-
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
extract reference documentation on remote builds
- move all reference documentation to the `builders` configuration setting - reword documentation on machine specification, add examples - disable showing the default value, as it rendered as `@/dummy/machines`, which is wrong - highlight the examples
- Loading branch information
1 parent
84fe429
commit efa204f
Showing
2 changed files
with
123 additions
and
95 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -36,16 +36,9 @@ error: cannot connect to 'mac' | |
| then you need to ensure that the `PATH` of non-interactive login shells | ||
| contains Nix. | ||
|
|
||
| > **Warning** | ||
| > | ||
| > If you are building via the Nix daemon, it is the Nix daemon user account (that is, `root`) that should have SSH access to a user (not necessarily `root`) on the remote machine. | ||
| > | ||
| > If you can’t or don’t want to configure `root` to be able to access the remote machine, you can use a private Nix store instead by passing e.g. `--store ~/my-nix` when running a Nix command from the local machine. | ||
| The list of remote machines can be specified on the command line or in | ||
| the Nix configuration file. The former is convenient for testing. For | ||
| example, the following command allows you to build a derivation for | ||
| `x86_64-darwin` on a Linux machine: | ||
| The [list of remote machines](@docroot@/command-ref/conf-file.md#conf-builders) can be specified on the command line or in the Nix configuration file. | ||
| The former is convenient for testing. | ||
| For example, the following command allows you to build a derivation for `x86_64-darwin` on a Linux machine: | ||
|
|
||
| ```console | ||
| $ uname | ||
|
|
@@ -60,97 +53,20 @@ $ cat ./result | |
| Darwin | ||
| ``` | ||
|
|
||
| It is possible to specify multiple builders separated by a semicolon or | ||
| a newline, e.g. | ||
| It is possible to specify multiple builders separated by a semicolon or a newline, e.g. | ||
|
|
||
| ```console | ||
| --builders 'ssh://mac x86_64-darwin ; ssh://beastie x86_64-freebsd' | ||
| ``` | ||
|
|
||
| Each machine specification consists of the following elements, separated | ||
| by spaces. Only the first element is required. To leave a field at its | ||
| default, set it to `-`. | ||
|
|
||
| 1. The URI of the remote store in the format | ||
| `ssh://[username@]hostname`, e.g. `ssh://nix@mac` or `ssh://mac`. | ||
| For backward compatibility, `ssh://` may be omitted. The hostname | ||
| may be an alias defined in your `~/.ssh/config`. | ||
|
|
||
| 2. A comma-separated list of Nix platform type identifiers, such as | ||
| `x86_64-darwin`. It is possible for a machine to support multiple | ||
| platform types, e.g., `i686-linux,x86_64-linux`. If omitted, this | ||
| defaults to the local platform type. | ||
|
|
||
| 3. The SSH identity file to be used to log in to the remote machine. If | ||
| omitted, SSH will use its regular identities. | ||
|
|
||
| 4. The maximum number of builds that Nix will execute in parallel on | ||
| the machine. Typically this should be equal to the number of CPU | ||
| cores. For instance, the machine `itchy` in the example will execute | ||
| up to 8 builds in parallel. | ||
|
|
||
| 5. The “speed factor”, indicating the relative speed of the machine. If | ||
| there are multiple machines of the right type, Nix will prefer the | ||
| fastest, taking load into account. | ||
|
|
||
| 6. A comma-separated list of *supported features*. If a derivation has | ||
| the `requiredSystemFeatures` attribute, then Nix will only perform | ||
| the derivation on a machine that has the specified features. For | ||
| instance, the attribute | ||
|
|
||
| ```nix | ||
| requiredSystemFeatures = [ "kvm" ]; | ||
| ``` | ||
