Browse Source

doc: re-format

openssl
Jan Tojnar 3 years ago
parent
commit
83c2ad80ca
No known key found for this signature in database
GPG Key ID: 7FAB2A15F7A607A4
  1. 306
      doc/coding-conventions.xml
  2. 184
      doc/configuration.xml
  3. 15
      doc/contributing.xml
  4. 390
      doc/cross-compilation.xml
  5. 3
      doc/functions.xml
  6. 32
      doc/functions/appimagetools.xml
  7. 11
      doc/functions/debug.xml
  8. 224
      doc/functions/dockertools.xml
  9. 78
      doc/functions/fetchers.xml
  10. 38
      doc/functions/fhs-environments.xml
  11. 25
      doc/functions/generators.xml
  12. 3
      doc/functions/library.xml
  13. 13
      doc/functions/library/asserts.xml
  14. 145
      doc/functions/library/attrsets.xml
  15. 24
      doc/functions/nix-gitignore.xml
  16. 26
      doc/functions/ocitools.xml
  17. 95
      doc/functions/overrides.xml
  18. 8
      doc/functions/prefer-remote-fetch.xml
  19. 4
      doc/functions/shell.xml
  20. 31
      doc/functions/snaptools.xml
  21. 46
      doc/functions/trivial-builders.xml
  22. 163
      doc/languages-frameworks/beam.xml
  23. 71
      doc/languages-frameworks/bower.xml
  24. 20
      doc/languages-frameworks/coq.xml
  25. 185
      doc/languages-frameworks/gnome.xml
  26. 73
      doc/languages-frameworks/go.xml
  27. 7
      doc/languages-frameworks/index.xml
  28. 40
      doc/languages-frameworks/java.xml
  29. 20
      doc/languages-frameworks/lua.xml
  30. 32
      doc/languages-frameworks/ocaml.xml
  31. 98
      doc/languages-frameworks/perl.xml
  32. 60
      doc/languages-frameworks/qt.xml
  33. 37
      doc/languages-frameworks/ruby.xml
  34. 27
      doc/languages-frameworks/texlive.xml
  35. 164
      doc/meta.xml
  36. 158
      doc/multiple-output.xml
  37. 93
      doc/overlays.xml
  38. 262
      doc/package-notes.xml
  39. 175
      doc/package-specific-user-notes.xml
  40. 34
      doc/platform-notes.xml
  41. 144
      doc/quick-start.xml
  42. 260
      doc/release-notes.xml
  43. 160
      doc/reviewing-contributions.xml
  44. 1299
      doc/stdenv.xml
  45. 171
      doc/submitting-changes.xml

306
doc/coding-conventions.xml

@ -8,24 +8,17 @@
<itemizedlist>
<listitem>
<para>
Use 2 spaces of indentation per indentation level in Nix expressions, 4
spaces in shell scripts.
Use 2 spaces of indentation per indentation level in Nix expressions, 4 spaces in shell scripts.
</para>
</listitem>
<listitem>
<para>
Do not use tab characters, i.e. configure your editor to use soft tabs.
For instance, use <literal>(setq-default indent-tabs-mode nil)</literal>
in Emacs. Everybody has different tab settings so it’s asking for
trouble.
Do not use tab characters, i.e. configure your editor to use soft tabs. For instance, use <literal>(setq-default indent-tabs-mode nil)</literal> in Emacs. Everybody has different tab settings so it’s asking for trouble.
</para>
</listitem>
<listitem>
<para>
Use <literal>lowerCamelCase</literal> for variable names, not
<literal>UpperCamelCase</literal>. Note, this rule does not apply to
package attribute names, which instead follow the rules in
<xref linkend="sec-package-naming"/>.
Use <literal>lowerCamelCase</literal> for variable names, not <literal>UpperCamelCase</literal>. Note, this rule does not apply to package attribute names, which instead follow the rules in <xref linkend="sec-package-naming"/>.
</para>
</listitem>
<listitem>
@ -52,8 +45,7 @@ foo { arg = ...; }
</listitem>
<listitem>
<para>
In attribute sets or lists that span multiple lines, the attribute names
or list elements should be aligned:
In attribute sets or lists that span multiple lines, the attribute names or list elements should be aligned:
<programlisting>
# A long list.
list = [
@ -97,8 +89,7 @@ attrs = { x = 1280; y = 1024; };
</listitem>
<listitem>
<para>
Breaking in the middle of a function argument can give hard-to-read code,
like
Breaking in the middle of a function argument can give hard-to-read code, like
<programlisting>
someFunction { x = 1280;
y = 1024; } otherArg
@ -123,8 +114,7 @@ in someFunction res otherArg yetAnotherArg
</listitem>
<listitem>
<para>
The bodies of functions, asserts, and withs are not indented to prevent a
lot of superfluous indentation levels, i.e.
The bodies of functions, asserts, and withs are not indented to prevent a lot of superfluous indentation levels, i.e.
<programlisting>
{ arg1, arg2 }:
assert system == "i686-linux";
@ -156,8 +146,7 @@ stdenv.mkDerivation { ...
</listitem>
<listitem>
<para>
Functions should list their expected arguments as precisely as possible.
That is, write
Functions should list their expected arguments as precisely as possible. That is, write
<programlisting>
{ stdenv, fetchurl, perl }: <replaceable>...</replaceable>
</programlisting>
@ -171,9 +160,7 @@ args: with args; <replaceable>...</replaceable>
</programlisting>
</para>
<para>
For functions that are truly generic in the number of arguments (such as
wrappers around <varname>mkDerivation</varname>) that have some required
arguments, you should write them using an <literal>@</literal>-pattern:
For functions that are truly generic in the number of arguments (such as wrappers around <varname>mkDerivation</varname>) that have some required arguments, you should write them using an <literal>@</literal>-pattern:
<programlisting>
{ stdenv, doCoverageAnalysis ? false, ... } @ args:
@ -197,35 +184,20 @@ args.stdenv.mkDerivation (args // {
<title>Package naming</title>
<para>
The key words <emphasis>must</emphasis>, <emphasis>must not</emphasis>,
<emphasis>required</emphasis>, <emphasis>shall</emphasis>, <emphasis>shall
not</emphasis>, <emphasis>should</emphasis>, <emphasis>should
not</emphasis>, <emphasis>recommended</emphasis>, <emphasis>may</emphasis>,
and <emphasis>optional</emphasis> in this section are to be interpreted as
described in <link xlink:href="https://tools.ietf.org/html/rfc2119">RFC
2119</link>. Only <emphasis>emphasized</emphasis> words are to be
interpreted in this way.
The key words <emphasis>must</emphasis>, <emphasis>must not</emphasis>, <emphasis>required</emphasis>, <emphasis>shall</emphasis>, <emphasis>shall not</emphasis>, <emphasis>should</emphasis>, <emphasis>should not</emphasis>, <emphasis>recommended</emphasis>, <emphasis>may</emphasis>, and <emphasis>optional</emphasis> in this section are to be interpreted as described in <link xlink:href="https://tools.ietf.org/html/rfc2119">RFC 2119</link>. Only <emphasis>emphasized</emphasis> words are to be interpreted in this way.
</para>
<para>
In Nixpkgs, there are generally three different names associated with a
package:
In Nixpkgs, there are generally three different names associated with a package:
<itemizedlist>
<listitem>
<para>
The <varname>name</varname> attribute of the derivation (excluding the
version part). This is what most users see, in particular when using
<command>nix-env</command>.
The <varname>name</varname> attribute of the derivation (excluding the version part). This is what most users see, in particular when using <command>nix-env</command>.
</para>
</listitem>
<listitem>
<para>
The variable name used for the instantiated package in
<filename>all-packages.nix</filename>, and when passing it as a
dependency to other functions. Typically this is called the
<emphasis>package attribute name</emphasis>. This is what Nix expression
authors see. It can also be used when installing using <command>nix-env
-iA</command>.
