mostly responsible for configuring
// OS-dependent settings, which are still preserved below but should
// be removed.
#ifndef NIX_CONFIG_H
#define NIX_CONFIG_H
/* Define to the version of this package. */
#define PACKAGE_VERSION "2.3.4"
/* Platform identifier (`cpu-os`) */
// TODO(tazjin): generate
#define SYSTEM "x86_64-linux"
// TODO(tazjin): some of these values are nonsensical for Nix
#define NIX_PREFIX "@CMAKE_INSTALL_PREFIX@"
#define NIX_STORE_DIR "/nix/store"
#define NIX_DATA_DIR "@CMAKE_INSTALL_FULL_DATADIR@"
#define NIX_LOG_DIR "/nix/var/log/nix"
#define NIX_STATE_DIR "/nix/var/nix"
#define NIX_CONF_DIR "/etc/nix"
#define NIX_LIBEXEC_DIR "@CMAKE_INSTALL_FULL_LIBEXECDIR@"
#define NIX_BIN_DIR "@CMAKE_INSTALL_FULL_BINDIR@"
#define NIX_MAN_DIR "@CMAKE_INSTALL_FULL_MANDIR@"
#define SANDBOX_SHELL "@SANDBOX_SHELL@"
// Defines used only in tests (e.g. to access data)
#define NIX_SRC_DIR "@CMAKE_SOURCE_DIR@"
// These are hardcoded either because support for non-Linux is being
// dropped, or because a decision was made to make inclusion of these
// libraries mandatory.
#define HAVE_STRUCT_DIRENT_D_TYPE 1
#define HAVE_LUTIMES 1
// Whether link() works on symlinks
#define CAN_LINK_SYMLINK 1
/* Whether to use the Boehm garbage collector. */
#define HAVE_BOEHMGC 1
/* Define if the Boost library is available. */
#define HAVE_BOOST 1
/* Define to 1 if you have the <bzlib.h> header file. */
#define HAVE_BZLIB_H 1
/* Define if the compiler supports basic C++17 syntax */
#define HAVE_CXX17 1
/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR` */
#define HAVE_DIRENT_H 1
/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR` */
#define HAVE_DIR_H 1
/* Define to 1 if you have the <editline.h> header file. */
#define HAVE_EDITLINE_H 1
/* Define to 1 if you have the <inttypes.h> header file. */
#define HAVE_INTTYPES_H 1
/* Define to 1 if you have the `lchown` function. */
#define HAVE_LCHOWN 1
/* Define to 1 if you have the <locale.h> header file. */
#define HAVE_LOCALE 1
/* Define to 1 if you have the `lutimes` function. */
#define HAVE_LUTIMES 1
/* Define to 1 if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1
/* Define to 1 if you have the `pipe2` function. */
#define HAVE_PIPE2 1
/* Define to 1 if you have the `posix_fallocate` function. */
#define HAVE_POSIX_FALLOCATE 1
/* Define to 1 if you have the `pubsetbuf` function. */
#define HAVE_PUBSETBUF 1
/* Whether seccomp is available and should be used for sandboxing. */
#define HAVE_SECCOMP 1
/* Define to 1 if you have the `setresuid` function. */
#define HAVE_SETRESUID 1
/* Define to 1 if you have the `setreuid` function. */
#define HAVE_SETREUID 1
/* Whether to use libsodium for cryptography. */
#define HAVE_SODIUM 1
/* Define to 1 if you have the `statvfs` function. */
#define HAVE_STATVFS 1
/* Define to 1 if you have the <stdint.h> header file. */
#define HAVE_STDINT_H 1
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRING_H 1
/* Define to 1 if you have the `strsignal` function. */
#define HAVE_STRSIGNAL 1
/* Define to 1 if you have the `sysconf` function. */
#define HAVE_SYSCONF 1
/* Define to 1 if you have the <sys/stat.h> header file. */
#define HAVE_SYS_STAT_H 1
/* Define to 1 if you have the <sys/types.h> header file. */
#define HAVE_SYS_TYPES_H 1
/* Define to 1 if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H 1
#endif

1818
third_party/nix/config/config.sub vendored
View file

File diff suppressed because it is too large Load diff

527
third_party/nix/config/install-sh vendored
View file

@ -1,527 +0,0 @@
#!/bin/sh
# install - install a program, script, or datafile
scriptversion=2011-11-20.07; # UTC
# This originates from X11R5 (mit/util/scripts/install.sh), which was
# later released in X11R6 (xc/config/util/install.sh) with the
# following copyright and license.
#
# Copyright (C) 1994 X Consortium
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
# Except as contained in this notice, the name of the X Consortium shall not
# be used in advertising or otherwise to promote the sale, use or other deal-
# ings in this Software without prior written authorization from the X Consor-
# tium.
#
#
# FSF changes to this file are in the public domain.
#
# Calling this script install-sh is preferred over install.sh, to prevent
# 'make' implicit rules from creating a file called install from it
# when there is no Makefile.
#
# This script is compatible with the BSD install script, but was written
# from scratch.
nl='
'
IFS=" "" $nl"
# set DOITPROG to echo to test this script
# Don't use :- since 4.3BSD and earlier shells don't like it.
doit=${DOITPROG-}
if test -z "$doit"; then
doit_exec=exec
else
doit_exec=$doit
fi
# Put in absolute file names if you don't have them in your path;
# or use environment vars.
chgrpprog=${CHGRPPROG-chgrp}
chmodprog=${CHMODPROG-chmod}
chownprog=${CHOWNPROG-chown}
cmpprog=${CMPPROG-cmp}
cpprog=${CPPROG-cp}
mkdirprog=${MKDIRPROG-mkdir}
mvprog=${MVPROG-mv}
rmprog=${RMPROG-rm}
stripprog=${STRIPPROG-strip}
posix_glob='?'
initialize_posix_glob='
test "$posix_glob" != "?" || {
if (set -f) 2>/dev/null; then
posix_glob=
else
posix_glob=:
fi
}
'
posix_mkdir=
# Desired mode of installed file.
mode=0755
chgrpcmd=
chmodcmd=$chmodprog
chowncmd=
mvcmd=$mvprog
rmcmd="$rmprog -f"
stripcmd=
src=
dst=
dir_arg=
dst_arg=
copy_on_change=false
no_target_directory=
usage="\
Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
or: $0 [OPTION]... SRCFILES... DIRECTORY
or: $0 [OPTION]... -t DIRECTORY SRCFILES...
or: $0 [OPTION]... -d DIRECTORIES...
In the 1st form, copy SRCFILE to DSTFILE.
In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
In the 4th, create DIRECTORIES.
Options:
--help display this help and exit.
--version display version info and exit.
-c (ignored)
-C install only if different (preserve the last data modification time)
-d create directories instead of installing files.
-g GROUP $chgrpprog installed files to GROUP.
-m MODE $chmodprog installed files to MODE.
-o USER $chownprog installed files to USER.
-s $stripprog installed files.
-t DIRECTORY install into DIRECTORY.
-T report an error if DSTFILE is a directory.
Environment variables override the default commands:
CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
RMPROG STRIPPROG
"
while test $# -ne 0; do
case $1 in
-c) ;;
-C) copy_on_change=true;;
-d) dir_arg=true;;
-g) chgrpcmd="$chgrpprog $2"
shift;;
--help) echo "$usage"; exit $?;;
-m) mode=$2
case $mode in
*' '* | *' '* | *'
'* | *'*'* | *'?'* | *'['*)
echo "$0: invalid mode: $mode" >&2
exit 1;;
esac
shift;;
-o) chowncmd="$chownprog $2"
shift;;
-s) stripcmd=$stripprog;;
-t) dst_arg=$2
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
shift;;
-T) no_target_directory=true;;
--version) echo "$0 $scriptversion"; exit $?;;
--) shift
break;;
-*) echo "$0: invalid option: $1" >&2
exit 1;;
*) break;;
esac
shift
done
if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
# When -d is used, all remaining arguments are directories to create.
# When -t is used, the destination is already specified.
# Otherwise, the last argument is the destination. Remove it from $@.
for arg
do
if test -n "$dst_arg"; then
# $@ is not empty: it contains at least $arg.
set fnord "$@" "$dst_arg"
shift # fnord
fi
shift # arg
dst_arg=$arg
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
done
fi
if test $# -eq 0; then
if test -z "$dir_arg"; then
echo "$0: no input file specified." >&2
exit 1
fi
# It's OK to call 'install-sh -d' without argument.
# This can happen when creating conditional directories.
exit 0
fi
if test -z "$dir_arg"; then
do_exit='(exit $ret); exit $ret'
trap "ret=129; $do_exit" 1
trap "ret=130; $do_exit" 2
trap "ret=141; $do_exit" 13
trap "ret=143; $do_exit" 15
# Set umask so as not to create temps with too-generous modes.
# However, 'strip' requires both read and write access to temps.
case $mode in
# Optimize common cases.
*644) cp_umask=133;;
*755) cp_umask=22;;
*[0-7])
if test -z "$stripcmd"; then
u_plus_rw=
else
u_plus_rw='% 200'
fi
cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
*)
if test -z "$stripcmd"; then
u_plus_rw=
else
u_plus_rw=,u+rw
fi
cp_umask=$mode$u_plus_rw;;
esac
fi
for src
do
# Protect names problematic for 'test' and other utilities.
case $src in
-* | [=\(\)!]) src=./$src;;
esac
if test -n "$dir_arg"; then
dst=$src
dstdir=$dst
test -d "$dstdir"
dstdir_status=$?
else
# Waiting for this to be detected by the "$cpprog $src $dsttmp" command
# might cause directories to be created, which would be especially bad
# if $src (and thus $dsttmp) contains '*'.
if test ! -f "$src" && test ! -d "$src"; then
echo "$0: $src does not exist." >&2
exit 1
fi
if test -z "$dst_arg"; then
echo "$0: no destination specified." >&2
exit 1
fi
dst=$dst_arg
# If destination is a directory, append the input filename; won't work
# if double slashes aren't ignored.
if test -d "$dst"; then
if test -n "$no_target_directory"; then
echo "$0: $dst_arg: Is a directory" >&2
exit 1
fi
dstdir=$dst
dst=$dstdir/`basename "$src"`
dstdir_status=0
else
# Prefer dirname, but fall back on a substitute if dirname fails.
dstdir=`
(dirname "$dst") 2>/dev/null ||
expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
X"$dst" : 'X\(//\)[^/]' \| \
X"$dst" : 'X\(//\)$' \| \
X"$dst" : 'X\(/\)' \| . 2>/dev/null ||
echo X"$dst" |
sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
s//\1/
q
}
/^X\(\/\/\)[^/].*/{
s//\1/
q
}
/^X\(\/\/\)$/{
s//\1/
q
}
/^X\(\/\).*/{
s//\1/
q
}
s/.*/./; q'
`
test -d "$dstdir"
dstdir_status=$?
fi
fi
obsolete_mkdir_used=false
if test $dstdir_status != 0; then
case $posix_mkdir in
'')
# Create intermediate dirs using mode 755 as modified by the umask.
# This is like FreeBSD 'install' as of 1997-10-28.
umask=`umask`
case $stripcmd.$umask in
# Optimize common cases.
*[2367][2367]) mkdir_umask=$umask;;
.*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
*[0-7])
mkdir_umask=`expr $umask + 22 \
- $umask % 100 % 40 + $umask % 20 \
- $umask % 10 % 4 + $umask % 2
`;;
*) mkdir_umask=$umask,go-w;;
esac
# With -d, create the new directory with the user-specified mode.
# Otherwise, rely on $mkdir_umask.
if test -n "$dir_arg"; then
mkdir_mode=-m$mode
else
mkdir_mode=
fi
posix_mkdir=false
case $umask in
*[123567][0-7][0-7])
# POSIX mkdir -p sets u+wx bits regardless of umask, which
# is incompatible with FreeBSD 'install' when (umask & 300) != 0.
;;
*)
tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0
if (umask $mkdir_umask &&
exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1
then
if test -z "$dir_arg" || {
# Check for POSIX incompatibilities with -m.
# HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
# other-writable bit of parent directory when it shouldn't.
# FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
ls_ld_tmpdir=`ls -ld "$tmpdir"`
case $ls_ld_tmpdir in
d????-?r-*) different_mode=700;;
d????-?--*) different_mode=755;;
*) false;;
esac &&
$mkdirprog -m$different_mode -p -- "$tmpdir" && {
ls_ld_tmpdir_1=`ls -ld "$tmpdir"`
test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
}
}
then posix_mkdir=:
fi
rmdir "$tmpdir/d" "$tmpdir"
else
# Remove any dirs left behind by ancient mkdir implementations.
rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null
fi
trap '' 0;;
esac;;
esac
if
$posix_mkdir && (
umask $mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
)
then :
else
# The umask is ridiculous, or mkdir does not conform to POSIX,
# or it failed possibly due to a race condition. Create the
# directory the slow way, step by step, checking for races as we go.
case $dstdir in
/*) prefix='/';;
[-=\(\)!]*) prefix='./';;
*) prefix='';;
esac
eval "$initialize_posix_glob"
oIFS=$IFS
IFS=/
$posix_glob set -f
set fnord $dstdir
shift
$posix_glob set +f
IFS=$oIFS
prefixes=
for d
do
test X"$d" = X && continue
prefix=$prefix$d
if test -d "$prefix"; then
prefixes=
else
if $posix_mkdir; then
(umask=$mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
# Don't fail if two instances are running concurrently.
test -d "$prefix" || exit 1
else
case $prefix in
*\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
*) qprefix=$prefix;;
esac
prefixes="$prefixes '$qprefix'"
fi
fi
prefix=$prefix/
done
if test -n "$prefixes"; then
# Don't fail if two instances are running concurrently.
(umask $mkdir_umask &&
eval "\$doit_exec \$mkdirprog $prefixes") ||
test -d "$dstdir" || exit 1
obsolete_mkdir_used=true
fi
fi
fi
if test -n "$dir_arg"; then
{ test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
{ test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
else
# Make a couple of temp file names in the proper directory.
dsttmp=$dstdir/_inst.$$_
rmtmp=$dstdir/_rm.$$_
# Trap to clean up those temp files at exit.
trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
# Copy the file name to the temp name.
(umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") &&
# and set any options; do chmod last to preserve setuid bits.
#
# If any of these fail, we abort the whole thing. If we want to
# ignore errors from any of these, just make sure not to ignore
# errors from the above "$doit $cpprog $src $dsttmp" command.
#
{ test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
{ test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
{ test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
# If -C, don't bother to copy if it wouldn't change the file.
if $copy_on_change &&
old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` &&
new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
eval "$initialize_posix_glob" &&
$posix_glob set -f &&
set X $old && old=:$2:$4:$5:$6 &&
set X $new && new=:$2:$4:$5:$6 &&
$posix_glob set +f &&
test "$old" = "$new" &&
$cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
then
rm -f "$dsttmp"
else
# Rename the file to the real destination.
$doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
# The rename failed, perhaps because mv can't rename something else
# to itself, or perhaps because mv is so ancient that it does not
# support -f.
{
# Now remove or move aside any old file at destination location.
# We try this two ways since rm can't unlink itself on some
# systems and the destination file might be busy for other
# reasons. In this case, the final cleanup might fail but the new
# file should still install successfully.
{
test ! -f "$dst" ||
$doit $rmcmd -f "$dst" 2>/dev/null ||
{ $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
{ $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
} ||
{ echo "$0: cannot unlink or rename $dst" >&2
(exit 1); exit 1
}
} &&
# Now rename the file to the real destination.
$doit $mvcmd "$dsttmp" "$dst"
}
fi || exit 1
trap '' 0
fi
done
# Local variables:
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC"
# time-stamp-end: "; # UTC"
# End:

38
third_party/nix/contrib/stack-collapse.py vendored
View file

@ -1,38 +0,0 @@
#!/usr/bin/env nix-shell
#!nix-shell -i python3 -p python3 --pure
# To be used with `--trace-function-calls` and `flamegraph.pl`.
#
# For example:
#
# nix-instantiate --trace-function-calls '<nixpkgs>' -A hello 2> nix-function-calls.trace
# ./contrib/stack-collapse.py nix-function-calls.trace > nix-function-calls.folded
# nix-shell -p flamegraph --run "flamegraph.pl nix-function-calls.folded > nix-function-calls.svg"
import sys
from pprint import pprint
import fileinput
stack = []
timestack = []
for line in fileinput.input():
components = line.strip().split(" ", 2)
if components[0] != "function-trace":
continue
direction = components[1]
components = components[2].rsplit(" ", 2)
loc = components[0]
_at = components[1]
time = int(components[2])
if direction == "entered":
stack.append(loc)
timestack.append(time)
elif direction == "exited":
dur = time - timestack.pop()
vst = ";".join(stack)
print(f"{vst} {dur}")
stack.pop()

27
third_party/nix/corepkgs/buildenv.nix vendored
View file

@ -1,27 +0,0 @@
{ derivations, manifest }:
derivation {
name = "user-environment";
system = "builtin";
builder = "builtin:buildenv";
inherit manifest;
# !!! grmbl, need structured data for passing this in a clean way.
derivations =
map
(d:
[
(d.meta.active or "true")
(d.meta.priority or 5)
(builtins.length d.outputs)
] ++ map (output: builtins.getAttr output d) d.outputs)
derivations;
# Building user environments remotely just causes huge amounts of
# network traffic, so don't do that.
preferLocalBuild = true;
# Also don't bother substituting.
allowSubstitutes = false;
}

29
third_party/nix/corepkgs/config.nix.in vendored
View file

@ -1,29 +0,0 @@
let
fromEnv = var: def:
let val = builtins.getEnv var; in
if val != "" then val else def;
in rec {
shell = "@bash@";
coreutils = "@coreutils@";
bzip2 = "@bzip2@";
gzip = "@gzip@";
xz = "@xz@";
tar = "@tar@";
tarFlags = "@tarFlags@";
tr = "@tr@";
nixBinDir = fromEnv "NIX_BIN_DIR" "@CMAKE_INSTALL_FULL_BINDIR@";
nixPrefix = "@CMAKE_INSTALL_PREFIX@";
nixLibexecDir = fromEnv "NIX_LIBEXEC_DIR" "@CMAKE_INSTALL_FULL_LIBEXECDIR@";
nixLocalstateDir = "/nix/var";
nixSysconfDir = "/etc";
nixStoreDir = fromEnv "NIX_STORE_DIR" "/nix/store";
# If Nix is installed in the Nix store, then automatically add it as
# a dependency to the core packages. This ensures that they work
# properly in a chroot.
chrootDeps =
if dirOf nixPrefix == builtins.storeDir then
[ (builtins.storePath nixPrefix) ]
else
[ ];
}

30
third_party/nix/corepkgs/derivation.nix vendored
View file

@ -1,30 +0,0 @@
/* This is the implementation of the derivation builtin function.
It's actually a wrapper around the derivationStrict primop. */
drvAttrs @ { outputs ? [ "out" ], ... }:
let
strict = derivationStrict drvAttrs;
commonAttrs = drvAttrs // (builtins.listToAttrs outputsList) //
{
all = map (x: x.value) outputsList;
inherit drvAttrs;
};
outputToAttrListElement = outputName:
{
name = outputName;
value = commonAttrs // {
outPath = builtins.getAttr outputName strict;
drvPath = strict.drvPath;
type = "derivation";
inherit outputName;
};
};
outputsList = map outputToAttrListElement outputs;
in
(builtins.head outputsList).value

46
third_party/nix/corepkgs/fetchurl.nix vendored
View file

@ -1,46 +0,0 @@
{ system ? "" # obsolete
, url
, hash ? "" # an SRI ash
# Legacy hash specification
, md5 ? ""
, sha1 ? ""
, sha256 ? ""
, sha512 ? ""
, outputHash ? if hash != "" then hash else if sha512 != "" then sha512 else if sha1 != "" then sha1 else if md5 != "" then md5 else sha256
, outputHashAlgo ? if hash != "" then "" else if sha512 != "" then "sha512" else if sha1 != "" then "sha1" else if md5 != "" then "md5" else "sha256"
, executable ? false
, unpack ? false
, name ? baseNameOf (toString url)
}:
derivation {
builder = "builtin:fetchurl";
# New-style output content requirements.
inherit outputHashAlgo outputHash;
outputHashMode = if unpack || executable then "recursive" else "flat";
inherit name url executable unpack;
system = "builtin";
# No need to double the amount of network traffic
preferLocalBuild = true;
impureEnvVars = [
# We borrow these environment variables from the caller to allow
# easy proxy configuration. This is impure, but a fixed-output
# derivation like fetchurl is allowed to do so since its result is
# by definition pure.
"http_proxy"
"https_proxy"
"ftp_proxy"
"all_proxy"
"no_proxy"
];
# To make "nix-prefetch-url" work.
urls = [ url ];
}

24
third_party/nix/corepkgs/imported-drv-to-derivation.nix vendored
View file

@ -1,24 +0,0 @@
attrs @ { drvPath, outputs, name, ... }:
let
commonAttrs = (builtins.listToAttrs outputsList) //
{
all = map (x: x.value) outputsList;
inherit drvPath name;
type = "derivation";
};
outputToAttrListElement = outputName:
{
name = outputName;
value = commonAttrs // {
outPath = builtins.getAttr outputName attrs;
inherit outputName;
};
};
outputsList = map outputToAttrListElement outputs;
in
(builtins.head outputsList).value

39
third_party/nix/corepkgs/unpack-channel.nix vendored
View file

@ -1,39 +0,0 @@
with import <nix/config.nix>;
let
builder = builtins.toFile "unpack-channel.sh"
''
mkdir $out
cd $out
xzpat="\.xz\$"
gzpat="\.gz\$"
if [[ "$src" =~ $xzpat ]]; then
${xz} -d < $src | ${tar} xf - ${tarFlags}
elif [[ "$src" =~ $gzpat ]]; then
${gzip} -d < $src | ${tar} xf - ${tarFlags}
else
${bzip2} -d < $src | ${tar} xf - ${tarFlags}
fi
if [ * != $channelName ]; then
mv * $out/$channelName
fi
'';
in
{ name, channelName, src }:
derivation {
system = builtins.currentSystem;
builder = shell;
args = [ "-e" builder ];
inherit name channelName src;
PATH = "${nixBinDir}:${coreutils}";
# No point in doing this remotely.
preferLocalBuild = true;
inherit chrootDeps;
}

270
third_party/nix/default.nix vendored
View file

@ -1,270 +0,0 @@
args@{ depot ? (import ../.. { })
, pkgs ? depot.third_party.nixpkgs
, lib
, buildType ? "release"
, ...
}:
let
# Override some external dependencies for C++17 & clang compat.
abseil-cpp = pkgs.abseil-cpp.override {
stdenv = pkgs.fullLlvm11Stdenv;
cxxStandard = "17";
};
protobuf = pkgs.callPackage (pkgs.path + "/pkgs/development/libraries/protobuf/generic-v3.nix") {
version = "3.12.2";
sha256 = "1lp368aa206vpic9fmax4k6llnmf28plfvkkm4vqhgphmjqykvl2";
stdenv = pkgs.fullLlvm11Stdenv;
buildPackages = {
inherit (pkgs.buildPackages) which;
stdenv = pkgs.buildPackages.fullLlvm11Stdenv;
};
};
re2 = pkgs.re2.override {
stdenv = pkgs.fullLlvm11Stdenv;
};
grpc = (pkgs.grpc.override {
inherit abseil-cpp protobuf re2;
stdenv = pkgs.fullLlvm11Stdenv;
}).overrideAttrs (orig: rec {
cmakeFlags = orig.cmakeFlags ++ [
"-DCMAKE_CXX_STANDARD_REQUIRED=ON"
"-DCMAKE_CXX_STANDARD=17"
];
});
aws-s3-cpp = pkgs.aws-sdk-cpp.override {
apis = [ "s3" "transfer" ];
customMemoryManagement = false;
};
src =
let
srcDir = ./.;
# create relative paths for all the sources we are filtering
asRelative = path:
let
srcS = toString srcDir;
pathS = toString path;
in
if ! lib.hasPrefix srcS pathS then
throw "Path is outside of the working directory."
else
lib.removePrefix srcS pathS;
in
builtins.filterSource
(path: type:
# Strip out .nix files that are in the root of the repository. Changing
# the expression of tvix shouldn't cause a rebuild of tvix unless really
# required.
!(dirOf (asRelative path) == "/" && lib.hasSuffix ".nix" path) &&
# remove the proto files from the repo as those are compiled separately
!(lib.hasPrefix "src/proto" (asRelative path)) &&
# ignore result symlinks
!(type == "symlink" && lib.hasPrefix "result" (baseNameOf path))
)
srcDir;
# Proto generation in CMake is theoretically possible, but that is
# very theoretical - this does it in Nix instead.
protoSrcs = pkgs.runCommand "nix-proto-srcs" { } ''
export PROTO_SRCS=${./src/proto}
mkdir -p $out/libproto
${protobuf}/bin/protoc -I=$PROTO_SRCS \
--cpp_out=$out/libproto \
--plugin=protoc-gen-grpc=${grpc}/bin/grpc_cpp_plugin \
--grpc_out=$out/libproto \
$PROTO_SRCS/*.proto
'';
# Derivation for busybox that just has the `busybox` binary in bin/, not all
# the symlinks, so cmake can find it
busybox = pkgs.runCommand "busybox" { } ''
mkdir -p $out/bin
cp ${pkgs.busybox}/bin/busybox $out/bin
'';
in
lib.fix (self: pkgs.fullLlvm11Stdenv.mkDerivation {
pname = "tvix";
version = "2.3.4";
inherit src;
nativeBuildInputs = with pkgs; [
bison
clang-tools_11
cmake
libxml2
libxslt
pkgconfig
(import ./clangd.nix pkgs)
];
# TODO(tazjin): Some of these might only be required for native inputs
buildInputs = (with pkgs; [
aws-s3-cpp
brotli
bzip2
c-ares
curl
editline
flex
glog
libseccomp
libsodium
openssl
sqlite
systemd.dev
xz
# dependencies with custom overrides
abseil-cpp
grpc
protobuf
]);
doCheck = false;
doInstallCheck = true;
# Preserve debug symbols, for core dumps + other live debugging
dontStrip = true;
installCheckInputs = with depot.third_party; [
gtest
pkgs.fd
rapidcheck
];
propagatedBuildInputs = with pkgs; [
boost
];
configurePhase = ''
mkdir build
cd build
cmake .. \
-DCMAKE_INSTALL_PREFIX=$out \
-DCMAKE_BUILD_TYPE=RelWithDebInfo \
-DCMAKE_FIND_USE_SYSTEM_PACKAGE_REGISTRY=OFF \
-DCMAKE_FIND_USE_PACKAGE_REGISTRY=OFF \
-DCMAKE_EXPORT_NO_PACKAGE_REGISTRY=ON
'';
installCheckPhase = ''
export NIX_DATA_DIR=$out/share
export NIX_TEST_VAR=foo # this is required by a language test
make test
'';
preBuild = ''
if [ -n "$NIX_BUILD_CORES" ]; then
makeFlags+="-j$NIX_BUILD_CORES "
makeFlags+="-l$NIX_BUILD_CORES "
fi
'';
# Forward the location of the generated Protobuf / gRPC files so
# that they can be included by CMake.
NIX_PROTO_SRCS = protoSrcs;
# Work around broken system header include flags in the cxx toolchain.
LIBCXX_INCLUDE = "${pkgs.llvmPackages_11.libcxx}/include/c++/v1";
SANDBOX_SHELL = "${pkgs.busybox}/bin/busybox";
# Install the various symlinks to the Nix binary which users expect
# to exist.
postInstall = ''
ln -s $out/bin/nix $out/bin/nix-build
ln -s $out/bin/nix $out/bin/nix-channel
ln -s $out/bin/nix $out/bin/nix-collect-garbage
ln -s $out/bin/nix $out/bin/nix-copy-closure
ln -s $out/bin/nix $out/bin/nix-env
ln -s $out/bin/nix $out/bin/nix-hash
ln -s $out/bin/nix $out/bin/nix-instantiate
ln -s $out/bin/nix $out/bin/nix-prefetch-url
ln -s $out/bin/nix $out/bin/nix-shell
ln -s $out/bin/nix $out/bin/nix-store
mkdir -p $out/libexec/nix
ln -s $out/bin/nix $out/libexec/nix/build-remote
# configuration variables for templated files
export storedir=/nix/store
export localstatedir=/nix/var
export bindir=$out/bin
mkdir -p $out/lib/systemd/system
substituteAll \
${src}/misc/systemd/nix-daemon.service.in \
$out/lib/systemd/system/nix-daemon.service
substituteAll \
${src}/misc/systemd/nix-daemon.socket.in \
$out/lib/systemd/system/nix-daemon.socket
mkdir -p $out/etc/profile.d
substituteAll \
${src}/scripts/nix-profile.sh.in $out/etc/profile.d/nix.sh
substituteAll \
${src}/scripts/nix-profile-daemon.sh.in $out/etc/profile.d/nix-daemon.sh
'';
# TODO(tazjin): integration test setup?
# TODO(tazjin): docs generation?
passthru = {
build-shell = self.overrideAttrs (up: rec {
run_clang_tidy = pkgs.writeShellScriptBin "run-clang-tidy" ''
test -f compile_commands.json || (echo "run from build output directory"; exit 1) || exit 1
${pkgs.jq}/bin/jq < compile_commands.json -r 'map(.file)|.[]' | grep -v '/generated/' | ${pkgs.parallel}/bin/parallel ${pkgs.clang-tools}/bin/clang-tidy -p compile_commands.json $@
'';
installCheckInputs = up.installCheckInputs ++ [ run_clang_tidy ];
shellHook = ''
export NIX_DATA_DIR="${toString depot.path}/third_party"
export NIX_TEST_VAR=foo
'';
});
# Ensure formatting is coherent,
# but do this in parallel to the main build because:
# - (in favor of building this after tvix)
# tests run so that developers get all the useful feedback
# - (in favor of building this before tvix)
# if the formatting is broken, and this build was submitted to CI
# it would be a good idea to get this feedback rather sooner than later
# - we don't want builds to differ between local and CI runs
checkfmt = pkgs.fullLlvm11Stdenv.mkDerivation {
name = "tvix-checkfmt";
inherit src;
nativeBuildInputs = with pkgs; [ clang-tools_11 fd ];
SANDBOX_SHELL = "${pkgs.busybox}/bin/busybox";
buildPhase = ''
set -e
runHook preBuild
fd . $src -e hh -e cc | xargs clang-format --dry-run --Werror
runHook postBuild
'';
installPhase = ''
runHook preInstall
touch $out
runHook postInstall
'';
};
test-vm = import ./test-vm.nix args;
};
meta.ci.targets = [
"checkfmt"
];
})