| will cause the build to be performed on a machine that has the `kvm` | ||
| feature. | ||
| 7. A comma-separated list of *mandatory features*. A machine will only | ||
| be used to build a derivation if all of the machine’s mandatory | ||
| features appear in the derivation’s `requiredSystemFeatures` | ||
| attribute. | ||
| 8. The (base64-encoded) public host key of the remote machine. If omitted, SSH | ||
| will use its regular known-hosts file. Specifically, the field is calculated | ||
| via `base64 -w0 /etc/ssh/ssh_host_ed25519_key.pub`. | ||
| For example, the machine specification | ||
| [email protected] i686-linux /home/nix/.ssh/id_scratchy_auto 8 1 kvm | ||
| [email protected] i686-linux /home/nix/.ssh/id_scratchy_auto 8 2 | ||
| [email protected] i686-linux /home/nix/.ssh/id_scratchy_auto 1 2 kvm benchmark | ||
| specifies several machines that can perform `i686-linux` builds. | ||
| However, `poochie` will only do builds that have the attribute | ||
| ```nix | ||
| requiredSystemFeatures = [ "benchmark" ]; | ||
| ``` | ||
|
|
||
| or | ||
|
|
||
| ```nix | ||
| requiredSystemFeatures = [ "benchmark" "kvm" ]; | ||
| ``` | ||
|
|
||
| `itchy` cannot do builds that require `kvm`, but `scratchy` does support | ||
| such builds. For regular builds, `itchy` will be preferred over | ||
| `scratchy` because it has a higher speed factor. | ||
|
|
||
| Remote builders can also be configured in `nix.conf`, e.g. | ||
| Remote builders can also be configured in [`nix.conf`](@docroot@/command-ref/conf-file.md), e.g. | ||
|
|
||
| builders = ssh://mac x86_64-darwin ; ssh://beastie x86_64-freebsd | ||
|
|
||
| Finally, remote builders can be configured in a separate configuration | ||
| file included in `builders` via the syntax `@file`. For example, | ||
| file included in `builders` via the syntax `@/path/to/file`. For example, | ||
|
|
||
| builders = @/etc/nix/machines | ||
|
|
||
| causes the list of machines in `/etc/nix/machines` to be included. (This | ||
| is the default.) | ||
|
|
||
| If you want the builders to use caches, you likely want to set the | ||
| option `builders-use-substitutes` in your local `nix.conf`. | ||
|
|
||
| To build only on remote builders and disable building on the local | ||
| machine, you can use the option `--max-jobs 0`. | ||
| causes the list of machines in `/etc/nix/machines` to be included. | ||
| (This is the default.) | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -261,9 +261,121 @@ public: | |
| Setting<std::string> builders{ | ||
| this, "@" + nixConfDir + "/machines", "builders", | ||
| R"( | ||
| A semicolon-separated list of build machines. | ||
| For the exact format and examples, see [the manual chapter on remote builds](../advanced-topics/distributed-builds.md) | ||
| )"}; | ||
| A semicolon- or newline-separated list of build machines. | ||
| In addition to the [usual ways of setting configuration options](@docroot@/command-ref/conf-file.md), the value can be read from a file by prefixing its absolute path with `@`. | ||
| > **Example** | ||
| > | ||
| > This is the default setting: | ||
| > | ||
| > ``` | ||
| > builders = @/etc/nix/machines | ||
| > ``` | ||
| Each machine specification consists of the following elements, separated by spaces. | ||
| Only the first element is required. | ||
| To leave a field at its default, set it to `-`. | ||
| 1. The URI of the remote store in the format `ssh://[username@]hostname`. | ||
| > **Example** | ||
| > | ||
| > `ssh://nix@mac` | ||
| For backward compatibility, `ssh://` may be omitted. | ||
| The hostname may be an alias defined in `~/.ssh/config`. | ||
| 2. A comma-separated list of [Nix system types](@docroot@/contributing/hacking.md#system-type). | ||
| If omitted, this defaults to the local platform type. | ||
| > **Example** | ||
| > | ||
| > `aarch64-darwin` | ||
