start plumbing in fetch_and_unpack_nix_substituter

src/action/base/fetch_and_unpack_nix_substituter.rs

@@ -12,6 +12,7 @@ use tracing::{span, Span};
 use crate::{
     action::{Action, ActionDescription, ActionError, ActionErrorKind, ActionTag, StatefulAction},
     parse_ssl_cert,
+    settings::UrlOrPath,
 };
 
 /// Fetch an output and its dependencies from a set of substituters,
@@ -50,13 +51,17 @@ const STORE_DIR: &str = "/nix/store/";
 impl FetchAndUnpackNixSubstituter {
     #[tracing::instrument(level = "debug", skip_all)]
     pub async fn plan(
-        target: PathBuf,
+        target: UrlOrPath,
         dest: PathBuf,
         trusted_keys: Vec<String>,
         substituters: Vec<Url>,
         proxy: Option<Url>,
         ssl_cert_file: Option<PathBuf>,
     ) -> Result<StatefulAction<Self>, ActionError> {
+        let UrlOrPath::Path(target_path) = target else {
+            return Err(Self::error(SubstitutionError::InvalidStorePath));
+        };
+
         let trusted_keys_parsed = trusted_keys
             .iter()
             .map(|key| parse_key(key))
@@ -75,7 +80,7 @@ impl FetchAndUnpackNixSubstituter {
         }
 
         Ok(Self {
-            target: StorePath::from_path(&target)
+            target: StorePath::from_path(&target_path)
                 .ok_or_else(|| Self::error(SubstitutionError::InvalidStorePath))?,
             trusted_keys: trusted_keys_parsed,
             dest,

src/action/common/provision_nix.rs

@@ -3,19 +3,52 @@ use tracing::{span, Span};
 use super::CreateNixTree;
 use crate::{
     action::{
-        base::{FetchAndUnpackNix, MoveUnpackedNix},
+        base::{FetchAndUnpackNix, FetchAndUnpackNixSubstituter, MoveUnpackedNix},
         Action, ActionDescription, ActionError, ActionErrorKind, ActionTag, StatefulAction,
     },
     settings::{CommonSettings, SCRATCH_DIR},
 };
 use std::path::PathBuf;
 
+#[derive(Debug, serde::Deserialize, serde::Serialize, Clone)]
+pub enum FetchNix {
+    FromTarball(StatefulAction<FetchAndUnpackNix>),
+    FromSubstituter(StatefulAction<FetchAndUnpackNixSubstituter>),
+}
+
+impl FetchNix {
+    pub async fn try_execute(&mut self) -> Result<(), ActionError> {
+        match self {
+            FetchNix::FromTarball(action) => action.try_execute().await,
+            FetchNix::FromSubstituter(action) => action.try_execute().await,
+        }
+    }
+    pub fn describe_execute(&self) -> Vec<ActionDescription> {
+        match self {
+            FetchNix::FromTarball(action) => action.describe_execute(),
+            FetchNix::FromSubstituter(action) => action.describe_execute(),
+        }
+    }
+    pub async fn try_revert(&mut self) -> Result<(), ActionError> {
+        match self {
+            FetchNix::FromTarball(action) => action.try_revert().await,
+            FetchNix::FromSubstituter(action) => action.try_revert().await,
+        }
+    }
+    pub fn describe_revert(&self) -> Vec<ActionDescription> {
+        match self {
+            FetchNix::FromTarball(action) => action.describe_revert(),
+            FetchNix::FromSubstituter(action) => action.describe_revert(),
+        }
+    }
+}
+
 /**
 Place Nix and it's requirements onto the target
  */
 #[derive(Debug, serde::Deserialize, serde::Serialize, Clone)]
 pub struct ProvisionNix {
-    fetch_nix: StatefulAction<FetchAndUnpackNix>,
+    fetch_nix: FetchNix,
     create_nix_tree: StatefulAction<CreateNixTree>,
     move_unpacked_nix: StatefulAction<MoveUnpackedNix>,
 }
@@ -23,13 +56,29 @@ pub struct ProvisionNix {
 impl ProvisionNix {
     #[tracing::instrument(level = "debug", skip_all)]
     pub async fn plan(settings: &CommonSettings) -> Result<StatefulAction<Self>, ActionError> {
-        let fetch_nix = FetchAndUnpackNix::plan(
-            settings.nix_package_url.clone(),
-            PathBuf::from(SCRATCH_DIR),
-            settings.proxy.clone(),
-            settings.ssl_cert_file.clone(),
-        )
-        .await?;
+        let fetch_nix = if settings.use_substituters {
+            FetchNix::FromSubstituter(
+                FetchAndUnpackNixSubstituter::plan(
+                    settings.nix_package_url.clone(),
+                    PathBuf::from(SCRATCH_DIR),
+                    settings.substituter_trusted_keys.clone(),
+                    settings.substituters.clone(),
+                    settings.proxy.clone(),
+                    settings.ssl_cert_file.clone(),
+                )
+                .await?,
+            )
+        } else {
+            FetchNix::FromTarball(
+                FetchAndUnpackNix::plan(
+                    settings.nix_package_url.clone(),
+                    PathBuf::from(SCRATCH_DIR),
+                    settings.proxy.clone(),
+                    settings.ssl_cert_file.clone(),
+                )
+                .await?,
+            )
+        };
 