The variable name used for the instantiated package in <filename>all-packages.nix</filename>, and when passing it as a dependency to other functions. Typically this is called the <emphasis>package attribute name</emphasis>. This is what Nix expression authors see. It can also be used when installing using <command>nix-env -iA</command>.
</para>
</listitem>
<listitem>
@ -234,12 +206,7 @@ args.stdenv.mkDerivation (args // {
</para>
</listitem>
</itemizedlist>
Most of the time, these are the same. For instance, the package
<literal>e2fsprogs</literal> has a <varname>name</varname> attribute
<literal>"e2fsprogs-<replaceable>version</replaceable>"</literal>, is bound
to the variable name <varname>e2fsprogs</varname> in
<filename>all-packages.nix</filename>, and the Nix expression is in
<filename>pkgs/os-specific/linux/e2fsprogs/default.nix</filename>.
Most of the time, these are the same. For instance, the package <literal>e2fsprogs</literal> has a <varname>name</varname> attribute <literal>"e2fsprogs-<replaceable>version</replaceable>"</literal>, is bound to the variable name <varname>e2fsprogs</varname> in <filename>all-packages.nix</filename>, and the Nix expression is in <filename>pkgs/os-specific/linux/e2fsprogs/default.nix</filename>.
</para>
<para>
@ -247,51 +214,32 @@ args.stdenv.mkDerivation (args // {
<itemizedlist>
<listitem>
<para>
The <literal>name</literal> attribute <emphasis>should</emphasis> be
identical to the upstream package name.
The <literal>name</literal> attribute <emphasis>should</emphasis> be identical to the upstream package name.
</para>
</listitem>
<listitem>
<para>
The <literal>name</literal> attribute <emphasis>must not</emphasis>
contain uppercase letters — e.g., <literal>"mplayer-1.0rc2"</literal>
instead of <literal>"MPlayer-1.0rc2"</literal>.
The <literal>name</literal> attribute <emphasis>must not</emphasis> contain uppercase letters — e.g., <literal>"mplayer-1.0rc2"</literal> instead of <literal>"MPlayer-1.0rc2"</literal>.
</para>
</listitem>
<listitem>
<para>
The version part of the <literal>name</literal> attribute
<emphasis>must</emphasis> start with a digit (following a dash) — e.g.,
<literal>"hello-0.3.1rc2"</literal>.
The version part of the <literal>name</literal> attribute <emphasis>must</emphasis> start with a digit (following a dash) — e.g., <literal>"hello-0.3.1rc2"</literal>.
</para>
</listitem>
<listitem>
<para>
If a package is not a release but a commit from a repository, then the
version part of the name <emphasis>must</emphasis> be the date of that
(fetched) commit. The date <emphasis>must</emphasis> be in
<literal>"YYYY-MM-DD"</literal> format. Also append
<literal>"unstable"</literal> to the name - e.g.,
<literal>"pkgname-unstable-2014-09-23"</literal>.
If a package is not a release but a commit from a repository, then the version part of the name <emphasis>must</emphasis> be the date of that (fetched) commit. The date <emphasis>must</emphasis> be in <literal>"YYYY-MM-DD"</literal> format. Also append <literal>"unstable"</literal> to the name - e.g., <literal>"pkgname-unstable-2014-09-23"</literal>.
</para>
</listitem>
<listitem>
<para>
Dashes in the package name <emphasis>should</emphasis> be preserved in
new variable names, rather than converted to underscores or camel cased
— e.g., <varname>http-parser</varname> instead of
<varname>http_parser</varname> or <varname>httpParser</varname>. The
hyphenated style is preferred in all three package names.
Dashes in the package name <emphasis>should</emphasis> be preserved in new variable names, rather than converted to underscores or camel cased — e.g., <varname>http-parser</varname> instead of <varname>http_parser</varname> or <varname>httpParser</varname>. The hyphenated style is preferred in all three package names.
</para>
</listitem>
<listitem>
<para>
If there are multiple versions of a package, this
<emphasis>should</emphasis> be reflected in the variable names in
<filename>all-packages.nix</filename>, e.g. <varname>json-c-0-9</varname>
and <varname>json-c-0-11</varname>. If there is an obvious “default”
version, make an attribute like <literal>json-c = json-c-0-9;</literal>.
See also <xref linkend="sec-versioning" />
If there are multiple versions of a package, this <emphasis>should</emphasis> be reflected in the variable names in <filename>all-packages.nix</filename>, e.g. <varname>json-c-0-9</varname> and <varname>json-c-0-11</varname>. If there is an obvious “default” version, make an attribute like <literal>json-c = json-c-0-9;</literal>. See also <xref linkend="sec-versioning" />
</para>
</listitem>
</itemizedlist>
@ -301,31 +249,18 @@ args.stdenv.mkDerivation (args // {
<title>File naming and organisation</title>
<para>
Names of files and directories should be in lowercase, with dashes between
words — not in camel case. For instance, it should be
<filename>all-packages.nix</filename>, not
<filename>allPackages.nix</filename> or
<filename>AllPackages.nix</filename>.
Names of files and directories should be in lowercase, with dashes between words — not in camel case. For instance, it should be <filename>all-packages.nix</filename>, not <filename>allPackages.nix</filename> or <filename>AllPackages.nix</filename>.
</para>
<section xml:id="sec-hierarchy">
<title>Hierarchy</title>
<para>
Each package should be stored in its own directory somewhere in the
<filename>pkgs/</filename> tree, i.e. in
<filename>pkgs/<replaceable>category</replaceable>/<replaceable>subcategory</replaceable>/<replaceable>...</replaceable>/<replaceable>pkgname</replaceable></filename>.
Below are some rules for picking the right category for a package. Many
packages fall under several categories; what matters is the
<emphasis>primary</emphasis> purpose of a package. For example, the
<literal>libxml2</literal> package builds both a library and some tools;
but it’s a library foremost, so it goes under
<filename>pkgs/development/libraries</filename>.
Each package should be stored in its own directory somewhere in the <filename>pkgs/</filename> tree, i.e. in <filename>pkgs/<replaceable>category</replaceable>/<replaceable>subcategory</replaceable>/<replaceable>...</replaceable>/<replaceable>pkgname</replaceable></filename>. Below are some rules for picking the right category for a package. Many packages fall under several categories; what matters is the <emphasis>primary</emphasis> purpose of a package. For example, the <literal>libxml2</literal> package builds both a library and some tools; but it’s a library foremost, so it goes under <filename>pkgs/development/libraries</filename>.
</para>
<para>
When in doubt, consider refactoring the <filename>pkgs/</filename> tree,
e.g. creating new categories or splitting up an existing category.
When in doubt, consider refactoring the <filename>pkgs/</filename> tree, e.g. creating new categories or splitting up an existing category.
</para>
<variablelist>
@ -341,8 +276,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>development/libraries</filename> (e.g.
<filename>libxml2</filename>)
<filename>development/libraries</filename> (e.g. <filename>libxml2</filename>)
</para>
</listitem>
</varlistentry>
@ -352,8 +286,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>development/compilers</filename> (e.g.
<filename>gcc</filename>)
<filename>development/compilers</filename> (e.g. <filename>gcc</filename>)
</para>
</listitem>
</varlistentry>
@ -363,8 +296,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>development/interpreters</filename> (e.g.
<filename>guile</filename>)
<filename>development/interpreters</filename> (e.g. <filename>guile</filename>)
</para>
</listitem>
</varlistentry>
@ -380,8 +312,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>development/tools/parsing</filename> (e.g.
<filename>bison</filename>, <filename>flex</filename>)
<filename>development/tools/parsing</filename> (e.g. <filename>bison</filename>, <filename>flex</filename>)
</para>
</listitem>
</varlistentry>
@ -391,8 +322,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>development/tools/build-managers</filename> (e.g.
