mirror of
https://github.com/NixOS/nix.git
synced 2024-11-27 01:02:34 +00:00
182 lines
7.2 KiB
Plaintext
182 lines
7.2 KiB
Plaintext
### Option `gc-keep-outputs'
|
|
#
|
|
# If `true', the garbage collector will keep the outputs of
|
|
# non-garbage derivations. If `false' (default), outputs will be
|
|
# deleted unless they are GC roots themselves (or reachable from other
|
|
# roots).
|
|
#
|
|
# In general, outputs must be registered as roots separately.
|
|
# However, even if the output of a derivation is registered as a root,
|
|
# the collector will still delete store paths that are used only at
|
|
# build time (e.g., the C compiler, or source tarballs downloaded from
|
|
# the network). To prevent it from doing so, set this option to
|
|
# `true'.
|
|
#gc-keep-outputs = false
|
|
|
|
|
|
### Option `gc-keep-derivations'
|
|
#
|
|
# If `true' (default), the garbage collector will keep the derivations
|
|
# from which non-garbage store paths were built. If `false', they
|
|
# will be deleted unless explicitly registered as a root (or reachable
|
|
# from other roots).
|
|
#
|
|
# Keeping derivation around is useful for querying and traceability
|
|
# (e.g., it allows you to ask with what dependencies or options a
|
|
# store path was built), so by default this option is on. Turn it off
|
|
# to safe a bit of disk space (or a lot if `gc-keep-outputs' is also
|
|
# turned on).
|
|
#gc-keep-derivations = true
|
|
|
|
|
|
### Option `env-keep-derivations'
|
|
#
|
|
# If `false' (default), derivations are not stored in Nix user
|
|
# environments. That is, the derivation any build-time-only
|
|
# dependencies may be garbage-collected.
|
|
#
|
|
# If `true', when you add a Nix derivation to a user environment, the
|
|
# path of the derivation is stored in the user environment. Thus, the
|
|
# derivation will not be garbage-collected until the user environment
|
|
# generation is deleted (`nix-env --delete-generations'). To prevent
|
|
# build-time-only dependencies from being collected, you should also
|
|
# turn on `gc-keep-outputs'.
|
|
#
|
|
# The difference between this option and `gc-keep-derivations' is that
|
|
# this one is `sticky': it applies to any user environment created
|
|
# while this option was enabled, while `gc-keep-derivations' only
|
|
# applies at the moment the garbage collector is run.
|
|
#env-keep-derivations = false
|
|
|
|
|
|
### Option `build-max-jobs'
|
|
#
|
|
# This option defines the maximum number of jobs that Nix will try to
|
|
# build in parallel. The default is 1. You should generally set it
|
|
# to the number of CPUs in your system (e.g., 2 on a Athlon 64 X2).
|
|
# It can be overriden using the `--max-jobs' / `-j' command line
|
|
# switch.
|
|
#build-max-jobs = 1
|
|
|
|
|
|
### Option `build-cores'
|
|
#
|
|
# This option defines the number of CPU cores to utilize in parallel
|
|
# within a build job, i.e. by passing an appropriate `-jN' flag to GNU
|
|
# Make. The default is 1, meaning that parallel building within jobs
|
|
# is disabled. Passing the special value `0' causes Nix to try and
|
|
# auto-detect the number of available cores on the local host. This
|
|
# setting can be overridden using the `--cores' command line switch.
|
|
#build-cores = 1
|
|
|
|
|
|
### Option `build-max-silent-time'
|
|
#
|
|
# This option defines the maximum number of seconds that a builder can
|
|
# go without producing any data on standard output or standard error.
|
|
# This is useful (for instance in a automated build system) to catch
|
|
# builds that are stuck in an infinite loop, or to catch remote builds
|
|
# that are hanging due to network problems. It can be overriden using
|
|
# the `--max-silent-time' command line switch.
|
|
#
|
|
# The value 0 means that there is no timeout. This is also the
|
|
# default.
|
|
#
|
|
# Example:
|
|
# build-max-silent-time = 600 # = 10 minutes
|
|
#build-max-silent-time = 0
|
|
|
|
|
|
### Option `build-users-group'
|
|
#
|
|
# This options specifies the Unix group containing the Nix build user
|
|
