.\" -*- mode: troff; coding: utf-8 -*- .TH "nix3-help-stores" "1" "" .RS .PP \fBWarning\fR .br This program is \fB\fBexperimental\fR\fR and its interface is subject to change. .RE .SH Name .LP \f(CRnix help-stores\fR - show help about store types and their settings .SH Synopsis .LP \f(CRnix help-stores\fR [\fIoption\fR\[u2026]] .PP Nix supports different types of stores: .IP "\(bu" 3 \fBDummy Store\fR .if n \ .sp -1 .if t \ .sp -0.25v .IP "\(bu" 3 \fBExperimental Local Overlay Store\fR .if n \ .sp -1 .if t \ .sp -0.25v .IP "\(bu" 3 \fBExperimental SSH Store\fR .if n \ .sp -1 .if t \ .sp -0.25v .IP "\(bu" 3 \fBExperimental SSH Store with filesystem mounted\fR .if n \ .sp -1 .if t \ .sp -0.25v .IP "\(bu" 3 \fBHTTP Binary Cache Store\fR .if n \ .sp -1 .if t \ .sp -0.25v .IP "\(bu" 3 \fBLocal Binary Cache Store\fR .if n \ .sp -1 .if t \ .sp -0.25v .IP "\(bu" 3 \fBLocal Daemon Store\fR .if n \ .sp -1 .if t \ .sp -0.25v .IP "\(bu" 3 \fBLocal Store\fR .if n \ .sp -1 .if t \ .sp -0.25v .IP "\(bu" 3 \fBS3 Binary Cache Store\fR .if n \ .sp -1 .if t \ .sp -0.25v .IP "\(bu" 3 \fBSSH Store\fR .SS Store URL format .LP Stores are specified using a URL-like syntax. For example, the command .LP .EX # nix path-info --store https://cache.nixos.org/ --json \e /nix/store/a7gvj343m05j2s32xcnwr35v31ynlypr-coreutils-9.1 .EE .PP fetches information about a store path in the HTTP binary cache located at \fIhttps://cache.nixos.org/\fR, which is a type of store. .PP Store URLs can specify \fBstore settings\fR using URL query strings, i.e. by appending \f(CR?name1=value1&name2=value2&...\fR to the URL. For instance, .LP .EX --store ssh://machine.example.org?ssh-key=/path/to/my/key .EE .PP tells Nix to access the store on a remote machine via the SSH protocol, using \f(CR/path/to/my/key\fR as the SSH private key. The supported settings for each store type are documented below. .PP The special store URL \f(CRauto\fR causes Nix to automatically select a store as follows: .IP "\(bu" 3 Use the \fBlocal store\fR \f(CR/nix/store\fR if \f(CR/nix/var/nix\fR is writable by the current user. .IP "\(bu" 3 Otherwise, if \f(CR/nix/var/nix/daemon-socket/socket\fR exists, \fBconnect to the Nix daemon listening on that socket\fR. .IP "\(bu" 3 Otherwise, on Linux only, use the \fBlocal chroot store\fR \f(CR\(ti/.local/share/nix/root\fR, which will be created automatically if it does not exist. .IP "\(bu" 3 Otherwise, use the \fBlocal store\fR \f(CR/nix/store\fR. .SH Dummy Store .LP \fBStore URL format\fR: \f(CRdummy://\fR .PP This store type represents a store that contains no store paths and cannot be written to. It\(cqs useful when you want to use the Nix evaluator when no actual Nix store exists, e.g. .LP .EX # nix eval --store dummy:// --expr '1 + 2' .EE .SS Settings .IP "\(bu" 3 \fB\f(CRpath-info-cache-size\fR\fR .IP Size of the in-memory store path metadata cache. .IP \fBDefault:\fR \f(CR65536\fR .IP "\(bu" 3 \fB\f(CRpriority\fR\fR .IP Priority of this store when used as a \fBsubstituter\fR. A lower value means a higher priority. .IP \fBDefault:\fR \f(CR0\fR .IP "\(bu" 3 \fB\f(CRstore\fR\fR .IP Logical location of the Nix store, usually \f(CR/nix/store\fR. Note that you can only copy store paths between stores if they have the same \f(CRstore\fR setting. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRsystem-features\fR\fR .IP Optional \fBsystem features\fR available on the system this store uses to build derivations. .IP Example: \f(CR\(dqkvm\(dq\fR .IP \fBDefault:\fR \fImachine-specific\fR .IP "\(bu" 3 \fB\f(CRtrusted\fR\fR .IP Whether paths from this store can be used as substitutes even if they are not signed by a key listed in the \fB\f(CRtrusted-public-keys\fR\fR setting. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwant-mass-query\fR\fR .IP Whether this store can be queried efficiently for path validity when used as a \fBsubstituter\fR. .IP \fBDefault:\fR \f(CRfalse\fR .SH Experimental Local Overlay Store .RS .LP \fBWarning\fR .PP This store is part of an \fBexperimental feature\fR. .PP To use this store, make sure the \fB\f(CRlocal-overlay-store\fR experimental feature\fR is enabled. For example, include the following in \fB\f(CRnix.conf\fR\fR: .LP .EX extra-experimental-features = local-overlay-store .EE .RE .PP \fBStore URL format\fR: \f(CRlocal-overlay\fR .PP This store type is a variation of the [local store] designed to leverage Linux\(cqs \fBOverlay Filesystem\fR (OverlayFS for short). Just as OverlayFS combines a lower and upper filesystem by treating the upper one as a patch against the lower, the local overlay store combines a lower store with an upper almost-[local store]. (\(lqalmost\(rq because while the upper fileystems for OverlayFS is valid on its own, the upper almost-store is not a valid local store on its own because some references will dangle.) To use this store, you will first need to configure an OverlayFS mountpoint \fBappropriately\fR as Nix will not do this for you (though it will verify the mountpoint is configured correctly). .SS Conceptual parts of a local overlay store .LP \fIThis is a more abstract/conceptual description of the parts of a layered store, an authoritative reference. For more \(lqpractical\(rq instructions, see the worked-out example in the next subsection.