14
third_party/nix/doc/manual/advanced-topics/advanced-topics.xml vendored
View file

@ -1,14 +0,0 @@
<part xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="part-advanced-topics"
version="5.0">
<title>Advanced Topics</title>
<xi:include href="distributed-builds.xml" />
<xi:include href="cores-vs-jobs.xml" />
<xi:include href="diff-hook.xml" />
<xi:include href="post-build-hook.xml" />
</part>

121
third_party/nix/doc/manual/advanced-topics/cores-vs-jobs.xml vendored
View file

@ -1,121 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="chap-tuning-cores-and-jobs">
<title>Tuning Cores and Jobs</title>
<para>Nix has two relevant settings with regards to how your CPU cores
will be utilized: <xref linkend="conf-cores" /> and
<xref linkend="conf-max-jobs" />. This chapter will talk about what
they are, how they interact, and their configuration trade-offs.</para>
<variablelist>
<varlistentry>
<term><xref linkend="conf-max-jobs" /></term>
<listitem><para>
Dictates how many separate derivations will be built at the same
time. If you set this to zero, the local machine will do no
builds. Nix will still substitute from binary caches, and build
remotely if remote builders are configured.
</para></listitem>
</varlistentry>
<varlistentry>
<term><xref linkend="conf-cores" /></term>
<listitem><para>
Suggests how many cores each derivation should use. Similar to
<command>make -j</command>.
</para></listitem>
</varlistentry>
</variablelist>
<para>The <xref linkend="conf-cores" /> setting determines the value of
<envar>NIX_BUILD_CORES</envar>. <envar>NIX_BUILD_CORES</envar> is equal
to <xref linkend="conf-cores" />, unless <xref linkend="conf-cores" />
equals <literal>0</literal>, in which case <envar>NIX_BUILD_CORES</envar>
will be the total number of cores in the system.</para>
<para>The total number of consumed cores is a simple multiplication,
<xref linkend="conf-cores" /> * <envar>NIX_BUILD_CORES</envar>.</para>
<para>The balance on how to set these two independent variables depends
upon each builder's workload and hardware. Here are a few example
scenarios on a machine with 24 cores:</para>
<table>
<caption>Balancing 24 Build Cores</caption>
<thead>
<tr>
<th><xref linkend="conf-max-jobs" /></th>
<th><xref linkend="conf-cores" /></th>
<th><envar>NIX_BUILD_CORES</envar></th>
<th>Maximum Processes</th>
<th>Result</th>
</tr>
</thead>
<tbody>
<tr>
<td>1</td>
<td>24</td>
<td>24</td>
<td>24</td>
<td>
One derivation will be built at a time, each one can use 24
cores. Undersold if a job cant use 24 cores.
</td>
</tr>
<tr>
<td>4</td>
<td>6</td>
<td>6</td>
<td>24</td>
<td>
Four derivations will be built at once, each given access to
six cores.
</td>
</tr>
<tr>
<td>12</td>
<td>6</td>
<td>6</td>
<td>72</td>
<td>
12 derivations will be built at once, each given access to six
cores. This configuration is over-sold. If all 12 derivations
being built simultaneously try to use all six cores, the
machine's performance will be degraded due to extensive context
switching between the 12 builds.
</td>
</tr>
<tr>
<td>24</td>
<td>1</td>
<td>1</td>
<td>24</td>
<td>
24 derivations can build at the same time, each using a single
core. Never oversold, but derivations which require many cores
will be very slow to compile.
</td>
</tr>
<tr>
<td>24</td>
<td>0</td>
<td>24</td>
<td>576</td>
<td>
24 derivations can build at the same time, each using all the
available cores of the machine. Very likely to be oversold,
and very likely to suffer context switches.
</td>
</tr>
</tbody>
</table>
<para>It is up to the derivations' build script to respect
host's requested cores-per-build by following the value of the
<envar>NIX_BUILD_CORES</envar> environment variable.</para>
</chapter>

205
third_party/nix/doc/manual/advanced-topics/diff-hook.xml vendored
View file

@ -1,205 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="chap-diff-hook"
version="5.0"
>
<title>Verifying Build Reproducibility with <option linkend="conf-diff-hook">diff-hook</option></title>
<subtitle>Check build reproducibility by running builds multiple times
and comparing their results.</subtitle>
<para>Specify a program with Nix's <xref linkend="conf-diff-hook" /> to
compare build results when two builds produce different results. Note:
this hook is only executed if the results are not the same, this hook
is not used for determining if the results are the same.</para>
<para>For purposes of demonstration, we'll use the following Nix file,
<filename>deterministic.nix</filename> for testing:</para>
<programlisting>
let
inherit (import &lt;nixpkgs&gt; {}) runCommand;
in {
stable = runCommand "stable" {} ''
touch $out
'';
unstable = runCommand "unstable" {} ''
echo $RANDOM > $out
'';
}
</programlisting>
<para>Additionally, <filename>nix.conf</filename> contains:
<programlisting>
diff-hook = /etc/nix/my-diff-hook
run-diff-hook = true
</programlisting>
where <filename>/etc/nix/my-diff-hook</filename> is an executable
file containing:
<programlisting>
#!/bin/sh
exec &gt;&amp;2
echo "For derivation $3:"
/run/current-system/sw/bin/diff -r "$1" "$2"
</programlisting>
</para>
<para>The diff hook is executed by the same user and group who ran the
build. However, the diff hook does not have write access to the store
path just built.</para>
<section>
<title>
Spot-Checking Build Determinism
</title>
<para>
Verify a path which already exists in the Nix store by passing
<option>--check</option> to the build command.
</para>
<para>If the build passes and is deterministic, Nix will exit with a
status code of 0:</para>
<screen>
$ nix-build ./deterministic.nix -A stable
these derivations will be built:
/nix/store/z98fasz2jqy9gs0xbvdj939p27jwda38-stable.drv
building '/nix/store/z98fasz2jqy9gs0xbvdj939p27jwda38-stable.drv'...
/nix/store/yyxlzw3vqaas7wfp04g0b1xg51f2czgq-stable
$ nix-build ./deterministic.nix -A stable --check
checking outputs of '/nix/store/z98fasz2jqy9gs0xbvdj939p27jwda38-stable.drv'...
/nix/store/yyxlzw3vqaas7wfp04g0b1xg51f2czgq-stable
</screen>
<para>If the build is not deterministic, Nix will exit with a status
code of 1:</para>
<screen>
$ nix-build ./deterministic.nix -A unstable
these derivations will be built:
/nix/store/cgl13lbj1w368r5z8gywipl1ifli7dhk-unstable.drv
building '/nix/store/cgl13lbj1w368r5z8gywipl1ifli7dhk-unstable.drv'...
/nix/store/krpqk0l9ib0ibi1d2w52z293zw455cap-unstable
$ nix-build ./deterministic.nix -A unstable --check
checking outputs of '/nix/store/cgl13lbj1w368r5z8gywipl1ifli7dhk-unstable.drv'...
error: derivation '/nix/store/cgl13lbj1w368r5z8gywipl1ifli7dhk-unstable.drv' may not be deterministic: output '/nix/store/krpqk0l9ib0ibi1d2w52z293zw455cap-unstable' differs
</screen>
<para>In the Nix daemon's log, we will now see:
<screen>
For derivation /nix/store/cgl13lbj1w368r5z8gywipl1ifli7dhk-unstable.drv:
1c1
&lt; 8108
---
&gt; 30204
</screen>
</para>
<para>Using <option>--check</option> with <option>--keep-failed</option>
will cause Nix to keep the second build's output in a special,
<literal>.check</literal> path:</para>
<screen>
$ nix-build ./deterministic.nix -A unstable --check --keep-failed
checking outputs of '/nix/store/cgl13lbj1w368r5z8gywipl1ifli7dhk-unstable.drv'...
note: keeping build directory '/tmp/nix-build-unstable.drv-0'
error: derivation '/nix/store/cgl13lbj1w368r5z8gywipl1ifli7dhk-unstable.drv' may not be deterministic: output '/nix/store/krpqk0l9ib0ibi1d2w52z293zw455cap-unstable' differs from '/nix/store/krpqk0l9ib0ibi1d2w52z293zw455cap-unstable.check'
</screen>
<para>In particular, notice the
<literal>/nix/store/krpqk0l9ib0ibi1d2w52z293zw455cap-unstable.check</literal>
output. Nix has copied the build results to that directory where you
can examine it.</para>
<note xml:id="check-dirs-are-unregistered">
<title><literal>.check</literal> paths are not registered store paths</title>
<para>Check paths are not protected against garbage collection,
and this path will be deleted on the next garbage collection.</para>
<para>The path is guaranteed to be alive for the duration of
<xref linkend="conf-diff-hook" />'s execution, but may be deleted
any time after.</para>
<para>If the comparison is performed as part of automated tooling,
please use the diff-hook or author your tooling to handle the case
where the build was not deterministic and also a check path does
not exist.</para>
</note>
<para>
<option>--check</option> is only usable if the derivation has
been built on the system already. If the derivation has not been
built Nix will fail with the error:
<screen>
error: some outputs of '/nix/store/hzi1h60z2qf0nb85iwnpvrai3j2w7rr6-unstable.drv' are not valid, so checking is not possible
</screen>
Run the build without <option>--check</option>, and then try with
<option>--check</option> again.
</para>
</section>
<section>
<title>
Automatic and Optionally Enforced Determinism Verification
</title>
<para>
Automatically verify every build at build time by executing the
build multiple times.
</para>
<para>
Setting <xref linkend="conf-repeat" /> and
<xref linkend="conf-enforce-determinism" /> in your
<filename>nix.conf</filename> permits the automated verification
of every build Nix performs.
</para>
<para>
The following configuration will run each build three times, and
will require the build to be deterministic:
<programlisting>
enforce-determinism = true
repeat = 2
</programlisting>
</para>
<para>
Setting <xref linkend="conf-enforce-determinism" /> to false as in
the following configuration will run the build multiple times,
execute the build hook, but will allow the build to succeed even
if it does not build reproducibly:
<programlisting>
enforce-determinism = false
repeat = 1
</programlisting>
</para>
<para>
An example output of this configuration:
<screen>
$ nix-build ./test.nix -A unstable
these derivations will be built:
/nix/store/ch6llwpr2h8c3jmnf3f2ghkhx59aa97f-unstable.drv
building '/nix/store/ch6llwpr2h8c3jmnf3f2ghkhx59aa97f-unstable.drv' (round 1/2)...
building '/nix/store/ch6llwpr2h8c3jmnf3f2ghkhx59aa97f-unstable.drv' (round 2/2)...
output '/nix/store/6xg356v9gl03hpbbg8gws77n19qanh02-unstable' of '/nix/store/ch6llwpr2h8c3jmnf3f2ghkhx59aa97f-unstable.drv' differs from '/nix/store/6xg356v9gl03hpbbg8gws77n19qanh02-unstable.check' from previous round
/nix/store/6xg356v9gl03hpbbg8gws77n19qanh02-unstable
</screen>
</para>
</section>
</chapter>

190
third_party/nix/doc/manual/advanced-topics/distributed-builds.xml vendored
View file

@ -1,190 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='chap-distributed-builds'>
<title>Remote Builds</title>
<para>Nix supports remote builds, where a local Nix installation can
forward Nix builds to other machines. This allows multiple builds to
be performed in parallel and allows Nix to perform multi-platform
builds in a semi-transparent way. For instance, if you perform a
build for a <literal>x86_64-darwin</literal> on an
<literal>i686-linux</literal> machine, Nix can automatically forward
the build to a <literal>x86_64-darwin</literal> machine, if
available.</para>
<para>To forward a build to a remote machine, its required that the
remote machine is accessible via SSH and that it has Nix
installed. You can test whether connecting to the remote Nix instance
works, e.g.
<screen>
$ nix ping-store --store ssh://mac
</screen>
will try to connect to the machine named <literal>mac</literal>. It is
possible to specify an SSH identity file as part of the remote store
URI, e.g.
<screen>
$ nix ping-store --store ssh://mac?ssh-key=/home/alice/my-key
</screen>
Since builds should be non-interactive, the key should not have a
passphrase. Alternatively, you can load identities ahead of time into
<command>ssh-agent</command> or <command>gpg-agent</command>.</para>
<para>If you get the error
<screen>
bash: nix-store: command not found
error: cannot connect to 'mac'
</screen>
then you need to ensure that the <envar>PATH</envar> of
non-interactive login shells contains Nix.</para>
<warning><para>If you are building via the Nix daemon, it is the Nix
daemon user account (that is, <literal>root</literal>) that should
have SSH access to the remote machine. If you cant or dont want to
configure <literal>root</literal> to be able to access to remote
machine, you can use a private Nix store instead by passing
e.g. <literal>--store ~/my-nix</literal>.</para></warning>
<para>The list of remote machines can be specified on the command line
or in the Nix configuration file. The former is convenient for
testing. For example, the following command allows you to build a
derivation for <literal>x86_64-darwin</literal> on a Linux machine:
<screen>
$ uname
Linux
$ nix build \
'(with import &lt;nixpkgs> { system = "x86_64-darwin"; }; runCommand "foo" {} "uname > $out")' \
--builders 'ssh://mac x86_64-darwin'
[1/0/1 built, 0.0 MiB DL] building foo on ssh://mac
$ cat ./result
Darwin
</screen>
It is possible to specify multiple builders separated by a semicolon
or a newline, e.g.
<screen>
--builders 'ssh://mac x86_64-darwin ; ssh://beastie x86_64-freebsd'
</screen>
</para>
<para>Each machine specification consists of the following elements,
separated by spaces. Only the first element is required.
To leave a field at its default, set it to <literal>-</literal>.
<orderedlist>
<listitem><para>The URI of the remote store in the format
<literal>ssh://[<replaceable>username</replaceable>@]<replaceable>hostname</replaceable></literal>,
e.g. <literal>ssh://nix@mac</literal> or
<literal>ssh://mac</literal>. For backward compatibility,
<literal>ssh://</literal> may be omitted. The hostname may be an
alias defined in your
<filename>~/.ssh/config</filename>.</para></listitem>
<listitem><para>A comma-separated list of Nix platform type
identifiers, such as <literal>x86_64-darwin</literal>. It is
possible for a machine to support multiple platform types, e.g.,
<literal>i686-linux,x86_64-linux</literal>. If omitted, this
defaults to the local platform type.</para></listitem>
<listitem><para>The SSH identity file to be used to log in to the
remote machine. If omitted, SSH will use its regular
identities.</para></listitem>
<listitem><para>The maximum number of builds that Nix will execute
in parallel on the machine. Typically this should be equal to the
number of CPU cores. For instance, the machine
<literal>itchy</literal> in the example will execute up to 8 builds
in parallel.</para></listitem>
<listitem><para>The “speed factor”, indicating the relative speed of
the machine. If there are multiple machines of the right type, Nix
will prefer the fastest, taking load into account.</para></listitem>
<listitem><para>A comma-separated list of <emphasis>supported
features</emphasis>. If a derivation has the
<varname>requiredSystemFeatures</varname> attribute, then Nix will
only perform the derivation on a machine that has the specified
features. For instance, the attribute
<programlisting>
requiredSystemFeatures = [ "kvm" ];
</programlisting>
will cause the build to be performed on a machine that has the
<literal>kvm</literal> feature.</para></listitem>
<listitem><para>A comma-separated list of <emphasis>mandatory
features</emphasis>. A machine will only be used to build a
derivation if all of the machines mandatory features appear in the
derivations <varname>requiredSystemFeatures</varname>
attribute..</para></listitem>
</orderedlist>
For example, the machine specification
<programlisting>
nix@scratchy.labs.cs.uu.nl i686-linux /home/nix/.ssh/id_scratchy_auto 8 1 kvm
nix@itchy.labs.cs.uu.nl i686-linux /home/nix/.ssh/id_scratchy_auto 8 2
nix@poochie.labs.cs.uu.nl i686-linux /home/nix/.ssh/id_scratchy_auto 1 2 kvm benchmark
</programlisting>
specifies several machines that can perform
<literal>i686-linux</literal> builds. However,
<literal>poochie</literal> will only do builds that have the attribute
<programlisting>
requiredSystemFeatures = [ "benchmark" ];
</programlisting>
or
<programlisting>
requiredSystemFeatures = [ "benchmark" "kvm" ];
</programlisting>
<literal>itchy</literal> cannot do builds that require
<literal>kvm</literal>, but <literal>scratchy</literal> does support
such builds. For regular builds, <literal>itchy</literal> will be
preferred over <literal>scratchy</literal> because it has a higher
speed factor.</para>
<para>Remote builders can also be configured in
<filename>nix.conf</filename>, e.g.
<programlisting>
builders = ssh://mac x86_64-darwin ; ssh://beastie x86_64-freebsd
</programlisting>
Finally, remote builders can be configured in a separate configuration
file included in <option>builders</option> via the syntax
<literal>@<replaceable>file</replaceable></literal>. For example,
<programlisting>
builders = @/etc/nix/machines
</programlisting>
causes the list of machines in <filename>/etc/nix/machines</filename>
to be included. (This is the default.)</para>
<para>If you want the builders to use caches, you likely want to set
the option <link linkend='conf-builders-use-substitutes'><literal>builders-use-substitutes</literal></link>
in your local <filename>nix.conf</filename>.</para>
<para>To build only on remote builders and disable building on the local machine,
you can use the option <option>--max-jobs 0</option>.</para>
</chapter>

160
third_party/nix/doc/manual/advanced-topics/post-build-hook.xml vendored
View file

@ -1,160 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="chap-post-build-hook"
version="5.0"
>
<title>Using the <xref linkend="conf-post-build-hook" /></title>
<subtitle>Uploading to an S3-compatible binary cache after each build</subtitle>
<section xml:id="chap-post-build-hook-caveats">
<title>Implementation Caveats</title>
<para>Here we use the post-build hook to upload to a binary cache.
This is a simple and working example, but it is not suitable for all
use cases.</para>
<para>The post build hook program runs after each executed build,
and blocks the build loop. The build loop exits if the hook program
fails.</para>
<para>Concretely, this implementation will make Nix slow or unusable
when the internet is slow or unreliable.</para>
<para>A more advanced implementation might pass the store paths to a
user-supplied daemon or queue for processing the store paths outside
of the build loop.</para>
</section>
<section>
<title>Prerequisites</title>
<para>
This tutorial assumes you have configured an S3-compatible binary cache
according to the instructions at
<xref linkend="ssec-s3-substituter-authenticated-writes" />, and
that the <literal>root</literal> user's default AWS profile can
upload to the bucket.
</para>
</section>
<section>
<title>Set up a Signing Key</title>
<para>Use <command>nix-store --generate-binary-cache-key</command> to
create our public and private signing keys. We will sign paths
with the private key, and distribute the public key for verifying
the authenticity of the paths.</para>
<screen>
# nix-store --generate-binary-cache-key example-nix-cache-1 /etc/nix/key.private /etc/nix/key.public
# cat /etc/nix/key.public
example-nix-cache-1:1/cKDz3QCCOmwcztD2eV6Coggp6rqc9DGjWv7C0G+rM=
</screen>
<para>Then, add the public key and the cache URL to your
<filename>nix.conf</filename>'s <xref linkend="conf-trusted-public-keys" />
and <xref linkend="conf-substituters" /> like:</para>
<programlisting>
substituters = https://cache.nixos.org/ s3://example-nix-cache
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= example-nix-cache-1:1/cKDz3QCCOmwcztD2eV6Coggp6rqc9DGjWv7C0G+rM=
</programlisting>
<para>we will restart the Nix daemon a later step.</para>
</section>
<section>
<title>Implementing the build hook</title>
<para>Write the following script to
<filename>/etc/nix/upload-to-cache.sh</filename>:
</para>
<programlisting>
#!/bin/sh
set -eu
set -f # disable globbing
export IFS=' '
echo "Signing paths" $OUT_PATHS
nix sign-paths --key-file /etc/nix/key.private $OUT_PATHS
echo "Uploading paths" $OUT_PATHS
exec nix copy --to 's3://example-nix-cache' $OUT_PATHS
</programlisting>
<note>
<title>Should <literal>$OUT_PATHS</literal> be quoted?</title>
<para>
The <literal>$OUT_PATHS</literal> variable is a space-separated
list of Nix store paths. In this case, we expect and want the
shell to perform word splitting to make each output path its
own argument to <command>nix sign-paths</command>. Nix guarantees
the paths will not contain any spaces, however a store path
might contain glob characters. The <command>set -f</command>
disables globbing in the shell.
</para>
</note>
<para>
Then make sure the hook program is executable by the <literal>root</literal> user:
<screen>
# chmod +x /etc/nix/upload-to-cache.sh
</screen></para>
</section>
<section>
<title>Updating Nix Configuration</title>
<para>Edit <filename>/etc/nix/nix.conf</filename> to run our hook,
by adding the following configuration snippet at the end:</para>
<programlisting>
post-build-hook = /etc/nix/upload-to-cache.sh
</programlisting>
<para>Then, restart the <command>nix-daemon</command>.</para>
</section>
<section>
<title>Testing</title>
<para>Build any derivation, for example:</para>
<screen>
$ nix-build -E '(import &lt;nixpkgs&gt; {}).writeText "example" (builtins.toString builtins.currentTime)'
these derivations will be built:
/nix/store/s4pnfbkalzy5qz57qs6yybna8wylkig6-example.drv
building '/nix/store/s4pnfbkalzy5qz57qs6yybna8wylkig6-example.drv'...
running post-build-hook '/home/grahamc/projects/github.com/NixOS/nix/post-hook.sh'...
post-build-hook: Signing paths /nix/store/ibcyipq5gf91838ldx40mjsp0b8w9n18-example
post-build-hook: Uploading paths /nix/store/ibcyipq5gf91838ldx40mjsp0b8w9n18-example
/nix/store/ibcyipq5gf91838ldx40mjsp0b8w9n18-example
</screen>
<para>Then delete the path from the store, and try substituting it from the binary cache:</para>
<screen>
$ rm ./result
$ nix-store --delete /nix/store/ibcyipq5gf91838ldx40mjsp0b8w9n18-example
</screen>
<para>Now, copy the path back from the cache:</para>
<screen>
$ nix store --realize /nix/store/ibcyipq5gf91838ldx40mjsp0b8w9n18-example
copying path '/nix/store/m8bmqwrch6l3h8s0k3d673xpmipcdpsa-example from 's3://example-nix-cache'...
warning: you did not specify '--add-root'; the result might be removed by the garbage collector
/nix/store/m8bmqwrch6l3h8s0k3d673xpmipcdpsa-example
</screen>
</section>
<section>
<title>Conclusion</title>
<para>
We now have a Nix installation configured to automatically sign and
upload every local build to a remote binary cache.
</para>
<para>
Before deploying this to production, be sure to consider the
implementation caveats in <xref linkend="chap-post-build-hook-caveats" />.
</para>
</section>
</chapter>

20
third_party/nix/doc/manual/command-ref/command-ref.xml vendored
View file

@ -1,20 +0,0 @@
<part xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='part-command-ref'>
<title>Command Reference</title>
<partintro>
<para>This section lists commands and options that you can use when you
work with Nix.</para>
</partintro>
<xi:include href="opt-common.xml" />
<xi:include href="env-common.xml" />
<xi:include href="main-commands.xml" />
<xi:include href="utilities.xml" />
<xi:include href="files.xml" />
</part>

1202
third_party/nix/doc/manual/command-ref/conf-file.xml vendored
View file

File diff suppressed because it is too large Load diff

202
third_party/nix/doc/manual/command-ref/env-common.xml vendored
View file

@ -1,202 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-common-env">
<title>Common Environment Variables</title>
<para>Most Nix commands interpret the following environment variables:</para>
<variablelist xml:id="env-common">
<varlistentry><term><envar>IN_NIX_SHELL</envar></term>
<listitem><para>Indicator that tells if the current environment was set up by
<command>nix-shell</command>. Since Nix 2.0 the values are
<literal>"pure"</literal> and <literal>"impure"</literal></para></listitem>
</varlistentry>
<varlistentry xml:id="env-NIX_PATH"><term><envar>NIX_PATH</envar></term>
<listitem>
<para>A colon-separated list of directories used to look up Nix
expressions enclosed in angle brackets (i.e.,
<literal>&lt;<replaceable>path</replaceable>></literal>). For
instance, the value
<screen>
/home/eelco/Dev:/etc/nixos</screen>
will cause Nix to look for paths relative to
<filename>/home/eelco/Dev</filename> and
<filename>/etc/nixos</filename>, in that order. It is also
possible to match paths against a prefix. For example, the value
<screen>
nixpkgs=/home/eelco/Dev/nixpkgs-branch:/etc/nixos</screen>
will cause Nix to search for
<literal>&lt;nixpkgs/<replaceable>path</replaceable>></literal> in
<filename>/home/eelco/Dev/nixpkgs-branch/<replaceable>path</replaceable></filename>
and
<filename>/etc/nixos/nixpkgs/<replaceable>path</replaceable></filename>.</para>
<para>If a path in the Nix search path starts with
<literal>http://</literal> or <literal>https://</literal>, it is
interpreted as the URL of a tarball that will be downloaded and
unpacked to a temporary location. The tarball must consist of a
single top-level directory. For example, setting
<envar>NIX_PATH</envar> to
<screen>
nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/nixos-15.09.tar.gz</screen>
tells Nix to download the latest revision in the Nixpkgs/NixOS
15.09 channel.</para>
<para>A following shorthand can be used to refer to the official channels:
<screen>nixpkgs=channel:nixos-15.09</screen>
</para>
<para>The search path can be extended using the <option
linkend="opt-I">-I</option> option, which takes precedence over
<envar>NIX_PATH</envar>.</para></listitem>
</varlistentry>
<varlistentry><term><envar>NIX_IGNORE_SYMLINK_STORE</envar></term>
<listitem>
<para>Normally, the Nix store directory (typically
<filename>/nix/store</filename>) is not allowed to contain any
symlink components. This is to prevent “impure” builds. Builders
sometimes “canonicalise” paths by resolving all symlink components.
Thus, builds on different machines (with
<filename>/nix/store</filename> resolving to different locations)
could yield different results. This is generally not a problem,
except when builds are deployed to machines where
<filename>/nix/store</filename> resolves differently. If you are
sure that youre not going to do that, you can set
<envar>NIX_IGNORE_SYMLINK_STORE</envar> to <envar>1</envar>.</para>
<para>Note that if youre symlinking the Nix store so that you can
put it on another file system than the root file system, on Linux
youre better off using <literal>bind</literal> mount points, e.g.,
<screen>
$ mkdir /nix
$ mount -o bind /mnt/otherdisk/nix /nix</screen>
Consult the <citerefentry><refentrytitle>mount</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> manual page for details.</para>
</listitem>
</varlistentry>
<varlistentry><term><envar>NIX_STORE_DIR</envar></term>
<listitem><para>Overrides the location of the Nix store (default
<filename><replaceable>prefix</replaceable>/store</filename>).</para></listitem>
</varlistentry>
<varlistentry><term><envar>NIX_DATA_DIR</envar></term>
<listitem><para>Overrides the location of the Nix static data
directory (default
<filename><replaceable>prefix</replaceable>/share</filename>).</para></listitem>
</varlistentry>
<varlistentry><term><envar>NIX_LOG_DIR</envar></term>
<listitem><para>Overrides the location of the Nix log directory
(default <filename><replaceable>prefix</replaceable>/var/log/nix</filename>).</para></listitem>
</varlistentry>
<varlistentry><term><envar>NIX_STATE_DIR</envar></term>
<listitem><para>Overrides the location of the Nix state directory
(default <filename><replaceable>prefix</replaceable>/var/nix</filename>).</para></listitem>
</varlistentry>
<varlistentry><term><envar>NIX_CONF_DIR</envar></term>
<listitem><para>Overrides the location of the Nix configuration
directory (default
<filename><replaceable>prefix</replaceable>/etc/nix</filename>).</para></listitem>
</varlistentry>
<varlistentry><term><envar>TMPDIR</envar></term>
<listitem><para>Use the specified directory to store temporary
files. In particular, this includes temporary build directories;
these can take up substantial amounts of disk space. The default is
<filename>/tmp</filename>.</para></listitem>
</varlistentry>
<varlistentry xml:id="envar-remote"><term><envar>NIX_REMOTE</envar></term>
<listitem><para>This variable should be set to
<literal>daemon</literal> if you want to use the Nix daemon to
execute Nix operations. This is necessary in <link
linkend="ssec-multi-user">multi-user Nix installations</link>.
If the Nix daemon's Unix socket is at some non-standard path,
this variable should be set to <literal>unix://path/to/socket</literal>.
Otherwise, it should be left unset.</para></listitem>
</varlistentry>
<varlistentry><term><envar>NIX_SHOW_STATS</envar></term>
<listitem><para>If set to <literal>1</literal>, Nix will print some
evaluation statistics, such as the number of values
allocated.</para></listitem>
</varlistentry>
<varlistentry><term><envar>NIX_COUNT_CALLS</envar></term>
<listitem><para>If set to <literal>1</literal>, Nix will print how
often functions were called during Nix expression evaluation. This
is useful for profiling your Nix expressions.</para></listitem>
</varlistentry>
<varlistentry><term><envar>GC_INITIAL_HEAP_SIZE</envar></term>
<listitem><para>If Nix has been configured to use the Boehm garbage
collector, this variable sets the initial size of the heap in bytes.
It defaults to 384 MiB. Setting it to a low value reduces memory
consumption, but will increase runtime due to the overhead of
garbage collection.</para></listitem>
</varlistentry>
</variablelist>
</chapter>

14
third_party/nix/doc/manual/command-ref/files.xml vendored
View file

@ -1,14 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='ch-files'>
<title>Files</title>
<para>This section lists configuration files that you can use when you
work with Nix.</para>
<xi:include href="conf-file.xml" />
</chapter>

17
third_party/nix/doc/manual/command-ref/main-commands.xml vendored
View file

@ -1,17 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='ch-main-commands'>
<title>Main Commands</title>
<para>This section lists commands and options that you can use when you
work with Nix.</para>
<xi:include href="nix-env.xml" />
<xi:include href="nix-build.xml" />
<xi:include href="nix-shell.xml" />
<xi:include href="nix-store.xml" />
</chapter>