<filename>gnumake</filename>)
<filename>development/tools/build-managers</filename> (e.g. <filename>gnumake</filename>)
</para>
</listitem>
</varlistentry>
@ -402,8 +332,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>development/tools/misc</filename> (e.g.
<filename>binutils</filename>)
<filename>development/tools/misc</filename> (e.g. <filename>binutils</filename>)
</para>
</listitem>
</varlistentry>
@ -429,8 +358,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
(A tool is a relatively small program, especially one intended to be
used non-interactively.)
(A tool is a relatively small program, especially one intended to be used non-interactively.)
</para>
<variablelist>
<varlistentry>
@ -439,8 +367,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>tools/networking</filename> (e.g.
<filename>wget</filename>)
<filename>tools/networking</filename> (e.g. <filename>wget</filename>)
</para>
</listitem>
</varlistentry>
@ -470,8 +397,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>tools/archivers</filename> (e.g. <filename>zip</filename>,
<filename>tar</filename>)
<filename>tools/archivers</filename> (e.g. <filename>zip</filename>, <filename>tar</filename>)
</para>
</listitem>
</varlistentry>
@ -481,8 +407,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>tools/compression</filename> (e.g.
<filename>gzip</filename>, <filename>bzip2</filename>)
<filename>tools/compression</filename> (e.g. <filename>gzip</filename>, <filename>bzip2</filename>)
</para>
</listitem>
</varlistentry>
@ -492,8 +417,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>tools/security</filename> (e.g. <filename>nmap</filename>,
<filename>gnupg</filename>)
<filename>tools/security</filename> (e.g. <filename>nmap</filename>, <filename>gnupg</filename>)
</para>
</listitem>
</varlistentry>
@ -532,8 +456,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>servers/http</filename> (e.g.
<filename>apache-httpd</filename>)
<filename>servers/http</filename> (e.g. <filename>apache-httpd</filename>)
</para>
</listitem>
</varlistentry>
@ -543,8 +466,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>servers/x11</filename> (e.g. <filename>xorg</filename>
this includes the client libraries and programs)
<filename>servers/x11</filename> (e.g. <filename>xorg</filename> — this includes the client libraries and programs)
</para>
</listitem>
</varlistentry>
@ -567,8 +489,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>desktops</filename> (e.g. <filename>kde</filename>,
<filename>gnome</filename>, <filename>enlightenment</filename>)
<filename>desktops</filename> (e.g. <filename>kde</filename>, <filename>gnome</filename>, <filename>enlightenment</filename>)
</para>
</listitem>
</varlistentry>
@ -578,8 +499,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>applications/window-managers</filename> (e.g.
<filename>awesome</filename>, <filename>stumpwm</filename>)
<filename>applications/window-managers</filename> (e.g. <filename>awesome</filename>, <filename>stumpwm</filename>)
</para>
</listitem>
</varlistentry>
@ -589,8 +509,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
A (typically large) program with a distinct user interface, primarily
used interactively.
A (typically large) program with a distinct user interface, primarily used interactively.
</para>
<variablelist>
<varlistentry>
@ -599,8 +518,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>applications/version-management</filename> (e.g.
<filename>subversion</filename>)
<filename>applications/version-management</filename> (e.g. <filename>subversion</filename>)
</para>
</listitem>
</varlistentry>
@ -610,8 +528,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>applications/video</filename> (e.g.
<filename>vlc</filename>)
<filename>applications/video</filename> (e.g. <filename>vlc</filename>)
</para>
</listitem>
</varlistentry>
@ -621,8 +538,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>applications/graphics</filename> (e.g.
<filename>gimp</filename>)
<filename>applications/graphics</filename> (e.g. <filename>gimp</filename>)
</para>
</listitem>
</varlistentry>
@ -638,8 +554,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>applications/networking/mailreaders</filename> (e.g.
<filename>thunderbird</filename>)
<filename>applications/networking/mailreaders</filename> (e.g. <filename>thunderbird</filename>)
</para>
</listitem>
</varlistentry>
@ -649,8 +564,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>applications/networking/newsreaders</filename> (e.g.
<filename>pan</filename>)
<filename>applications/networking/newsreaders</filename> (e.g. <filename>pan</filename>)
</para>
</listitem>
</varlistentry>
@ -660,8 +574,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>applications/networking/browsers</filename> (e.g.
<filename>firefox</filename>)
<filename>applications/networking/browsers</filename> (e.g. <filename>firefox</filename>)
</para>
</listitem>
</varlistentry>
@ -719,8 +632,7 @@ args.stdenv.mkDerivation (args // {
</term>
<listitem>
<para>
<filename>data/sgml+xml/schemas/xml-dtd</filename> (e.g.
<filename>docbook</filename>)
<filename>data/sgml+xml/schemas/xml-dtd</filename> (e.g. <filename>docbook</filename>)
</para>
</listitem>
</varlistentry>
@ -733,8 +645,7 @@ args.stdenv.mkDerivation (args // {
(Okay, these are executable...)
</para>
<para>
<filename>data/sgml+xml/stylesheets/xslt</filename> (e.g.
<filename>docbook-xsl</filename>)
<filename>data/sgml+xml/stylesheets/xslt</filename> (e.g. <filename>docbook-xsl</filename>)
</para>
</listitem>
</varlistentry>
@ -771,36 +682,15 @@ args.stdenv.mkDerivation (args // {
<title>Versioning</title>
<para>
Because every version of a package in Nixpkgs creates a potential
maintenance burden, old versions of a package should not be kept unless
there is a good reason to do so. For instance, Nixpkgs contains several
versions of GCC because other packages don’t build with the latest
version of GCC. Other examples are having both the latest stable and latest
pre-release version of a package, or to keep several major releases of an
application that differ significantly in functionality.
Because every version of a package in Nixpkgs creates a potential maintenance burden, old versions of a package should not be kept unless there is a good reason to do so. For instance, Nixpkgs contains several versions of GCC because other packages don’t build with the latest version of GCC. Other examples are having both the latest stable and latest pre-release version of a package, or to keep several major releases of an application that differ significantly in functionality.
</para>
<para>
If there is only one version of a package, its Nix expression should be
named <filename>e2fsprogs/default.nix</filename>. If there are multiple
versions, this should be reflected in the filename, e.g.
<filename>e2fsprogs/1.41.8.nix</filename> and
<filename>e2fsprogs/1.41.9.nix</filename>. The version in the filename
should leave out unnecessary detail. For instance, if we keep the latest
Firefox 2.0.x and 3.5.x versions in Nixpkgs, they should be named
<filename>firefox/2.0.nix</filename> and
<filename>firefox/3.5.nix</filename>, respectively (which, at a given
point, might contain versions <literal>2.0.0.20</literal> and
<literal>3.5.4</literal>). If a version requires many auxiliary files, you
can use a subdirectory for each version, e.g.
<filename>firefox/2.0/default.nix</filename> and
<filename>firefox/3.5/default.nix</filename>.
If there is only one version of a package, its Nix expression should be named <filename>e2fsprogs/default.nix</filename>. If there are multiple versions, this should be reflected in the filename, e.g. <filename>e2fsprogs/1.41.8.nix</filename> and <filename>e2fsprogs/1.41.9.nix</filename>. The version in the filename should leave out unnecessary detail. For instance, if we keep the latest Firefox 2.0.x and 3.5.x versions in Nixpkgs, they should be named <filename>firefox/2.0.nix</filename> and <filename>firefox/3.5.nix</filename>, respectively (which, at a given point, might contain versions <literal>2.0.0.20</literal> and <literal>3.5.4</literal>). If a version requires many auxiliary files, you can use a subdirectory for each version, e.g. <filename>firefox/2.0/default.nix</filename> and <filename>firefox/3.5/default.nix</filename>.