         let create_nix_tree = CreateNixTree::plan().await.map_err(Self::error)?;
         let move_unpacked_nix = MoveUnpackedNix::plan(PathBuf::from(SCRATCH_DIR))

src/settings.rs

@@ -31,6 +31,14 @@ pub const LIX_AARCH64_DARWIN_URL: &str =
 
 // END GENERATE-URLS
 
+pub const LIX_DEFAULT_SUBSTITUTERS: &[&str; 2] =
+    &["https://cache.nixos.org", "https://cache.lix.systems"];
+
+pub const LIX_DEFAULT_SUBSTITUTER_KEYS: &[&str; 2] = &[
+    "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=",
+    "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=",
+];
+
 #[derive(Debug, serde::Deserialize, serde::Serialize, Clone, Copy, PartialEq, Eq)]
 #[cfg_attr(feature = "cli", derive(clap::ValueEnum))]
 pub enum InitSystem {
@@ -146,6 +154,24 @@ pub struct CommonSettings {
     )]
     pub nix_build_user_id_base: u32,
 
+    /// Substituters used to download Lix, when enabled
+    #[cfg_attr(
+        feature = "cli",
+        clap(long, env = "NIX_INSTALLER_SUBSTITUTERS", default_values = LIX_DEFAULT_SUBSTITUTERS)
+    )]
+    pub substituters: Vec<Url>,
+
+    /// Trusted signing keys for substituters
+    #[cfg_attr(
+        feature = "cli",
+        clap(long, env = "NIX_INSTALLER_TRUSTED_KEYS", default_values = LIX_DEFAULT_SUBSTITUTER_KEYS)
+    )]
+    pub substituter_trusted_keys: Vec<String>,
+
+    /// Download Lix from a substituter instead of an install tarball
+    #[cfg_attr(feature = "cli", clap(long, env = "NIX_INSTALLER_USE_SUBSTITUTER"))]
+    pub use_substituters: bool,
+
     /// The Nix package URL
     #[cfg_attr(
         feature = "cli",
@@ -289,6 +315,15 @@ impl CommonSettings {
             nix_build_user_id_base,
             nix_build_user_count,
             nix_build_user_prefix: nix_build_user_prefix.to_string(),
+            substituters: LIX_DEFAULT_SUBSTITUTERS
+                .iter()
+                .map(|s| s.parse())
+                .collect::<Result<Vec<_>, _>>()?,
+            substituter_trusted_keys: LIX_DEFAULT_SUBSTITUTER_KEYS
+                .iter()
+                .map(|s| s.to_string())
+                .collect(),
+            use_substituters: false,
             nix_package_url: url.parse()?,
             proxy: Default::default(),
             extra_conf: Default::default(),
@@ -307,6 +342,9 @@ impl CommonSettings {
             nix_build_user_prefix,
             nix_build_user_id_base,
             nix_build_user_count,
+            substituters,
+            substituter_trusted_keys,
+            use_substituters,
             nix_package_url,
             proxy,
             extra_conf,
@@ -340,6 +378,15 @@ impl CommonSettings {
             "nix_build_user_count".into(),
             serde_json::to_value(nix_build_user_count)?,
         );
+        map.insert("substituters".into(), serde_json::to_value(substituters)?);
+        map.insert(
+            "substituter_trusted_keys".into(),
+            serde_json::to_value(substituter_trusted_keys)?,
+        );
+        map.insert(
+            "use_substituters".into(),
+            serde_json::to_value(use_substituters)?,
+        );
         map.insert(
             "nix_package_url".into(),
             serde_json::to_value(nix_package_url)?,
@@ -677,4 +724,4 @@ mod tests {
         );
         Ok(())
     }
-}
+}