190
third_party/nix/doc/manual/command-ref/nix-build.xml vendored
View file

@ -1,190 +0,0 @@
<refentry xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-nix-build">
<refmeta>
<refentrytitle>nix-build</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="source">Nix</refmiscinfo>
<refmiscinfo class="version"><xi:include href="../version.txt" parse="text"/></refmiscinfo>
</refmeta>
<refnamediv>
<refname>nix-build</refname>
<refpurpose>build a Nix expression</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>nix-build</command>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="opt-common-syn.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(/db:nop/*)" />
<arg><option>--arg</option> <replaceable>name</replaceable> <replaceable>value</replaceable></arg>
<arg><option>--argstr</option> <replaceable>name</replaceable> <replaceable>value</replaceable></arg>
<arg>
<group choice='req'>
<arg choice='plain'><option>--attr</option></arg>
<arg choice='plain'><option>-A</option></arg>
</group>
<replaceable>attrPath</replaceable>
</arg>
<arg><option>--no-out-link</option></arg>
<arg><option>--dry-run</option></arg>
<arg>
<group choice='req'>
<arg choice='plain'><option>--out-link</option></arg>
<arg choice='plain'><option>-o</option></arg>
</group>
<replaceable>outlink</replaceable>
</arg>
<arg choice='plain' rep='repeat'><replaceable>paths</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsection><title>Description</title>
<para>The <command>nix-build</command> command builds the derivations
described by the Nix expressions in <replaceable>paths</replaceable>.
If the build succeeds, it places a symlink to the result in the
current directory. The symlink is called <filename>result</filename>.
If there are multiple Nix expressions, or the Nix expressions evaluate
to multiple derivations, multiple sequentially numbered symlinks are
created (<filename>result</filename>, <filename>result-2</filename>,
and so on).</para>
<para>If no <replaceable>paths</replaceable> are specified, then
<command>nix-build</command> will use <filename>default.nix</filename>
in the current directory, if it exists.</para>
<para>If an element of <replaceable>paths</replaceable> starts with
<literal>http://</literal> or <literal>https://</literal>, it is
interpreted as the URL of a tarball that will be downloaded and
unpacked to a temporary location. The tarball must include a single
top-level directory containing at least a file named
<filename>default.nix</filename>.</para>
<para><command>nix-build</command> is essentially a wrapper around
<link
linkend="sec-nix-instantiate"><command>nix-instantiate</command></link>
(to translate a high-level Nix expression to a low-level store
derivation) and <link
linkend="rsec-nix-store-realise"><command>nix-store
--realise</command></link> (to build the store derivation).</para>
<warning><para>The result of the build is automatically registered as
a root of the Nix garbage collector. This root disappears
automatically when the <filename>result</filename> symlink is deleted
or renamed. So dont rename the symlink.</para></warning>
</refsection>
<refsection><title>Options</title>
<para>All options not listed here are passed to <command>nix-store
--realise</command>, except for <option>--arg</option> and
<option>--attr</option> / <option>-A</option> which are passed to
<command>nix-instantiate</command>. <phrase condition="manual">See
also <xref linkend="sec-common-options" />.</phrase></para>
<variablelist>
<varlistentry><term><option>--no-out-link</option></term>
<listitem><para>Do not create a symlink to the output path. Note
that as a result the output does not become a root of the garbage
collector, and so might be deleted by <command>nix-store
--gc</command>.</para></listitem>
</varlistentry>
<varlistentry><term><option>--dry-run</option></term>
<listitem><para>Show what store paths would be built or downloaded</para></listitem>
</varlistentry>
<varlistentry xml:id='opt-out-link'><term><option>--out-link</option> /
<option>-o</option> <replaceable>outlink</replaceable></term>
<listitem><para>Change the name of the symlink to the output path
created from <filename>result</filename> to
<replaceable>outlink</replaceable>.</para></listitem>
</varlistentry>
</variablelist>
<para>The following common options are supported:</para>
<variablelist condition="manpage">
<xi:include href="opt-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='opt-common']/*)" />
</variablelist>
</refsection>
<refsection><title>Examples</title>
<screen>
$ nix-build '&lt;nixpkgs>' -A firefox
store derivation is /nix/store/qybprl8sz2lc...-firefox-1.5.0.7.drv
/nix/store/d18hyl92g30l...-firefox-1.5.0.7
$ ls -l result
lrwxrwxrwx <replaceable>...</replaceable> result -> /nix/store/d18hyl92g30l...-firefox-1.5.0.7
$ ls ./result/bin/
firefox firefox-config</screen>
<para>If a derivation has multiple outputs,
<command>nix-build</command> will build the default (first) output.
You can also build all outputs:
<screen>
$ nix-build '&lt;nixpkgs>' -A openssl.all
</screen>
This will create a symlink for each output named
<filename>result-<replaceable>outputname</replaceable></filename>.
The suffix is omitted if the output name is <literal>out</literal>.
So if <literal>openssl</literal> has outputs <literal>out</literal>,
<literal>bin</literal> and <literal>man</literal>,
<command>nix-build</command> will create symlinks
<literal>result</literal>, <literal>result-bin</literal> and
<literal>result-man</literal>. Its also possible to build a specific
output:
<screen>
$ nix-build '&lt;nixpkgs>' -A openssl.man
</screen>
This will create a symlink <literal>result-man</literal>.</para>
<para>Build a Nix expression given on the command line:
<screen>
$ nix-build -E 'with import &lt;nixpkgs> { }; runCommand "foo" { } "echo bar > $out"'
$ cat ./result
bar
</screen>
</para>
<para>Build the GNU Hello package from the latest revision of the
master branch of Nixpkgs:
<screen>
$ nix-build https://github.com/NixOS/nixpkgs/archive/master.tar.gz -A hello
</screen>
</para>
</refsection>
<refsection condition="manpage"><title>Environment variables</title>
<variablelist>
<xi:include href="env-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='env-common']/*)" />
</variablelist>
</refsection>
</refentry>

178
third_party/nix/doc/manual/command-ref/nix-channel.xml vendored
View file

@ -1,178 +0,0 @@
<refentry xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-nix-channel">
<refmeta>
<refentrytitle>nix-channel</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="source">Nix</refmiscinfo>
<refmiscinfo class="version"><xi:include href="../version.txt" parse="text"/></refmiscinfo>
</refmeta>
<refnamediv>
<refname>nix-channel</refname>
<refpurpose>manage Nix channels</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>nix-channel</command>
<group choice='req'>
<arg choice='plain'><option>--add</option> <replaceable>url</replaceable> <arg choice='opt'><replaceable>name</replaceable></arg></arg>
<arg choice='plain'><option>--remove</option> <replaceable>name</replaceable></arg>
<arg choice='plain'><option>--list</option></arg>
<arg choice='plain'><option>--update</option> <arg rep='repeat'><replaceable>names</replaceable></arg></arg>
<arg choice='plain'><option>--rollback</option> <arg choice='opt'><replaceable>generation</replaceable></arg></arg>
</group>
</cmdsynopsis>
</refsynopsisdiv>
<refsection><title>Description</title>
<para>A Nix channel is a mechanism that allows you to automatically
stay up-to-date with a set of pre-built Nix expressions. A Nix
channel is just a URL that points to a place containing a set of Nix
expressions. <phrase condition="manual">See also <xref
linkend="sec-channels" />.</phrase></para>
<para>This command has the following operations:
<variablelist>
<varlistentry><term><option>--add</option> <replaceable>url</replaceable> [<replaceable>name</replaceable>]</term>
<listitem><para>Adds a channel named
<replaceable>name</replaceable> with URL
<replaceable>url</replaceable> to the list of subscribed channels.
If <replaceable>name</replaceable> is omitted, it defaults to the
last component of <replaceable>url</replaceable>, with the
suffixes <literal>-stable</literal> or
<literal>-unstable</literal> removed.</para></listitem>
</varlistentry>
<varlistentry><term><option>--remove</option> <replaceable>name</replaceable></term>
<listitem><para>Removes the channel named
<replaceable>name</replaceable> from the list of subscribed
channels.</para></listitem>
</varlistentry>
<varlistentry><term><option>--list</option></term>
<listitem><para>Prints the names and URLs of all subscribed
channels on standard output.</para></listitem>
</varlistentry>
<varlistentry><term><option>--update</option> [<replaceable>names</replaceable>…]</term>
<listitem><para>Downloads the Nix expressions of all subscribed
channels (or only those included in
<replaceable>names</replaceable> if specified) and makes them the
default for <command>nix-env</command> operations (by symlinking
them from the directory
<filename>~/.nix-defexpr</filename>).</para></listitem>
</varlistentry>
<varlistentry><term><option>--rollback</option> [<replaceable>generation</replaceable>]</term>
<listitem><para>Reverts the previous call to <command>nix-channel
--update</command>. Optionally, you can specify a specific channel
generation number to restore.</para></listitem>
</varlistentry>
</variablelist>
</para>
<para>Note that <option>--add</option> does not automatically perform
an update.</para>
<para>The list of subscribed channels is stored in
<filename>~/.nix-channels</filename>.</para>
</refsection>
<refsection><title>Examples</title>
<para>To subscribe to the Nixpkgs channel and install the GNU Hello package:</para>
<screen>
$ nix-channel --add https://nixos.org/channels/nixpkgs-unstable
$ nix-channel --update
$ nix-env -iA nixpkgs.hello</screen>
<para>You can revert channel updates using <option>--rollback</option>:</para>
<screen>
$ nix-instantiate --eval -E '(import &lt;nixpkgs> {}).lib.nixpkgsVersion'
"14.04.527.0e935f1"
$ nix-channel --rollback
switching from generation 483 to 482
$ nix-instantiate --eval -E '(import &lt;nixpkgs> {}).lib.nixpkgsVersion'
"14.04.526.dbadfad"
</screen>
</refsection>
<refsection><title>Files</title>
<variablelist>
<varlistentry><term><filename>/nix/var/nix/profiles/per-user/<replaceable>username</replaceable>/channels</filename></term>
<listitem><para><command>nix-channel</command> uses a
<command>nix-env</command> profile to keep track of previous
versions of the subscribed channels. Every time you run
<command>nix-channel --update</command>, a new channel generation
(that is, a symlink to the channel Nix expressions in the Nix store)
is created. This enables <command>nix-channel --rollback</command>
to revert to previous versions.</para></listitem>
</varlistentry>
<varlistentry><term><filename>~/.nix-defexpr/channels</filename></term>
<listitem><para>This is a symlink to
<filename>/nix/var/nix/profiles/per-user/<replaceable>username</replaceable>/channels</filename>. It
ensures that <command>nix-env</command> can find your channels. In
a multi-user installation, you may also have
<filename>~/.nix-defexpr/channels_root</filename>, which links to
the channels of the root user.</para></listitem>
</varlistentry>
</variablelist>
</refsection>
<refsection><title>Channel format</title>
<para>A channel URL should point to a directory containing the
following files:</para>
<variablelist>
<varlistentry><term><filename>nixexprs.tar.xz</filename></term>
<listitem><para>A tarball containing Nix expressions and files
referenced by them (such as build scripts and patches). At the
top level, the tarball should contain a single directory. That
directory must contain a file <filename>default.nix</filename>
that serves as the channels “entry point”.</para></listitem>
</varlistentry>
</variablelist>
</refsection>
</refentry>

63
third_party/nix/doc/manual/command-ref/nix-collect-garbage.xml vendored
View file

@ -1,63 +0,0 @@
<refentry xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-nix-collect-garbage">
<refmeta>
<refentrytitle>nix-collect-garbage</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="source">Nix</refmiscinfo>
<refmiscinfo class="version"><xi:include href="../version.txt" parse="text"/></refmiscinfo>
</refmeta>
<refnamediv>
<refname>nix-collect-garbage</refname>
<refpurpose>delete unreachable store paths</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>nix-collect-garbage</command>
<arg><option>--delete-old</option></arg>
<arg><option>-d</option></arg>
<arg><option>--delete-older-than</option> <replaceable>period</replaceable></arg>
<arg><option>--max-freed</option> <replaceable>bytes</replaceable></arg>
<arg><option>--dry-run</option></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsection><title>Description</title>
<para>The command <command>nix-collect-garbage</command> is mostly an
alias of <link linkend="rsec-nix-store-gc"><command>nix-store
--gc</command></link>, that is, it deletes all unreachable paths in
the Nix store to clean up your system. However, it provides two
additional options: <option>-d</option> (<option>--delete-old</option>),
which deletes all old generations of all profiles in
<filename>/nix/var/nix/profiles</filename> by invoking
<literal>nix-env --delete-generations old</literal> on all profiles
(of course, this makes rollbacks to previous configurations
impossible); and
<option>--delete-older-than</option> <replaceable>period</replaceable>,
where period is a value such as <literal>30d</literal>, which deletes
all generations older than the specified number of days in all profiles
in <filename>/nix/var/nix/profiles</filename> (except for the generations
that were active at that point in time).
</para>
</refsection>
<refsection><title>Example</title>
<para>To delete from the Nix store everything that is not used by the
current generations of each profile, do
<screen>
$ nix-collect-garbage -d</screen>
</para>
</refsection>
</refentry>

169
third_party/nix/doc/manual/command-ref/nix-copy-closure.xml vendored
View file

@ -1,169 +0,0 @@
<refentry xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="sec-nix-copy-closure">
<refmeta>
<refentrytitle>nix-copy-closure</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="source">Nix</refmiscinfo>
<refmiscinfo class="version"><xi:include href="../version.txt" parse="text"/></refmiscinfo>
</refmeta>
<refnamediv>
<refname>nix-copy-closure</refname>
<refpurpose>copy a closure to or from a remote machine via SSH</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>nix-copy-closure</command>
<group>
<arg choice='plain'><option>--to</option></arg>
<arg choice='plain'><option>--from</option></arg>
</group>
<arg><option>--gzip</option></arg>
<!--
<arg><option>- -show-progress</option></arg>
-->
<arg><option>--include-outputs</option></arg>
<group>
<arg choice='plain'><option>--use-substitutes</option></arg>
<arg choice='plain'><option>-s</option></arg>
</group>
<arg><option>-v</option></arg>
<arg choice='plain'>
<replaceable>user@</replaceable><replaceable>machine</replaceable>
</arg>
<arg choice='plain'><replaceable>paths</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsection><title>Description</title>
<para><command>nix-copy-closure</command> gives you an easy and
efficient way to exchange software between machines. Given one or
more Nix store <replaceable>paths</replaceable> on the local
machine, <command>nix-copy-closure</command> computes the closure of
those paths (i.e. all their dependencies in the Nix store), and copies
all paths in the closure to the remote machine via the
<command>ssh</command> (Secure Shell) command. With the
<option>--from</option>, the direction is reversed:
the closure of <replaceable>paths</replaceable> on a remote machine is
copied to the Nix store on the local machine.</para>
<para>This command is efficient because it only sends the store paths
that are missing on the target machine.</para>
<para>Since <command>nix-copy-closure</command> calls
<command>ssh</command>, you may be asked to type in the appropriate
password or passphrase. In fact, you may be asked
<emphasis>twice</emphasis> because <command>nix-copy-closure</command>
currently connects twice to the remote machine, first to get the set
of paths missing on the target machine, and second to send the dump of
those paths. If this bothers you, use
<command>ssh-agent</command>.</para>
<refsection><title>Options</title>
<variablelist>
<varlistentry><term><option>--to</option></term>
<listitem><para>Copy the closure of
<replaceable>paths</replaceable> from the local Nix store to the
Nix store on <replaceable>machine</replaceable>. This is the
default.</para></listitem>
</varlistentry>
<varlistentry><term><option>--from</option></term>
<listitem><para>Copy the closure of
<replaceable>paths</replaceable> from the Nix store on
<replaceable>machine</replaceable> to the local Nix
store.</para></listitem>
</varlistentry>
<varlistentry><term><option>--gzip</option></term>
<listitem><para>Enable compression of the SSH
connection.</para></listitem>
</varlistentry>
<varlistentry><term><option>--include-outputs</option></term>
<listitem><para>Also copy the outputs of store derivations
included in the closure.</para></listitem>
</varlistentry>
<varlistentry><term><option>--use-substitutes</option> / <option>-s</option></term>
<listitem><para>Attempt to download missing paths on the target
machine using Nixs substitute mechanism. Any paths that cannot
be substituted on the target are still copied normally from the
source. This is useful, for instance, if the connection between
the source and target machine is slow, but the connection between
the target machine and <literal>nixos.org</literal> (the default
binary cache server) is fast.</para></listitem>
</varlistentry>
<varlistentry><term><option>-v</option></term>
<listitem><para>Show verbose output.</para></listitem>
</varlistentry>
</variablelist>
</refsection>
<refsection><title>Environment variables</title>
<variablelist>
<varlistentry><term><envar>NIX_SSHOPTS</envar></term>
<listitem><para>Additional options to be passed to
<command>ssh</command> on the command line.</para></listitem>
</varlistentry>
</variablelist>
</refsection>
<refsection><title>Examples</title>
<para>Copy Firefox with all its dependencies to a remote machine:
<screen>
$ nix-copy-closure --to alice@itchy.labs $(type -tP firefox)</screen>
</para>
<para>Copy Subversion from a remote machine and then install it into a
user environment:
<screen>
$ nix-copy-closure --from alice@itchy.labs \
/nix/store/0dj0503hjxy5mbwlafv1rsbdiyx1gkdy-subversion-1.4.4
$ nix-env -i /nix/store/0dj0503hjxy5mbwlafv1rsbdiyx1gkdy-subversion-1.4.4
</screen>
</para>
</refsection>
</refsection>
</refentry>

51
third_party/nix/doc/manual/command-ref/nix-daemon.xml vendored
View file

@ -1,51 +0,0 @@
<refentry xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-nix-daemon">
<refmeta>
<refentrytitle>nix-daemon</refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo class="source">Nix</refmiscinfo>
<refmiscinfo class="version"><xi:include href="../version.txt" parse="text"/></refmiscinfo>
</refmeta>
<refnamediv>
<refname>nix-daemon</refname>
<refpurpose>Nix multi-user support daemon</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>nix-daemon</command>
</cmdsynopsis>
</refsynopsisdiv>
<refsection><title>Description</title>
<para>The Nix daemon is necessary in multi-user Nix installations. It
performs build actions and other operations on the Nix store on behalf
of unprivileged users.</para>
</refsection>
<refsection><title>Options</title>
<variablelist>
<varlistentry><term><option>--pipe</option></term>
<listitem><para>Causes the nix daemon to forward stdin and stdout to and
from the actual daemon socket. This is used when communicating with a remote
store over SSH</para></listitem>
</varlistentry>
</variablelist>
</refsection>
</refentry>

1505
third_party/nix/doc/manual/command-ref/nix-env.xml vendored
View file

File diff suppressed because it is too large Load diff

176
third_party/nix/doc/manual/command-ref/nix-hash.xml vendored
View file

@ -1,176 +0,0 @@
<refentry xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-nix-hash">
<refmeta>
<refentrytitle>nix-hash</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="source">Nix</refmiscinfo>
<refmiscinfo class="version"><xi:include href="../version.txt" parse="text"/></refmiscinfo>
</refmeta>
<refnamediv>
<refname>nix-hash</refname>
<refpurpose>compute the cryptographic hash of a path</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>nix-hash</command>
<arg><option>--flat</option></arg>
<arg><option>--base32</option></arg>
<arg><option>--truncate</option></arg>
<arg><option>--type</option> <replaceable>hashAlgo</replaceable></arg>
<arg choice='plain' rep='repeat'><replaceable>path</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>nix-hash</command>
<arg choice='plain'><option>--to-base16</option></arg>
<arg choice='plain' rep='repeat'><replaceable>hash</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>nix-hash</command>
<arg choice='plain'><option>--to-base32</option></arg>
<arg choice='plain' rep='repeat'><replaceable>hash</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsection><title>Description</title>
<para>The command <command>nix-hash</command> computes the
cryptographic hash of the contents of each
<replaceable>path</replaceable> and prints it on standard output. By
default, it computes an MD5 hash, but other hash algorithms are
available as well. The hash is printed in hexadecimal. To generate
the same hash as <command>nix-prefetch-url</command> you have to
specify multiple arguments, see below for an example.</para>
<para>The hash is computed over a <emphasis>serialisation</emphasis>
of each path: a dump of the file system tree rooted at the path. This
allows directories and symlinks to be hashed as well as regular files.
The dump is in the <emphasis>NAR format</emphasis> produced by <link
linkend="refsec-nix-store-dump"><command>nix-store</command>
<option>--dump</option></link>. Thus, <literal>nix-hash
<replaceable>path</replaceable></literal> yields the same
cryptographic hash as <literal>nix-store --dump
<replaceable>path</replaceable> | md5sum</literal>.</para>
</refsection>
<refsection><title>Options</title>
<variablelist>
<varlistentry><term><option>--flat</option></term>
<listitem><para>Print the cryptographic hash of the contents of
each regular file <replaceable>path</replaceable>. That is, do
not compute the hash over the dump of
<replaceable>path</replaceable>. The result is identical to that
produced by the GNU commands <command>md5sum</command> and
<command>sha1sum</command>.</para></listitem>
</varlistentry>
<varlistentry><term><option>--base32</option></term>
<listitem><para>Print the hash in a base-32 representation rather
than hexadecimal. This base-32 representation is more compact and
can be used in Nix expressions (such as in calls to
<function>fetchurl</function>).</para></listitem>
</varlistentry>
<varlistentry><term><option>--truncate</option></term>
<listitem><para>Truncate hashes longer than 160 bits (such as
SHA-256) to 160 bits.</para></listitem>
</varlistentry>
<varlistentry><term><option>--type</option> <replaceable>hashAlgo</replaceable></term>
<listitem><para>Use the specified cryptographic hash algorithm,
which can be one of <literal>md5</literal>,
<literal>sha1</literal>, and
<literal>sha256</literal>.</para></listitem>
</varlistentry>
<varlistentry><term><option>--to-base16</option></term>
<listitem><para>Dont hash anything, but convert the base-32 hash
representation <replaceable>hash</replaceable> to
hexadecimal.</para></listitem>
</varlistentry>
<varlistentry><term><option>--to-base32</option></term>
<listitem><para>Dont hash anything, but convert the hexadecimal
hash representation <replaceable>hash</replaceable> to
base-32.</para></listitem>
</varlistentry>
</variablelist>
</refsection>
<refsection><title>Examples</title>
<para>Computing the same hash as <command>nix-prefetch-url</command>:
<screen>
$ nix-prefetch-url file://&lt;(echo test)
1lkgqb6fclns49861dwk9rzb6xnfkxbpws74mxnx01z9qyv1pjpj
$ nix-hash --type sha256 --flat --base32 &lt;(echo test)
1lkgqb6fclns49861dwk9rzb6xnfkxbpws74mxnx01z9qyv1pjpj
</screen>
</para>
<para>Computing hashes:
<screen>
$ mkdir test
$ echo "hello" > test/world
$ nix-hash test/ <lineannotation>(MD5 hash; default)</lineannotation>
8179d3caeff1869b5ba1744e5a245c04
$ nix-store --dump test/ | md5sum <lineannotation>(for comparison)</lineannotation>
8179d3caeff1869b5ba1744e5a245c04 -
$ nix-hash --type sha1 test/
e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6
$ nix-hash --type sha1 --base32 test/
nvd61k9nalji1zl9rrdfmsmvyyjqpzg4
$ nix-hash --type sha256 --flat test/
error: reading file `test/': Is a directory
$ nix-hash --type sha256 --flat test/world
5891b5b522d5df086d0ff0b110fbd9d21bb4fc7163af34d08286a2e846f6be03</screen>
</para>
<para>Converting between hexadecimal and base-32:
<screen>
$ nix-hash --type sha1 --to-base32 e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6
nvd61k9nalji1zl9rrdfmsmvyyjqpzg4
$ nix-hash --type sha1 --to-base16 nvd61k9nalji1zl9rrdfmsmvyyjqpzg4
e4fd8ba5f7bbeaea5ace89fe10255536cd60dab6</screen>
</para>
</refsection>
</refentry>

278
third_party/nix/doc/manual/command-ref/nix-instantiate.xml vendored
View file

@ -1,278 +0,0 @@
<refentry xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-nix-instantiate">
<refmeta>
<refentrytitle>nix-instantiate</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="source">Nix</refmiscinfo>
<refmiscinfo class="version"><xi:include href="../version.txt" parse="text"/></refmiscinfo>
</refmeta>
<refnamediv>
<refname>nix-instantiate</refname>
<refpurpose>instantiate store derivations from Nix expressions</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>nix-instantiate</command>
<group>
<arg choice='plain'><option>--parse</option></arg>
<arg choice='plain'>
<option>--eval</option>
<arg><option>--strict</option></arg>
<arg><option>--json</option></arg>
<arg><option>--xml</option></arg>
</arg>
</group>
<arg><option>--read-write-mode</option></arg>
<arg><option>--arg</option> <replaceable>name</replaceable> <replaceable>value</replaceable></arg>
<arg>
<group choice='req'>
<arg choice='plain'><option>--attr</option></arg>
<arg choice='plain'><option>-A</option></arg>
</group>
<replaceable>attrPath</replaceable>
</arg>
<arg><option>--add-root</option> <replaceable>path</replaceable></arg>
<arg><option>--indirect</option></arg>
<arg><option>--<arg>no</arg>trace-file-access</option></arg>
<group>
<arg choice='plain'><option>--expr</option></arg>
<arg choice='plain'><option>-E</option></arg>
</group>
<arg choice='plain' rep='repeat'><replaceable>files</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>nix-instantiate</command>
<arg choice='plain'><option>--find-file</option></arg>
<arg choice='plain' rep='repeat'><replaceable>files</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsection><title>Description</title>
<para>The command <command>nix-instantiate</command> generates <link
linkend="gloss-derivation">store derivations</link> from (high-level)
Nix expressions. It evaluates the Nix expressions in each of
<replaceable>files</replaceable> (which defaults to
<replaceable>./default.nix</replaceable>). Each top-level expression
should evaluate to a derivation, a list of derivations, or a set of
derivations. The paths of the resulting store derivations are printed
on standard output.</para>
<para>If <replaceable>files</replaceable> is the character
<literal>-</literal>, then a Nix expression will be read from standard
input.</para>
<para condition="manual">See also <xref linkend="sec-common-options"
/> for a list of common options.</para>
</refsection>
<refsection><title>Options</title>
<variablelist>
<varlistentry>
<term><option>--add-root</option> <replaceable>path</replaceable></term>
<term><option>--indirect</option></term>
<listitem><para>See the <link linkend="opt-add-root">corresponding
options</link> in <command>nix-store</command>.</para></listitem>
</varlistentry>
<varlistentry><term><option>--parse</option></term>
<listitem><para>Just parse the input files, and print their
abstract syntax trees on standard output in ATerm
format.</para></listitem>
</varlistentry>
<varlistentry><term><option>--eval</option></term>
<listitem><para>Just parse and evaluate the input files, and print
the resulting values on standard output. No instantiation of
store derivations takes place.</para></listitem>
</varlistentry>
<varlistentry><term><option>--find-file</option></term>
<listitem><para>Look up the given files in Nixs search path (as
specified by the <envar linkend="env-NIX_PATH">NIX_PATH</envar>
environment variable). If found, print the corresponding absolute
paths on standard output. For instance, if
<envar>NIX_PATH</envar> is
<literal>nixpkgs=/home/alice/nixpkgs</literal>, then
<literal>nix-instantiate --find-file nixpkgs/default.nix</literal>
will print
<literal>/home/alice/nixpkgs/default.nix</literal>.</para></listitem>
</varlistentry>
<varlistentry><term><option>--strict</option></term>
<listitem><para>When used with <option>--eval</option>,
recursively evaluate list elements and attributes. Normally, such
sub-expressions are left unevaluated (since the Nix expression
language is lazy).</para>
<warning><para>This option can cause non-termination, because lazy
data structures can be infinitely large.</para></warning>
</listitem>
</varlistentry>
<varlistentry><term><option>--<arg>no</arg>trace-file-access</option></term>
<listitem><para>While instantiating the expression, the evaluator will
print the full path to any files it reads with the prefix
<envar>trace-file-access: </envar> to the standard error.</para>
</listitem>
</varlistentry>
<varlistentry><term><option>--json</option></term>
<listitem><para>When used with <option>--eval</option>, print the resulting
value as an JSON representation of the abstract syntax tree rather
than as an ATerm.</para></listitem>
</varlistentry>
<varlistentry><term><option>--xml</option></term>
<listitem><para>When used with <option>--eval</option>, print the resulting
value as an XML representation of the abstract syntax tree rather than as
an ATerm. The schema is the same as that used by the <link
linkend="builtin-toXML"><function>toXML</function> built-in</link>.
</para></listitem>
</varlistentry>
<varlistentry><term><option>--read-write-mode</option></term>
<listitem><para>When used with <option>--eval</option>, perform
evaluation in read/write mode so nix language features that
require it will still work (at the cost of needing to do
instantiation of every evaluated derivation). If this option is
not enabled, there may be uninstantiated store paths in the final
output.</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist condition="manpage">
<xi:include href="opt-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='opt-common']/*)" />
</variablelist>
</refsection>
<refsection><title>Examples</title>
<para>Instantiating store derivations from a Nix expression, and
building them using <command>nix-store</command>:
<screen>
$ nix-instantiate test.nix <lineannotation>(instantiate)</lineannotation>
/nix/store/cigxbmvy6dzix98dxxh9b6shg7ar5bvs-perl-BerkeleyDB-0.26.drv
$ nix-store -r $(nix-instantiate test.nix) <lineannotation>(build)</lineannotation>
<replaceable>...</replaceable>
/nix/store/qhqk4n8ci095g3sdp93x7rgwyh9rdvgk-perl-BerkeleyDB-0.26 <lineannotation>(output path)</lineannotation>
$ ls -l /nix/store/qhqk4n8ci095g3sdp93x7rgwyh9rdvgk-perl-BerkeleyDB-0.26
dr-xr-xr-x 2 eelco users 4096 1970-01-01 01:00 lib
...</screen>
</para>
<para>You can also give a Nix expression on the command line:
<screen>
$ nix-instantiate -E 'with import &lt;nixpkgs> { }; hello'
/nix/store/j8s4zyv75a724q38cb0r87rlczaiag4y-hello-2.8.drv
</screen>
This is equivalent to:
<screen>
$ nix-instantiate '&lt;nixpkgs>' -A hello
</screen>
</para>
<para>Parsing and evaluating Nix expressions:
<screen>
$ nix-instantiate --parse -E '1 + 2'
1 + 2
$ nix-instantiate --eval -E '1 + 2'
3
$ nix-instantiate --eval --xml -E '1 + 2'
<![CDATA[<?xml version='1.0' encoding='utf-8'?>
<expr>
<int value="3" />
</expr>]]></screen>
</para>
<para>The difference between non-strict and strict evaluation:
<screen>
$ nix-instantiate --eval --xml -E 'rec { x = "foo"; y = x; }'
<replaceable>...</replaceable><![CDATA[
<attr name="x">
<string value="foo" />
</attr>
<attr name="y">
<unevaluated />
</attr>]]>
<replaceable>...</replaceable></screen>
Note that <varname>y</varname> is left unevaluated (the XML
representation doesnt attempt to show non-normal forms).
<screen>
$ nix-instantiate --eval --xml --strict -E 'rec { x = "foo"; y = x; }'
<replaceable>...</replaceable><![CDATA[
<attr name="x">
<string value="foo" />
</attr>
<attr name="y">
<string value="foo" />
</attr>]]>
<replaceable>...</replaceable></screen>
</para>
</refsection>
<refsection><title>Conformance</title>
<para>The <option>--trace-file-access</option> option is a nonstandard
extension added by Tvix in 2020.</para>
</refsection>
<refsection condition="manpage"><title>Environment variables</title>
<variablelist>
<xi:include href="env-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='env-common']/*)" />
</variablelist>
</refsection>
</refentry>