</para>
<para>
All versions of a package <emphasis>must</emphasis> be included in
<filename>all-packages.nix</filename> to make sure that they evaluate
correctly.
All versions of a package <emphasis>must</emphasis> be included in <filename>all-packages.nix</filename> to make sure that they evaluate correctly.
</para>
</section>
</section>
@ -808,25 +698,15 @@ args.stdenv.mkDerivation (args // {
<title>Fetching Sources</title>
<para>
There are multiple ways to fetch a package source in nixpkgs. The general
guideline is that you should package reproducible sources with a high degree
of availability. Right now there is only one fetcher which has mirroring
support and that is <literal>fetchurl</literal>. Note that you should also
prefer protocols which have a corresponding proxy environment variable.
There are multiple ways to fetch a package source in nixpkgs. The general guideline is that you should package reproducible sources with a high degree of availability. Right now there is only one fetcher which has mirroring support and that is <literal>fetchurl</literal>. Note that you should also prefer protocols which have a corresponding proxy environment variable.
</para>
<para>
You can find many source fetch helpers in
<literal>pkgs/build-support/fetch*</literal>.
You can find many source fetch helpers in <literal>pkgs/build-support/fetch*</literal>.
</para>
<para>
In the file <literal>pkgs/top-level/all-packages.nix</literal> you can find
fetch helpers, these have names on the form <literal>fetchFrom*</literal>.
The intention of these are to provide snapshot fetches but using the same
api as some of the version controlled fetchers from
<literal>pkgs/build-support/</literal>. As an example going from bad to
good:
In the file <literal>pkgs/top-level/all-packages.nix</literal> you can find fetch helpers, these have names on the form <literal>fetchFrom*</literal>. The intention of these are to provide snapshot fetches but using the same api as some of the version controlled fetchers from <literal>pkgs/build-support/</literal>. As an example going from bad to good:
<itemizedlist>
<listitem>
<para>
@ -863,11 +743,7 @@ src = fetchFromGitHub {
sha256 = "1i2yxndxb6yc9l6c99pypbd92lfq5aac4klq7y2v93c9qvx2cgpc";
}
</programlisting>
Find the value to put as <literal>sha256</literal> by running
<literal>nix run -f '&lt;nixpkgs&gt;' nix-prefetch-github -c
nix-prefetch-github --rev 1f795f9f44607cc5bec70d1300150bfefcef2aae NixOS
nix</literal> or <literal>nix-prefetch-url --unpack
https://github.com/NixOS/nix/archive/1f795f9f44607cc5bec70d1300150bfefcef2aae.tar.gz</literal>.
Find the value to put as <literal>sha256</literal> by running <literal>nix run -f '&lt;nixpkgs&gt;' nix-prefetch-github -c nix-prefetch-github --rev 1f795f9f44607cc5bec70d1300150bfefcef2aae NixOS nix</literal> or <literal>nix-prefetch-url --unpack https://github.com/NixOS/nix/archive/1f795f9f44607cc5bec70d1300150bfefcef2aae.tar.gz</literal>.
</para>
</listitem>
</itemizedlist>
@ -883,40 +759,23 @@ src = fetchFromGitHub {
<orderedlist>
<listitem>
<para>
Prefetch URL (with <literal>nix-prefetch-<replaceable>XXX</replaceable>
<replaceable>URL</replaceable></literal>, where
<replaceable>XXX</replaceable> is one of <literal>url</literal>,
<literal>git</literal>, <literal>hg</literal>, <literal>cvs</literal>,
<literal>bzr</literal>, <literal>svn</literal>). Hash is printed to
stdout.
Prefetch URL (with <literal>nix-prefetch-<replaceable>XXX</replaceable> <replaceable>URL</replaceable></literal>, where <replaceable>XXX</replaceable> is one of <literal>url</literal>, <literal>git</literal>, <literal>hg</literal>, <literal>cvs</literal>, <literal>bzr</literal>, <literal>svn</literal>). Hash is printed to stdout.
</para>
</listitem>
<listitem>
<para>
Prefetch by package source (with <literal>nix-prefetch-url
'&lt;nixpkgs&gt;' -A <replaceable>PACKAGE</replaceable>.src</literal>,
where <replaceable>PACKAGE</replaceable> is package attribute name). Hash
is printed to stdout.
Prefetch by package source (with <literal>nix-prefetch-url '&lt;nixpkgs&gt;' -A <replaceable>PACKAGE</replaceable>.src</literal>, where <replaceable>PACKAGE</replaceable> is package attribute name). Hash is printed to stdout.
</para>
<para>
This works well when you've upgraded existing package version and want to
find out new hash, but is useless if package can't be accessed by
attribute or package has multiple sources (<literal>.srcs</literal>,
architecture-dependent sources, etc).
This works well when you've upgraded existing package version and want to find out new hash, but is useless if package can't be accessed by attribute or package has multiple sources (<literal>.srcs</literal>, architecture-dependent sources, etc).
</para>
</listitem>
<listitem>
<para>
Upstream provided hash: use it when upstream provides
<literal>sha256</literal> or <literal>sha512</literal> (when upstream
provides <literal>md5</literal>, don't use it, compute
<literal>sha256</literal> instead).
Upstream provided hash: use it when upstream provides <literal>sha256</literal> or <literal>sha512</literal> (when upstream provides <literal>md5</literal>, don't use it, compute <literal>sha256</literal> instead).
</para>
<para>
A little nuance is that <literal>nix-prefetch-*</literal> tools produce
hash encoded with <literal>base32</literal>, but upstream usually provides
hexadecimal (<literal>base16</literal>) encoding. Fetchers understand both
formats. Nixpkgs does not standardize on any one format.
A little nuance is that <literal>nix-prefetch-*</literal> tools produce hash encoded with <literal>base32</literal>, but upstream usually provides hexadecimal (<literal>base16</literal>) encoding. Fetchers understand both formats. Nixpkgs does not standardize on any one format.
</para>
<para>
You can convert between formats with nix-hash, for example:
@ -927,28 +786,18 @@ src = fetchFromGitHub {
</listitem>
<listitem>
<para>
Extracting hash from local source tarball can be done with
<literal>sha256sum</literal>. Use <literal>nix-prefetch-url
file:///path/to/tarball </literal> if you want base32 hash.
Extracting hash from local source tarball can be done with <literal>sha256sum</literal>. Use <literal>nix-prefetch-url file:///path/to/tarball </literal> if you want base32 hash.
</para>
</listitem>
<listitem>
<para>
Fake hash: set fake hash in package expression, perform build and extract
correct hash from error Nix prints.
Fake hash: set fake hash in package expression, perform build and extract correct hash from error Nix prints.
</para>
<para>
For package updates it is enough to change one symbol to make hash fake.
For new packages, you can use <literal>lib.fakeSha256</literal>,
<literal>lib.fakeSha512</literal> or any other fake hash.
For package updates it is enough to change one symbol to make hash fake. For new packages, you can use <literal>lib.fakeSha256</literal>, <literal>lib.fakeSha512</literal> or any other fake hash.
</para>
<para>
This is last resort method when reconstructing source URL is non-trivial
and <literal>nix-prefetch-url -A</literal> isn't applicable (for example,
<link xlink:href="https://github.com/NixOS/nixpkgs/blob/d2ab091dd308b99e4912b805a5eb088dd536adb9/pkgs/applications/video/kodi/default.nix#L73">
one of <literal>kodi</literal> dependencies</link>). The easiest way then
would be replace hash with a fake one and rebuild. Nix build will fail and
error message will contain desired hash.
This is last resort method when reconstructing source URL is non-trivial and <literal>nix-prefetch-url -A</literal> isn't applicable (for example, <link xlink:href="https://github.com/NixOS/nixpkgs/blob/d2ab091dd308b99e4912b805a5eb088dd536adb9/pkgs/applications/video/kodi/default.nix#L73"> one of <literal>kodi</literal> dependencies</link>). The easiest way then would be replace hash with a fake one and rebuild. Nix build will fail and error message will contain desired hash.
