aboutsummaryrefslogtreecommitdiff
path: root/perl/lib/Nix/Config.pm.in
AgeCommit message (Collapse)Author
2019-11-26Clean up the configure scriptEelco Dolstra
2017-07-30Replace Unicode quotes in user-facing strings by ASCIIJörg Thalheim
Relevant RFC: NixOS/rfcs#4 $ ag -l | xargs sed -i -e "/\"/s/’/'/g;/\"/s/‘/'/g"
2017-04-13Convert Settings to the new config systemEelco Dolstra
This makes all config options self-documenting. Unknown or unparseable config settings and --option flags now cause a warning.
2017-03-31Merge branch 'remove-perl' of https://github.com/shlevy/nixEelco Dolstra
2017-03-21Restore cache.nixos.org as the default substituterEelco Dolstra
Fixes #1283.
2017-02-07Add nix-perl package for the perl bindingsShea Levy
2016-11-26Revert "Get rid of unicode quotes (#1140)"Eelco Dolstra
This reverts commit f78126bfd6b6c8477fcdbc09b2f98772dbe9a1e7. There really is no need for such a massive change...
2016-11-25Get rid of unicode quotes (#1140)Guillaume Maudoux
2016-05-04Remove OpenSSL-based signingEelco Dolstra
2016-04-11Remove manifest supportEelco Dolstra
Manifests have been superseded by binary caches for years. This also gets rid of nix-pull, nix-generate-patches and bsdiff/bspatch.
2015-06-01Include the cache.nixos.org signing key by defaultEelco Dolstra
2015-02-04Use libsodium instead of OpenSSL for binary cache signingEelco Dolstra
Sodium's Ed25519 signatures are much shorter than OpenSSL's RSA signatures. Public keys are also much shorter, so they're now specified directly in the nix.conf option ‘binary-cache-public-keys’. The new command ‘nix-store --generate-binary-cache-key’ generates and prints a public and secret key.
2014-08-20Use proper quotes everywhereEelco Dolstra
2014-01-21Merge branch 'master' into makeEelco Dolstra
Conflicts: src/libexpr/eval.cc
2014-01-08Support cryptographically signed binary cachesEelco Dolstra
NAR info files in binary caches can now have a cryptographic signature that Nix will verify before using the corresponding NAR file. To create a private/public key pair for signing and verifying a binary cache, do: $ openssl genrsa -out ./cache-key.sec 2048 $ openssl rsa -in ./cache-key.sec -pubout > ./cache-key.pub You should also come up with a symbolic name for the key, such as "cache.example.org-1". This will be used by clients to look up the public key. (It's a good idea to number keys, in case you ever need to revoke/replace one.) To create a binary cache signed with the private key: $ nix-push --dest /path/to/binary-cache --key ./cache-key.sec --key-name cache.example.org-1 The public key (cache-key.pub) should be distributed to the clients. They should have a nix.conf should contain something like: signed-binary-caches = * binary-cache-public-key-cache.example.org-1 = /path/to/cache-key.pub If all works well, then if Nix fetches something from the signed binary cache, you will see a message like: *** Downloading ‘http://cache.example.org/nar/7dppcj5sc1nda7l54rjc0g5l1hamj09j-subversion-1.7.11’ (signed by ‘cache.example.org-1’) to ‘/nix/store/7dppcj5sc1nda7l54rjc0g5l1hamj09j-subversion-1.7.11’... On the other hand, if the signature is wrong, you get a message like NAR info file `http://cache.example.org/7dppcj5sc1nda7l54rjc0g5l1hamj09j.narinfo' has an invalid signature; ignoring Signatures are implemented as a single line appended to the NAR info file, which looks like this: Signature: 1;cache.example.org-1;HQ9Xzyanq9iV...muQ== Thus the signature has 3 fields: a version (currently "1"), the ID of key, and the base64-encoded signature of the SHA-256 hash of the contents of the NAR info file up to but not including the Signature line. Issue #75.
2013-11-25Add a Makefile for the Perl stuffEelco Dolstra
2012-07-30Pass configuration settings to the substitutersEelco Dolstra
Previously substituters could read nix.conf themselves, but this didn't take --option flags into account.
2012-07-11Set the User-Agent header to "Nix/<version>"Eelco Dolstra
2012-07-09download-from-binary-cache: add nix.conf optionsEelco Dolstra
2012-06-29First attempt at the manifest-less substituterEelco Dolstra
2012-06-29Use XZ compression in binary cachesEelco Dolstra
XZ compresses significantly better than bzip2. Here are the compression ratios and execution times (using 4 cores in parallel) on my /var/run/current-system (3.1 GiB): bzip2: total compressed size 849.56 MiB, 30.8% [2m08] xz -6: total compressed size 641.84 MiB, 23.4% [6m53] xz -7: total compressed size 621.82 MiB, 22.6% [7m19] xz -8: total compressed size 599.33 MiB, 21.8% [7m18] xz -9: total compressed size 588.18 MiB, 21.4% [7m40] Note that compression takes much longer. More importantly, however, decompression is much faster: bzip2: 1m47.274s xz -6: 0m55.446s xz -7: 0m54.119s xz -8: 0m52.388s xz -9: 0m51.842s The only downside to using -9 is that decompression takes a fair amount (~65 MB) of memory.
2012-05-10Support building with the Perl XS bindings disabledEelco Dolstra
Since the Perl bindings require shared libraries, this is required on platforms such as Cygwin where we do a static build.
2012-01-03* Add a test for nix-channel.Eelco Dolstra
* Refactor the nix-channel unpacker a bit.
2011-11-23* build-remote.pl: drop a hard-coded reference to /nix/etc/nix.Eelco Dolstra
2011-10-10* Install NixManifest.pm, NixConfig.pm and GeneratePatches.pm underEelco Dolstra
the Nix:: namespace.