131
third_party/nix/doc/manual/command-ref/nix-prefetch-url.xml vendored
View file

@ -1,131 +0,0 @@
<refentry xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-nix-prefetch-url">
<refmeta>
<refentrytitle>nix-prefetch-url</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="source">Nix</refmiscinfo>
<refmiscinfo class="version"><xi:include href="../version.txt" parse="text"/></refmiscinfo>
</refmeta>
<refnamediv>
<refname>nix-prefetch-url</refname>
<refpurpose>copy a file from a URL into the store and print its hash</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>nix-prefetch-url</command>
<arg><option>--version</option></arg>
<arg><option>--type</option> <replaceable>hashAlgo</replaceable></arg>
<arg><option>--print-path</option></arg>
<arg><option>--unpack</option></arg>
<arg><option>--name</option> <replaceable>name</replaceable></arg>
<arg choice='plain'><replaceable>url</replaceable></arg>
<arg><replaceable>hash</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsection><title>Description</title>
<para>The command <command>nix-prefetch-url</command> downloads the
file referenced by the URL <replaceable>url</replaceable>, prints its
cryptographic hash, and copies it into the Nix store. The file name
in the store is
<filename><replaceable>hash</replaceable>-<replaceable>baseName</replaceable></filename>,
where <replaceable>baseName</replaceable> is everything following the
final slash in <replaceable>url</replaceable>.</para>
<para>This command is just a convenience for Nix expression writers.
Often a Nix expression fetches some source distribution from the
network using the <literal>fetchurl</literal> expression contained in
Nixpkgs. However, <literal>fetchurl</literal> requires a
cryptographic hash. If you don't know the hash, you would have to
download the file first, and then <literal>fetchurl</literal> would
download it again when you build your Nix expression. Since
<literal>fetchurl</literal> uses the same name for the downloaded file
as <command>nix-prefetch-url</command>, the redundant download can be
avoided.</para>
<para>If <replaceable>hash</replaceable> is specified, then a download
is not performed if the Nix store already contains a file with the
same hash and base name. Otherwise, the file is downloaded, and an
error is signaled if the actual hash of the file does not match the
specified hash.</para>
<para>This command prints the hash on standard output. Additionally,
if the option <option>--print-path</option> is used, the path of the
downloaded file in the Nix store is also printed.</para>
</refsection>
<refsection><title>Options</title>
<variablelist>
<varlistentry><term><option>--type</option> <replaceable>hashAlgo</replaceable></term>
<listitem><para>Use the specified cryptographic hash algorithm,
which can be one of <literal>md5</literal>,
<literal>sha1</literal>, and
<literal>sha256</literal>.</para></listitem>
</varlistentry>
<varlistentry><term><option>--print-path</option></term>
<listitem><para>Print the store path of the downloaded file on
standard output.</para></listitem>
</varlistentry>
<varlistentry><term><option>--unpack</option></term>
<listitem><para>Unpack the archive (which must be a tarball or zip
file) and add the result to the Nix store. The resulting hash can
be used with functions such as Nixpkgss
<varname>fetchzip</varname> or
<varname>fetchFromGitHub</varname>.</para></listitem>
</varlistentry>
<varlistentry><term><option>--name</option> <replaceable>name</replaceable></term>
<listitem><para>Override the name of the file in the Nix store. By
default, this is
<literal><replaceable>hash</replaceable>-<replaceable>basename</replaceable></literal>,
where <replaceable>basename</replaceable> is the last component of
<replaceable>url</replaceable>. Overriding the name is necessary
when <replaceable>basename</replaceable> contains characters that
are not allowed in Nix store paths.</para></listitem>
</varlistentry>
</variablelist>
</refsection>
<refsection><title>Examples</title>
<screen>
$ nix-prefetch-url ftp://ftp.gnu.org/pub/gnu/hello/hello-2.10.tar.gz
0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i
$ nix-prefetch-url --print-path mirror://gnu/hello/hello-2.10.tar.gz
0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i
/nix/store/3x7dwzq014bblazs7kq20p9hyzz0qh8g-hello-2.10.tar.gz
$ nix-prefetch-url --unpack --print-path https://github.com/NixOS/patchelf/archive/0.8.tar.gz
079agjlv0hrv7fxnx9ngipx14gyncbkllxrp9cccnh3a50fxcmy7
/nix/store/19zrmhm3m40xxaw81c8cqm6aljgrnwj2-0.8.tar.gz
</screen>
</refsection>
</refentry>

397
third_party/nix/doc/manual/command-ref/nix-shell.xml vendored
View file

@ -1,397 +0,0 @@
<refentry xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-nix-shell">
<refmeta>
<refentrytitle>nix-shell</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="source">Nix</refmiscinfo>
<refmiscinfo class="version"><xi:include href="../version.txt" parse="text"/></refmiscinfo>
</refmeta>
<refnamediv>
<refname>nix-shell</refname>
<refpurpose>start an interactive shell based on a Nix expression</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>nix-shell</command>
<arg><option>--arg</option> <replaceable>name</replaceable> <replaceable>value</replaceable></arg>
<arg><option>--argstr</option> <replaceable>name</replaceable> <replaceable>value</replaceable></arg>
<arg>
<group choice='req'>
<arg choice='plain'><option>--attr</option></arg>
<arg choice='plain'><option>-A</option></arg>
</group>
<replaceable>attrPath</replaceable>
</arg>
<arg><option>--command</option> <replaceable>cmd</replaceable></arg>
<arg><option>--run</option> <replaceable>cmd</replaceable></arg>
<arg><option>--exclude</option> <replaceable>regexp</replaceable></arg>
<arg><option>--pure</option></arg>
<arg><option>--keep</option> <replaceable>name</replaceable></arg>
<group choice='req'>
<arg choice='plain'>
<group choice='req'>
<arg choice='plain'><option>--packages</option></arg>
<arg choice='plain'><option>-p</option></arg>
</group>
<arg choice='plain' rep='repeat'><replaceable>packages</replaceable></arg>
</arg>
<arg><replaceable>path</replaceable></arg>
</group>
</cmdsynopsis>
</refsynopsisdiv>
<refsection><title>Description</title>
<para>The command <command>nix-shell</command> will build the
dependencies of the specified derivation, but not the derivation
itself. It will then start an interactive shell in which all
environment variables defined by the derivation
<replaceable>path</replaceable> have been set to their corresponding
values, and the script <literal>$stdenv/setup</literal> has been
sourced. This is useful for reproducing the environment of a
derivation for development.</para>
<para>If <replaceable>path</replaceable> is not given,
<command>nix-shell</command> defaults to
<filename>shell.nix</filename> if it exists, and
<filename>default.nix</filename> otherwise.</para>
<para>If <replaceable>path</replaceable> starts with
<literal>http://</literal> or <literal>https://</literal>, it is
interpreted as the URL of a tarball that will be downloaded and
unpacked to a temporary location. The tarball must include a single
top-level directory containing at least a file named
<filename>default.nix</filename>.</para>
<para>If the derivation defines the variable
<varname>shellHook</varname>, it will be evaluated after
<literal>$stdenv/setup</literal> has been sourced. Since this hook is
not executed by regular Nix builds, it allows you to perform
initialisation specific to <command>nix-shell</command>. For example,
the derivation attribute
<programlisting>
shellHook =
''
echo "Hello shell"
'';
</programlisting>
will cause <command>nix-shell</command> to print <literal>Hello shell</literal>.</para>
</refsection>
<refsection><title>Options</title>
<para>All options not listed here are passed to <command>nix-store
--realise</command>, except for <option>--arg</option> and
<option>--attr</option> / <option>-A</option> which are passed to
<command>nix-instantiate</command>. <phrase condition="manual">See
also <xref linkend="sec-common-options" />.</phrase></para>
<variablelist>
<varlistentry><term><option>--command</option> <replaceable>cmd</replaceable></term>
<listitem><para>In the environment of the derivation, run the
shell command <replaceable>cmd</replaceable>. This command is
executed in an interactive shell. (Use <option>--run</option> to
use a non-interactive shell instead.) However, a call to
<literal>exit</literal> is implicitly added to the command, so the
shell will exit after running the command. To prevent this, add
<literal>return</literal> at the end; e.g. <literal>--command
"echo Hello; return"</literal> will print <literal>Hello</literal>
and then drop you into the interactive shell. This can be useful
for doing any additional initialisation.</para></listitem>
</varlistentry>
<varlistentry><term><option>--run</option> <replaceable>cmd</replaceable></term>
<listitem><para>Like <option>--command</option>, but executes the
command in a non-interactive shell. This means (among other
things) that if you hit Ctrl-C while the command is running, the
shell exits.</para></listitem>
</varlistentry>
<varlistentry><term><option>--exclude</option> <replaceable>regexp</replaceable></term>
<listitem><para>Do not build any dependencies whose store path
matches the regular expression <replaceable>regexp</replaceable>.
This option may be specified multiple times.</para></listitem>
</varlistentry>
<varlistentry><term><option>--pure</option></term>
<listitem><para>If this flag is specified, the environment is
almost entirely cleared before the interactive shell is started,
so you get an environment that more closely corresponds to the
“real” Nix build. A few variables, in particular
<envar>HOME</envar>, <envar>USER</envar> and
<envar>DISPLAY</envar>, are retained. Note that
<filename>~/.bashrc</filename> and (depending on your Bash
installation) <filename>/etc/bashrc</filename> are still sourced,
so any variables set there will affect the interactive
shell.</para></listitem>
</varlistentry>
<varlistentry><term><option>--packages</option> / <option>-p</option> <replaceable>packages</replaceable></term>
<listitem><para>Set up an environment in which the specified
packages are present. The command line arguments are interpreted
as attribute names inside the Nix Packages collection. Thus,
<literal>nix-shell -p libjpeg openjdk</literal> will start a shell
in which the packages denoted by the attribute names
<varname>libjpeg</varname> and <varname>openjdk</varname> are
present.</para></listitem>
</varlistentry>
<varlistentry><term><option>-i</option> <replaceable>interpreter</replaceable></term>
<listitem><para>The chained script interpreter to be invoked by
<command>nix-shell</command>. Only applicable in
<literal>#!</literal>-scripts (described <link
linkend="ssec-nix-shell-shebang">below</link>).</para>
</listitem></varlistentry>
<varlistentry><term><option>--keep</option> <replaceable>name</replaceable></term>
<listitem><para>When a <option>--pure</option> shell is started,
keep the listed environment variables.</para></listitem>
</varlistentry>
</variablelist>
<para>The following common options are supported:</para>
<variablelist condition="manpage">
<xi:include href="opt-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='opt-common']/*)" />
</variablelist>
</refsection>
<refsection><title>Environment variables</title>
<variablelist>
<varlistentry><term><envar>NIX_BUILD_SHELL</envar></term>
<listitem><para>Shell used to start the interactive environment.
Defaults to the <command>bash</command> found in <envar>PATH</envar>.</para></listitem>
</varlistentry>
</variablelist>
</refsection>
<refsection><title>Examples</title>
<para>To build the dependencies of the package Pan, and start an
interactive shell in which to build it:
<screen>
$ nix-shell '&lt;nixpkgs>' -A pan
[nix-shell]$ unpackPhase
[nix-shell]$ cd pan-*
[nix-shell]$ configurePhase
[nix-shell]$ buildPhase
[nix-shell]$ ./pan/gui/pan
</screen>
To clear the environment first, and do some additional automatic
initialisation of the interactive shell:
<screen>
$ nix-shell '&lt;nixpkgs>' -A pan --pure \
--command 'export NIX_DEBUG=1; export NIX_CORES=8; return'
</screen>
Nix expressions can also be given on the command line. For instance,
the following starts a shell containing the packages
<literal>sqlite</literal> and <literal>libX11</literal>:
<screen>
$ nix-shell -E 'with import &lt;nixpkgs> { }; runCommand "dummy" { buildInputs = [ sqlite xorg.libX11 ]; } ""'
</screen>
A shorter way to do the same is:
<screen>
$ nix-shell -p sqlite xorg.libX11
[nix-shell]$ echo $NIX_LDFLAGS
… -L/nix/store/j1zg5v…-sqlite-3.8.0.2/lib -L/nix/store/0gmcz9…-libX11-1.6.1/lib …
</screen>
The <command>-p</command> flag looks up Nixpkgs in the Nix search
path. You can override it by passing <option>-I</option> or setting
<envar>NIX_PATH</envar>. For example, the following gives you a shell
containing the Pan package from a specific revision of Nixpkgs:
<screen>
$ nix-shell -p pan -I nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/8a3eea054838b55aca962c3fbde9c83c102b8bf2.tar.gz
[nix-shell:~]$ pan --version
Pan 0.139
</screen>
</para>
</refsection>
<refsection xml:id="ssec-nix-shell-shebang"><title>Use as a <literal>#!</literal>-interpreter</title>
<para>You can use <command>nix-shell</command> as a script interpreter
to allow scripts written in arbitrary languages to obtain their own
dependencies via Nix. This is done by starting the script with the
following lines:
<programlisting>
#! /usr/bin/env nix-shell
#! nix-shell -i <replaceable>real-interpreter</replaceable> -p <replaceable>packages</replaceable>
</programlisting>
where <replaceable>real-interpreter</replaceable> is the “real” script
interpreter that will be invoked by <command>nix-shell</command> after
it has obtained the dependencies and initialised the environment, and
<replaceable>packages</replaceable> are the attribute names of the
dependencies in Nixpkgs.</para>
<para>The lines starting with <literal>#! nix-shell</literal> specify
<command>nix-shell</command> options (see above). Note that you cannot
write <literal>#! /usr/bin/env nix-shell -i ...</literal> because
many operating systems only allow one argument in
<literal>#!</literal> lines.</para>
<para>For example, here is a Python script that depends on Python and
the <literal>prettytable</literal> package:
<programlisting>
#! /usr/bin/env nix-shell
#! nix-shell -i python -p python pythonPackages.prettytable
import prettytable
# Print a simple table.
t = prettytable.PrettyTable(["N", "N^2"])
for n in range(1, 10): t.add_row([n, n * n])
print t
</programlisting>
</para>
<para>Similarly, the following is a Perl script that specifies that it
requires Perl and the <literal>HTML::TokeParser::Simple</literal> and
<literal>LWP</literal> packages:
<programlisting>
#! /usr/bin/env nix-shell
#! nix-shell -i perl -p perl perlPackages.HTMLTokeParserSimple perlPackages.LWP
use HTML::TokeParser::Simple;
# Fetch nixos.org and print all hrefs.
my $p = HTML::TokeParser::Simple->new(url => 'http://nixos.org/');
while (my $token = $p->get_tag("a")) {
my $href = $token->get_attr("href");
print "$href\n" if $href;
}
</programlisting>
</para>
<para>Sometimes you need to pass a simple Nix expression to customize
a package like Terraform:
<programlisting><![CDATA[
#! /usr/bin/env nix-shell
#! nix-shell -i bash -p "terraform.withPlugins (plugins: [ plugins.openstack ])"
terraform apply
]]></programlisting>
<note><para>You must use double quotes (<literal>"</literal>) when
passing a simple Nix expression in a nix-shell shebang.</para></note>
</para>
<para>Finally, using the merging of multiple nix-shell shebangs the
following Haskell script uses a specific branch of Nixpkgs/NixOS (the
18.03 stable branch):
<programlisting><![CDATA[
#! /usr/bin/env nix-shell
#! nix-shell -i runghc -p "haskellPackages.ghcWithPackages (ps: [ps.HTTP ps.tagsoup])"
#! nix-shell -I nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/nixos-18.03.tar.gz
import Network.HTTP
import Text.HTML.TagSoup
-- Fetch nixos.org and print all hrefs.
main = do
resp <- Network.HTTP.simpleHTTP (getRequest "http://nixos.org/")
body <- getResponseBody resp
let tags = filter (isTagOpenName "a") $ parseTags body
let tags' = map (fromAttrib "href") tags
mapM_ putStrLn $ filter (/= "") tags'
]]></programlisting>
If you want to be even more precise, you can specify a specific
revision of Nixpkgs:
<programlisting>
#! nix-shell -I nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/0672315759b3e15e2121365f067c1c8c56bb4722.tar.gz
</programlisting>
</para>
<para>The examples above all used <option>-p</option> to get
dependencies from Nixpkgs. You can also use a Nix expression to build
your own dependencies. For example, the Python example could have been
written as:
<programlisting>
#! /usr/bin/env nix-shell
#! nix-shell deps.nix -i python
</programlisting>
where the file <filename>deps.nix</filename> in the same directory
as the <literal>#!</literal>-script contains:
<programlisting>
with import &lt;nixpkgs> {};
runCommand "dummy" { buildInputs = [ python pythonPackages.prettytable ]; } ""
</programlisting>
</para>
</refsection>
<refsection condition="manpage"><title>Environment variables</title>
<variablelist>
<xi:include href="env-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='env-common']/*)" />
</variablelist>
</refsection>
</refentry>

1525
third_party/nix/doc/manual/command-ref/nix-store.xml vendored
View file

File diff suppressed because it is too large Load diff

64
third_party/nix/doc/manual/command-ref/opt-common-syn.xml vendored
View file

@ -1,64 +0,0 @@
<nop xmlns="http://docbook.org/ns/docbook">
<arg><option>--help</option></arg>
<arg><option>--version</option></arg>
<arg rep='repeat'>
<group choice='req'>
<arg choice='plain'><option>--verbose</option></arg>
<arg choice='plain'><option>-v</option></arg>
</group>
</arg>
<arg>
<arg choice='plain'><option>--quiet</option></arg>
</arg>
<arg>
<group choice='plain'>
<arg choice='plain'><option>--no-build-output</option></arg>
<arg choice='plain'><option>-Q</option></arg>
</group>
</arg>
<arg>
<group choice='req'>
<arg choice='plain'><option>--max-jobs</option></arg>
<arg choice='plain'><option>-j</option></arg>
</group>
<replaceable>number</replaceable>
</arg>
<arg>
<option>--cores</option>
<replaceable>number</replaceable>
</arg>
<arg>
<option>--max-silent-time</option>
<replaceable>number</replaceable>
</arg>
<arg>
<option>--timeout</option>
<replaceable>number</replaceable>
</arg>
<arg>
<group choice='plain'>
<arg choice='plain'><option>--keep-going</option></arg>
<arg choice='plain'><option>-k</option></arg>
</group>
</arg>
<arg>
<group choice='plain'>
<arg choice='plain'><option>--keep-failed</option></arg>
<arg choice='plain'><option>-K</option></arg>
</group>
</arg>
<arg><option>--fallback</option></arg>
<arg><option>--readonly-mode</option></arg>
<arg>
<option>-I</option>
<replaceable>path</replaceable>
</arg>
<arg>
<option>--option</option>
<replaceable>name</replaceable>
<replaceable>value</replaceable>
</arg>
<sbr />
</nop>

366
third_party/nix/doc/manual/command-ref/opt-common.xml vendored
View file

@ -1,366 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook" xml:id="sec-common-options">
<title>Common Options</title>
<para>Most Nix commands accept the following command-line options:</para>
<variablelist xml:id="opt-common">
<varlistentry><term><option>--help</option></term>
<listitem><para>Prints out a summary of the command syntax and
exits.</para></listitem>
</varlistentry>
<varlistentry><term><option>--version</option></term>
<listitem><para>Prints out the Nix version number on standard output
and exits.</para></listitem>
</varlistentry>
<varlistentry><term><option>--verbose</option> / <option>-v</option></term>
<listitem>
<para>Increases the level of verbosity of diagnostic messages
printed on standard error. For each Nix operation, the information
printed on standard output is well-defined; any diagnostic
information is printed on standard error, never on standard
output.</para>
<para>This option may be specified repeatedly. Currently, the
following verbosity levels exist:</para>
<variablelist>
<varlistentry><term>0</term>
<listitem><para>“Errors only”: only print messages
explaining why the Nix invocation failed.</para></listitem>
</varlistentry>
<varlistentry><term>1</term>
<listitem><para>“Informational”: print
<emphasis>useful</emphasis> messages about what Nix is doing.
This is the default.</para></listitem>
</varlistentry>
<varlistentry><term>2</term>
<listitem><para>“Talkative”: print more informational
messages.</para></listitem>
</varlistentry>
<varlistentry><term>3</term>
<listitem><para>“Chatty”: print even more
informational messages.</para></listitem>
</varlistentry>
<varlistentry><term>4</term>
<listitem><para>“Debug”: print debug
information.</para></listitem>
</varlistentry>
<varlistentry><term>5</term>
<listitem><para>“Vomit”: print vast amounts of debug
information.</para></listitem>
</varlistentry>
</variablelist>
</listitem>
</varlistentry>
<varlistentry><term><option>--quiet</option></term>
<listitem>
<para>Decreases the level of verbosity of diagnostic messages
printed on standard error. This is the inverse option to
<option>-v</option> / <option>--verbose</option>.
</para>
<para>This option may be specified repeatedly. See the previous
verbosity levels list.</para>
</listitem>
</varlistentry>
<varlistentry><term><option>--no-build-output</option> / <option>-Q</option></term>
<listitem><para>By default, output written by builders to standard
output and standard error is echoed to the Nix command's standard
error. This option suppresses this behaviour. Note that the
builder's standard output and error are always written to a log file
in
<filename><replaceable>prefix</replaceable>/nix/var/log/nix</filename>.</para></listitem>
</varlistentry>
<varlistentry xml:id="opt-max-jobs"><term><option>--max-jobs</option> / <option>-j</option>
<replaceable>number</replaceable></term>
<listitem>
<para>Sets the maximum number of build jobs that Nix will
perform in parallel to the specified number. Specify
<literal>auto</literal> to use the number of CPUs in the system.
The default is specified by the <link
linkend='conf-max-jobs'><literal>max-jobs</literal></link>
configuration setting, which itself defaults to
<literal>1</literal>. A higher value is useful on SMP systems or to
exploit I/O latency.</para>
<para> Setting it to <literal>0</literal> disallows building on the local
machine, which is useful when you want builds to happen only on remote
builders.</para>
</listitem>
</varlistentry>
<varlistentry xml:id="opt-cores"><term><option>--cores</option></term>
<listitem><para>Sets the value of the <envar>NIX_BUILD_CORES</envar>
environment variable in the invocation of builders. Builders can
use this variable at their discretion to control the maximum amount
of parallelism. For instance, in Nixpkgs, if the derivation
attribute <varname>enableParallelBuilding</varname> is set to
<literal>true</literal>, the builder passes the
<option>-j<replaceable>N</replaceable></option> flag to GNU Make.
It defaults to the value of the <link
linkend='conf-cores'><literal>cores</literal></link>
configuration setting, if set, or <literal>1</literal> otherwise.
The value <literal>0</literal> means that the builder should use all
available CPU cores in the system.</para></listitem>
</varlistentry>
<varlistentry xml:id="opt-max-silent-time"><term><option>--max-silent-time</option></term>
<listitem><para>Sets the maximum number of seconds that a builder
can go without producing any data on standard output or standard
error. The default is specified by the <link
linkend='conf-max-silent-time'><literal>max-silent-time</literal></link>
configuration setting. <literal>0</literal> means no
time-out.</para></listitem>
</varlistentry>
<varlistentry xml:id="opt-timeout"><term><option>--timeout</option></term>
<listitem><para>Sets the maximum number of seconds that a builder
can run. The default is specified by the <link
linkend='conf-timeout'><literal>timeout</literal></link>
configuration setting. <literal>0</literal> means no
timeout.</para></listitem>
</varlistentry>
<varlistentry><term><option>--keep-going</option> / <option>-k</option></term>
<listitem><para>Keep going in case of failed builds, to the
greatest extent possible. That is, if building an input of some
derivation fails, Nix will still build the other inputs, but not the
derivation itself. Without this option, Nix stops if any build
fails (except for builds of substitutes), possibly killing builds in
progress (in case of parallel or distributed builds).</para></listitem>
</varlistentry>
<varlistentry><term><option>--keep-failed</option> / <option>-K</option></term>
<listitem><para>Specifies that in case of a build failure, the
temporary directory (usually in <filename>/tmp</filename>) in which
the build takes place should not be deleted. The path of the build
directory is printed as an informational message.
</para>
</listitem>
</varlistentry>
<varlistentry><term><option>--fallback</option></term>
<listitem>
<para>Whenever Nix attempts to build a derivation for which
substitutes are known for each output path, but realising the output
paths through the substitutes fails, fall back on building the
derivation.</para>
<para>The most common scenario in which this is useful is when we
have registered substitutes in order to perform binary distribution
from, say, a network repository. If the repository is down, the
realisation of the derivation will fail. When this option is
specified, Nix will build the derivation instead. Thus,
installation from binaries falls back on installation from source.
This option is not the default since it is generally not desirable
for a transient failure in obtaining the substitutes to lead to a
full build from source (with the related consumption of
resources).</para>
</listitem>
</varlistentry>
<varlistentry><term><option>--no-build-hook</option></term>
<listitem>
<para>Disables the build hook mechanism. This allows to ignore remote
builders if they are setup on the machine.</para>
<para>It's useful in cases where the bandwidth between the client and the
remote builder is too low. In that case it can take more time to upload the
sources to the remote builder and fetch back the result than to do the
computation locally.</para>
</listitem>
</varlistentry>
<varlistentry><term><option>--readonly-mode</option></term>
<listitem><para>When this option is used, no attempt is made to open
the Nix database. Most Nix operations do need database access, so
those operations will fail.</para></listitem>
</varlistentry>
<varlistentry><term><option>--arg</option> <replaceable>name</replaceable> <replaceable>value</replaceable></term>
<listitem><para>This option is accepted by
<command>nix-env</command>, <command>nix-instantiate</command> and
<command>nix-build</command>. When evaluating Nix expressions, the
expression evaluator will automatically try to call functions that
it encounters. It can automatically call functions for which every
argument has a <link linkend='ss-functions'>default value</link>
(e.g., <literal>{ <replaceable>argName</replaceable> ?
<replaceable>defaultValue</replaceable> }:
<replaceable>...</replaceable></literal>). With
<option>--arg</option>, you can also call functions that have
arguments without a default value (or override a default value).
That is, if the evaluator encounters a function with an argument
named <replaceable>name</replaceable>, it will call it with value
<replaceable>value</replaceable>.</para>
<para>For instance, the top-level <literal>default.nix</literal> in
Nixpkgs is actually a function:
<programlisting>
{ # The system (e.g., `i686-linux') for which to build the packages.
system ? builtins.currentSystem
<replaceable>...</replaceable>
}: <replaceable>...</replaceable></programlisting>
So if you call this Nix expression (e.g., when you do
<literal>nix-env -i <replaceable>pkgname</replaceable></literal>),
the function will be called automatically using the value <link
linkend='builtin-currentSystem'><literal>builtins.currentSystem</literal></link>
for the <literal>system</literal> argument. You can override this
using <option>--arg</option>, e.g., <literal>nix-env -i
<replaceable>pkgname</replaceable> --arg system
\"i686-freebsd\"</literal>. (Note that since the argument is a Nix
string literal, you have to escape the quotes.)</para></listitem>
</varlistentry>
<varlistentry><term><option>--argstr</option> <replaceable>name</replaceable> <replaceable>value</replaceable></term>
<listitem><para>This option is like <option>--arg</option>, only the
value is not a Nix expression but a string. So instead of
<literal>--arg system \"i686-linux\"</literal> (the outer quotes are
to keep the shell happy) you can say <literal>--argstr system
i686-linux</literal>.</para></listitem>
</varlistentry>
<varlistentry xml:id="opt-attr"><term><option>--attr</option> / <option>-A</option>
<replaceable>attrPath</replaceable></term>
<listitem><para>Select an attribute from the top-level Nix
expression being evaluated. (<command>nix-env</command>,
<command>nix-instantiate</command>, <command>nix-build</command> and
<command>nix-shell</command> only.) The <emphasis>attribute
path</emphasis> <replaceable>attrPath</replaceable> is a sequence of
attribute names separated by dots. For instance, given a top-level
Nix expression <replaceable>e</replaceable>, the attribute path
<literal>xorg.xorgserver</literal> would cause the expression
<literal><replaceable>e</replaceable>.xorg.xorgserver</literal> to
be used. See <link
linkend='refsec-nix-env-install-examples'><command>nix-env
--install</command></link> for some concrete examples.</para>
<para>In addition to attribute names, you can also specify array
indices. For instance, the attribute path
<literal>foo.3.bar</literal> selects the <literal>bar</literal>
attribute of the fourth element of the array in the
<literal>foo</literal> attribute of the top-level
expression.</para></listitem>
</varlistentry>
<varlistentry><term><option>--expr</option> / <option>-E</option></term>
<listitem><para>Interpret the command line arguments as a list of
Nix expressions to be parsed and evaluated, rather than as a list
of file names of Nix expressions.
(<command>nix-instantiate</command>, <command>nix-build</command>
and <command>nix-shell</command> only.)</para></listitem>
</varlistentry>
<varlistentry xml:id="opt-I"><term><option>-I</option> <replaceable>path</replaceable></term>
<listitem><para>Add a path to the Nix expression search path. This
option may be given multiple times. See the <envar
linkend="env-NIX_PATH">NIX_PATH</envar> environment variable for
information on the semantics of the Nix search path. Paths added
through <option>-I</option> take precedence over
<envar>NIX_PATH</envar>.</para></listitem>
</varlistentry>
<varlistentry><term><option>--option</option> <replaceable>name</replaceable> <replaceable>value</replaceable></term>
<listitem><para>Set the Nix configuration option
<replaceable>name</replaceable> to <replaceable>value</replaceable>.
This overrides settings in the Nix configuration file (see
<citerefentry><refentrytitle>nix.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>).</para></listitem>
</varlistentry>
<varlistentry><term><option>--repair</option></term>
<listitem><para>Fix corrupted or missing store paths by
redownloading or rebuilding them. Note that this is slow because it
requires computing a cryptographic hash of the contents of every
path in the closure of the build. Also note the warning under
<command>nix-store --repair-path</command>.</para></listitem>
</varlistentry>
</variablelist>
</chapter>