| It is possible for a machine to support multiple platform types. | ||
| > **Example** | ||
| > | ||
| > `i686-linux,x86_64-linux` | ||
| 3. The SSH identity file to be used to log in to the remote machine. | ||
| If omitted, SSH will use its regular identities. | ||
| > **Example** | ||
| > | ||
| > `/home/user/.ssh/id_mac` | ||
| 4. The maximum number of builds that Nix will execute in parallel on the machine. | ||
| Typically this should be equal to the number of CPU cores. | ||
| 5. The “speed factor”, indicating the relative speed of the machine as a positive integer. | ||
| If there are multiple machines of the right type, Nix will prefer the fastest, taking load into account. | ||
| 6. A comma-separated list of supported [system features](#conf-system-features). | ||
| A machine will only be used to build a derivation if all the features in the derivation's [`requiredSystemFeatures`](@docroot@/language/advanced-attributes.html#adv-attr-requiredSystemFeatures) attribute are supported by that machine. | ||
| 7. A comma-separated list of required [system features](#conf-system-features). | ||
| A machine will only be used to build a derivation if all of the machine’s required features appear in the derivation’s [`requiredSystemFeatures`](@docroot@/language/advanced-attributes.html#adv-attr-requiredSystemFeatures) attribute. | ||
| 8. The (base64-encoded) public host key of the remote machine. | ||
| If omitted, SSH will use its regular `known_hosts` file. | ||
| The value for this field can be obtained via `base64 -w0`. | ||
| > **Example** | ||
| > | ||
| > Multiple builders specified on the command line: | ||
| > | ||
| > ```console | ||
| > --builders 'ssh://mac x86_64-darwin ; ssh://beastie x86_64-freebsd' | ||
| > ``` | ||
| > **Example** | ||
| > | ||
| > This specifies several machines that can perform `i686-linux` builds: | ||
| > | ||
| > ``` | ||
| > [email protected] i686-linux /home/nix/.ssh/id_scratchy 8 1 kvm | ||
| > [email protected] i686-linux /home/nix/.ssh/id_scratchy 8 2 | ||
| > [email protected] i686-linux /home/nix/.ssh/id_scratchy 1 2 kvm benchmark | ||
| > ``` | ||
| > | ||
| > However, `poochie` will only build derivations that have the attribute | ||
| > | ||
| > ```nix | ||
| > requiredSystemFeatures = [ "benchmark" ]; | ||
| > ``` | ||
| > | ||
| > or | ||
| > | ||
| > ```nix | ||
| > requiredSystemFeatures = [ "benchmark" "kvm" ]; | ||
| > ``` | ||
| > | ||
| > `itchy` cannot do builds that require `kvm`, but `scratchy` does support such builds. | ||
| > For regular builds, `itchy` will be preferred over `scratchy` because it has a higher speed factor. | ||
| For Nix to use substituters, the calling user must be in the [`trusted-users`](#conf-trusted-users) list. | ||
| > **Note** | ||
| > | ||
| > A build machine must be accessible via SSH and have Nix installed. | ||
| > `nix` must be available in `$PATH` for the user connecting over SSH. | ||
| > **Warning** | ||
| > | ||
| > If you are building via the Nix daemon (default), the Nix daemon user account on the local machine (that is, `root`) requires access to a user account on the remote machine (not necessarily `root`). | ||
| > | ||
| > If you can’t or don’t want to configure `root` to be able to access the remote machine, set [`store`](#conf-store) to any [local store](@docroot@/store/types/local-store.html), e.g. by passing `--store /tmp` to the command on the local machine. | ||
| To build only on remote machines and disable local builds, set [`max-jobs`](#conf-max-jobs) to 0. | ||
| If you want the remote machines to use substituters, set [`builders-use-substitutes`](#conf-builders-use-substituters) to `true`. | ||
| )", | ||
| {}, false}; | ||
|
|
||
| Setting<bool> alwaysAllowSubstitutes{ | ||
| this, false, "always-allow-substitutes", | ||
|
|
||