</para>
<warning>
<para>
@ -962,9 +811,7 @@ src = fetchFromGitHub {
<title>Obtaining hashes securely</title>
<para>
Let's say Man-in-the-Middle (MITM) sits close to your network. Then instead
of fetching source you can fetch malware, and instead of source hash you
get hash of malware. Here are security considerations for this scenario:
Let's say Man-in-the-Middle (MITM) sits close to your network. Then instead of fetching source you can fetch malware, and instead of source hash you get hash of malware. Here are security considerations for this scenario:
</para>
<itemizedlist>
@ -975,8 +822,7 @@ src = fetchFromGitHub {
</listitem>
<listitem>
<para>
hashes from upstream (in method 3) should be obtained via secure
protocol;
hashes from upstream (in method 3) should be obtained via secure protocol;
</para>
</listitem>
<listitem>
@ -986,12 +832,7 @@ src = fetchFromGitHub {
</listitem>
<listitem>
<para>
<literal>https://</literal> URLs are not secure in method 5. When
obtaining hashes with fake hash method, TLS checks are disabled. So
refetch source hash from several different networks to exclude MITM
scenario. Alternatively, use fake hash method to make Nix error, but
instead of extracting hash from error, extract
<literal>https://</literal> URL and prefetch it with method 1.
<literal>https://</literal> URLs are not secure in method 5. When obtaining hashes with fake hash method, TLS checks are disabled. So refetch source hash from several different networks to exclude MITM scenario. Alternatively, use fake hash method to make Nix error, but instead of extracting hash from error, extract <literal>https://</literal> URL and prefetch it with method 1.
</para>
</listitem>
</itemizedlist>
@ -1001,8 +842,7 @@ src = fetchFromGitHub {
<title>Patches</title>
<para>
Patches available online should be retrieved using
<literal>fetchpatch</literal>.
Patches available online should be retrieved using <literal>fetchpatch</literal>.
</para>
<para>
@ -1018,10 +858,7 @@ patches = [
</para>
<para>
Otherwise, you can add a <literal>.patch</literal> file to the
<literal>nixpkgs</literal> repository. In the interest of keeping our
maintenance burden to a minimum, only patches that are unique to
<literal>nixpkgs</literal> should be added in this way.
Otherwise, you can add a <literal>.patch</literal> file to the <literal>nixpkgs</literal> repository. In the interest of keeping our maintenance burden to a minimum, only patches that are unique to <literal>nixpkgs</literal> should be added in this way.
</para>
<para>
@ -1031,8 +868,7 @@ patches = [ ./0001-changes.patch ];
</para>
<para>
If you do need to do create this sort of patch file, one way to do so is
with git:
If you do need to do create this sort of patch file, one way to do so is with git:
<orderedlist>
<listitem>
<para>
@ -1043,8 +879,7 @@ patches = [ ./0001-changes.patch ];
</listitem>
<listitem>
<para>
If a git repository is not already present, create one and stage all of
the source files.
If a git repository is not already present, create one and stage all of the source files.
<screen>
<prompt>$ </prompt>git init
<prompt>$ </prompt>git add .</screen>
@ -1052,8 +887,7 @@ patches = [ ./0001-changes.patch ];
</listitem>
<listitem>
<para>
Edit some files to make whatever changes need to be included in the
patch.
Edit some files to make whatever changes need to be included in the patch.
</para>
</listitem>
<listitem>

184
doc/configuration.xml

@ -3,49 +3,38 @@
xml:id="chap-packageconfig">
<title>Global configuration</title>
<para>
Nix comes with certain defaults about what packages can and cannot be
installed, based on a package's metadata. By default, Nix will prevent
installation if any of the following criteria are true:
Nix comes with certain defaults about what packages can and cannot be installed, based on a package's metadata. By default, Nix will prevent installation if any of the following criteria are true:
</para>
<itemizedlist>
<listitem>
<para>
The package is thought to be broken, and has had its
<literal>meta.broken</literal> set to <literal>true</literal>.
The package is thought to be broken, and has had its <literal>meta.broken</literal> set to <literal>true</literal>.
</para>
</listitem>
<listitem>
<para>
The package isn't intended to run on the given system, as none of its
<literal>meta.platforms</literal> match the given system.
The package isn't intended to run on the given system, as none of its <literal>meta.platforms</literal> match the given system.
</para>
</listitem>
<listitem>
<para>
The package's <literal>meta.license</literal> is set to a license which is
considered to be unfree.
The package's <literal>meta.license</literal> is set to a license which is considered to be unfree.
</para>
</listitem>
<listitem>
<para>
The package has known security vulnerabilities but has not or can not be
updated for some reason, and a list of issues has been entered in to the
package's <literal>meta.knownVulnerabilities</literal>.
The package has known security vulnerabilities but has not or can not be updated for some reason, and a list of issues has been entered in to the package's <literal>meta.knownVulnerabilities</literal>.
</para>
</listitem>
</itemizedlist>
<para>
Note that all this is checked during evaluation already, and the check
includes any package that is evaluated. In particular, all build-time
dependencies are checked. <literal>nix-env -qa</literal> will (attempt to)
hide any packages that would be refused.
Note that all this is checked during evaluation already, and the check includes any package that is evaluated. In particular, all build-time dependencies are checked. <literal>nix-env -qa</literal> will (attempt to) hide any packages that would be refused.
</para>
<para>
Each of these criteria can be altered in the nixpkgs configuration.
</para>
<para>
The nixpkgs configuration for a NixOS system is set in the
<literal>configuration.nix</literal>, as in the following example:
The nixpkgs configuration for a NixOS system is set in the <literal>configuration.nix</literal>, as in the following example:
<programlisting>
{
nixpkgs.config = {
@ -53,13 +42,10 @@
};
}
</programlisting>
However, this does not allow unfree software for individual users. Their
configurations are managed separately.
However, this does not allow unfree software for individual users. Their configurations are managed separately.
</para>
<para>
A user's of nixpkgs configuration is stored in a user-specific configuration
file located at <filename>~/.config/nixpkgs/config.nix</filename>. For
example:
A user's of nixpkgs configuration is stored in a user-specific configuration file located at <filename>~/.config/nixpkgs/config.nix</filename>. For example:
<programlisting>
{
allowUnfree = true;
@ -67,31 +53,25 @@
</programlisting>
</para>
<para>
Note that we are not able to test or build unfree software on Hydra due to
policy. Most unfree licenses prohibit us from either executing or
distributing the software.
Note that we are not able to test or build unfree software on Hydra due to policy. Most unfree licenses prohibit us from either executing or distributing the software.
</para>
<section xml:id="sec-allow-broken">
<title>Installing broken packages</title>
<para>
There are two ways to try compiling a package which has been marked as
broken.
There are two ways to try compiling a package which has been marked as broken.
</para>
<itemizedlist>
<listitem>
<para>
For allowing the build of a broken package once, you can use an
environment variable for a single invocation of the nix tools:
For allowing the build of a broken package once, you can use an environment variable for a single invocation of the nix tools:
<programlisting>$ export NIXPKGS_ALLOW_BROKEN=1</programlisting>
</para>
</listitem>
<listitem>
<para>
For permanently allowing broken packages to be built, you may add
<literal>allowBroken = true;</literal> to your user's configuration file,
like this:
For permanently allowing broken packages to be built, you may add <literal>allowBroken = true;</literal> to your user's configuration file, like this:
<programlisting>
{
allowBroken = true;
@ -105,23 +85,19 @@
<title>Installing packages on unsupported systems</title>
<para>
There are also two ways to try compiling a package which has been marked as
unsuported for the given system.