22
third_party/nix/doc/manual/command-ref/opt-inst-syn.xml vendored
View file

@ -1,22 +0,0 @@
<nop xmlns="http://docbook.org/ns/docbook">
<arg>
<group choice='req'>
<arg choice='plain'><option>--prebuilt-only</option></arg>
<arg choice='plain'><option>-b</option></arg>
</group>
</arg>
<arg>
<group choice='req'>
<arg choice='plain'><option>--attr</option></arg>
<arg choice='plain'><option>-A</option></arg>
</group>
</arg>
<arg><option>--from-expression</option></arg>
<arg><option>-E</option></arg>
<arg><option>--from-profile</option> <replaceable>path</replaceable></arg>
</nop>

20
third_party/nix/doc/manual/command-ref/utilities.xml vendored
View file

@ -1,20 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='ch-utilities'>
<title>Utilities</title>
<para>This section lists utilities that you can use when you
work with Nix.</para>
<xi:include href="nix-channel.xml" />
<xi:include href="nix-collect-garbage.xml" />
<xi:include href="nix-copy-closure.xml" />
<xi:include href="nix-daemon.xml" />
<xi:include href="nix-hash.xml" />
<xi:include href="nix-instantiate.xml" />
<xi:include href="nix-prefetch-url.xml" />
</chapter>

340
third_party/nix/doc/manual/expressions/advanced-attributes.xml vendored
View file

@ -1,340 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-advanced-attributes">
<title>Advanced Attributes</title>
<para>Derivations can declare some infrequently used optional
attributes.</para>
<variablelist>
<varlistentry><term><varname>allowedReferences</varname></term>
<listitem><para>The optional attribute
<varname>allowedReferences</varname> specifies a list of legal
references (dependencies) of the output of the builder. For
example,
<programlisting>
allowedReferences = [];
</programlisting>
enforces that the output of a derivation cannot have any runtime
dependencies on its inputs. To allow an output to have a runtime
dependency on itself, use <literal>"out"</literal> as a list item.
This is used in NixOS to check that generated files such as
initial ramdisks for booting Linux dont have accidental
dependencies on other paths in the Nix store.</para></listitem>
</varlistentry>
<varlistentry><term><varname>allowedRequisites</varname></term>
<listitem><para>This attribute is similar to
<varname>allowedReferences</varname>, but it specifies the legal
requisites of the whole closure, so all the dependencies
recursively. For example,
<programlisting>
allowedRequisites = [ foobar ];
</programlisting>
enforces that the output of a derivation cannot have any other
runtime dependency than <varname>foobar</varname>, and in addition
it enforces that <varname>foobar</varname> itself doesn't
introduce any other dependency itself.</para></listitem>
</varlistentry>
<varlistentry><term><varname>disallowedReferences</varname></term>
<listitem><para>The optional attribute
<varname>disallowedReferences</varname> specifies a list of illegal
references (dependencies) of the output of the builder. For
example,
<programlisting>
disallowedReferences = [ foo ];
</programlisting>
enforces that the output of a derivation cannot have a direct runtime
dependencies on the derivation <varname>foo</varname>.</para></listitem>
</varlistentry>
<varlistentry><term><varname>disallowedRequisites</varname></term>
<listitem><para>This attribute is similar to
<varname>disallowedReferences</varname>, but it specifies illegal
requisites for the whole closure, so all the dependencies
recursively. For example,
<programlisting>
disallowedRequisites = [ foobar ];
</programlisting>
enforces that the output of a derivation cannot have any
runtime dependency on <varname>foobar</varname> or any other derivation
depending recursively on <varname>foobar</varname>.</para></listitem>
</varlistentry>
<varlistentry><term><varname>exportReferencesGraph</varname></term>
<listitem><para>This attribute allows builders access to the
references graph of their inputs. The attribute is a list of
inputs in the Nix store whose references graph the builder needs
to know. The value of this attribute should be a list of pairs
<literal>[ <replaceable>name1</replaceable>
<replaceable>path1</replaceable> <replaceable>name2</replaceable>
<replaceable>path2</replaceable> <replaceable>...</replaceable>
]</literal>. The references graph of each
<replaceable>pathN</replaceable> will be stored in a text file
<replaceable>nameN</replaceable> in the temporary build directory.
The text files have the format used by <command>nix-store
--register-validity</command> (with the deriver fields left
empty). For example, when the following derivation is built:
<programlisting>
derivation {
...
exportReferencesGraph = [ "libfoo-graph" libfoo ];
};
</programlisting>
the references graph of <literal>libfoo</literal> is placed in the
file <filename>libfoo-graph</filename> in the temporary build
directory.</para>
<para><varname>exportReferencesGraph</varname> is useful for
builders that want to do something with the closure of a store
path. Examples include the builders in NixOS that generate the
initial ramdisk for booting Linux (a <command>cpio</command>
archive containing the closure of the boot script) and the
ISO-9660 image for the installation CD (which is populated with a
Nix store containing the closure of a bootable NixOS
configuration).</para></listitem>
</varlistentry>
<varlistentry><term><varname>impureEnvVars</varname></term>
<listitem><para>This attribute allows you to specify a list of
environment variables that should be passed from the environment
of the calling user to the builder. Usually, the environment is
cleared completely when the builder is executed, but with this
attribute you can allow specific environment variables to be
passed unmodified. For example, <function>fetchurl</function> in
Nixpkgs has the line
<programlisting>
impureEnvVars = [ "http_proxy" "https_proxy" <replaceable>...</replaceable> ];
</programlisting>
to make it use the proxy server configuration specified by the
user in the environment variables <envar>http_proxy</envar> and
friends.</para>
<para>This attribute is only allowed in <link
linkend="fixed-output-drvs">fixed-output derivations</link>, where
impurities such as these are okay since (the hash of) the output
is known in advance. It is ignored for all other
derivations.</para>
<warning><para><varname>impureEnvVars</varname> implementation takes
environment variables from the current builder process. When a daemon is
building its environmental variables are used. Without the daemon, the
environmental variables come from the environment of the
<command>nix-build</command>.</para></warning></listitem>
</varlistentry>
<varlistentry xml:id="fixed-output-drvs">
<term><varname>outputHash</varname></term>
<term><varname>outputHashAlgo</varname></term>
<term><varname>outputHashMode</varname></term>
<listitem><para>These attributes declare that the derivation is a
so-called <emphasis>fixed-output derivation</emphasis>, which
means that a cryptographic hash of the output is already known in
advance. When the build of a fixed-output derivation finishes,
Nix computes the cryptographic hash of the output and compares it
to the hash declared with these attributes. If there is a
mismatch, the build fails.</para>
<para>The rationale for fixed-output derivations is derivations
such as those produced by the <function>fetchurl</function>
function. This function downloads a file from a given URL. To
ensure that the downloaded file has not been modified, the caller
must also specify a cryptographic hash of the file. For example,
<programlisting>
fetchurl {
url = http://ftp.gnu.org/pub/gnu/hello/hello-2.1.1.tar.gz;
sha256 = "1md7jsfd8pa45z73bz1kszpp01yw6x5ljkjk2hx7wl800any6465";
}
</programlisting>
It sometimes happens that the URL of the file changes, e.g.,
because servers are reorganised or no longer available. We then
must update the call to <function>fetchurl</function>, e.g.,
<programlisting>
fetchurl {
url = ftp://ftp.nluug.nl/pub/gnu/hello/hello-2.1.1.tar.gz;
sha256 = "1md7jsfd8pa45z73bz1kszpp01yw6x5ljkjk2hx7wl800any6465";
}
</programlisting>
If a <function>fetchurl</function> derivation was treated like a
normal derivation, the output paths of the derivation and
<emphasis>all derivations depending on it</emphasis> would change.
For instance, if we were to change the URL of the Glibc source
distribution in Nixpkgs (a package on which almost all other
packages depend) massive rebuilds would be needed. This is
unfortunate for a change which we know cannot have a real effect
as it propagates upwards through the dependency graph.</para>
<para>For fixed-output derivations, on the other hand, the name of
the output path only depends on the <varname>outputHash*</varname>
and <varname>name</varname> attributes, while all other attributes
are ignored for the purpose of computing the output path. (The
<varname>name</varname> attribute is included because it is part
of the path.)</para>
<para>As an example, here is the (simplified) Nix expression for
<varname>fetchurl</varname>:
<programlisting>
{ stdenv, curl }: # The <command>curl</command> program is used for downloading.
{ url, sha256 }:
stdenv.mkDerivation {
name = baseNameOf (toString url);
builder = ./builder.sh;
buildInputs = [ curl ];
# This is a fixed-output derivation; the output must be a regular
# file with SHA256 hash <varname>sha256</varname>.
outputHashMode = "flat";
outputHashAlgo = "sha256";
outputHash = sha256;
inherit url;
}
</programlisting>
</para>
<para>The <varname>outputHashAlgo</varname> attribute specifies
the hash algorithm used to compute the hash. It can currently be
<literal>"sha1"</literal>, <literal>"sha256"</literal> or
<literal>"sha512"</literal>.</para>
<para>The <varname>outputHashMode</varname> attribute determines
how the hash is computed. It must be one of the following two
values:
<variablelist>
<varlistentry><term><literal>"flat"</literal></term>
<listitem><para>The output must be a non-executable regular
file. If it isnt, the build fails. The hash is simply
computed over the contents of that file (so its equal to what
Unix commands like <command>sha256sum</command> or
<command>sha1sum</command> produce).</para>
<para>This is the default.</para></listitem>
</varlistentry>
<varlistentry><term><literal>"recursive"</literal></term>
<listitem><para>The hash is computed over the NAR archive dump
of the output (i.e., the result of <link
linkend="refsec-nix-store-dump"><command>nix-store
--dump</command></link>). In this case, the output can be
anything, including a directory tree.</para></listitem>
</varlistentry>
</variablelist>
</para>
<para>The <varname>outputHash</varname> attribute, finally, must
be a string containing the hash in either hexadecimal or base-32
notation. (See the <link
linkend="sec-nix-hash"><command>nix-hash</command> command</link>
for information about converting to and from base-32
notation.)</para></listitem>
</varlistentry>
<varlistentry><term><varname>passAsFile</varname></term>
<listitem><para>A list of names of attributes that should be
passed via files rather than environment variables. For example,
if you have
<programlisting>
passAsFile = ["big"];
big = "a very long string";
</programlisting>
then when the builder runs, the environment variable
<envar>bigPath</envar> will contain the absolute path to a
temporary file containing <literal>a very long
string</literal>. That is, for any attribute
<replaceable>x</replaceable> listed in
<varname>passAsFile</varname>, Nix will pass an environment
variable <envar><replaceable>x</replaceable>Path</envar> holding
the path of the file containing the value of attribute
<replaceable>x</replaceable>. This is useful when you need to pass
large strings to a builder, since most operating systems impose a
limit on the size of the environment (typically, a few hundred
kilobyte).</para></listitem>
</varlistentry>
<varlistentry><term><varname>preferLocalBuild</varname></term>
<listitem><para>If this attribute is set to
<literal>true</literal> and <link
linkend="chap-distributed-builds">distributed building is
enabled</link>, then, if possible, the derivaton will be built
locally instead of forwarded to a remote machine. This is
appropriate for trivial builders where the cost of doing a
download or remote build would exceed the cost of building
locally.</para></listitem>
</varlistentry>
<varlistentry><term><varname>allowSubstitutes</varname></term>
<listitem><para>If this attribute is set to
<literal>false</literal>, then Nix will always build this
derivation; it will not try to substitute its outputs. This is
useful for very trivial derivations (such as
<function>writeText</function> in Nixpkgs) that are cheaper to
build than to substitute from a binary cache.</para></listitem>
</varlistentry>
</variablelist>
</section>

121
third_party/nix/doc/manual/expressions/arguments-variables.xml vendored
View file

@ -1,121 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='sec-arguments'>
<title>Arguments and Variables</title>
<example xml:id='ex-hello-composition'>
<title>Composing GNU Hello
(<filename>all-packages.nix</filename>)</title>
<programlisting>
...
rec { <co xml:id='ex-hello-composition-co-1' />
hello = import ../applications/misc/hello/ex-1 <co xml:id='ex-hello-composition-co-2' /> { <co xml:id='ex-hello-composition-co-3' />
inherit fetchurl stdenv perl;
};
perl = import ../development/interpreters/perl { <co xml:id='ex-hello-composition-co-4' />
inherit fetchurl stdenv;
};
fetchurl = import ../build-support/fetchurl {
inherit stdenv; ...
};
stdenv = ...;
}
</programlisting>
</example>
<para>The Nix expression in <xref linkend='ex-hello-nix' /> is a
function; it is missing some arguments that have to be filled in
somewhere. In the Nix Packages collection this is done in the file
<filename>pkgs/top-level/all-packages.nix</filename>, where all
Nix expressions for packages are imported and called with the
appropriate arguments. <xref linkend='ex-hello-composition' /> shows
some fragments of
<filename>all-packages.nix</filename>.</para>
<calloutlist>
<callout arearefs='ex-hello-composition-co-1'>
<para>This file defines a set of attributes, all of which are
concrete derivations (i.e., not functions). In fact, we define a
<emphasis>mutually recursive</emphasis> set of attributes. That
is, the attributes can refer to each other. This is precisely
what we want since we want to <quote>plug</quote> the
various packages into each other.</para>
</callout>
<callout arearefs='ex-hello-composition-co-2'>
<para>Here we <emphasis>import</emphasis> the Nix expression for
GNU Hello. The import operation just loads and returns the
specified Nix expression. In fact, we could just have put the
contents of <xref linkend='ex-hello-nix' /> in
<filename>all-packages.nix</filename> at this point. That
would be completely equivalent, but it would make the file rather
bulky.</para>
<para>Note that we refer to
<filename>../applications/misc/hello/ex-1</filename>, not
<filename>../applications/misc/hello/ex-1/default.nix</filename>.
When you try to import a directory, Nix automatically appends
<filename>/default.nix</filename> to the file name.</para>
</callout>
<callout arearefs='ex-hello-composition-co-3'>
<para>This is where the actual composition takes place. Here we
<emphasis>call</emphasis> the function imported from
<filename>../applications/misc/hello/ex-1</filename> with a set
containing the things that the function expects, namely
<varname>fetchurl</varname>, <varname>stdenv</varname>, and
<varname>perl</varname>. We use inherit again to use the
attributes defined in the surrounding scope (we could also have
written <literal>fetchurl = fetchurl;</literal>, etc.).</para>
<para>The result of this function call is an actual derivation
that can be built by Nix (since when we fill in the arguments of
the function, what we get is its body, which is the call to
<varname>stdenv.mkDerivation</varname> in <xref
linkend='ex-hello-nix' />).</para>
<note><para>Nixpkgs has a convenience function
<function>callPackage</function> that imports and calls a
function, filling in any missing arguments by passing the
corresponding attribute from the Nixpkgs set, like this:
<programlisting>
hello = callPackage ../applications/misc/hello/ex-1 { };
</programlisting>
If necessary, you can set or override arguments:
<programlisting>
hello = callPackage ../applications/misc/hello/ex-1 { stdenv = myStdenv; };
</programlisting>
</para></note>
</callout>
<callout arearefs='ex-hello-composition-co-4'>
<para>Likewise, we have to instantiate Perl,
<varname>fetchurl</varname>, and the standard environment.</para>
</callout>
</calloutlist>
</section>

119
third_party/nix/doc/manual/expressions/build-script.xml vendored
View file

@ -1,119 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='sec-build-script'>
<title>Build Script</title>
<example xml:id='ex-hello-builder'><title>Build script for GNU Hello
(<filename>builder.sh</filename>)</title>
<programlisting>
source $stdenv/setup <co xml:id='ex-hello-builder-co-1' />
PATH=$perl/bin:$PATH <co xml:id='ex-hello-builder-co-2' />
tar xvfz $src <co xml:id='ex-hello-builder-co-3' />
cd hello-*
./configure --prefix=$out <co xml:id='ex-hello-builder-co-4' />
make <co xml:id='ex-hello-builder-co-5' />
make install</programlisting>
</example>
<para><xref linkend='ex-hello-builder' /> shows the builder referenced
from Hello's Nix expression (stored in
<filename>pkgs/applications/misc/hello/ex-1/builder.sh</filename>).
The builder can actually be made a lot shorter by using the
<emphasis>generic builder</emphasis> functions provided by
<varname>stdenv</varname>, but here we write out the build steps to
elucidate what a builder does. It performs the following
steps:</para>
<calloutlist>
<callout arearefs='ex-hello-builder-co-1'>
<para>When Nix runs a builder, it initially completely clears the
environment (except for the attributes declared in the
derivation). For instance, the <envar>PATH</envar> variable is
empty<footnote><para>Actually, it's initialised to
<filename>/path-not-set</filename> to prevent Bash from setting it
to a default value.</para></footnote>. This is done to prevent
undeclared inputs from being used in the build process. If for
example the <envar>PATH</envar> contained
<filename>/usr/bin</filename>, then you might accidentally use
<filename>/usr/bin/gcc</filename>.</para>
<para>So the first step is to set up the environment. This is
done by calling the <filename>setup</filename> script of the
standard environment. The environment variable
<envar>stdenv</envar> points to the location of the standard
environment being used. (It wasn't specified explicitly as an
attribute in <xref linkend='ex-hello-nix' />, but
<varname>mkDerivation</varname> adds it automatically.)</para>
</callout>
<callout arearefs='ex-hello-builder-co-2'>
<para>Since Hello needs Perl, we have to make sure that Perl is in
the <envar>PATH</envar>. The <envar>perl</envar> environment
variable points to the location of the Perl package (since it
was passed in as an attribute to the derivation), so
<filename><replaceable>$perl</replaceable>/bin</filename> is the
directory containing the Perl interpreter.</para>
</callout>
<callout arearefs='ex-hello-builder-co-3'>
<para>Now we have to unpack the sources. The
<varname>src</varname> attribute was bound to the result of
fetching the Hello source tarball from the network, so the
<envar>src</envar> environment variable points to the location in
the Nix store to which the tarball was downloaded. After
unpacking, we <command>cd</command> to the resulting source
directory.</para>
<para>The whole build is performed in a temporary directory
created in <varname>/tmp</varname>, by the way. This directory is
removed after the builder finishes, so there is no need to clean
up the sources afterwards. Also, the temporary directory is
always newly created, so you don't have to worry about files from
previous builds interfering with the current build.</para>
</callout>
<callout arearefs='ex-hello-builder-co-4'>
<para>GNU Hello is a typical Autoconf-based package, so we first
have to run its <filename>configure</filename> script. In Nix
every package is stored in a separate location in the Nix store,
for instance
<filename>/nix/store/9a54ba97fb71b65fda531012d0443ce2-hello-2.1.1</filename>.
Nix computes this path by cryptographically hashing all attributes
of the derivation. The path is passed to the builder through the
<envar>out</envar> environment variable. So here we give
<filename>configure</filename> the parameter
<literal>--prefix=$out</literal> to cause Hello to be installed in
the expected location.</para>
</callout>
<callout arearefs='ex-hello-builder-co-5'>
<para>Finally we build Hello (<literal>make</literal>) and install
it into the location specified by <envar>out</envar>
(<literal>make install</literal>).</para>
</callout>
</calloutlist>
<para>If you are wondering about the absence of error checking on the
result of various commands called in the builder: this is because the
shell script is evaluated with Bash's <option>-e</option> option,
which causes the script to be aborted if any command fails without an
error check.</para>
</section>

119
third_party/nix/doc/manual/expressions/builder-syntax.xml vendored
View file

@ -1,119 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='sec-builder-syntax'>
<title>Builder Syntax</title>
<example xml:id='ex-hello-builder'><title>Build script for GNU Hello
(<filename>builder.sh</filename>)</title>
<programlisting>
source $stdenv/setup <co xml:id='ex-hello-builder-co-1' />
PATH=$perl/bin:$PATH <co xml:id='ex-hello-builder-co-2' />
tar xvfz $src <co xml:id='ex-hello-builder-co-3' />
cd hello-*
./configure --prefix=$out <co xml:id='ex-hello-builder-co-4' />
make <co xml:id='ex-hello-builder-co-5' />
make install</programlisting>
</example>
<para><xref linkend='ex-hello-builder' /> shows the builder referenced
from Hello's Nix expression (stored in
<filename>pkgs/applications/misc/hello/ex-1/builder.sh</filename>).
The builder can actually be made a lot shorter by using the
<emphasis>generic builder</emphasis> functions provided by
<varname>stdenv</varname>, but here we write out the build steps to
elucidate what a builder does. It performs the following
steps:</para>
<calloutlist>
<callout arearefs='ex-hello-builder-co-1'>
<para>When Nix runs a builder, it initially completely clears the
environment (except for the attributes declared in the
derivation). For instance, the <envar>PATH</envar> variable is
empty<footnote><para>Actually, it's initialised to
<filename>/path-not-set</filename> to prevent Bash from setting it
to a default value.</para></footnote>. This is done to prevent
undeclared inputs from being used in the build process. If for
example the <envar>PATH</envar> contained
<filename>/usr/bin</filename>, then you might accidentally use
<filename>/usr/bin/gcc</filename>.</para>
<para>So the first step is to set up the environment. This is
done by calling the <filename>setup</filename> script of the
standard environment. The environment variable
<envar>stdenv</envar> points to the location of the standard
environment being used. (It wasn't specified explicitly as an
attribute in <xref linkend='ex-hello-nix' />, but
<varname>mkDerivation</varname> adds it automatically.)</para>
</callout>
<callout arearefs='ex-hello-builder-co-2'>
<para>Since Hello needs Perl, we have to make sure that Perl is in
the <envar>PATH</envar>. The <envar>perl</envar> environment
variable points to the location of the Perl package (since it
was passed in as an attribute to the derivation), so
<filename><replaceable>$perl</replaceable>/bin</filename> is the
directory containing the Perl interpreter.</para>
</callout>
<callout arearefs='ex-hello-builder-co-3'>
<para>Now we have to unpack the sources. The
<varname>src</varname> attribute was bound to the result of
fetching the Hello source tarball from the network, so the
<envar>src</envar> environment variable points to the location in
the Nix store to which the tarball was downloaded. After
unpacking, we <command>cd</command> to the resulting source
directory.</para>
<para>The whole build is performed in a temporary directory
created in <varname>/tmp</varname>, by the way. This directory is
removed after the builder finishes, so there is no need to clean
up the sources afterwards. Also, the temporary directory is
always newly created, so you don't have to worry about files from
previous builds interfering with the current build.</para>
</callout>
<callout arearefs='ex-hello-builder-co-4'>
<para>GNU Hello is a typical Autoconf-based package, so we first
have to run its <filename>configure</filename> script. In Nix
every package is stored in a separate location in the Nix store,
for instance
<filename>/nix/store/9a54ba97fb71b65fda531012d0443ce2-hello-2.1.1</filename>.
Nix computes this path by cryptographically hashing all attributes
of the derivation. The path is passed to the builder through the
<envar>out</envar> environment variable. So here we give
<filename>configure</filename> the parameter
<literal>--prefix=$out</literal> to cause Hello to be installed in
the expected location.</para>
</callout>
<callout arearefs='ex-hello-builder-co-5'>
<para>Finally we build Hello (<literal>make</literal>) and install
it into the location specified by <envar>out</envar>
(<literal>make install</literal>).</para>
</callout>
</calloutlist>
<para>If you are wondering about the absence of error checking on the
result of various commands called in the builder: this is because the
shell script is evaluated with Bash's <option>-e</option> option,
which causes the script to be aborted if any command fails without an
error check.</para>
</section>

1658
third_party/nix/doc/manual/expressions/builtins.xml vendored
View file

File diff suppressed because it is too large Load diff

211
third_party/nix/doc/manual/expressions/derivations.xml vendored
View file

@ -1,211 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ssec-derivation">
<title>Derivations</title>
<para>The most important built-in function is
<function>derivation</function>, which is used to describe a single
derivation (a build action). It takes as input a set, the attributes
of which specify the inputs of the build.</para>
<itemizedlist>
<listitem xml:id="attr-system"><para>There must be an attribute named
<varname>system</varname> whose value must be a string specifying a
Nix platform identifier, such as <literal>"i686-linux"</literal> or
<literal>"x86_64-darwin"</literal><footnote><para>To figure out
your platform identifier, look at the line <quote>Checking for the
canonical Nix system name</quote> in the output of Nix's
<filename>configure</filename> script.</para></footnote> The build
can only be performed on a machine and operating system matching the
platform identifier. (Nix can automatically forward builds for
other platforms by forwarding them to other machines; see <xref
linkend='chap-distributed-builds' />.)</para></listitem>
<listitem><para>There must be an attribute named
<varname>name</varname> whose value must be a string. This is used
as a symbolic name for the package by <command>nix-env</command>,
and it is appended to the output paths of the
derivation.</para></listitem>
<listitem><para>There must be an attribute named
<varname>builder</varname> that identifies the program that is
executed to perform the build. It can be either a derivation or a
source (a local file reference, e.g.,
<filename>./builder.sh</filename>).</para></listitem>
<listitem><para>Every attribute is passed as an environment variable
to the builder. Attribute values are translated to environment
variables as follows:
<itemizedlist>
<listitem><para>Strings and numbers are just passed
verbatim.</para></listitem>
<listitem><para>A <emphasis>path</emphasis> (e.g.,
<filename>../foo/sources.tar</filename>) causes the referenced
file to be copied to the store; its location in the store is put
in the environment variable. The idea is that all sources
should reside in the Nix store, since all inputs to a derivation
should reside in the Nix store.</para></listitem>
<listitem><para>A <emphasis>derivation</emphasis> causes that
derivation to be built prior to the present derivation; its
default output path is put in the environment
variable.</para></listitem>
<listitem><para>Lists of the previous types are also allowed.
They are simply concatenated, separated by
spaces.</para></listitem>
<listitem><para><literal>true</literal> is passed as the string
<literal>1</literal>, <literal>false</literal> and
<literal>null</literal> are passed as an empty string.
</para></listitem>
</itemizedlist>
</para></listitem>
<listitem><para>The optional attribute <varname>args</varname>
specifies command-line arguments to be passed to the builder. It
should be a list.</para></listitem>
<listitem><para>The optional attribute <varname>outputs</varname>
specifies a list of symbolic outputs of the derivation. By default,
a derivation produces a single output path, denoted as
<literal>out</literal>. However, derivations can produce multiple
output paths. This is useful because it allows outputs to be
downloaded or garbage-collected separately. For instance, imagine a
library package that provides a dynamic library, header files, and
documentation. A program that links against the library doesnt
need the header files and documentation at runtime, and it doesnt
need the documentation at build time. Thus, the library package
could specify:
<programlisting>
outputs = [ "lib" "headers" "doc" ];
</programlisting>
This will cause Nix to pass environment variables
<literal>lib</literal>, <literal>headers</literal> and
<literal>doc</literal> to the builder containing the intended store
paths of each output. The builder would typically do something like
<programlisting>
./configure --libdir=$lib/lib --includedir=$headers/include --docdir=$doc/share/doc
</programlisting>
for an Autoconf-style package. You can refer to each output of a
derivation by selecting it as an attribute, e.g.
<programlisting>
buildInputs = [ pkg.lib pkg.headers ];
</programlisting>
The first element of <varname>outputs</varname> determines the
<emphasis>default output</emphasis>. Thus, you could also write
<programlisting>
buildInputs = [ pkg pkg.headers ];
</programlisting>
since <literal>pkg</literal> is equivalent to
<literal>pkg.lib</literal>.</para></listitem>
</itemizedlist>
<para>The function <function>mkDerivation</function> in the Nixpkgs
standard environment is a wrapper around
<function>derivation</function> that adds a default value for
<varname>system</varname> and always uses Bash as the builder, to
which the supplied builder is passed as a command-line argument. See
the Nixpkgs manual for details.</para>
<para>The builder is executed as follows:
<itemizedlist>
<listitem><para>A temporary directory is created under the directory
specified by <envar>TMPDIR</envar> (default
<filename>/tmp</filename>) where the build will take place. The
current directory is changed to this directory.</para></listitem>
<listitem><para>The environment is cleared and set to the derivation
attributes, as specified above.</para></listitem>
<listitem><para>In addition, the following variables are set:
<itemizedlist>
<listitem><para><envar>NIX_BUILD_TOP</envar> contains the path of
the temporary directory for this build.</para></listitem>
<listitem><para>Also, <envar>TMPDIR</envar>,
<envar>TEMPDIR</envar>, <envar>TMP</envar>, <envar>TEMP</envar>
are set to point to the temporary directory. This is to prevent
the builder from accidentally writing temporary files anywhere
else. Doing so might cause interference by other
processes.</para></listitem>
<listitem><para><envar>PATH</envar> is set to
<filename>/path-not-set</filename> to prevent shells from
initialising it to their built-in default value.</para></listitem>
<listitem><para><envar>HOME</envar> is set to
<filename>/homeless-shelter</filename> to prevent programs from
using <filename>/etc/passwd</filename> or the like to find the
user's home directory, which could cause impurity. Usually, when
<envar>HOME</envar> is set, it is used as the location of the home
directory, even if it points to a non-existent
path.</para></listitem>
<listitem><para><envar>NIX_STORE</envar> is set to the path of the
top-level Nix store directory (typically,
<filename>/nix/store</filename>).</para></listitem>
<listitem><para>For each output declared in
<varname>outputs</varname>, the corresponding environment variable
is set to point to the intended path in the Nix store for that
output. Each output path is a concatenation of the cryptographic
hash of all build inputs, the <varname>name</varname> attribute
and the output name. (The output name is omitted if its
<literal>out</literal>.)</para></listitem>
</itemizedlist>
</para></listitem>
<listitem><para>If an output path already exists, it is removed.
Also, locks are acquired to prevent multiple Nix instances from
performing the same build at the same time.</para></listitem>
<listitem><para>A log of the combined standard output and error is
written to <filename>/nix/var/log/nix</filename>.</para></listitem>
<listitem><para>The builder is executed with the arguments specified
by the attribute <varname>args</varname>. If it exits with exit
code 0, it is considered to have succeeded.</para></listitem>
<listitem><para>The temporary directory is removed (unless the
<option>-K</option> option was specified).</para></listitem>
<listitem><para>If the build was successful, Nix scans each output
path for references to input paths by looking for the hash parts of
the input paths. Since these are potential runtime dependencies,
Nix registers them as dependencies of the output
paths.</para></listitem>
<listitem><para>After the build, Nix sets the last-modified
timestamp on all files in the build result to 1 (00:00:01 1/1/1970
UTC), sets the group to the default group, and sets the mode of the
file to 0444 or 0555 (i.e., read-only, with execute permission
enabled if the file was originally executable). Note that possible
<literal>setuid</literal> and <literal>setgid</literal> bits are
cleared. Setuid and setgid programs are not currently supported by
Nix. This is because the Nix archives used in deployment have no
concept of ownership information, and because it makes the build
result dependent on the user performing the build.</para></listitem>
</itemizedlist>
</para>
<xi:include href="advanced-attributes.xml" />
</section>

