Commit graph

14735 commits

Author SHA1 Message Date
Valentin Gagarin e91d19db5f
be more serious about security risks with trusted users 2023-06-20 12:23:53 +02:00
Valentin Gagarin 68c6219343 clarify setting options on the command line 2023-06-20 12:13:32 +02:00
Valentin Gagarin bc7324e912 clarify read order for configuration settings 2023-06-20 12:13:26 +02:00
Eelco Dolstra b1352700c4
Merge pull request #8552 from edolstra/fix-eagain
GC server: Clear O_NONBLOCK on the right file descriptor
2023-06-20 12:12:53 +02:00
fricklerhandwerk 38bd1cc9bc split configuration file page into sections
this makes it easier to scan for specific information, such as the
format of command line flags
2023-06-20 12:11:01 +02:00
fricklerhandwerk f2b54e3b71 add links to environment variables documentation 2023-06-20 12:11:01 +02:00
Eelco Dolstra 6a74e88f51
Merge pull request #8548 from abathur/fix_uninstall_redirects
redirect old platform uninstall instruction links
2023-06-20 11:39:01 +02:00
Ben Radford 6ae35534b7
Support opening local store with database on read-only filesystem (#8356)
Previously it was not possible to open a local store when its database is on a read-only filesystem. Obviously a store on a read-only filesystem cannot be modified, but it would still be useful to be able to query it.

This change adds a new read-only setting to LocalStore. When set to true, Nix will skip operations that fail when the database is on a read-only filesystem (acquiring big-lock, schema migration, etc), and the store database will be opened in immutable mode.

Co-authored-by: Ben Radford <benradf@users.noreply.github.com>
Co-authored-by: cidkidnix <cidkidnix@protonmail.com>
Co-authored-by: Dylan Green <67574902+cidkidnix@users.noreply.github.com>
Co-authored-by: John Ericson <git@JohnEricson.me>
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2023-06-20 11:34:09 +02:00
Eelco Dolstra a6a75ecad8 GC server: Clear O_NONBLOCK on the right file descriptor
The bug fix in 6d30f9e6fe erroneously
cleared O_NONBLOCK on the server rather than client FD (leaving both
in an incorrect state).

Fixes #8551.
2023-06-20 11:19:14 +02:00
Travis A. Everett 33d3889831 redirect old platform uninstall instruction links
Uninstall instructions were moved to their own page in #8267. The
overall section link was redirected in #8286, but platform-specific
links (which I give out frequently when I triage installer trouble)
weren't included.
2023-06-19 15:17:50 -05:00
Silvan Mosberger 3910430b9d
Add more links in nix-build documentation (#8545)
* Add more links in nix-build documentation


Co-authored-by: John Ericson <git@JohnEricson.me>
2023-06-19 21:00:49 +02:00
Robert Hensing 3ee86307ab
Merge pull request #8547 from obsidiansystems/proto-cleanup-prep
Make a few changes in prepartion for deeper cleanup of the remote protocols
2023-06-19 20:56:24 +02:00
John Ericson 3859cf6b21 Remove unused #include from local-derivation-goal.cc
These were never needed for this file, and date back to before this was
split from `derivation-goal.cc`.
2023-06-19 12:18:04 -04:00
John Ericson 9f69b7dee9 Create worker_proto::{Read,Write}Conn
Pass this around instead of `Source &` and `Sink &` directly. This will
give us something to put the protocol version on once the time comes.

To do this ergonomically, we need to expose `RemoteStore::Connection`,
so do that too. Give it some more API docs while we are at it.
2023-06-19 12:08:23 -04:00
John Ericson 4e8b495ad7 Likewise namespace and enum struct-ify ServeCommand
The motivation is exactly the same as for the last commit. In addition,
this anticipates us formally defining separate serialisers for the serve
protocol.
2023-06-19 12:08:23 -04:00
John Ericson 95eae0c002 Put worker protocol items inside a WorkerProto struct
See API docs on that struct for why. The pasing as as template argument
doesn't yet happen in that commit, but will instead happen in later
commit.

Also make `WorkerOp` (now `Op`) and enum struct. This led us to catch
that two operations were not handled!

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-06-19 12:08:23 -04:00
John Ericson 469d06f9bc Split out worker protocol template definitions from declarations
This is generally a fine practice: Putting implementations in headers
makes them harder to read and slows compilation. Unfortunately it is
necessary for templates, but we can ameliorate that by putting them in a
separate header. Only files which need to instantiate those templates
will need to include the header with the implementation; the rest can
just include the declaration.

This is now documenting in the contributing guide.

Also, it just happens that these polymorphic serializers are the
protocol agnostic ones. (Worker and serve protocol have the same logic
for these container types.) This means by doing this general template
cleanup, we are also getting a head start on better indicating which
code is protocol-specific and which code is shared between protocols.
2023-06-19 11:45:59 -04:00
Eelco Dolstra f5e620bf2b
Merge pull request #8483 from edolstra/save-root
restoreMountNamespace(): Restore the original root directory
2023-06-19 12:54:05 +02:00
Eelco Dolstra 49288d6e40
Merge pull request #8542 from NixOS/maintainers-draft-prs
maintainers: add note on marking PRs as draft
2023-06-19 12:47:06 +02:00
Eelco Dolstra 0a80db5112
Merge pull request #8541 from NixOS/contributing-good-first-issues
CONTRIBUTING.md: add link to "good first issues"
2023-06-19 12:46:42 +02:00
Valentin Gagarin b6e74ea5a8
maintainers: add note on marking PRs as draft
as discussed with maintainers team
2023-06-19 10:55:34 +02:00
Valentin Gagarin 966e5dc991
CONTRIBUTING.md: add link to "good first issues" 2023-06-19 10:39:19 +02:00
Eelco Dolstra 8f6255b86a
Merge pull request #8524 from amjoseph-nixpkgs/pr/doc/linkify-allowed-uris
src/libexpr/eval.hh: add link for allowed-uris option
2023-06-19 06:59:07 +02:00
John Ericson c404623a1d
Clean up a few things related to profiles (#8526)
- Greatly expand API docs

- Clean up code in misc ways

  - Instead of a complicated single loop on generations, do different
    operations in successive subsequent steps.