There are also two ways to try compiling a package which has been marked as unsuported for the given system.
</para>
<itemizedlist>
<listitem>
<para>
For allowing the build of a broken package once, you can use an
environment variable for a single invocation of the nix tools:
For allowing the build of a broken package once, you can use an environment variable for a single invocation of the nix tools:
<programlisting>$ export NIXPKGS_ALLOW_UNSUPPORTED_SYSTEM=1</programlisting>
</para>
</listitem>
<listitem>
<para>
For permanently allowing broken packages to be built, you may add
<literal>allowUnsupportedSystem = true;</literal> to your user's
configuration file, like this:
For permanently allowing broken packages to be built, you may add <literal>allowUnsupportedSystem = true;</literal> to your user's configuration file, like this:
<programlisting>
{
allowUnsupportedSystem = true;
@ -132,42 +108,29 @@
</itemizedlist>
<para>
The difference between a package being unsupported on some system and being
broken is admittedly a bit fuzzy. If a program <emphasis>ought</emphasis> to
work on a certain platform, but doesn't, the platform should be included in
<literal>meta.platforms</literal>, but marked as broken with e.g.
<literal>meta.broken = !hostPlatform.isWindows</literal>. Of course, this
begs the question of what "ought" means exactly. That is left to the package
maintainer.
The difference between a package being unsupported on some system and being broken is admittedly a bit fuzzy. If a program <emphasis>ought</emphasis> to work on a certain platform, but doesn't, the platform should be included in <literal>meta.platforms</literal>, but marked as broken with e.g. <literal>meta.broken = !hostPlatform.isWindows</literal>. Of course, this begs the question of what "ought" means exactly. That is left to the package maintainer.
</para>
</section>
<section xml:id="sec-allow-unfree">
<title>Installing unfree packages</title>
<para>
There are several ways to tweak how Nix handles a package which has been
marked as unfree.
There are several ways to tweak how Nix handles a package which has been marked as unfree.
</para>
<itemizedlist>
<listitem>
<para>
To temporarily allow all unfree packages, you can use an environment
variable for a single invocation of the nix tools:
To temporarily allow all unfree packages, you can use an environment variable for a single invocation of the nix tools:
<programlisting>$ export NIXPKGS_ALLOW_UNFREE=1</programlisting>
</para>
</listitem>
<listitem>
<para>
It is possible to permanently allow individual unfree packages, while
still blocking unfree packages by default using the
<literal>allowUnfreePredicate</literal> configuration option in the user
configuration file.
It is possible to permanently allow individual unfree packages, while still blocking unfree packages by default using the <literal>allowUnfreePredicate</literal> configuration option in the user configuration file.
</para>
<para>
This option is a function which accepts a package as a parameter, and
returns a boolean. The following example configuration accepts a package
and always returns false:
This option is a function which accepts a package as a parameter, and returns a boolean. The following example configuration accepts a package and always returns false:
<programlisting>
{
allowUnfreePredicate = (pkg: false);
@ -175,8 +138,7 @@
</programlisting>
</para>
<para>
For a more useful example, try the following. This configuration only
allows unfree packages named flash player and visual studio code:
For a more useful example, try the following. This configuration only allows unfree packages named flash player and visual studio code:
<programlisting>
{
allowUnfreePredicate = (pkg: builtins.elem
@ -190,14 +152,10 @@
</listitem>
<listitem>
<para>
It is also possible to whitelist and blacklist licenses that are
specifically acceptable or not acceptable, using
<literal>whitelistedLicenses</literal> and
<literal>blacklistedLicenses</literal>, respectively.
It is also possible to whitelist and blacklist licenses that are specifically acceptable or not acceptable, using <literal>whitelistedLicenses</literal> and <literal>blacklistedLicenses</literal>, respectively.
</para>
<para>
The following example configuration whitelists the licenses
<literal>amd</literal> and <literal>wtfpl</literal>:
The following example configuration whitelists the licenses <literal>amd</literal> and <literal>wtfpl</literal>:
<programlisting>
{
whitelistedLicenses = with stdenv.lib.licenses; [ amd wtfpl ];
@ -205,8 +163,7 @@
</programlisting>
</para>
<para>
The following example configuration blacklists the <literal>gpl3</literal>
and <literal>agpl3</literal> licenses:
The following example configuration blacklists the <literal>gpl3</literal> and <literal>agpl3</literal> licenses:
<programlisting>
{
blacklistedLicenses = with stdenv.lib.licenses; [ agpl3 gpl3 ];
@ -217,37 +174,29 @@
</itemizedlist>
<para>
A complete list of licenses can be found in the file
<filename>lib/licenses.nix</filename> of the nixpkgs tree.
A complete list of licenses can be found in the file <filename>lib/licenses.nix</filename> of the nixpkgs tree.
</para>
</section>
<section xml:id="sec-allow-insecure">
<title>Installing insecure packages</title>
<para>
There are several ways to tweak how Nix handles a package which has been
marked as insecure.
There are several ways to tweak how Nix handles a package which has been marked as insecure.
</para>
<itemizedlist>
<listitem>
<para>
To temporarily allow all insecure packages, you can use an environment
variable for a single invocation of the nix tools:
To temporarily allow all insecure packages, you can use an environment variable for a single invocation of the nix tools:
<programlisting>$ export NIXPKGS_ALLOW_INSECURE=1</programlisting>
</para>
</listitem>
<listitem>
<para>
It is possible to permanently allow individual insecure packages, while
still blocking other insecure packages by default using the
<literal>permittedInsecurePackages</literal> configuration option in the
user configuration file.
It is possible to permanently allow individual insecure packages, while still blocking other insecure packages by default using the <literal>permittedInsecurePackages</literal> configuration option in the user configuration file.
</para>
<para>
The following example configuration permits the installation of the
hypothetically insecure package <literal>hello</literal>, version
<literal>1.2.3</literal>:
The following example configuration permits the installation of the hypothetically insecure package <literal>hello</literal>, version <literal>1.2.3</literal>:
<programlisting>
{
permittedInsecurePackages = [
@ -259,18 +208,13 @@
</listitem>
<listitem>
<para>
It is also possible to create a custom policy around which insecure
packages to allow and deny, by overriding the
<literal>allowInsecurePredicate</literal> configuration option.
It is also possible to create a custom policy around which insecure packages to allow and deny, by overriding the <literal>allowInsecurePredicate</literal> configuration option.
</para>
<para>
The <literal>allowInsecurePredicate</literal> option is a function which
accepts a package and returns a boolean, much like
<literal>allowUnfreePredicate</literal>.
The <literal>allowInsecurePredicate</literal> option is a function which accepts a package and returns a boolean, much like <literal>allowUnfreePredicate</literal>.
</para>
<para>
The following configuration example only allows insecure packages with
very short names:
The following configuration example only allows insecure packages with very short names:
<programlisting>
{
allowInsecurePredicate = (pkg: (builtins.stringLength (builtins.parseDrvName pkg.name).name) &lt;= 5);
@ -278,8 +222,7 @@
</programlisting>
</para>
<para>
Note that <literal>permittedInsecurePackages</literal> is only checked if
<literal>allowInsecurePredicate</literal> is not specified.
Note that <literal>permittedInsecurePackages</literal> is only checked if <literal>allowInsecurePredicate</literal> is not specified.
</para>
</listitem>
</itemizedlist>
@ -289,10 +232,7 @@
<title>Modify packages via <literal>packageOverrides</literal></title>
<para>
You can define a function called <varname>packageOverrides</varname> in your
local <filename>~/.config/nixpkgs/config.nix</filename> to override Nix
packages. It must be a function that takes pkgs as an argument and returns a
modified set of packages.
You can define a function called <varname>packageOverrides</varname> in your local <filename>~/.config/nixpkgs/config.nix</filename> to override Nix packages. It must be a function that takes pkgs as an argument and returns a modified set of packages.