30
third_party/nix/doc/manual/expressions/expression-language.xml vendored
View file

@ -1,30 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ch-expression-language">
<title>Nix Expression Language</title>
<para>The Nix expression language is a pure, lazy, functional
language. Purity means that operations in the language don't have
side-effects (for instance, there is no variable assignment).
Laziness means that arguments to functions are evaluated only when
they are needed. Functional means that functions are
<quote>normal</quote> values that can be passed around and manipulated
in interesting ways. The language is not a full-featured, general
purpose language. Its main job is to describe packages,
compositions of packages, and the variability within
packages.</para>
<para>This section presents the various features of the
language.</para>
<xi:include href="language-values.xml" />
<xi:include href="language-constructs.xml" />
<xi:include href="language-operators.xml" />
<xi:include href="derivations.xml" />
<xi:include href="builtins.xml" />
</chapter>

148
third_party/nix/doc/manual/expressions/expression-syntax.xml vendored
View file

@ -1,148 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='sec-expression-syntax'>
<title>Expression Syntax</title>
<example xml:id='ex-hello-nix'><title>Nix expression for GNU Hello
(<filename>default.nix</filename>)</title>
<programlisting>
{ stdenv, fetchurl, perl }: <co xml:id='ex-hello-nix-co-1' />
stdenv.mkDerivation { <co xml:id='ex-hello-nix-co-2' />
name = "hello-2.1.1"; <co xml:id='ex-hello-nix-co-3' />
builder = ./builder.sh; <co xml:id='ex-hello-nix-co-4' />
src = fetchurl { <co xml:id='ex-hello-nix-co-5' />
url = ftp://ftp.nluug.nl/pub/gnu/hello/hello-2.1.1.tar.gz;
sha256 = "1md7jsfd8pa45z73bz1kszpp01yw6x5ljkjk2hx7wl800any6465";
};
inherit perl; <co xml:id='ex-hello-nix-co-6' />
}</programlisting>
</example>
<para><xref linkend='ex-hello-nix' /> shows a Nix expression for GNU
Hello. It's actually already in the Nix Packages collection in
<filename>pkgs/applications/misc/hello/ex-1/default.nix</filename>.
It is customary to place each package in a separate directory and call
the single Nix expression in that directory
<filename>default.nix</filename>. The file has the following elements
(referenced from the figure by number):
<calloutlist>
<callout arearefs='ex-hello-nix-co-1'>
<para>This states that the expression is a
<emphasis>function</emphasis> that expects to be called with three
arguments: <varname>stdenv</varname>, <varname>fetchurl</varname>,
and <varname>perl</varname>. They are needed to build Hello, but
we don't know how to build them here; that's why they are function
arguments. <varname>stdenv</varname> is a package that is used
by almost all Nix Packages packages; it provides a
<quote>standard</quote> environment consisting of the things you
would expect in a basic Unix environment: a C/C++ compiler (GCC,
to be precise), the Bash shell, fundamental Unix tools such as
<command>cp</command>, <command>grep</command>,
<command>tar</command>, etc. <varname>fetchurl</varname> is a
function that downloads files. <varname>perl</varname> is the
Perl interpreter.</para>
<para>Nix functions generally have the form <literal>{ x, y, ...,
z }: e</literal> where <varname>x</varname>, <varname>y</varname>,
etc. are the names of the expected arguments, and where
<replaceable>e</replaceable> is the body of the function. So
here, the entire remainder of the file is the body of the
function; when given the required arguments, the body should
describe how to build an instance of the Hello package.</para>
</callout>
<callout arearefs='ex-hello-nix-co-2'>
<para>So we have to build a package. Building something from
other stuff is called a <emphasis>derivation</emphasis> in Nix (as
opposed to sources, which are built by humans instead of
computers). We perform a derivation by calling
<varname>stdenv.mkDerivation</varname>.
<varname>mkDerivation</varname> is a function provided by
<varname>stdenv</varname> that builds a package from a set of
<emphasis>attributes</emphasis>. A set is just a list of
key/value pairs where each key is a string and each value is an
arbitrary Nix expression. They take the general form <literal>{
<replaceable>name1</replaceable> =
<replaceable>expr1</replaceable>; <replaceable>...</replaceable>
<replaceable>nameN</replaceable> =
<replaceable>exprN</replaceable>; }</literal>.</para>
</callout>
<callout arearefs='ex-hello-nix-co-3'>
<para>The attribute <varname>name</varname> specifies the symbolic
name and version of the package. Nix doesn't really care about
these things, but they are used by for instance <command>nix-env
-q</command> to show a <quote>human-readable</quote> name for
packages. This attribute is required by
<varname>mkDerivation</varname>.</para>
</callout>
<callout arearefs='ex-hello-nix-co-4'>
<para>The attribute <varname>builder</varname> specifies the
builder. This attribute can sometimes be omitted, in which case
<varname>mkDerivation</varname> will fill in a default builder
(which does a <literal>configure; make; make install</literal>, in
essence). Hello is sufficiently simple that the default builder
would suffice, but in this case, we will show an actual builder
for educational purposes. The value
<command>./builder.sh</command> refers to the shell script shown
in <xref linkend='ex-hello-builder' />, discussed below.</para>
</callout>
<callout arearefs='ex-hello-nix-co-5'>
<para>The builder has to know what the sources of the package
are. Here, the attribute <varname>src</varname> is bound to the
result of a call to the <command>fetchurl</command> function.
Given a URL and a SHA-256 hash of the expected contents of the file
at that URL, this function builds a derivation that downloads the
file and checks its hash. So the sources are a dependency that
like all other dependencies is built before Hello itself is
built.</para>
<para>Instead of <varname>src</varname> any other name could have
been used, and in fact there can be any number of sources (bound
to different attributes). However, <varname>src</varname> is
customary, and it's also expected by the default builder (which we
don't use in this example).</para>
</callout>
<callout arearefs='ex-hello-nix-co-6'>
<para>Since the derivation requires Perl, we have to pass the
value of the <varname>perl</varname> function argument to the
builder. All attributes in the set are actually passed as
environment variables to the builder, so declaring an attribute
<programlisting>
perl = perl;</programlisting>
will do the trick: it binds an attribute <varname>perl</varname>
to the function argument which also happens to be called
<varname>perl</varname>. However, it looks a bit silly, so there
is a shorter syntax. The <literal>inherit</literal> keyword
causes the specified attributes to be bound to whatever variables
with the same name happen to be in scope.</para>
</callout>
</calloutlist>
</para>
</section>

98
third_party/nix/doc/manual/expressions/generic-builder.xml vendored
View file

@ -1,98 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='sec-generic-builder'>
<title>Generic Builder Syntax</title>
<para>Recall from <xref linkend='ex-hello-builder' /> that the builder
looked something like this:
<programlisting>
PATH=$perl/bin:$PATH
tar xvfz $src
cd hello-*
./configure --prefix=$out
make
make install</programlisting>
The builders for almost all Unix packages look like this — set up some
environment variables, unpack the sources, configure, build, and
install. For this reason the standard environment provides some Bash
functions that automate the build process. A builder using the
generic build facilities in shown in <xref linkend='ex-hello-builder2'
/>.</para>
<example xml:id='ex-hello-builder2'><title>Build script using the generic
build functions</title>
<programlisting>
buildInputs="$perl" <co xml:id='ex-hello-builder2-co-1' />
source $stdenv/setup <co xml:id='ex-hello-builder2-co-2' />
genericBuild <co xml:id='ex-hello-builder2-co-3' /></programlisting>
</example>
<calloutlist>
<callout arearefs='ex-hello-builder2-co-1'>
<para>The <envar>buildInputs</envar> variable tells
<filename>setup</filename> to use the indicated packages as
<quote>inputs</quote>. This means that if a package provides a
<filename>bin</filename> subdirectory, it's added to
<envar>PATH</envar>; if it has a <filename>include</filename>
subdirectory, it's added to GCC's header search path; and so
on.<footnote><para>How does it work? <filename>setup</filename>
tries to source the file
<filename><replaceable>pkg</replaceable>/nix-support/setup-hook</filename>
of all dependencies. These “setup hooks” can then set up whatever
environment variables they want; for instance, the setup hook for
Perl sets the <envar>PERL5LIB</envar> environment variable to
contain the <filename>lib/site_perl</filename> directories of all
inputs.</para></footnote>
</para>
</callout>
<callout arearefs='ex-hello-builder2-co-2'>
<para>The function <function>genericBuild</function> is defined in
the file <literal>$stdenv/setup</literal>.</para>
</callout>
<callout arearefs='ex-hello-builder2-co-3'>
<para>The final step calls the shell function
<function>genericBuild</function>, which performs the steps that
were done explicitly in <xref linkend='ex-hello-builder' />. The
generic builder is smart enough to figure out whether to unpack
the sources using <command>gzip</command>,
<command>bzip2</command>, etc. It can be customised in many ways;
see the Nixpkgs manual for details.</para>
</callout>
</calloutlist>
<para>Discerning readers will note that the
<envar>buildInputs</envar> could just as well have been set in the Nix
expression, like this:
<programlisting>
buildInputs = [ perl ];</programlisting>
The <varname>perl</varname> attribute can then be removed, and the
builder becomes even shorter:
<programlisting>
source $stdenv/setup
genericBuild</programlisting>
In fact, <varname>mkDerivation</varname> provides a default builder
that looks exactly like that, so it is actually possible to omit the
builder for Hello entirely.</para>
</section>

409
third_party/nix/doc/manual/expressions/language-constructs.xml vendored
View file

@ -1,409 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-constructs">
<title>Language Constructs</title>
<simplesect><title>Recursive sets</title>
<para>Recursive sets are just normal sets, but the attributes can
refer to each other. For example,
<programlisting>
rec {
x = y;
y = 123;
}.x
</programlisting>
evaluates to <literal>123</literal>. Note that without
<literal>rec</literal> the binding <literal>x = y;</literal> would
refer to the variable <varname>y</varname> in the surrounding scope,
if one exists, and would be invalid if no such variable exists. That
is, in a normal (non-recursive) set, attributes are not added to the
lexical scope; in a recursive set, they are.</para>
<para>Recursive sets of course introduce the danger of infinite
recursion. For example,
<programlisting>
rec {
x = y;
y = x;
}.x</programlisting>
does not terminate<footnote><para>Actually, Nix detects infinite
recursion in this case and aborts (<quote>infinite recursion
encountered</quote>).</para></footnote>.</para>
</simplesect>
<simplesect xml:id="sect-let-expressions"><title>Let-expressions</title>
<para>A let-expression allows you to define local variables for an
expression. For instance,
<programlisting>
let
x = "foo";
y = "bar";
in x + y</programlisting>
evaluates to <literal>"foobar"</literal>.
</para>
</simplesect>
<simplesect><title>Inheriting attributes</title>
<para>When defining a set or in a let-expression it is often convenient to copy variables
from the surrounding lexical scope (e.g., when you want to propagate
attributes). This can be shortened using the
<literal>inherit</literal> keyword. For instance,
<programlisting>
let x = 123; in
{ inherit x;
y = 456;
}</programlisting>
is equivalent to
<programlisting>
let x = 123; in
{ x = x;
y = 456;
}</programlisting>
and both evaluate to <literal>{ x = 123; y = 456; }</literal>. (Note that
this works because <varname>x</varname> is added to the lexical scope
by the <literal>let</literal> construct.) It is also possible to
inherit attributes from another set. For instance, in this fragment
from <filename>all-packages.nix</filename>,
<programlisting>
graphviz = (import ../tools/graphics/graphviz) {
inherit fetchurl stdenv libpng libjpeg expat x11 yacc;
inherit (xlibs) libXaw;
};
xlibs = {
libX11 = ...;
libXaw = ...;
...
}
libpng = ...;
libjpg = ...;
...</programlisting>
the set used in the function call to the function defined in
<filename>../tools/graphics/graphviz</filename> inherits a number of
variables from the surrounding scope (<varname>fetchurl</varname>
... <varname>yacc</varname>), but also inherits
<varname>libXaw</varname> (the X Athena Widgets) from the
<varname>xlibs</varname> (X11 client-side libraries) set.</para>
<para>
Summarizing the fragment
<programlisting>
...
inherit x y z;
inherit (src-set) a b c;
...</programlisting>
is equivalent to
<programlisting>
...
x = x; y = y; z = z;
a = src-set.a; b = src-set.b; c = src-set.c;
...</programlisting>
when used while defining local variables in a let-expression or
while defining a set.</para>
</simplesect>
<simplesect xml:id="ss-functions"><title>Functions</title>
<para>Functions have the following form:
<programlisting>
<replaceable>pattern</replaceable>: <replaceable>body</replaceable></programlisting>
The pattern specifies what the argument of the function must look
like, and binds variables in the body to (parts of) the
argument. There are three kinds of patterns:</para>
<itemizedlist>
<listitem><para>If a pattern is a single identifier, then the
function matches any argument. Example:
<programlisting>
let negate = x: !x;
concat = x: y: x + y;
in if negate true then concat "foo" "bar" else ""</programlisting>
Note that <function>concat</function> is a function that takes one
argument and returns a function that takes another argument. This
allows partial parameterisation (i.e., only filling some of the
arguments of a function); e.g.,
<programlisting>
map (concat "foo") [ "bar" "bla" "abc" ]</programlisting>
evaluates to <literal>[ "foobar" "foobla"
"fooabc" ]</literal>.</para></listitem>
<listitem><para>A <emphasis>set pattern</emphasis> of the form
<literal>{ name1, name2, …, nameN }</literal> matches a set
containing the listed attributes, and binds the values of those
attributes to variables in the function body. For example, the
function
<programlisting>
{ x, y, z }: z + y + x</programlisting>
can only be called with a set containing exactly the attributes
<varname>x</varname>, <varname>y</varname> and
<varname>z</varname>. No other attributes are allowed. If you want
to allow additional arguments, you can use an ellipsis
(<literal>...</literal>):
<programlisting>
{ x, y, z, ... }: z + y + x</programlisting>
This works on any set that contains at least the three named
attributes.</para>
<para>It is possible to provide <emphasis>default values</emphasis>
for attributes, in which case they are allowed to be missing. A
default value is specified by writing
<literal><replaceable>name</replaceable> ?
<replaceable>e</replaceable></literal>, where
<replaceable>e</replaceable> is an arbitrary expression. For example,
<programlisting>
{ x, y ? "foo", z ? "bar" }: z + y + x</programlisting>
specifies a function that only requires an attribute named
<varname>x</varname>, but optionally accepts <varname>y</varname>
and <varname>z</varname>.</para></listitem>
<listitem><para>An <literal>@</literal>-pattern provides a means of referring
to the whole value being matched:
<programlisting> args@{ x, y, z, ... }: z + y + x + args.a</programlisting>
but can also be written as:
<programlisting> { x, y, z, ... } @ args: z + y + x + args.a</programlisting>
Here <varname>args</varname> is bound to the entire argument, which
is further matched against the pattern <literal>{ x, y, z,
... }</literal>. <literal>@</literal>-pattern makes mainly sense with an
ellipsis(<literal>...</literal>) as you can access attribute names as
<literal>a</literal>, using <literal>args.a</literal>, which was given as an
additional attribute to the function.
</para>
<warning>
<para>
The <literal>args@</literal> expression is bound to the argument passed to the function which
means that attributes with defaults that aren't explicitly specified in the function call
won't cause an evaluation error, but won't exist in <literal>args</literal>.
</para>
<para>
For instance
<programlisting>
let
function = args@{ a ? 23, ... }: args;
in
function {}
</programlisting>
will evaluate to an empty attribute set.
</para>
</warning></listitem>
</itemizedlist>
<para>Note that functions do not have names. If you want to give them
a name, you can bind them to an attribute, e.g.,
<programlisting>
let concat = { x, y }: x + y;
in concat { x = "foo"; y = "bar"; }</programlisting>
</para>
</simplesect>
<simplesect><title>Conditionals</title>
<para>Conditionals look like this:
<programlisting>
if <replaceable>e1</replaceable> then <replaceable>e2</replaceable> else <replaceable>e3</replaceable></programlisting>
where <replaceable>e1</replaceable> is an expression that should
evaluate to a Boolean value (<literal>true</literal> or
<literal>false</literal>).</para>
</simplesect>
<simplesect><title>Assertions</title>
<para>Assertions are generally used to check that certain requirements
on or between features and dependencies hold. They look like this:
<programlisting>
assert <replaceable>e1</replaceable>; <replaceable>e2</replaceable></programlisting>
where <replaceable>e1</replaceable> is an expression that should
evaluate to a Boolean value. If it evaluates to
<literal>true</literal>, <replaceable>e2</replaceable> is returned;
otherwise expression evaluation is aborted and a backtrace is printed.</para>
<example xml:id='ex-subversion-nix'><title>Nix expression for Subversion</title>
<programlisting>
{ localServer ? false
, httpServer ? false
, sslSupport ? false
, pythonBindings ? false
, javaSwigBindings ? false
, javahlBindings ? false
, stdenv, fetchurl
, openssl ? null, httpd ? null, db4 ? null, expat, swig ? null, j2sdk ? null
}:
assert localServer -> db4 != null; <co xml:id='ex-subversion-nix-co-1' />
assert httpServer -> httpd != null &amp;&amp; httpd.expat == expat; <co xml:id='ex-subversion-nix-co-2' />
assert sslSupport -> openssl != null &amp;&amp; (httpServer -> httpd.openssl == openssl); <co xml:id='ex-subversion-nix-co-3' />
assert pythonBindings -> swig != null &amp;&amp; swig.pythonSupport;
assert javaSwigBindings -> swig != null &amp;&amp; swig.javaSupport;
assert javahlBindings -> j2sdk != null;
stdenv.mkDerivation {
name = "subversion-1.1.1";
...
openssl = if sslSupport then openssl else null; <co xml:id='ex-subversion-nix-co-4' />
...
}</programlisting>
</example>
<para><xref linkend='ex-subversion-nix' /> show how assertions are
used in the Nix expression for Subversion.</para>
<calloutlist>
<callout arearefs='ex-subversion-nix-co-1'>
<para>This assertion states that if Subversion is to have support
for local repositories, then Berkeley DB is needed. So if the
Subversion function is called with the
<varname>localServer</varname> argument set to
<literal>true</literal> but the <varname>db4</varname> argument
set to <literal>null</literal>, then the evaluation fails.</para>
</callout>
<callout arearefs='ex-subversion-nix-co-2'>
<para>This is a more subtle condition: if Subversion is built with
Apache (<literal>httpServer</literal>) support, then the Expat
library (an XML library) used by Subversion should be same as the
one used by Apache. This is because in this configuration
Subversion code ends up being linked with Apache code, and if the
Expat libraries do not match, a build- or runtime link error or
incompatibility might occur.</para>
</callout>
<callout arearefs='ex-subversion-nix-co-3'>
<para>This assertion says that in order for Subversion to have SSL
support (so that it can access <literal>https</literal> URLs), an
OpenSSL library must be passed. Additionally, it says that
<emphasis>if</emphasis> Apache support is enabled, then Apache's
OpenSSL should match Subversion's. (Note that if Apache support
is not enabled, we don't care about Apache's OpenSSL.)</para>
</callout>
<callout arearefs='ex-subversion-nix-co-4'>
<para>The conditional here is not really related to assertions,
but is worth pointing out: it ensures that if SSL support is
disabled, then the Subversion derivation is not dependent on
OpenSSL, even if a non-<literal>null</literal> value was passed.
This prevents an unnecessary rebuild of Subversion if OpenSSL
changes.</para>
</callout>
</calloutlist>
</simplesect>
<simplesect><title>With-expressions</title>
<para>A <emphasis>with-expression</emphasis>,
<programlisting>
with <replaceable>e1</replaceable>; <replaceable>e2</replaceable></programlisting>
introduces the set <replaceable>e1</replaceable> into the lexical
scope of the expression <replaceable>e2</replaceable>. For instance,
<programlisting>
let as = { x = "foo"; y = "bar"; };
in with as; x + y</programlisting>
evaluates to <literal>"foobar"</literal> since the
<literal>with</literal> adds the <varname>x</varname> and
<varname>y</varname> attributes of <varname>as</varname> to the
lexical scope in the expression <literal>x + y</literal>. The most
common use of <literal>with</literal> is in conjunction with the
<function>import</function> function. E.g.,
<programlisting>
with (import ./definitions.nix); ...</programlisting>
makes all attributes defined in the file
<filename>definitions.nix</filename> available as if they were defined
locally in a <literal>let</literal>-expression.</para>
<para>The bindings introduced by <literal>with</literal> do not shadow bindings
introduced by other means, e.g.
<programlisting>
let a = 3; in with { a = 1; }; let a = 4; in with { a = 2; }; ...</programlisting>
establishes the same scope as
<programlisting>
let a = 1; in let a = 2; in let a = 3; in let a = 4; in ...</programlisting>
</para>
</simplesect>
<simplesect><title>Comments</title>
<para>Comments can be single-line, started with a <literal>#</literal>
character, or inline/multi-line, enclosed within <literal>/*
... */</literal>.</para>
</simplesect>
</section>

222
third_party/nix/doc/manual/expressions/language-operators.xml vendored
View file

@ -1,222 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-language-operators">
<title>Operators</title>
<para><xref linkend='table-operators' /> lists the operators in the
Nix expression language, in order of precedence (from strongest to
weakest binding).</para>
<table xml:id='table-operators'>
<title>Operators</title>
<tgroup cols='3'>
<thead>
<row>
<entry>Name</entry>
<entry>Syntax</entry>
<entry>Associativity</entry>
<entry>Description</entry>
<entry>Precedence</entry>
</row>
</thead>
<tbody>
<row>
<entry>Select</entry>
<entry><replaceable>e</replaceable> <literal>.</literal>
<replaceable>attrpath</replaceable>
[ <literal>or</literal> <replaceable>def</replaceable> ]
</entry>
<entry>none</entry>
<entry>Select attribute denoted by the attribute path
<replaceable>attrpath</replaceable> from set
<replaceable>e</replaceable>. (An attribute path is a
dot-separated list of attribute names.) If the attribute
doesnt exist, return <replaceable>def</replaceable> if
provided, otherwise abort evaluation.</entry>
<entry>1</entry>
</row>
<row>
<entry>Application</entry>
<entry><replaceable>e1</replaceable> <replaceable>e2</replaceable></entry>
<entry>left</entry>
<entry>Call function <replaceable>e1</replaceable> with
argument <replaceable>e2</replaceable>.</entry>
<entry>2</entry>
</row>
<row>
<entry>Arithmetic Negation</entry>
<entry><literal>-</literal> <replaceable>e</replaceable></entry>
<entry>none</entry>
<entry>Arithmetic negation.</entry>
<entry>3</entry>
</row>
<row>
<entry>Has Attribute</entry>
<entry><replaceable>e</replaceable> <literal>?</literal>
<replaceable>attrpath</replaceable></entry>
<entry>none</entry>
<entry>Test whether set <replaceable>e</replaceable> contains
the attribute denoted by <replaceable>attrpath</replaceable>;
return <literal>true</literal> or
<literal>false</literal>.</entry>
<entry>4</entry>
</row>
<row>
<entry>List Concatenation</entry>
<entry><replaceable>e1</replaceable> <literal>++</literal> <replaceable>e2</replaceable></entry>
<entry>right</entry>
<entry>List concatenation.</entry>
<entry>5</entry>
</row>
<row>
<entry>Multiplication</entry>
<entry>
<replaceable>e1</replaceable> <literal>*</literal> <replaceable>e2</replaceable>,
</entry>
<entry>left</entry>
<entry>Arithmetic multiplication.</entry>
<entry>6</entry>
</row>
<row>
<entry>Division</entry>
<entry>
<replaceable>e1</replaceable> <literal>/</literal> <replaceable>e2</replaceable>
</entry>
<entry>left</entry>
<entry>Arithmetic division.</entry>
<entry>6</entry>
</row>
<row>
<entry>Addition</entry>
<entry>
<replaceable>e1</replaceable> <literal>+</literal> <replaceable>e2</replaceable>
</entry>
<entry>left</entry>
<entry>Arithmetic addition.</entry>
<entry>7</entry>
</row>
<row>
<entry>Subtraction</entry>
<entry>
<replaceable>e1</replaceable> <literal>-</literal> <replaceable>e2</replaceable>
</entry>
<entry>left</entry>
<entry>Arithmetic subtraction.</entry>
<entry>7</entry>
</row>
<row>
<entry>String Concatenation</entry>
<entry>
<replaceable>string1</replaceable> <literal>+</literal> <replaceable>string2</replaceable>
</entry>
<entry>left</entry>
<entry>String concatenation.</entry>
<entry>7</entry>
</row>
<row>
<entry>Not</entry>
<entry><literal>!</literal> <replaceable>e</replaceable></entry>
<entry>none</entry>
<entry>Boolean negation.</entry>
<entry>8</entry>
</row>
<row>
<entry>Update</entry>
<entry><replaceable>e1</replaceable> <literal>//</literal>
<replaceable>e2</replaceable></entry>
<entry>right</entry>
<entry>Return a set consisting of the attributes in
<replaceable>e1</replaceable> and
<replaceable>e2</replaceable> (with the latter taking
precedence over the former in case of equally named
attributes).</entry>
<entry>9</entry>
</row>
<row>
<entry>Less Than</entry>
<entry>
<replaceable>e1</replaceable> <literal>&lt;</literal> <replaceable>e2</replaceable>,
</entry>
<entry>none</entry>
<entry>Arithmetic comparison.</entry>
<entry>10</entry>
</row>
<row>
<entry>Less Than or Equal To</entry>
<entry>
<replaceable>e1</replaceable> <literal>&lt;=</literal> <replaceable>e2</replaceable>
</entry>
<entry>none</entry>
<entry>Arithmetic comparison.</entry>
<entry>10</entry>
</row>
<row>
<entry>Greater Than</entry>
<entry>
<replaceable>e1</replaceable> <literal>&gt;</literal> <replaceable>e2</replaceable>
</entry>
<entry>none</entry>
<entry>Arithmetic comparison.</entry>
<entry>10</entry>
</row>
<row>
<entry>Greater Than or Equal To</entry>
<entry>
<replaceable>e1</replaceable> <literal>&gt;=</literal> <replaceable>e2</replaceable>
</entry>
<entry>none</entry>
<entry>Arithmetic comparison.</entry>
<entry>10</entry>
</row>
<row>
<entry>Equality</entry>
<entry>
<replaceable>e1</replaceable> <literal>==</literal> <replaceable>e2</replaceable>
</entry>
<entry>none</entry>
<entry>Equality.</entry>
<entry>11</entry>
</row>
<row>
<entry>Inequality</entry>
<entry>
<replaceable>e1</replaceable> <literal>!=</literal> <replaceable>e2</replaceable>
</entry>
<entry>none</entry>
<entry>Inequality.</entry>
<entry>11</entry>
</row>
<row>
<entry>Logical AND</entry>
<entry><replaceable>e1</replaceable> <literal>&amp;&amp;</literal>
<replaceable>e2</replaceable></entry>
<entry>left</entry>
<entry>Logical AND.</entry>
<entry>12</entry>
</row>
<row>
<entry>Logical OR</entry>
<entry><replaceable>e1</replaceable> <literal>||</literal>
<replaceable>e2</replaceable></entry>
<entry>left</entry>
<entry>Logical OR.</entry>
<entry>13</entry>
</row>
<row>
<entry>Logical Implication</entry>
<entry><replaceable>e1</replaceable> <literal>-></literal>
<replaceable>e2</replaceable></entry>
<entry>none</entry>
<entry>Logical implication (equivalent to
<literal>!<replaceable>e1</replaceable> ||
<replaceable>e2</replaceable></literal>).</entry>
<entry>14</entry>
</row>
</tbody>
</tgroup>
</table>
</section>

313
third_party/nix/doc/manual/expressions/language-values.xml vendored
View file