  - Avoid `ref` in one place where `&` is fine

  - Just return path instead of mutating an argument in `makeName`

Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2023-06-19 04:04:59 +00:00
Valentin Gagarin 7bf17f8825
Add description for file system objects (#8500)
While this is not actually a notion in the implementation, it is
explicitly described in the thesis and quite important for understanding
how the store works.

Co-authored-by: John Ericson <git@JohnEricson.me>
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-06-18 23:45:08 -04:00
John Ericson 60d81b5163
Merge pull request #8472 from NixOS/nix-language-purpose
Refine wording on the purpose of the Nix language
2023-06-18 23:38:05 -04:00
Adam Joseph 6b06e97bde src/libexpr/eval.hh: add link for allowed-uris option
This commit adds a link to the documentation for `--option
allowed-uris` where that option is mentioned while describing
`restrict-eval`.
2023-06-18 23:36:32 -04:00
John Ericson d2ce2e89b1 Split OptionalPathSetting from PathSetting
Rather than doing `allowEmpty` as boolean, have separate types and use
`std::optional`. This makes it harder to forget the possibility of an
empty path.

The `build-hook` setting was categorized as a `PathSetting`, but
actually it was split into arguments. No good! Now, it is
`Setting<Strings>` which actually reflects what it means and how it is
used.

Because of the subtyping, we now also have support for
`Setting<std::optional<String>>` in general. I imagine this can be used
to clean up many more settings also.
2023-06-18 23:31:18 -04:00
John Ericson c8825e9d8c Create nlohmann serializers for std::optional and use
This is somewhat tricky.
2023-06-18 23:31:10 -04:00
Domen Kožar 3b0d8fd796
Merge pull request #8534 from ncfavier/ci
ci: bump install-nix-action, don't fail fast
2023-06-17 16:53:50 +01:00
Naïm Favier b931d83550
ci: bump install-nix-action, don't fail fast 2023-06-17 15:05:10 +02:00
Christina Sørensen 741f7837f8
Fix wikipedia links (#8533) 2023-06-17 09:06:17 +00:00
Eelco Dolstra e503eadafc
Merge pull request #8477 from edolstra/tarball-flake-redirects
Tarball flake improvements
2023-06-16 18:03:50 +02:00
Valentin Gagarin f695a74751
Update src/libstore/globals.hh 2023-06-16 17:58:01 +02:00
Eelco Dolstra b1ed9b4b0c
Apply suggestions from code review
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-06-16 16:48:37 +02:00
Eelco Dolstra cab03fb779 Add docs 2023-06-16 15:58:42 +02:00
Valentin Gagarin baef05e6fe
fix typo
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-06-16 14:37:08 +02:00
Valentin Gagarin 126eea48e3
do not refer to trusted-users another time 2023-06-16 14:36:53 +02:00
Valentin Gagarin 1a8ca85d48
use "store URLs" consistently 2023-06-16 14:34:11 +02:00
Valentin Gagarin 4a33d5fe35
fix link text
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-06-16 14:33:31 +02:00
Eelco Dolstra 713836112c
Merge pull request #8517 from hercules-ci/fix-build-hook-error-for-lib-users
Fix build hook error for libstore library users
2023-06-16 13:20:50 +02:00
Eelco Dolstra 09320140b5
Merge pull request #8525 from tweag/fix-i686-build
Don't assume the type of string::size_type
2023-06-16 13:15:46 +02:00
Théophane Hufschmitt b2247ef4f6 Don't assume the type of string::size_type
The code accidentally conflated `std::string::size_type` and `long unsigned int`.
This was fine on 64bits machines where they are apparently the same in
practice, but not on 32bits. Fix that by using `std::string::size_type`
everywhere.
2023-06-15 21:24:14 +02:00
Valentin Gagarin 2ceacce484
Update src/libstore/globals.hh 2023-06-15 15:57:54 +02:00
Robert Hensing d2696cdd1e Fix build hook error for libstore library users
A library shouldn't require changes to the caller's argument handling,
especially if it doesn't have to, and indeed we don't have to.

This changes the lookup order to prioritize the hardcoded path to nix
if it exists. The static executable still finds itself through /proc
and the like.
2023-06-15 14:32:00 +02:00
John Ericson e672d52f7c
Merge pull request #8512 from scarf005/install-show-uid
build: show UID and GID in welcome message
2023-06-15 13:49:44 +02:00
John Ericson e1fa48f17c
Update src/nix/daemon.cc
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2023-06-15 07:41:37 -04:00
John Ericson 71e53c0c6a
Merge pull request #8522 from amjoseph-nixpkgs/pr/allowed-uris/typo
src/libexpr/eval.hh: fix typo
2023-06-15 13:20:42 +02:00
scarf 80451b762d
style: use plurals in uid ranges
Co-authored-by: John Ericson <git@JohnEricson.me>
2023-06-15 14:47:18 +09:00
Adam Joseph 098fbf6273 src/libexpr/eval.hh: fix typo
The option name is `allowed-uris`, not `allowed-uri`.
2023-06-14 21:47:58 -07:00