A Nix Binary Cache Specification
I wanted to better understand how to work with Nix binary caches. Interestingly the Nix manual which usually is a great source of knowledge, has a very limited section on the Binary Cache.
It basically just points you to nix-serve, a Perl CGI script in Eelco’s (original author of Nix) personal repository.
This guide will serve to be a loose Nix Binary Cache specification. If you are interested in browsing the end result, please checkout my OpenAPI Nix HTTP Binary Cache Specification 🎆
You can also visit the GitHub repository https://github.com/fzakaria/nix-http-binary-cache-api-spec to contribute.
Investigating hydration times with Nix
📣 I want a give a huge shoutout to my colleague Micah Catlin, whose been constantly challenging me on questions on Nix – his analytical skills are 11/10. 🤓
We are working on a new build system using Nix as the underpinning framework. In order to smooth out the developer experience, we wanted to tackle a very simple question:
“Can we force developers only to pull from the Nix binary cache?”
The search for a minimal nix-shell continued; mkShellMinimal
“The simplest things are often the truest.” - Richard Bach, 1936.
Earlier I wrote about trying to get a minimal nix-shell. The goal and challenge of the post was about reducing the dependency closure size of the shell.
I was asked what’s the point in trying to minimize the closure size ?
We are using nix-shell in our CI infrastructure and every CI job hydrates it’s own /nix/store from scratch. Reducing the dependency closure size would mean faster CI runs. 🏎️
The post finished with a question, “Can we do better ?”, to which I answered “No, not at this time.”.
I’d like to introduce mkShellMinimal that does better 🎊
A minimal nix-shell
We are currently using nix-shell to create a reproducible environment for our developers and CI infrastructure. Can we minimize the dependency closure to make our CI jobs faster?
Eval the Nix
I’ll keep this post short and sweet. I want to write a little blurb that I’ve been mostly enjoying using nix eval to introspect.
Java, Nix & Reproducibility
I’ve written a lot about NixOS; specifically about some of the work I’ve done to improve the Java ecosystem.
In fact, I’ve upstreamed my notes into the Java Maven Nixpkgs documentation.
🎉 Recently, the minimal ISO for NixOS has become reproducible (r13y). 🎉
The ability to produce binary reproducible artifacts is a powerful primitive. What does it take for the JVM ecosystem to adopt reproducible builds within the Nix environment?
For rationale on the why, please see https://reproducible-builds.org/
setting up a Nix Google Cloud Storage (GCS) binary cache
A previous post documented how to setup a binary cache directly on S3. Many however are tied to a different public IaaS offering and may not be able to leverage the native S3 integration Nix offers. Luckily for those using GCP, Google’s blob storage equivalent Google Cloud Storage (GCS) has interoperability with the S3 API.
This will allow us to host our binary cache on GCS while still using the native S3 integration in Nix. Following this guide will allow Nix to leverage GCS without having to use a proxy such as nix-store-gcs-proxy.
JRuby and Sorbet
A recent tweet by the JRuby folks, let me know that the work I had done a while ago to get Sorbet working seemed to have gone under the radar.
Sorbet is a fast, powerful type checker designed for Ruby.
I wanted to reflect on it’s use at our current codebase, challenges still faced and where to go next.
If you want to cut ahead and start using Sorbet right away, I’ve contributed some documentation.
autopatchelf - what it can look like
This is a follow up post to my previous one to on-demand linked libraries for NixOS.
I previously wrote about the work into a new NixOS tool nix-ld, which will allow the possibility of hot-patching the linking of dynamic libraries.
At the moment the goal of the tool is modest in allowing modification of the library search path via a custom environment variable NIX_LD_LIBRARY_PATH.
I’m minimizing the task as there’s a ton of complexity, such as not loading in a different glibc and other subtleties – ask Mic92 about it on #nixos!
I finished with a bit of a teaser on what a full-fledged tool may look like…
On-demand linked libraries for Nix
This is a write up of some discussion ongoing with some folks on the #nix-community IRC chat primarily being driven by Mic92.
Nixpkgs maintains the highest rating on Repology for having the most packages & which are up to date. Unfortunately even with the current ecosystem of packages, there will always be gaps, and for beginners in NixOS a common question is:
“I’ve download a binary and would like to run it on NixOS”
Take a look at this graph https://repology.org/repositories/graphs
Can we do better & streamline running non-Nix software? 🤔
This was some of the questions posed by some Nix contributors and I wanted to capture the ideas put forward for others.