@ -1,313 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='ssec-values'>
<title>Values</title>
<simplesect><title>Simple Values</title>
<para>Nix has the following basic data types:
<itemizedlist>
<listitem>
<para><emphasis>Strings</emphasis> can be written in three
ways.</para>
<para>The most common way is to enclose the string between double
quotes, e.g., <literal>"foo bar"</literal>. Strings can span
multiple lines. The special characters <literal>"</literal> and
<literal>\</literal> and the character sequence
<literal>${</literal> must be escaped by prefixing them with a
backslash (<literal>\</literal>). Newlines, carriage returns and
tabs can be written as <literal>\n</literal>,
<literal>\r</literal> and <literal>\t</literal>,
respectively.</para>
<para>You can include the result of an expression into a string by
enclosing it in
<literal>${<replaceable>...</replaceable>}</literal>, a feature
known as <emphasis>antiquotation</emphasis>. The enclosed
expression must evaluate to something that can be coerced into a
string (meaning that it must be a string, a path, or a
derivation). For instance, rather than writing
<programlisting>
"--with-freetype2-library=" + freetype + "/lib"</programlisting>
(where <varname>freetype</varname> is a derivation), you can
instead write the more natural
<programlisting>
"--with-freetype2-library=${freetype}/lib"</programlisting>
The latter is automatically translated to the former. A more
complicated example (from the Nix expression for <link
xlink:href='http://www.trolltech.com/products/qt'>Qt</link>):
<programlisting>
configureFlags = "
-system-zlib -system-libpng -system-libjpeg
${if openglSupport then "-dlopen-opengl
-L${mesa}/lib -I${mesa}/include
-L${libXmu}/lib -I${libXmu}/include" else ""}
${if threadSupport then "-thread" else "-no-thread"}
";</programlisting>
Note that Nix expressions and strings can be arbitrarily nested;
in this case the outer string contains various antiquotations that
themselves contain strings (e.g., <literal>"-thread"</literal>),
some of which in turn contain expressions (e.g.,
<literal>${mesa}</literal>).</para>
<para>The second way to write string literals is as an
<emphasis>indented string</emphasis>, which is enclosed between
pairs of <emphasis>double single-quotes</emphasis>, like so:
<programlisting>
''
This is the first line.
This is the second line.
This is the third line.
''</programlisting>
This kind of string literal intelligently strips indentation from
the start of each line. To be precise, it strips from each line a
number of spaces equal to the minimal indentation of the string as
a whole (disregarding the indentation of empty lines). For
instance, the first and second line are indented two space, while
the third line is indented four spaces. Thus, two spaces are
stripped from each line, so the resulting string is
<programlisting>
"This is the first line.\nThis is the second line.\n This is the third line.\n"</programlisting>
</para>
<para>Note that the whitespace and newline following the opening
<literal>''</literal> is ignored if there is no non-whitespace
text on the initial line.</para>
<para>Antiquotation
(<literal>${<replaceable>expr</replaceable>}</literal>) is
supported in indented strings.</para>
<para>Since <literal>${</literal> and <literal>''</literal> have
special meaning in indented strings, you need a way to quote them.
<literal>$</literal> can be escaped by prefixing it with
<literal>''</literal> (that is, two single quotes), i.e.,
<literal>''$</literal>. <literal>''</literal> can be escaped by
prefixing it with <literal>'</literal>, i.e.,
<literal>'''</literal>. <literal>$</literal> removes any special meaning
from the following <literal>$</literal>. Linefeed, carriage-return and tab
characters can be written as <literal>''\n</literal>,
<literal>''\r</literal>, <literal>''\t</literal>, and <literal>''\</literal>
escapes any other character.
</para>
<para>Indented strings are primarily useful in that they allow
multi-line string literals to follow the indentation of the
enclosing Nix expression, and that less escaping is typically
necessary for strings representing languages such as shell scripts
and configuration files because <literal>''</literal> is much less
common than <literal>"</literal>. Example:
<programlisting>
stdenv.mkDerivation {
<replaceable>...</replaceable>
postInstall =
''
mkdir $out/bin $out/etc
cp foo $out/bin
echo "Hello World" > $out/etc/foo.conf
${if enableBar then "cp bar $out/bin" else ""}
'';
<replaceable>...</replaceable>
}
</programlisting>
</para>
<para>Finally, as a convenience, <emphasis>URIs</emphasis> as
defined in appendix B of <link
xlink:href='http://www.ietf.org/rfc/rfc2396.txt'>RFC 2396</link>
can be written <emphasis>as is</emphasis>, without quotes. For
instance, the string
<literal>"http://example.org/foo.tar.bz2"</literal>
can also be written as
<literal>http://example.org/foo.tar.bz2</literal>.</para>
</listitem>
<listitem><para>Numbers, which can be <emphasis>integers</emphasis> (like
<literal>123</literal>) or <emphasis>floating point</emphasis> (like
<literal>123.43</literal> or <literal>.27e13</literal>).</para>
<para>Numbers are type-compatible: pure integer operations will always
return integers, whereas any operation involving at least one floating point
number will have a floating point number as a result.</para></listitem>
<listitem><para><emphasis>Paths</emphasis>, e.g.,
<filename>/bin/sh</filename> or <filename>./builder.sh</filename>.
A path must contain at least one slash to be recognised as such; for
instance, <filename>builder.sh</filename> is not a
path<footnote><para>It's parsed as an expression that selects the
attribute <varname>sh</varname> from the variable
<varname>builder</varname>.</para></footnote>. If the file name is
relative, i.e., if it does not begin with a slash, it is made
absolute at parse time relative to the directory of the Nix
expression that contained it. For instance, if a Nix expression in
<filename>/foo/bar/bla.nix</filename> refers to
<filename>../xyzzy/fnord.nix</filename>, the absolute path is
<filename>/foo/xyzzy/fnord.nix</filename>.</para>
<para>If the first component of a path is a <literal>~</literal>,
it is interpreted as if the rest of the path were relative to the
user's home directory. e.g. <filename>~/foo</filename> would be
equivalent to <filename>/home/edolstra/foo</filename> for a user
whose home directory is <filename>/home/edolstra</filename>.
</para>
<para>Paths can also be specified between angle brackets, e.g.
<literal>&lt;nixpkgs&gt;</literal>. This means that the directories
listed in the environment variable
<envar linkend="env-NIX_PATH">NIX_PATH</envar> will be searched
for the given file or directory name.
</para>
</listitem>
<listitem><para><emphasis>Booleans</emphasis> with values
<literal>true</literal> and
<literal>false</literal>.</para></listitem>
<listitem><para>The null value, denoted as
<literal>null</literal>.</para></listitem>
</itemizedlist>
</para>
</simplesect>
<simplesect><title>Lists</title>
<para>Lists are formed by enclosing a whitespace-separated list of
values between square brackets. For example,
<programlisting>
[ 123 ./foo.nix "abc" (f { x = y; }) ]</programlisting>
defines a list of four elements, the last being the result of a call
to the function <varname>f</varname>. Note that function calls have
to be enclosed in parentheses. If they had been omitted, e.g.,
<programlisting>
[ 123 ./foo.nix "abc" f { x = y; } ]</programlisting>
the result would be a list of five elements, the fourth one being a
function and the fifth being a set.</para>
<para>Note that lists are only lazy in values, and they are strict in length.
</para>
</simplesect>
<simplesect><title>Sets</title>
<para>Sets are really the core of the language, since ultimately the
Nix language is all about creating derivations, which are really just
sets of attributes to be passed to build scripts.</para>
<para>Sets are just a list of name/value pairs (called
<emphasis>attributes</emphasis>) enclosed in curly brackets, where
each value is an arbitrary expression terminated by a semicolon. For
example:
<programlisting>
{ x = 123;
text = "Hello";
y = f { bla = 456; };
}</programlisting>
This defines a set with attributes named <varname>x</varname>,
<varname>text</varname>, <varname>y</varname>. The order of the
attributes is irrelevant. An attribute name may only occur
once.</para>
<para>Attributes can be selected from a set using the
<literal>.</literal> operator. For instance,
<programlisting>
{ a = "Foo"; b = "Bar"; }.a</programlisting>
evaluates to <literal>"Foo"</literal>. It is possible to provide a
default value in an attribute selection using the
<literal>or</literal> keyword. For example,
<programlisting>
{ a = "Foo"; b = "Bar"; }.c or "Xyzzy"</programlisting>
will evaluate to <literal>"Xyzzy"</literal> because there is no
<varname>c</varname> attribute in the set.</para>
<para>You can use arbitrary double-quoted strings as attribute
names:
<programlisting>
{ "foo ${bar}" = 123; "nix-1.0" = 456; }."foo ${bar}"
</programlisting>
This will evaluate to <literal>123</literal> (Assuming
<literal>bar</literal> is antiquotable). In the case where an
attribute name is just a single antiquotation, the quotes can be
dropped:
<programlisting>
{ foo = 123; }.${bar} or 456 </programlisting>
This will evaluate to <literal>123</literal> if
<literal>bar</literal> evaluates to <literal>"foo"</literal> when
coerced to a string and <literal>456</literal> otherwise (again
assuming <literal>bar</literal> is antiquotable).</para>
<para>In the special case where an attribute name inside of a set declaration
evaluates to <literal>null</literal> (which is normally an error, as
<literal>null</literal> is not antiquotable), that attribute is simply not
added to the set:
<programlisting>
{ ${if foo then "bar" else null} = true; }</programlisting>
This will evaluate to <literal>{}</literal> if <literal>foo</literal>
evaluates to <literal>false</literal>.</para>
<para>A set that has a <literal>__functor</literal> attribute whose value
is callable (i.e. is itself a function or a set with a
<literal>__functor</literal> attribute whose value is callable) can be
applied as if it were a function, with the set itself passed in first
, e.g.,
<programlisting>
let add = { __functor = self: x: x + self.x; };
inc = add // { x = 1; };
in inc 1
</programlisting>
evaluates to <literal>2</literal>. This can be used to attach metadata to a
function without the caller needing to treat it specially, or to implement
a form of object-oriented programming, for example.
</para>
</simplesect>
</section>

84
third_party/nix/doc/manual/expressions/simple-building-testing.xml vendored
View file

@ -1,84 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='sec-building-simple'>
<title>Building and Testing</title>
<para>You can now try to build Hello. Of course, you could do
<literal>nix-env -i hello</literal>, but you may not want to install a
possibly broken package just yet. The best way to test the package is by
using the command <command linkend="sec-nix-build">nix-build</command>,
which builds a Nix expression and creates a symlink named
<filename>result</filename> in the current directory:
<screen>
$ nix-build -A hello
building path `/nix/store/632d2b22514d...-hello-2.1.1'
hello-2.1.1/
hello-2.1.1/intl/
hello-2.1.1/intl/ChangeLog
<replaceable>...</replaceable>
$ ls -l result
lrwxrwxrwx ... 2006-09-29 10:43 result -> /nix/store/632d2b22514d...-hello-2.1.1
$ ./result/bin/hello
Hello, world!</screen>
The <link linkend='opt-attr'><option>-A</option></link> option selects
the <literal>hello</literal> attribute. This is faster than using the
symbolic package name specified by the <literal>name</literal>
attribute (which also happens to be <literal>hello</literal>) and is
unambiguous (there can be multiple packages with the symbolic name
<literal>hello</literal>, but there can be only one attribute in a set
named <literal>hello</literal>).</para>
<para><command>nix-build</command> registers the
<filename>./result</filename> symlink as a garbage collection root, so
unless and until you delete the <filename>./result</filename> symlink,
the output of the build will be safely kept on your system. You can
use <command>nix-build</command>s <option
linkend='opt-out-link'>-o</option> switch to give the symlink another
name.</para>
<para>Nix has transactional semantics. Once a build finishes
successfully, Nix makes a note of this in its database: it registers
that the path denoted by <envar>out</envar> is now
<quote>valid</quote>. If you try to build the derivation again, Nix
will see that the path is already valid and finish immediately. If a
build fails, either because it returns a non-zero exit code, because
Nix or the builder are killed, or because the machine crashes, then
the output paths will not be registered as valid. If you try to build
the derivation again, Nix will remove the output paths if they exist
(e.g., because the builder died half-way through <literal>make
install</literal>) and try again. Note that there is no
<quote>negative caching</quote>: Nix doesn't remember that a build
failed, and so a failed build can always be repeated. This is because
Nix cannot distinguish between permanent failures (e.g., a compiler
error due to a syntax error in the source) and transient failures
(e.g., a disk full condition).</para>
<para>Nix also performs locking. If you run multiple Nix builds
simultaneously, and they try to build the same derivation, the first
Nix instance that gets there will perform the build, while the others
block (or perform other derivations if available) until the build
finishes:
<screen>
$ nix-build -A hello
waiting for lock on `/nix/store/0h5b7hp8d4hqfrw8igvx97x1xawrjnac-hello-2.1.1x'</screen>
So it is always safe to run multiple instances of Nix in parallel
(which isnt the case with, say, <command>make</command>).</para>
<para>If you have a system with multiple CPUs, you may want to have
Nix build different derivations in parallel (insofar as possible).
Just pass the option <link linkend='opt-max-jobs'><option>-j
<replaceable>N</replaceable></option></link>, where
<replaceable>N</replaceable> is the maximum number of jobs to be run
in parallel, or set. Typically this should be the number of
CPUs.</para>
</section>

47
third_party/nix/doc/manual/expressions/simple-expression.xml vendored
View file

@ -1,47 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ch-simple-expression">
<title>A Simple Nix Expression</title>
<para>This section shows how to add and test the <link
xlink:href='http://www.gnu.org/software/hello/hello.html'>GNU Hello
package</link> to the Nix Packages collection. Hello is a program
that prints out the text <quote>Hello, world!</quote>.</para>
<para>To add a package to the Nix Packages collection, you generally
need to do three things:
<orderedlist>
<listitem><para>Write a Nix expression for the package. This is a
file that describes all the inputs involved in building the package,
such as dependencies, sources, and so on.</para></listitem>
<listitem><para>Write a <emphasis>builder</emphasis>. This is a
shell script<footnote><para>In fact, it can be written in any
language, but typically it's a <command>bash</command> shell
script.</para></footnote> that actually builds the package from
the inputs.</para></listitem>
<listitem><para>Add the package to the file
<filename>pkgs/top-level/all-packages.nix</filename>. The Nix
expression written in the first step is a
<emphasis>function</emphasis>; it requires other packages in order
to build it. In this step you put it all together, i.e., you call
the function with the right arguments to build the actual
package.</para></listitem>
</orderedlist>
</para>
<xi:include href="expression-syntax.xml" />
<xi:include href="build-script.xml" />
<xi:include href="arguments-variables.xml" />
<xi:include href="simple-building-testing.xml" />
<xi:include href="generic-builder.xml" />
</chapter>

26
third_party/nix/doc/manual/expressions/writing-nix-expressions.xml vendored
View file

@ -1,26 +0,0 @@
<part xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id='chap-writing-nix-expressions'>
<title>Writing Nix Expressions</title>
<partintro>
<para>This chapter shows you how to write Nix expressions, which
instruct Nix how to build packages. It starts with a
simple example (a Nix expression for GNU Hello), and then moves
on to a more in-depth look at the Nix expression language.</para>
<note><para>This chapter is mostly about the Nix expression language.
For more extensive information on adding packages to the Nix Packages
collection (such as functions in the standard environment and coding
conventions), please consult <link
xlink:href="http://nixos.org/nixpkgs/manual/">its
manual</link>.</para></note>
</partintro>
<xi:include href="simple-expression.xml" />
<xi:include href="expression-language.xml" />
</part>

BIN
third_party/nix/doc/manual/figures/user-environments.png vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 83 KiB

BIN
third_party/nix/doc/manual/figures/user-environments.sxd vendored
View file

Binary file not shown.

199
third_party/nix/doc/manual/glossary/glossary.xml vendored
View file

@ -1,199 +0,0 @@
<appendix xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="part-glossary">
<title>Glossary</title>
<glosslist>
<glossentry xml:id="gloss-derivation"><glossterm>derivation</glossterm>
<glossdef><para>A description of a build action. The result of a
derivation is a store object. Derivations are typically specified
in Nix expressions using the <link
linkend="ssec-derivation"><function>derivation</function>
primitive</link>. These are translated into low-level
<emphasis>store derivations</emphasis> (implicitly by
<command>nix-env</command> and <command>nix-build</command>, or
explicitly by <command>nix-instantiate</command>).</para></glossdef>
</glossentry>
<glossentry><glossterm>store</glossterm>
<glossdef><para>The location in the file system where store objects
live. Typically <filename>/nix/store</filename>.</para></glossdef>
</glossentry>
<glossentry><glossterm>store path</glossterm>
<glossdef><para>The location in the file system of a store object,
i.e., an immediate child of the Nix store
directory.</para></glossdef>
</glossentry>
<glossentry><glossterm>store object</glossterm>
<glossdef><para>A file that is an immediate child of the Nix store
directory. These can be regular files, but also entire directory
trees. Store objects can be sources (objects copied from outside of
the store), derivation outputs (objects produced by running a build
action), or derivations (files describing a build
action).</para></glossdef>
</glossentry>
<glossentry xml:id="gloss-substitute"><glossterm>substitute</glossterm>
<glossdef><para>A substitute is a command invocation stored in the
Nix database that describes how to build a store object, bypassing
the normal build mechanism (i.e., derivations). Typically, the
substitute builds the store object by downloading a pre-built
version of the store object from some server.</para></glossdef>
</glossentry>
<glossentry><glossterm>purity</glossterm>
<glossdef><para>The assumption that equal Nix derivations when run
always produce the same output. This cannot be guaranteed in
general (e.g., a builder can rely on external inputs such as the
network or the system time) but the Nix model assumes
it.</para></glossdef>
</glossentry>
<glossentry><glossterm>Nix expression</glossterm>
<glossdef><para>A high-level description of software packages and
compositions thereof. Deploying software using Nix entails writing
Nix expressions for your packages. Nix expressions are translated
to derivations that are stored in the Nix store. These derivations
can then be built.</para></glossdef>
</glossentry>
<glossentry xml:id="gloss-reference"><glossterm>reference</glossterm>
<glossdef>
<para>A store path <varname>P</varname> is said to have a
reference to a store path <varname>Q</varname> if the store object
at <varname>P</varname> contains the path <varname>Q</varname>
somewhere. The <emphasis>references</emphasis> of a store path are
the set of store paths to which it has a reference.
</para>
<para>A derivation can reference other derivations and sources
(but not output paths), whereas an output path only references other
output paths.
</para>
</glossdef>
</glossentry>
<glossentry xml:id="gloss-reachable"><glossterm>reachable</glossterm>
<glossdef><para>A store path <varname>Q</varname> is reachable from
another store path <varname>P</varname> if <varname>Q</varname> is in the
<link linkend="gloss-closure">closure</link> of the
<link linkend="gloss-reference">references</link> relation.
</para></glossdef>
</glossentry>
<glossentry xml:id="gloss-closure"><glossterm>closure</glossterm>
<glossdef><para>The closure of a store path is the set of store
paths that are directly or indirectly “reachable” from that store
path; that is, its the closure of the path under the <link
linkend="gloss-reference">references</link> relation. For a package, the
closure of its derivation is equivalent to the build-time
dependencies, while the closure of its output path is equivalent to its
runtime dependencies. For correct deployment it is necessary to deploy whole
closures, since otherwise at runtime files could be missing. The command
<command>nix-store -qR</command> prints out closures of store paths.
</para>
<para>As an example, if the store object at path <varname>P</varname> contains
a reference to path <varname>Q</varname>, then <varname>Q</varname> is
in the closure of <varname>P</varname>. Further, if <varname>Q</varname>
references <varname>R</varname> then <varname>R</varname> is also in
the closure of <varname>P</varname>.
</para></glossdef>
</glossentry>
<glossentry xml:id="gloss-output-path"><glossterm>output path</glossterm>
<glossdef><para>A store path produced by a derivation.</para></glossdef>
</glossentry>
<glossentry xml:id="gloss-deriver"><glossterm>deriver</glossterm>
<glossdef><para>The deriver of an <link
linkend="gloss-output-path">output path</link> is the store
derivation that built it.</para></glossdef>
</glossentry>
<glossentry xml:id="gloss-validity"><glossterm>validity</glossterm>
<glossdef><para>A store path is considered
<emphasis>valid</emphasis> if it exists in the file system, is
listed in the Nix database as being valid, and if all paths in its
closure are also valid.</para></glossdef>
</glossentry>
<glossentry xml:id="gloss-user-env"><glossterm>user environment</glossterm>
<glossdef><para>An automatically generated store object that
consists of a set of symlinks to “active” applications, i.e., other
store paths. These are generated automatically by <link
linkend="sec-nix-env"><command>nix-env</command></link>. See <xref
linkend="sec-profiles" />.</para>
</glossdef>
</glossentry>
<glossentry xml:id="gloss-profile"><glossterm>profile</glossterm>
<glossdef><para>A symlink to the current <link
linkend="gloss-user-env">user environment</link> of a user, e.g.,
<filename>/nix/var/nix/profiles/default</filename>.</para></glossdef>
</glossentry>
<glossentry xml:id="gloss-nar"><glossterm>NAR</glossterm>
<glossdef><para>A <emphasis>N</emphasis>ix
<emphasis>AR</emphasis>chive. This is a serialisation of a path in
the Nix store. It can contain regular files, directories and
symbolic links. NARs are generated and unpacked using
<command>nix-store --dump</command> and <command>nix-store
--restore</command>.</para></glossdef>
</glossentry>
</glosslist>
</appendix>

41
third_party/nix/doc/manual/hacking.xml vendored
View file

@ -1,41 +0,0 @@
<appendix xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="chap-hacking">
<title>Hacking</title>
<para>This section provides some notes on how to hack on Nix. To get
the latest version of Nix from GitHub:
<screen>
$ git clone git://github.com/NixOS/nix.git
$ cd nix
</screen>
</para>
<para>To build it and its dependencies:
<screen>
$ nix-build release.nix -A build.x86_64-linux
</screen>
</para>
<para>To build all dependencies and start a shell in which all
environment variables are set up so that those dependencies can be
found:
<screen>
$ nix-shell
</screen>
To build Nix itself in this shell:
<screen>
[nix-shell]$ ./bootstrap.sh
[nix-shell]$ configurePhase
[nix-shell]$ make
</screen>
To install it in <literal>$(pwd)/inst</literal> and test it:
<screen>
[nix-shell]$ make install
[nix-shell]$ make installcheck
</screen>
</para>
</appendix>

BIN
third_party/nix/doc/manual/images/callouts/1.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 889 B

BIN
third_party/nix/doc/manual/images/callouts/10.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 929 B

BIN
third_party/nix/doc/manual/images/callouts/11.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 202 B

BIN
third_party/nix/doc/manual/images/callouts/12.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 210 B

BIN
third_party/nix/doc/manual/images/callouts/13.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 209 B

BIN
third_party/nix/doc/manual/images/callouts/14.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 205 B

BIN
third_party/nix/doc/manual/images/callouts/15.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 210 B

BIN
third_party/nix/doc/manual/images/callouts/2.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 907 B

BIN
third_party/nix/doc/manual/images/callouts/3.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 914 B

BIN
third_party/nix/doc/manual/images/callouts/4.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 907 B

BIN
third_party/nix/doc/manual/images/callouts/5.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 916 B

BIN
third_party/nix/doc/manual/images/callouts/6.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 218 B

BIN
third_party/nix/doc/manual/images/callouts/7.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 907 B

BIN
third_party/nix/doc/manual/images/callouts/8.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 918 B

BIN
third_party/nix/doc/manual/images/callouts/9.gif vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 923 B

49
third_party/nix/doc/manual/installation/building-source.xml vendored
View file

@ -1,49 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-building-source">
<title>Building Nix from Source</title>
<para>After unpacking or checking out the Nix sources, issue the
following commands:
<screen>
$ ./configure <replaceable>options...</replaceable>
$ make
$ make install</screen>
Nix requires GNU Make so you may need to invoke
<command>gmake</command> instead.</para>
<para>When building from the Git repository, these should be preceded
by the command:
<screen>
$ ./bootstrap.sh</screen>
</para>
<para>The installation path can be specified by passing the
<option>--prefix=<replaceable>prefix</replaceable></option> to
<command>configure</command>. The default installation directory is
<filename>/usr/local</filename>. You can change this to any location
you like. You must have write permission to the
<replaceable>prefix</replaceable> path.</para>
<para>Nix keeps its <emphasis>store</emphasis> (the place where
packages are stored) in <filename>/nix/store</filename> by default.
This can be changed using
<option>--with-store-dir=<replaceable>path</replaceable></option>.</para>
<warning><para>It is best <emphasis>not</emphasis> to change the Nix
store from its default, since doing so makes it impossible to use
pre-built binaries from the standard Nixpkgs channels — that is, all
packages will need to be built from source.</para></warning>
<para>Nix keeps state (such as its database and log files) in
<filename>/nix/var</filename> by default. This can be changed using
<option>--localstatedir=<replaceable>path</replaceable></option>.</para>
</section>

89
third_party/nix/doc/manual/installation/env-variables.xml vendored
View file

@ -1,89 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ch-env-variables">
<title>Environment Variables</title>
<para>To use Nix, some environment variables should be set. In
particular, <envar>PATH</envar> should contain the directories
<filename><replaceable>prefix</replaceable>/bin</filename> and
<filename>~/.nix-profile/bin</filename>. The first directory contains
the Nix tools themselves, while <filename>~/.nix-profile</filename> is
a symbolic link to the current <emphasis>user environment</emphasis>
(an automatically generated package consisting of symlinks to
installed packages). The simplest way to set the required environment
variables is to include the file
<filename><replaceable>prefix</replaceable>/etc/profile.d/nix.sh</filename>
in your <filename>~/.profile</filename> (or similar), like this:</para>
<screen>
source <replaceable>prefix</replaceable>/etc/profile.d/nix.sh</screen>
<section xml:id="sec-nix-ssl-cert-file">
<title><envar>NIX_SSL_CERT_FILE</envar></title>
<para>If you need to specify a custom certificate bundle to account
for an HTTPS-intercepting man in the middle proxy, you must specify
the path to the certificate bundle in the environment variable
<envar>NIX_SSL_CERT_FILE</envar>.</para>
<para>If you don't specify a <envar>NIX_SSL_CERT_FILE</envar>
manually, Nix will install and use its own certificate
bundle.</para>
<procedure>
<step><para>Set the environment variable and install Nix</para>
<screen>
$ export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt
$ sh &lt;(curl https://nixos.org/nix/install)
</screen></step>
<step><para>In the shell profile and rc files (for example,
<filename>/etc/bashrc</filename>, <filename>/etc/zshrc</filename>),
add the following line:</para>
<programlisting>
export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt
</programlisting>
</step>
</procedure>
<note><para>You must not add the export and then do the install, as
the Nix installer will detect the presense of Nix configuration, and
abort.</para></note>
<section xml:id="sec-nix-ssl-cert-file-with-nix-daemon-and-macos">
<title><envar>NIX_SSL_CERT_FILE</envar> with macOS and the Nix daemon</title>
<para>On macOS you must specify the environment variable for the Nix
daemon service, then restart it:</para>
<screen>
$ sudo launchctl setenv NIX_SSL_CERT_FILE /etc/ssl/my-certificate-bundle.crt
$ sudo launchctl kickstart -k system/org.nixos.nix-daemon
</screen>
</section>
<section xml:id="sec-installer-proxy-settings">
<title>Proxy Environment Variables</title>
<para>The Nix installer has special handling for these proxy-related
environment variables:
<varname>http_proxy</varname>, <varname>https_proxy</varname>,
<varname>ftp_proxy</varname>, <varname>no_proxy</varname>,
<varname>HTTP_PROXY</varname>, <varname>HTTPS_PROXY</varname>,
<varname>FTP_PROXY</varname>, <varname>NO_PROXY</varname>.
</para>
<para>If any of these variables are set when running the Nix installer,
then the installer will create an override file at
<filename>/etc/systemd/system/nix-daemon.service.d/override.conf</filename>
so <command>nix-daemon</command> will use them.
</para>
</section>
</section>
</chapter>

34
third_party/nix/doc/manual/installation/installation.xml vendored
View file

@ -1,34 +0,0 @@
<part xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="chap-installation">
<title>Installation</title>
<partintro>
<para>This section describes how to install and configure Nix for first-time use.</para>
</partintro>
<xi:include href="supported-platforms.xml" />
<xi:include href="installing-binary.xml" />
<xi:include href="installing-source.xml" />
<xi:include href="nix-security.xml" />
<xi:include href="env-variables.xml" />
<!-- TODO: should be updated
<section><title>Upgrading Nix through Nix</title>
<para>You can install the latest stable version of Nix through Nix
itself by subscribing to the channel <link
xlink:href="http://nixos.org/releases/nix/channels/nix-stable" />,
or the latest unstable version by subscribing to the channel <link
xlink:href="http://nixos.org/releases/nix/channels/nix-unstable" />.
You can also do a <link linkend="sec-one-click">one-click
installation</link> by clicking on the package links at <link
xlink:href="http://nixos.org/releases/full-index-nix.html" />.</para>
</section>
-->
</part>

190
third_party/nix/doc/manual/installation/installing-binary.xml vendored
View file

@ -1,190 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ch-installing-binary">
<title>Installing a Binary Distribution</title>
<para>If you are using Linux or macOS, the easiest way to install Nix
is to run the following command:
<screen>
$ sh &lt;(curl https://nixos.org/nix/install)
</screen>
As of Nix 2.1.0, the Nix installer will always default to creating a
single-user installation, however opting in to the multi-user
installation is highly recommended.
</para>
<section xml:id="sect-single-user-installation">
<title>Single User Installation</title>
<para>
To explicitly select a single-user installation on your system:
<screen>
sh &lt;(curl https://nixos.org/nix/install) --no-daemon
</screen>
</para>
<para>
This will perform a single-user installation of Nix, meaning that
<filename>/nix</filename> is owned by the invoking user. You should
run this under your usual user account, <emphasis>not</emphasis> as
root. The script will invoke <command>sudo</command> to create
<filename>/nix</filename> if it doesnt already exist. If you dont
have <command>sudo</command>, you should manually create
<command>/nix</command> first as root, e.g.:
<screen>
$ mkdir /nix
$ chown alice /nix
</screen>
The install script will modify the first writable file from amongst
<filename>.bash_profile</filename>, <filename>.bash_login</filename>
and <filename>.profile</filename> to source
<filename>~/.nix-profile/etc/profile.d/nix.sh</filename>. You can set
the <command>NIX_INSTALLER_NO_MODIFY_PROFILE</command> environment
variable before executing the install script to disable this
behaviour.
</para>
<para>You can uninstall Nix simply by running:
<screen>
$ rm -rf /nix
</screen>
</para>
</section>
<section xml:id="sect-multi-user-installation">
<title>Multi User Installation</title>
<para>
The multi-user Nix installation creates system users, and a system
service for the Nix daemon.
</para>
<itemizedlist>
<title>Supported Systems</title>
<listitem>
<para>Linux running systemd, with SELinux disabled</para>
</listitem>
<listitem><para>macOS</para></listitem>
</itemizedlist>
<para>
You can instruct the installer to perform a multi-user
installation on your system:
<screen>
sh &lt;(curl https://nixos.org/nix/install) --daemon
</screen>
</para>
<para>
The multi-user installation of Nix will create build users between
the user IDs 30001 and 30032, and a group with the group ID 30000.
You should run this under your usual user account,
<emphasis>not</emphasis> as root. The script will invoke
<command>sudo</command> as needed.
</para>
<note><para>
If you need Nix to use a different group ID or user ID set, you
will have to download the tarball manually and <link
linkend="sect-nix-install-binary-tarball">edit the install
script</link>.
</para></note>
<para>
The installer will modify <filename>/etc/bashrc</filename>, and
<filename>/etc/zshrc</filename> if they exist. The installer will
first back up these files with a
<literal>.backup-before-nix</literal> extension. The installer
will also create <filename>/etc/profile.d/nix.sh</filename>.
</para>
<para>You can uninstall Nix with the following commands:
<screen>
sudo rm -rf /etc/profile/nix.sh /etc/nix /nix ~root/.nix-profile ~root/.nix-defexpr ~root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels
# If you are on Linux with systemd, you will need to run:
sudo systemctl stop nix-daemon.socket
sudo systemctl stop nix-daemon.service
sudo systemctl disable nix-daemon.socket
sudo systemctl disable nix-daemon.service
sudo systemctl daemon-reload
# If you are on macOS, you will need to run:
sudo launchctl unload /Library/LaunchDaemons/org.nixos.nix-daemon.plist
sudo rm /Library/LaunchDaemons/org.nixos.nix-daemon.plist
</screen>
There may also be references to Nix in
<filename>/etc/profile</filename>,
<filename>/etc/bashrc</filename>, and
<filename>/etc/zshrc</filename> which you may remove.
</para>
</section>
<section xml:id="sect-nix-install-pinned-version-url">
<title>Installing a pinned Nix version from a URL</title>
<para>
NixOS.org hosts version-specific installation URLs for all Nix
versions since 1.11.16, at
<literal>https://nixos.org/releases/nix/nix-VERSION/install</literal>.
</para>
<para>
These install scripts can be used the same as the main
NixOS.org installation script:
<screen>
sh &lt;(curl https://nixos.org/nix/install)
</screen>
</para>
<para>
In the same directory of the install script are sha256 sums, and
gpg signature files.
</para>
</section>
<section xml:id="sect-nix-install-binary-tarball">
<title>Installing from a binary tarball</title>
<para>
You can also download a binary tarball that contains Nix and all
its dependencies. (This is what the install script at
<uri>https://nixos.org/nix/install</uri> does automatically.) You
should unpack it somewhere (e.g. in <filename>/tmp</filename>),
and then run the script named <command>install</command> inside
the binary tarball:
<screen>
alice$ cd /tmp
alice$ tar xfj nix-1.8-x86_64-darwin.tar.bz2
alice$ cd nix-1.8-x86_64-darwin
alice$ ./install
</screen>
</para>
<para>
If you need to edit the multi-user installation script to use
different group ID or a different user ID range, modify the
variables set in the file named
<filename>install-multi-user</filename>.
</para>
</section>
</chapter>