<programlisting>
{
packageOverrides = pkgs: rec {
@ -309,15 +249,7 @@
<title>Build an environment</title>
<para>
Using <literal>packageOverrides</literal>, it is possible to manage
packages declaratively. This means that we can list all of our desired
packages within a declarative Nix expression. For example, to have
<literal>aspell</literal>, <literal>bc</literal>,
<literal>ffmpeg</literal>, <literal>coreutils</literal>,
<literal>gdb</literal>, <literal>nixUnstable</literal>,
<literal>emscripten</literal>, <literal>jq</literal>,
<literal>nox</literal>, and <literal>silver-searcher</literal>, we could
use the following in <filename>~/.config/nixpkgs/config.nix</filename>:
Using <literal>packageOverrides</literal>, it is possible to manage packages declaratively. This means that we can list all of our desired packages within a declarative Nix expression. For example, to have <literal>aspell</literal>, <literal>bc</literal>, <literal>ffmpeg</literal>, <literal>coreutils</literal>, <literal>gdb</literal>, <literal>nixUnstable</literal>, <literal>emscripten</literal>, <literal>jq</literal>, <literal>nox</literal>, and <literal>silver-searcher</literal>, we could use the following in <filename>~/.config/nixpkgs/config.nix</filename>:
</para>
<screen>
@ -343,13 +275,7 @@
</screen>
<para>
To install it into our environment, you can just run <literal>nix-env -iA
nixpkgs.myPackages</literal>. If you want to load the packages to be built
from a working copy of <literal>nixpkgs</literal> you just run
<literal>nix-env -f. -iA myPackages</literal>. To explore what's been
installed, just look through <filename>~/.nix-profile/</filename>. You can
see that a lot of stuff has been installed. Some of this stuff is useful
some of it isn't. Let's tell Nixpkgs to only link the stuff that we want:
To install it into our environment, you can just run <literal>nix-env -iA nixpkgs.myPackages</literal>. If you want to load the packages to be built from a working copy of <literal>nixpkgs</literal> you just run <literal>nix-env -f. -iA myPackages</literal>. To explore what's been installed, just look through <filename>~/.nix-profile/</filename>. You can see that a lot of stuff has been installed. Some of this stuff is useful some of it isn't. Let's tell Nixpkgs to only link the stuff that we want:
</para>
<screen>
@ -376,12 +302,7 @@
</screen>
<para>
<literal>pathsToLink</literal> tells Nixpkgs to only link the paths listed
which gets rid of the extra stuff in the profile. <filename>/bin</filename>
and <filename>/share</filename> are good defaults for a user environment,
getting rid of the clutter. If you are running on Nix on MacOS, you may
want to add another path as well, <filename>/Applications</filename>, that
makes GUI apps available.
<literal>pathsToLink</literal> tells Nixpkgs to only link the paths listed which gets rid of the extra stuff in the profile. <filename>/bin</filename> and <filename>/share</filename> are good defaults for a user environment, getting rid of the clutter. If you are running on Nix on MacOS, you may want to add another path as well, <filename>/Applications</filename>, that makes GUI apps available.
</para>
</section>
@ -389,13 +310,7 @@
<title>Getting documentation</title>
<para>
After building that new environment, look through
<filename>~/.nix-profile</filename> to make sure everything is there that
we wanted. Discerning readers will note that some files are missing. Look
inside <filename>~/.nix-profile/share/man/man1/</filename> to verify this.
There are no man pages for any of the Nix tools! This is because some
packages like Nix have multiple outputs for things like documentation (see
section 4). Let's make Nix install those as well.
After building that new environment, look through <filename>~/.nix-profile</filename> to make sure everything is there that we wanted. Discerning readers will note that some files are missing. Look inside <filename>~/.nix-profile/share/man/man1/</filename> to verify this. There are no man pages for any of the Nix tools! This is because some packages like Nix have multiple outputs for things like documentation (see section 4). Let's make Nix install those as well.
</para>
<screen>
@ -422,9 +337,7 @@
</screen>
<para>
This provides us with some useful documentation for using our packages.
However, if we actually want those manpages to be detected by man, we need
to set up our environment. This can also be managed within Nix expressions.
This provides us with some useful documentation for using our packages. However, if we actually want those manpages to be detected by man, we need to set up our environment. This can also be managed within Nix expressions.
</para>
<screen>
@ -460,9 +373,7 @@
</screen>
<para>
For this to work fully, you must also have this script sourced when you are
logged in. Try adding something like this to your
<filename>~/.profile</filename> file:
For this to work fully, you must also have this script sourced when you are logged in. Try adding something like this to your <filename>~/.profile</filename> file:
</para>
<screen>
@ -477,8 +388,7 @@ fi
</screen>
<para>
Now just run <literal>source $HOME/.profile</literal> and you can starting
loading man pages from your environent.
Now just run <literal>source $HOME/.profile</literal> and you can starting loading man pages from your environent.
</para>
</section>
@ -486,9 +396,7 @@ fi
<title>GNU info setup</title>
<para>
Configuring GNU info is a little bit trickier than man pages. To work
correctly, info needs a database to be generated. This can be done with
some small modifications to our environment scripts.
Configuring GNU info is a little bit trickier than man pages. To work correctly, info needs a database to be generated. This can be done with some small modifications to our environment scripts.
</para>
<screen>
@ -534,11 +442,7 @@ fi
</screen>
<para>
<literal>postBuild</literal> tells Nixpkgs to run a command after building
the environment. In this case, <literal>install-info</literal> adds the
installed info pages to <literal>dir</literal> which is GNU info's default
root node. Note that <literal>texinfoInteractive</literal> is added to the
environment to give the <literal>install-info</literal> command.
<literal>postBuild</literal> tells Nixpkgs to run a command after building the environment. In this case, <literal>install-info</literal> adds the installed info pages to <literal>dir</literal> which is GNU info's default root node. Note that <literal>texinfoInteractive</literal> is added to the environment to give the <literal>install-info</literal> command.
</para>
</section>
</section>

15
doc/contributing.xml

@ -3,10 +3,8 @@
xml:id="chap-contributing">
<title>Contributing to this documentation</title>
<para>
The DocBook sources of the Nixpkgs manual are in the
<filename
xlink:href="https://github.com/NixOS/nixpkgs/tree/master/doc">doc</filename>
subdirectory of the Nixpkgs repository.
The DocBook sources of the Nixpkgs manual are in the <filename
xlink:href="https://github.com/NixOS/nixpkgs/tree/master/doc">doc</filename> subdirectory of the Nixpkgs repository.
</para>
<para>
You can quickly check your edits with <command>make</command>:
@ -17,19 +15,16 @@ xlink:href="https://github.com/NixOS/nixpkgs/tree/master/doc">doc</filename>
<prompt>[nix-shell]$ </prompt>make
</screen>
<para>
If you experience problems, run <command>make debug</command> to help
understand the docbook errors.
If you experience problems, run <command>make debug</command> to help understand the docbook errors.
</para>
<para>
After making modifications to the manual, it's important to build it before
committing. You can do that as follows:
After making modifications to the manual, it's important to build it before committing. You can do that as follows:
<screen>
<prompt>$ </prompt>cd /path/to/nixpkgs/doc
<prompt>$ </prompt>nix-shell
<prompt>[nix-shell]$ </prompt>make clean
<prompt>[nix-shell]$ </prompt>nix-build .
</screen>
If the build succeeds, the manual will be in
<filename>./result/share/doc/nixpkgs/manual.html</filename>.
If the build succeeds, the manual will be in <filename>./result/share/doc/nixpkgs/manual.html</filename>.