# accounts. In multi-user Nix installations, builds should not
|
|
# be performed by the Nix account since that would allow users to
|
|
# arbitrarily modify the Nix store and database by supplying specially
|
|
# crafted builders; and they cannot be performed by the calling user
|
|
# since that would allow him/her to influence the build result.
|
|
#
|
|
# Therefore, if this option is non-empty and specifies a valid group,
|
|
# builds will be performed under the user accounts that are a member
|
|
# of the group specified here (as listed in /etc/group). Those user
|
|
# accounts should not be used for any other purpose!
|
|
#
|
|
# Nix will never run two builds under the same user account at the
|
|
# same time. This is to prevent an obvious security hole: a malicious
|
|
# user writing a Nix expression that modifies the build result of a
|
|
# legitimate Nix expression being built by another user. Therefore it
|
|
# is good to have as many Nix build user accounts as you can spare.
|
|
# (Remember: uids are cheap.)
|
|
#
|
|
# The build users should have permission to create files in the Nix
|
|
# store, but not delete them. Therefore, /nix/store should be owned
|
|
# by the Nix account, its group should be the group specified here,
|
|
# and its mode should be 1775.
|
|
#
|
|
# If the build users group is empty, builds will be performed under
|
|
# the uid of the Nix process (that is, the uid of the caller if
|
|
# $NIX_REMOTE is empty, the uid under which the Nix daemon runs if
|
|
# $NIX_REMOTE is `daemon', or the uid that owns the setuid nix-worker
|
|
# program if $NIX_REMOTE is `slave'). Obviously, this should not be
|
|
# used in multi-user settings with untrusted users.
|
|
#
|
|
# The default is empty.
|
|
#
|
|
# Example:
|
|
# build-users-group = nix-builders
|
|
#build-users-group =
|
|
|
|
|
|
### Option `build-use-chroot'
|
|
#
|
|
# If set to `true', builds will be performed in a chroot environment,
|
|
# i.e., the build will be isolated from the normal file system
|
|
# hierarchy and will only see the Nix store, the temporary build
|
|
# directory, and the directories configured with the
|
|
# `build-chroot-dirs' option (such as /proc and /dev). This is useful
|
|
# to prevent undeclared dependencies on files in directories such as
|
|
# /usr/bin.
|
|
#
|
|
# The use of a chroot requires that Nix is run as root (but you can
|
|
# still use the "build users" feature to perform builds under
|
|
# different users than root). Currently, chroot builds only work on
|
|
# Linux because Nix uses "bind mounts" to make the Nix store and other
|
|
# directories available inside the chroot.
|
|
#
|
|
# The default is `false'.
|
|
#
|
|
# Example:
|
|
# build-use-chroot = true
|
|
#build-use-chroot = false
|
|
|
|
|
|
### Option `build-chroot-dirs'
|
|
#
|
|
# When builds are performed in a chroot environment, Nix will mount
|
|
# (using `mount --bind' on Linux) some directories from the normal
|
|
# file system hierarchy inside the chroot. These are the Nix store,
|
|
# the temporary build directory (usually /tmp/nix-<pid>-<number>) and
|
|
# the directories listed here. The default is "/dev /dev/pts /proc".
|
|
# Files in /dev (such as /dev/null) are needed by many builds, and
|
|
# some files in /proc may also be needed occasionally.
|
|
#
|
|
# Example:
|
|
# build-use-chroot = /dev /proc /bin
|
|
#build-chroot-dirs = /dev /dev/pts /proc
|
|
|
|
|
|
### Option `build-cache-failure'
|
|
#
|
|
# If this option is enabled, Nix will do negative caching; that is, it
|
|
# will remember failed builds, and won't attempt to try to build them
|
|
# again if you ask for it. Negative caching is disabled by default
|
|
# because Nix cannot distinguish between permanent build errors (e.g.,
|
|
# a syntax error in a source file) and transient build errors (e.g., a
|
|
# full disk), as they both cause the builder to return a non-zero exit
|
|
# code. You can clear the cache by doing `rm -f
|
|
# /nix/var/nix/db/failed/*'.
|
|
#
|
|
# Example:
|
|
# build-cache-failure = true
|
|
#build-cache-failure = false
|