16
third_party/nix/doc/manual/installation/installing-source.xml vendored
View file

@ -1,16 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ch-installing-source">
<title>Installing Nix from Source</title>
<para>If no binary package is available, you can download and compile
a source distribution.</para>
<xi:include href="prerequisites-source.xml" />
<xi:include href="obtaining-source.xml" />
<xi:include href="building-source.xml" />
</chapter>

107
third_party/nix/doc/manual/installation/multi-user.xml vendored
View file

@ -1,107 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ssec-multi-user">
<title>Multi-User Mode</title>
<para>To allow a Nix store to be shared safely among multiple users,
it is important that users are not able to run builders that modify
the Nix store or database in arbitrary ways, or that interfere with
builds started by other users. If they could do so, they could
install a Trojan horse in some package and compromise the accounts of
other users.</para>
<para>To prevent this, the Nix store and database are owned by some
privileged user (usually <literal>root</literal>) and builders are
executed under special user accounts (usually named
<literal>nixbld1</literal>, <literal>nixbld2</literal>, etc.). When a
unprivileged user runs a Nix command, actions that operate on the Nix
store (such as builds) are forwarded to a <emphasis>Nix
daemon</emphasis> running under the owner of the Nix store/database
that performs the operation.</para>
<note><para>Multi-user mode has one important limitation: only
<systemitem class="username">root</systemitem> and a set of trusted
users specified in <filename>nix.conf</filename> can specify arbitrary
binary caches. So while unprivileged users may install packages from
arbitrary Nix expressions, they may not get pre-built
binaries.</para></note>
<simplesect>
<title>Setting up the build users</title>
<para>The <emphasis>build users</emphasis> are the special UIDs under
which builds are performed. They should all be members of the
<emphasis>build users group</emphasis> <literal>nixbld</literal>.
This group should have no other members. The build users should not
be members of any other group. On Linux, you can create the group and
users as follows:
<screen>
$ groupadd -r nixbld
$ for n in $(seq 1 10); do useradd -c "Nix build user $n" \
-d /var/empty -g nixbld -G nixbld -M -N -r -s "$(which nologin)" \
nixbld$n; done
</screen>
This creates 10 build users. There can never be more concurrent builds
than the number of build users, so you may want to increase this if
you expect to do many builds at the same time.</para>
</simplesect>
<simplesect>
<title>Running the daemon</title>
<para>The <link linkend="sec-nix-daemon">Nix daemon</link> should be
started as follows (as <literal>root</literal>):
<screen>
$ nix-daemon</screen>
Youll want to put that line somewhere in your systems boot
scripts.</para>
<para>To let unprivileged users use the daemon, they should set the
<link linkend="envar-remote"><envar>NIX_REMOTE</envar> environment
variable</link> to <literal>daemon</literal>. So you should put a
line like
<programlisting>
export NIX_REMOTE=daemon</programlisting>
into the users login scripts.</para>
</simplesect>
<simplesect>
<title>Restricting access</title>
<para>To limit which users can perform Nix operations, you can use the
permissions on the directory
<filename>/nix/var/nix/daemon-socket</filename>. For instance, if you
want to restrict the use of Nix to the members of a group called
<literal>nix-users</literal>, do
<screen>
$ chgrp nix-users /nix/var/nix/daemon-socket
$ chmod ug=rwx,o= /nix/var/nix/daemon-socket
</screen>
This way, users who are not in the <literal>nix-users</literal> group
cannot connect to the Unix domain socket
<filename>/nix/var/nix/daemon-socket/socket</filename>, so they cannot
perform Nix operations.</para>
</simplesect>
</section>

27
third_party/nix/doc/manual/installation/nix-security.xml vendored
View file

@ -1,27 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ch-nix-security">
<title>Security</title>
<para>Nix has two basic security models. First, it can be used in
“single-user mode”, which is similar to what most other package
management tools do: there is a single user (typically <systemitem
class="username">root</systemitem>) who performs all package
management operations. All other users can then use the installed
packages, but they cannot perform package management operations
themselves.</para>
<para>Alternatively, you can configure Nix in “multi-user mode”. In
this model, all users can perform package management operations — for
instance, every user can install software without requiring root
privileges. Nix ensures that this is secure. For instance, its not
possible for one user to overwrite a package used by another user with
a Trojan horse.</para>
<xi:include href="single-user.xml" />
<xi:include href="multi-user.xml" />
</chapter>

30
third_party/nix/doc/manual/installation/obtaining-source.xml vendored
View file

@ -1,30 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-obtaining-source">
<title>Obtaining a Source Distribution</title>
<para>The source tarball of the most recent stable release can be
downloaded from the <link
xlink:href="http://nixos.org/nix/download.html">Nix homepage</link>.
You can also grab the <link
xlink:href="http://hydra.nixos.org/job/nix/master/release/latest-finished#tabs-constituents">most
recent development release</link>.</para>
<para>Alternatively, the most recent sources of Nix can be obtained
from its <link
xlink:href="https://github.com/NixOS/nix">Git
repository</link>. For example, the following command will check out
the latest revision into a directory called
<filename>nix</filename>:</para>
<screen>
$ git clone https://github.com/NixOS/nix</screen>
<para>Likewise, specific releases can be obtained from the <link
xlink:href="https://github.com/NixOS/nix/tags">tags</link> of the
repository.</para>
</section>

105
third_party/nix/doc/manual/installation/prerequisites-source.xml vendored
View file

@ -1,105 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-prerequisites-source">
<title>Prerequisites</title>
<itemizedlist>
<listitem><para>GNU Make.</para></listitem>
<listitem><para>Bash Shell. The <literal>./configure</literal> script
relies on bashisms, so Bash is required.</para></listitem>
<listitem><para>A version of GCC or Clang that supports C++17.</para></listitem>
<listitem><para><command>pkg-config</command> to locate
dependencies. If your distribution does not provide it, you can get
it from <link
xlink:href="http://www.freedesktop.org/wiki/Software/pkg-config"
/>.</para></listitem>
<listitem><para>The OpenSSL library to calculate cryptographic hashes.
If your distribution does not provide it, you can get it from <link
xlink:href="https://www.openssl.org"/>.</para></listitem>
<listitem><para>The <literal>libbrotlienc</literal> and
<literal>libbrotlidec</literal> libraries to provide implementation
of the Brotli compression algorithm. They are available for download
from the official repository <link
xlink:href="https://github.com/google/brotli" />.</para></listitem>
<listitem><para>The bzip2 compressor program and the
<literal>libbz2</literal> library. Thus you must have bzip2
installed, including development headers and libraries. If your
distribution does not provide these, you can obtain bzip2 from <link
xlink:href="https://web.archive.org/web/20180624184756/http://www.bzip.org/"
/>.</para></listitem>
<listitem><para><literal>liblzma</literal>, which is provided by
XZ Utils. If your distribution does not provide this, you can
get it from <link xlink:href="https://tukaani.org/xz/"/>.</para></listitem>
<listitem><para>cURL and its library. If your distribution does not
provide it, you can get it from <link
xlink:href="https://curl.haxx.se/"/>.</para></listitem>
<listitem><para>The SQLite embedded database library, version 3.6.19
or higher. If your distribution does not provide it, please install
it from <link xlink:href="http://www.sqlite.org/" />.</para></listitem>
<listitem><para>The <link
xlink:href="http://www.hboehm.info/gc/">Boehm
garbage collector</link> to reduce the evaluators memory
consumption (optional). To enable it, install
<literal>pkgconfig</literal> and the Boehm garbage collector, and
pass the flag <option>--enable-gc</option> to
<command>configure</command>.</para></listitem>
<listitem><para>The <literal>boost</literal> library of version
1.66.0 or higher. It can be obtained from the official web site
<link xlink:href="https://www.boost.org/" />.</para></listitem>
<listitem><para>The <literal>editline</literal> library of version
1.14.0 or higher. It can be obtained from the its repository
<link xlink:href="https://github.com/troglobit/editline" />.</para></listitem>
<listitem><para>The <command>xmllint</command> and
<command>xsltproc</command> programs to build this manual and the
man-pages. These are part of the <literal>libxml2</literal> and
<literal>libxslt</literal> packages, respectively. You also need
the <link
xlink:href="http://docbook.sourceforge.net/projects/xsl/">DocBook
XSL stylesheets</link> and optionally the <link
xlink:href="http://www.docbook.org/schemas/5x"> DocBook 5.0 RELAX NG
schemas</link>. Note that these are only required if you modify the
manual sources or when you are building from the Git
repository.</para></listitem>
<listitem><para>Recent versions of Bison and Flex to build the
parser. (This is because Nix needs GLR support in Bison and
reentrancy support in Flex.) For Bison, you need version 2.6, which
can be obtained from the <link
xlink:href="ftp://alpha.gnu.org/pub/gnu/bison">GNU FTP
server</link>. For Flex, you need version 2.5.35, which is
available on <link
xlink:href="http://lex.sourceforge.net/">SourceForge</link>.
Slightly older versions may also work, but ancient versions like the
ubiquitous 2.5.4a won't. Note that these are only required if you
modify the parser or when you are building from the Git
repository.</para></listitem>
<listitem><para>The <literal>libseccomp</literal> is used to provide
syscall filtering on Linux. This is an optional dependency and can
be disabled passing a <option>--disable-seccomp-sandboxing</option>
option to the <command>configure</command> script (Not recommended
unless your system doesn't support
<literal>libseccomp</literal>). To get the library, visit <link
xlink:href="https://github.com/seccomp/libseccomp"
/>.</para></listitem>
</itemizedlist>
</section>

21
third_party/nix/doc/manual/installation/single-user.xml vendored
View file

@ -1,21 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-single-user">
<title>Single-User Mode</title>
<para>In single-user mode, all Nix operations that access the database
in <filename><replaceable>prefix</replaceable>/var/nix/db</filename>
or modify the Nix store in
<filename><replaceable>prefix</replaceable>/store</filename> must be
performed under the user ID that owns those directories. This is
typically <systemitem class="username">root</systemitem>. (If you
install from RPM packages, thats in fact the default ownership.)
However, on single-user machines, it is often convenient to
<command>chown</command> those directories to your normal user account
so that you dont have to <command>su</command> to <systemitem
class="username">root</systemitem> all the time.</para>
</section>

36
third_party/nix/doc/manual/installation/supported-platforms.xml vendored
View file

@ -1,36 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ch-supported-platforms">
<title>Supported Platforms</title>
<para>Nix is currently supported on the following platforms:
<itemizedlist>
<listitem><para>Linux (i686, x86_64, aarch64).</para></listitem>
<listitem><para>macOS (x86_64).</para></listitem>
<!--
<listitem><para>FreeBSD (only tested on Intel).</para></listitem>
-->
<!--
<listitem><para>Windows through <link
xlink:href="http://www.cygwin.com/">Cygwin</link>.</para>
<warning><para>On Cygwin, Nix <emphasis>must</emphasis> be installed
on an NTFS partition. It will not work correctly on a FAT
partition.</para></warning>
</listitem>
-->
</itemizedlist>
</para>
</chapter>

22
third_party/nix/doc/manual/installation/upgrading.xml vendored
View file

@ -1,22 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ch-upgrading-nix">
<title>Upgrading Nix</title>
<para>
Multi-user Nix users on macOS can upgrade Nix by running:
<command>sudo -i sh -c 'nix-channel --update &amp;&amp;
nix-env -iA nixpkgs.nix &amp;&amp;
launchctl remove org.nixos.nix-daemon &amp;&amp;
launchctl load /Library/LaunchDaemons/org.nixos.nix-daemon.plist'</command>
</para>
<para>
Single-user installations of Nix should run this:
<command>nix-channel --update; nix-env -iA nixpkgs.nix</command>
</para>
</chapter>

268
third_party/nix/doc/manual/introduction/about-nix.xml vendored
View file

@ -1,268 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ch-about-nix">
<title>About Nix</title>
<para>Nix is a <emphasis>purely functional package manager</emphasis>.
This means that it treats packages like values in purely functional
programming languages such as Haskell — they are built by functions
that dont have side-effects, and they never change after they have
been built. Nix stores packages in the <emphasis>Nix
store</emphasis>, usually the directory
<filename>/nix/store</filename>, where each package has its own unique
subdirectory such as
<programlisting>
/nix/store/b6gvzjyb2pg0kjfwrjmg1vfhh54ad73z-firefox-33.1/
</programlisting>
where <literal>b6gvzjyb2pg0…</literal> is a unique identifier for the
package that captures all its dependencies (its a cryptographic hash
of the packages build dependency graph). This enables many powerful
features.</para>
<simplesect><title>Multiple versions</title>
<para>You can have multiple versions or variants of a package
installed at the same time. This is especially important when
different applications have dependencies on different versions of the
same package — it prevents the “DLL hell”. Because of the hashing
scheme, different versions of a package end up in different paths in
the Nix store, so they dont interfere with each other.</para>
<para>An important consequence is that operations like upgrading or
uninstalling an application cannot break other applications, since
these operations never “destructively” update or delete files that are
used by other packages.</para>
</simplesect>
<simplesect><title>Complete dependencies</title>
<para>Nix helps you make sure that package dependency specifications
are complete. In general, when youre making a package for a package
management system like RPM, you have to specify for each package what
its dependencies are, but there are no guarantees that this
specification is complete. If you forget a dependency, then the
package will build and work correctly on <emphasis>your</emphasis>
machine if you have the dependency installed, but not on the end
user's machine if it's not there.</para>
<para>Since Nix on the other hand doesnt install packages in “global”
locations like <filename>/usr/bin</filename> but in package-specific
directories, the risk of incomplete dependencies is greatly reduced.
This is because tools such as compilers dont search in per-packages
directories such as
<filename>/nix/store/5lbfaxb722zp…-openssl-0.9.8d/include</filename>,
so if a package builds correctly on your system, this is because you
specified the dependency explicitly. This takes care of the build-time
dependencies.</para>
<para>Once a package is built, runtime dependencies are found by
scanning binaries for the hash parts of Nix store paths (such as
<literal>r8vvq9kq…</literal>). This sounds risky, but it works
extremely well.</para>
</simplesect>
<simplesect><title>Multi-user support</title>
<para>Nix has multi-user support. This means that non-privileged
users can securely install software. Each user can have a different
<emphasis>profile</emphasis>, a set of packages in the Nix store that
appear in the users <envar>PATH</envar>. If a user installs a
package that another user has already installed previously, the
package wont be built or downloaded a second time. At the same time,
it is not possible for one user to inject a Trojan horse into a
package that might be used by another user.</para>
</simplesect>
<simplesect><title>Atomic upgrades and rollbacks</title>
<para>Since package management operations never overwrite packages in
the Nix store but just add new versions in different paths, they are
<emphasis>atomic</emphasis>. So during a package upgrade, there is no
time window in which the package has some files from the old version
and some files from the new version — which would be bad because a
program might well crash if its started during that period.</para>
<para>And since packages arent overwritten, the old versions are still
there after an upgrade. This means that you can <emphasis>roll
back</emphasis> to the old version:</para>
<screen>
$ nix-env --upgrade <replaceable>some-packages</replaceable>
$ nix-env --rollback
</screen>
</simplesect>
<simplesect><title>Garbage collection</title>
<para>When you uninstall a package like this…
<screen>
$ nix-env --uninstall firefox
</screen>
the package isnt deleted from the system right away (after all, you
might want to do a rollback, or it might be in the profiles of other
users). Instead, unused packages can be deleted safely by running the
<emphasis>garbage collector</emphasis>:
<screen>
$ nix-collect-garbage
</screen>
This deletes all packages that arent in use by any user profile or by
a currently running program.</para>
</simplesect>
<simplesect><title>Functional package language</title>
<para>Packages are built from <emphasis>Nix expressions</emphasis>,
which is a simple functional language. A Nix expression describes
everything that goes into a package build action (a “derivation”):
other packages, sources, the build script, environment variables for
the build script, etc. Nix tries very hard to ensure that Nix
expressions are <emphasis>deterministic</emphasis>: building a Nix
expression twice should yield the same result.</para>
<para>Because its a functional language, its easy to support
building variants of a package: turn the Nix expression into a
function and call it any number of times with the appropriate
arguments. Due to the hashing scheme, variants dont conflict with
each other in the Nix store.</para>
</simplesect>
<simplesect><title>Transparent source/binary deployment</title>
<para>Nix expressions generally describe how to build a package from
source, so an installation action like
<screen>
$ nix-env --install firefox
</screen>
<emphasis>could</emphasis> cause quite a bit of build activity, as not
only Firefox but also all its dependencies (all the way up to the C
library and the compiler) would have to built, at least if they are
not already in the Nix store. This is a <emphasis>source deployment
model</emphasis>. For most users, building from source is not very
pleasant as it takes far too long. However, Nix can automatically
skip building from source and instead use a <emphasis>binary
cache</emphasis>, a web server that provides pre-built binaries. For
instance, when asked to build
<literal>/nix/store/b6gvzjyb2pg0…-firefox-33.1</literal> from source,
Nix would first check if the file
<uri>https://cache.nixos.org/b6gvzjyb2pg0….narinfo</uri> exists, and
if so, fetch the pre-built binary referenced from there; otherwise, it
would fall back to building from source.</para>
</simplesect>
<!--
<simplesect><title>Binary patching</title>
<para>In addition to downloading binaries automatically if theyre
available, Nix can download binary deltas that patch an existing
package in the Nix store into a new version. This speeds up
upgrades.</para>
</simplesect>
-->
<simplesect><title>Nix Packages collection</title>
<para>We provide a large set of Nix expressions containing hundreds of
existing Unix packages, the <emphasis>Nix Packages
collection</emphasis> (Nixpkgs).</para>
</simplesect>
<simplesect><title>Managing build environments</title>
<para>Nix is extremely useful for developers as it makes it easy to
automatically set up the build environment for a package. Given a
Nix expression that describes the dependencies of your package, the
command <command>nix-shell</command> will build or download those
dependencies if theyre not already in your Nix store, and then start
a Bash shell in which all necessary environment variables (such as
compiler search paths) are set.</para>
<para>For example, the following command gets all dependencies of the
Pan newsreader, as described by <link
xlink:href="https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/networking/newsreaders/pan/default.nix">its
Nix expression</link>:</para>
<screen>
$ nix-shell '&lt;nixpkgs>' -A pan
</screen>
<para>Youre then dropped into a shell where you can edit, build and test
the package:</para>
<screen>
[nix-shell]$ tar xf $src
[nix-shell]$ cd pan-*
[nix-shell]$ ./configure
[nix-shell]$ make
[nix-shell]$ ./pan/gui/pan
</screen>
<!--
<para>Since Nix packages are reproducible and have complete dependency
specifications, Nix makes an excellent basis for <a
href="[%root%]hydra">a continuous build system</a>.</para>
-->
</simplesect>
<simplesect><title>Portability</title>
<para>Nix runs on Linux and macOS.</para>
</simplesect>
<simplesect><title>NixOS</title>
<para>NixOS is a Linux distribution based on Nix. It uses Nix not
just for package management but also to manage the system
configuration (e.g., to build configuration files in
<filename>/etc</filename>). This means, among other things, that it
is easy to roll back the entire configuration of the system to an
earlier state. Also, users can install software without root
privileges. For more information and downloads, see the <link
xlink:href="http://nixos.org/">NixOS homepage</link>.</para>
</simplesect>
<simplesect><title>License</title>
<para>Nix is released under the terms of the <link
xlink:href="http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html">GNU
LGPLv2.1 or (at your option) any later version</link>.</para>
</simplesect>
</chapter>

12
third_party/nix/doc/manual/introduction/introduction.xml vendored
View file

@ -1,12 +0,0 @@
<part xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="chap-introduction">
<title>Introduction</title>
<xi:include href="about-nix.xml" />
<xi:include href="quick-start.xml" />
</part>

124
third_party/nix/doc/manual/introduction/quick-start.xml vendored
View file

@ -1,124 +0,0 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="chap-quick-start">
<title>Quick Start</title>
<para>This chapter is for impatient people who don't like reading
documentation. For more in-depth information you are kindly referred
to subsequent chapters.</para>
<procedure>
<step><para>Install single-user Nix by running the following:
<screen>
$ bash &lt;(curl https://nixos.org/nix/install)
</screen>
This will install Nix in <filename>/nix</filename>. The install script
will create <filename>/nix</filename> using <command>sudo</command>,
so make sure you have sufficient rights. (For other installation
methods, see <xref linkend="chap-installation"/>.)</para></step>
<step><para>See what installable packages are currently available
in the channel:
<screen>
$ nix-env -qa
docbook-xml-4.3
docbook-xml-4.5
firefox-33.0.2
hello-2.9
libxslt-1.1.28
<replaceable>...</replaceable></screen>
</para></step>
<step><para>Install some packages from the channel:
<screen>
$ nix-env -i hello</screen>
This should download pre-built packages; it should not build them
locally (if it does, something went wrong).</para></step>
<step><para>Test that they work:
<screen>
$ which hello
/home/eelco/.nix-profile/bin/hello
$ hello
Hello, world!
</screen>
</para></step>
<step><para>Uninstall a package:
<screen>
$ nix-env -e hello</screen>
</para></step>
<step><para>You can also test a package without installing it:
<screen>
$ nix-shell -p hello
</screen>
This builds or downloads GNU Hello and its dependencies, then drops
you into a Bash shell where the <command>hello</command> command is
present, all without affecting your normal environment:
<screen>
[nix-shell:~]$ hello
Hello, world!
[nix-shell:~]$ exit
$ hello
hello: command not found
</screen>
</para></step>
<step><para>To keep up-to-date with the channel, do:
<screen>
$ nix-channel --update nixpkgs
$ nix-env -u '*'</screen>
The latter command will upgrade each installed package for which there
is a “newer” version (as determined by comparing the version
numbers).</para></step>
<step><para>If you're unhappy with the result of a
<command>nix-env</command> action (e.g., an upgraded package turned
out not to work properly), you can go back:
<screen>
$ nix-env --rollback</screen>
</para></step>
<step><para>You should periodically run the Nix garbage collector
to get rid of unused packages, since uninstalls or upgrades don't
actually delete them:
<screen>
$ nix-collect-garbage -d</screen>
<!--
The first command deletes old “generations” of your profile (making
rollbacks impossible, but also making the packages in those old
generations available for garbage collection), while the second
command actually deletes them.-->
</para></step>
</procedure>
</chapter>

52
third_party/nix/doc/manual/manual.xml vendored
View file

@ -1,52 +0,0 @@
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0">
<info>
<title>Nix Package Manager Guide</title>
<subtitle>Version <xi:include href="version.txt" parse="text" /></subtitle>
<author>
<personname>
<firstname>Eelco</firstname>
<surname>Dolstra</surname>
</personname>
<contrib>Author</contrib>
</author>
<copyright>
<year>2004-2018</year>
<holder>Eelco Dolstra</holder>
</copyright>
</info>
<!--
<preface>
<title>Preface</title>
<para>This manual describes how to set up and use the Nix package
manager.</para>
</preface>
-->
<xi:include href="introduction/introduction.xml" />
<xi:include href="installation/installation.xml" />
<xi:include href="installation/upgrading.xml" />
<xi:include href="packages/package-management.xml" />
<xi:include href="expressions/writing-nix-expressions.xml" />
<xi:include href="advanced-topics/advanced-topics.xml" />
<xi:include href="command-ref/command-ref.xml" />
<xi:include href="glossary/glossary.xml" />
<xi:include href="hacking.xml" />
<xi:include href="release-notes/release-notes.xml" />
<!--
<appendix>
<title>Nix Release Notes</title>
<xi:include href="release-notes/release-notes.xml"
xpointer="xmlns(x=http://docbook.org/ns/docbook)xpointer(x:article/x:section)" />
</appendix>
-->
</book>

182
third_party/nix/doc/manual/nix-lang-ref.xml vendored
View file

@ -1,182 +0,0 @@
<appendix>
<title>Nix Language Reference</title>
<sect1>
<title>Grammar</title>
<productionset>
<title>Expressions</title>
<production id="nix.expr">
<lhs>Expr</lhs>
<rhs>
<nonterminal def="#nix.expr_function" />
</rhs>
</production>
<production id="nix.expr_function">
<lhs>ExprFunction</lhs>
<rhs>
'{' <nonterminal def="#nix.formals" /> '}' ':' <nonterminal def="#nix.expr_function" />
<sbr />|
<nonterminal def="#nix.expr_assert" />
</rhs>
</production>
<production id="nix.expr_assert">
<lhs>ExprAssert</lhs>
<rhs>
'assert' <nonterminal def="#nix.expr" /> ';' <nonterminal def="#nix.expr_assert" />
<sbr />|
<nonterminal def="#nix.expr_if" />
</rhs>
</production>
<production id="nix.expr_if">
<lhs>ExprIf</lhs>
<rhs>
'if' <nonterminal def="#nix.expr" /> 'then' <nonterminal def="#nix.expr" />
'else' <nonterminal def="#nix.expr" />
<sbr />|
<nonterminal def="#nix.expr_op" />
</rhs>
</production>
<production id="nix.expr_op">
<lhs>ExprOp</lhs>
<rhs>
'!' <nonterminal def="#nix.expr_op" />
<sbr />|
<nonterminal def="#nix.expr_op" /> '==' <nonterminal def="#nix.expr_op" />
<sbr />|
<nonterminal def="#nix.expr_op" /> '!=' <nonterminal def="#nix.expr_op" />
<sbr />|
<nonterminal def="#nix.expr_op" /> '&amp;&amp;' <nonterminal def="#nix.expr_op" />
<sbr />|
<nonterminal def="#nix.expr_op" /> '||' <nonterminal def="#nix.expr_op" />
<sbr />|
<nonterminal def="#nix.expr_op" /> '->' <nonterminal def="#nix.expr_op" />
<sbr />|
<nonterminal def="#nix.expr_op" /> '//' <nonterminal def="#nix.expr_op" />
<sbr />|
<nonterminal def="#nix.expr_op" /> '~' <nonterminal def="#nix.expr_op" />
<sbr />|
<nonterminal def="#nix.expr_op" /> '?' <nonterminal def="#nix.id" />
<sbr />|
<nonterminal def="#nix.expr_app" />
</rhs>
</production>
<production id="nix.expr_app">
<lhs>ExprApp</lhs>
<rhs>
<nonterminal def="#nix.expr_app" /> '.' <nonterminal def="#nix.expr_select" />
<sbr />|
<nonterminal def="#nix.expr_select" />
</rhs>
</production>
<production id="nix.expr_select">
<lhs>ExprSelect</lhs>
<rhs>
<nonterminal def="#nix.expr_select" /> <nonterminal def="#nix.id" />
<sbr />|
<nonterminal def="#nix.expr_simple" />
</rhs>
</production>
<production id="nix.expr_simple">
<lhs>ExprSimple</lhs>
<rhs>
<nonterminal def="#nix.id" /> |
<nonterminal def="#nix.int" /> |
<nonterminal def="#nix.str" /> |
<nonterminal def="#nix.path" /> |
<nonterminal def="#nix.uri" />
<sbr />|
'true' | 'false' | 'null'
<sbr />|
'(' <nonterminal def="#nix.expr" /> ')'
<sbr />|
'{' <nonterminal def="#nix.bind" />* '}'
<sbr />|
'let' '{' <nonterminal def="#nix.bind" />* '}'
<sbr />|
'rec' '{' <nonterminal def="#nix.bind" />* '}'
<sbr />|
'[' <nonterminal def="#nix.expr_select" />* ']'
</rhs>
</production>
<production id="nix.bind">
<lhs>Bind</lhs>
<rhs>
<nonterminal def="#nix.id" /> '=' <nonterminal def="#nix.expr" /> ';'
<sbr />|
'inherit' ('(' <nonterminal def="#nix.expr" /> ')')? <nonterminal def="#nix.id" />* ';'
</rhs>
</production>
<production id="nix.formals">
<lhs>Formals</lhs>
<rhs>
<nonterminal def="#nix.formal" /> ',' <nonterminal def="#nix.formals" />
| <nonterminal def="#nix.formal" />
</rhs>
</production>
<production id="nix.formal">
<lhs>Formal</lhs>
<rhs>
<nonterminal def="#nix.id" />
<sbr />|
<nonterminal def="#nix.id" /> '?' <nonterminal def="#nix.expr" />
</rhs>
</production>
</productionset>
<productionset>
<title>Terminals</title>
<production id="nix.id">
<lhs>Id</lhs>
<rhs>[a-zA-Z\_][a-zA-Z0-9\_\']*</rhs>
</production>
<production id="nix.int">
<lhs>Int</lhs>
<rhs>[0-9]+</rhs>
</production>
<production id="nix.str">
<lhs>Str</lhs>
<rhs>\"[^\n\"]*\"</rhs>
</production>
<production id="nix.path">
<lhs>Path</lhs>
<rhs>[a-zA-Z0-9\.\_\-\+]*(\/[a-zA-Z0-9\.\_\-\+]+)+</rhs>
</production>
<production id="nix.uri">
<lhs>Uri</lhs>
<rhs>[a-zA-Z][a-zA-Z0-9\+\-\.]*\:[a-zA-Z0-9\%\/\?\:\@\&amp;\=\+\$\,\-\_\.\!\~\*\']+</rhs>
</production>
<production id="nix.ws">
<lhs>Whitespace</lhs>
<rhs>
[ \t\n]+
<sbr />|
\#[^\n]*
<sbr />|
\/\*(.|\n)*\*\/
</rhs>
</production>
</productionset>
</sect1>
</appendix>

Some files were not shown because too many files have changed in this diff Show more