</para>
</chapter>

390
doc/cross-compilation.xml

@ -6,25 +6,11 @@
<title>Introduction</title>
<para>
"Cross-compilation" means compiling a program on one machine for another
type of machine. For example, a typical use of cross-compilation is to
compile programs for embedded devices. These devices often don't have the
computing power and memory to compile their own programs. One might think
that cross-compilation is a fairly niche concern. However, there are
significant advantages to rigorously distinguishing between build-time and
run-time environments! Significant, because the benefits apply even when one
is developing and deploying on the same machine. Nixpkgs is increasingly
adopting the opinion that packages should be written with cross-compilation
in mind, and nixpkgs should evaluate in a similar way (by minimizing
cross-compilation-specific special cases) whether or not one is
cross-compiling.
"Cross-compilation" means compiling a program on one machine for another type of machine. For example, a typical use of cross-compilation is to compile programs for embedded devices. These devices often don't have the computing power and memory to compile their own programs. One might think that cross-compilation is a fairly niche concern. However, there are significant advantages to rigorously distinguishing between build-time and run-time environments! Significant, because the benefits apply even when one is developing and deploying on the same machine. Nixpkgs is increasingly adopting the opinion that packages should be written with cross-compilation in mind, and nixpkgs should evaluate in a similar way (by minimizing cross-compilation-specific special cases) whether or not one is cross-compiling.
</para>
<para>
This chapter will be organized in three parts. First, it will describe the
basics of how to package software in a way that supports cross-compilation.
Second, it will describe how to use Nixpkgs when cross-compiling. Third, it
will describe the internal infrastructure supporting cross-compilation.
This chapter will be organized in three parts. First, it will describe the basics of how to package software in a way that supports cross-compilation. Second, it will describe how to use Nixpkgs when cross-compiling. Third, it will describe the internal infrastructure supporting cross-compilation.
</para>
</section>
<!--============================================================-->
@ -35,24 +21,12 @@
<title>Platform parameters</title>
<para>
Nixpkgs follows the
<link
xlink:href="https://gcc.gnu.org/onlinedocs/gccint/Configure-Terms.html">conventions
of GNU autoconf</link>. We distinguish between 3 types of platforms when
building a derivation: <wordasword>build</wordasword>,
<wordasword>host</wordasword>, and <wordasword>target</wordasword>. In
summary, <wordasword>build</wordasword> is the platform on which a package
is being built, <wordasword>host</wordasword> is the platform on which it
will run. The third attribute, <wordasword>target</wordasword>, is relevant
only for certain specific compilers and build tools.
Nixpkgs follows the <link
xlink:href="https://gcc.gnu.org/onlinedocs/gccint/Configure-Terms.html">conventions of GNU autoconf</link>. We distinguish between 3 types of platforms when building a derivation: <wordasword>build</wordasword>, <wordasword>host</wordasword>, and <wordasword>target</wordasword>. In summary, <wordasword>build</wordasword> is the platform on which a package is being built, <wordasword>host</wordasword> is the platform on which it will run. The third attribute, <wordasword>target</wordasword>, is relevant only for certain specific compilers and build tools.
</para>
<para>
In Nixpkgs, these three platforms are defined as attribute sets under the
names <literal>buildPlatform</literal>, <literal>hostPlatform</literal>,
and <literal>targetPlatform</literal>. They are always defined as
attributes in the standard environment. That means one can access them
like:
In Nixpkgs, these three platforms are defined as attribute sets under the names <literal>buildPlatform</literal>, <literal>hostPlatform</literal>, and <literal>targetPlatform</literal>. They are always defined as attributes in the standard environment. That means one can access them like:
<programlisting>{ stdenv, fooDep, barDep, .. }: ...stdenv.buildPlatform...</programlisting>
.
</para>
@ -64,9 +38,7 @@
</term>
<listitem>
<para>
The "build platform" is the platform on which a package is built. Once
someone has a built package, or pre-built binary package, the build
platform should not matter and can be ignored.
The "build platform" is the platform on which a package is built. Once someone has a built package, or pre-built binary package, the build platform should not matter and can be ignored.
</para>
</listitem>
</varlistentry>
@ -76,9 +48,7 @@
</term>
<listitem>
<para>
The "host platform" is the platform on which a package will be run. This
is the simplest platform to understand, but also the one with the worst
name.
The "host platform" is the platform on which a package will be run. This is the simplest platform to understand, but also the one with the worst name.
</para>
</listitem>
</varlistentry>
@ -88,44 +58,23 @@
</term>
<listitem>
<para>
The "target platform" attribute is, unlike the other two attributes, not
actually fundamental to the process of building software. Instead, it is
only relevant for compatibility with building certain specific compilers
and build tools. It can be safely ignored for all other packages.
The "target platform" attribute is, unlike the other two attributes, not actually fundamental to the process of building software. Instead, it is only relevant for compatibility with building certain specific compilers and build tools. It can be safely ignored for all other packages.
</para>
<para>
The build process of certain compilers is written in such a way that the
compiler resulting from a single build can itself only produce binaries
for a single platform. The task of specifying this single "target
platform" is thus pushed to build time of the compiler. The root cause
of this is that the compiler (which will be run on the host) and the
standard library/runtime (which will be run on the target) are built by
a single build process.
The build process of certain compilers is written in such a way that the compiler resulting from a single build can itself only produce binaries for a single platform. The task of specifying this single "target platform" is thus pushed to build time of the compiler. The root cause of this is that the compiler (which will be run on the host) and the standard library/runtime (which will be run on the target) are built by a single build process.
</para>
<para>
There is no fundamental need to think about a single target ahead of
time like this. If the tool supports modular or pluggable backends, both
the need to specify the target at build time and the constraint of
having only a single target disappear. An example of such a tool is
LLVM.
There is no fundamental need to think about a single target ahead of time like this. If the tool supports modular or pluggable backends, both the need to specify the target at build time and the constraint of having only a single target disappear. An example of such a tool is LLVM.
</para>
<para>
Although the existence of a "target platfom" is arguably a historical
mistake, it is a common one: examples of tools that suffer from it are
GCC, Binutils, GHC and Autoconf. Nixpkgs tries to avoid sharing in the
mistake where possible. Still, because the concept of a target platform
is so ingrained, it is best to support it as is.
Although the existence of a "target platfom" is arguably a historical mistake, it is a common one: examples of tools that suffer from it are GCC, Binutils, GHC and Autoconf. Nixpkgs tries to avoid sharing in the mistake where possible. Still, because the concept of a target platform is so ingrained, it is best to support it as is.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>
The exact schema these fields follow is a bit ill-defined due to a long and
convoluted evolution, but this is slowly being cleaned up. You can see
examples of ones used in practice in
<literal>lib.systems.examples</literal>; note how they are not all very
consistent. For now, here are few fields can count on them containing:
The exact schema these fields follow is a bit ill-defined due to a long and convoluted evolution, but this is slowly being cleaned up. You can see examples of ones used in practice in <literal>lib.systems.examples</literal>; note how they are not all very consistent. For now, here are few fields can count on them containing:
</para>
<variablelist>
@ -135,13 +84,7 @@
</term>
<listitem>
<para>
This is a two-component shorthand for the platform. Examples of this
would be "x86_64-darwin" and "i686-linux"; see
<literal>lib.systems.doubles</literal> for more. The first component
corresponds to the CPU architecture of the platform and the second to
the operating system of the platform (<literal>[cpu]-[os]</literal>).
This format has built-in support in Nix, such as the
<varname>builtins.currentSystem</varname> impure string.
This is a two-component shorthand for the platform. Examples of this would be "x86_64-darwin" and "i686-linux"; see <literal>lib.systems.doubles</literal> for more. The first component corresponds to the CPU architecture of the platform and the second to the operating system of the platform (<literal>[cpu]-[os]</literal>). This format has built-in support in Nix, such as the <varname>builtins.currentSystem</varname> impure string.
</para>
</listitem>
</varlistentry>
@ -151