\fR .PP The parts of a local overlay store are as follows: .IP "\(bu" 3 \fBLower store\fR: .RS .IP Specified with the \fB\f(CRlower-store\fR\fR setting. .RE .IP This is any store implementation that includes a store directory as part of the native operating system filesystem. For example, this could be a [local store], [local daemon store], or even another local overlay store. .IP The local overlay store never tries to modify the lower store in any way. Something else could modify the lower store, but there are restrictions on this Nix itself requires that this store only grow, and not change in other ways. For example, new store objects can be added, but deleting or modifying store objects is not allowed in general, because that will confuse and corrupt any local overlay store using those objects. (In addition, the underlying filesystem overlay mechanism may impose additional restrictions, see below.) .IP The lower store must not change while it is mounted as part of an overlay store. To ensure it does not, you might want to mount the store directory read-only (which then requires the [read-only] parameter to be set to \f(CRtrue\fR). .RS .IP "\(bu" 3 \fBLower store directory\fR: .RE .RS .IP Specified with \f(CRlower-store.real\fR setting. .RE .IP This is the directory used/exposed by the lower store. .IP As specified above, Nix requires the local store can only grow not change in other ways. Linux\(cqs OverlayFS in addition imposes the further requirement that this directory cannot change at all. That means that, while any local overlay store exists that is using this store as a lower store, this directory must not change. .RS .IP "\(bu" 3 \fBLower metadata source\fR: .RE .RS .IP Not directly specified. A consequence of the \f(CRlower-store\fR setting, depending on the type of lower store chosen. .RE .IP This is abstract, just some way to read the metadata of lower store \fBstore objects\fR. For example it could be a SQLite database (for the [local store]), or a socket connection (for the [local daemon store]). .IP This need not be writable. As stated above a local overlay store never tries to modify its lower store. The lower store\(cqs metadata is considered part of the lower store, just as the store\(cqs \fBfile system objects\fR that appear in the store directory are. .IP "\(bu" 3 \fBUpper almost-store\fR: .RS .IP Not directly specified. Instead the constituent parts are independently specified as described below. .RE .IP This is almost but not quite just a [local store]. That is because taken in isolation, not as part of a local overlay store, by itself, it would appear corrupted. But combined with everything else as part of an overlay local store, it is valid. .RS .IP "\(bu" 3 \fBUpper layer directory\fR: .RE .RS .IP Specified with \fB\f(CRupper-layer\fR\fR setting. .RE .IP This contains additional \fBstore objects\fR (or, strictly speaking, their \fBfile system objects\fR that the local overlay store will extend the lower store with). .RS .IP "\(bu" 3 \fBUpper store directory\fR: .RE .RS .IP Specified with the \fB\f(CRreal\fR\fR setting. This the same as the base local store setting, and can also be indirectly specified with the \fB\f(CRroot\fR\fR setting. .RE .IP This contains all the store objects from each of the two directories. .IP The lower store directory and upper layer directory are combined via OverlayFS to create this directory. Nix doesn\(cqt do this itself, because it typically wouldn\(cqt have the permissions to do so, so it is the responsibility of the user to set this up first. Nix can, however, optionally check that that the OverlayFS mount settings appear as expected, matching Nix\(cqs own settings. .RS .IP "\(bu" 3 \fBUpper SQLite database\fR: .RE .RS .IP Not directly specified. The location of the database instead depends on the \fB\f(CRstate\fR\fR setting. It is is always \f(CR${state}/db\fR. .RE .IP This contains the metadata of all of the upper layer \fBstore objects\fR (everything beyond their file system objects), and also duplicate copies of some lower layer store object\(cqs metadta. The duplication is so the metadata for the \fBclosure\fR of upper layer \fBstore objects\fR can be found entirely within the upper layer. (This allows us to use the same SQL Schema as the [local store]\(cqs SQLite database, as foreign keys in that schema enforce closure metadata to be self-contained in this way.) .SS Example filesystem layout .LP Here is a worked out example of usage, following the concepts in the previous section. .PP Say we have the following paths: .IP "\(bu" 3 \f(CR/mnt/example/merged-store/nix/store\fR .IP "\(bu" 3 \f(CR/mnt/example/store-a/nix/store\fR .IP "\(bu" 3 \f(CR/mnt/example/store-b\fR .LP Then the following store URI can be used to access a local-overlay store at \f(CR/mnt/example/merged-store\fR: .LP .EX local-overlay://?root=/mnt/example/merged-store&lower-store=/mnt/example/store-a&upper-layer=/mnt/example/store-b .EE .PP The lower store directory is located at \f(CR/mnt/example/store-a/nix/store\fR, while the upper layer is at \f(CR/mnt/example/store-b\fR. .PP Before accessing the overlay store you will need to ensure the OverlayFS mount is set up correctly: .LP .EX mount -t overlay overlay \e -o lowerdir=\(dq/mnt/example/store-a/nix/store\(dq \e -o upperdir=\(dq/mnt/example/store-b\(dq \e -o workdir=\(dq/mnt/example/workdir\(dq \e \(dq/mnt/example/merged-store/nix/store\(dq .EE .PP Note that OverlayFS requires \f(CR/mnt/example/workdir\fR to be on the same volume as the \f(CRupperdir\fR. .PP By default, Nix will check that the mountpoint as been set up correctly and fail with an error if it has not. You can override this behaviour by passing \fB\f(CRcheck-mount=false\fR\fR if you need to. .SS Settings .IP "\(bu" 3 \fB\f(CRcheck-mount\fR\fR .IP Check that the overlay filesystem is correctly mounted. .IP Nix does not manage the overlayfs mount point itself, but the correct functioning of the overlay store does depend on this mount point being set up correctly. Rather than just assume this is the case, check that the lowerdir and upperdir options are what we expect them to be. This check is on by default, but can be disabled if needed. .IP \fBDefault:\fR \f(CRtrue\fR .IP "\(bu" 3 \fB\f(CRlog\fR\fR .IP directory where Nix will store log files. .IP \fBDefault:\fR \f(CR/nix/var/log/nix\fR .IP "\(bu" 3 \fB\f(CRlower-store\fR\fR .IP \fBStore URL\fR for the lower store. The default is \f(CRauto\fR (i.e. use the Nix daemon or \f(CR/nix/store\fR directly). .IP Must be a store with a store dir on the file system. Must be used as OverlayFS lower layer for this store\(cqs store dir. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRpath-info-cache-size\fR\fR .IP Size of the in-memory store path metadata cache. .IP \fBDefault:\fR \f(CR65536\fR .IP "\(bu" 3 \fB\f(CRpriority\fR\fR .IP Priority of this store when used as a \fBsubstituter\fR. A lower value means a higher priority. .IP \fBDefault:\fR \f(CR0\fR .IP "\(bu" 3 \fB\f(CRread-only\fR\fR .IP Allow this store to be opened when its \fBdatabase\fR is on a read-only filesystem. .IP Normally Nix will attempt to open the store database in read-write mode, even for querying (when write access is not needed), causing it to fail if the database is on a read-only filesystem. .IP Enable read-only mode to disable locking and open the SQLite database with the \fB\f(CRimmutable\fR parameter\fR set. .RS .IP \fBWarning\fR Do not use this unless the filesystem is read-only. .IP Using it when the filesystem is writable can cause incorrect query results or corruption errors if the database is changed by another process. While the filesystem the database resides on might appear to be read-only, consider whether another user or system might have write access to it. .RE .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRreal\fR\fR .IP Physical path of the Nix store. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRremount-hook\fR\fR .IP Script or other executable to run when overlay filesystem needs remounting. .IP This is occasionally necessary when deleting a store path that exists in both upper and lower layers. In such a situation, bypassing OverlayFS and deleting the path in the upper layer directly is the only way to perform the deletion without creating a \(lqwhiteout\(rq. However this causes the OverlayFS kernel data structures to get out-of-sync, and can lead to \(oqstale file handle\(cq errors; remounting solves the problem. .IP The store directory is passed as an argument to the invoked executable. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRrequire-sigs\fR\fR .IP Whether store paths copied into this store should have a trusted signature. .IP \fBDefault:\fR \f(CRtrue\fR .IP "\(bu" 3 \fB\f(CRroot\fR\fR .IP Directory prefixed to all other paths. .IP \fBDefault:\fR \(ga\(ga .IP "\(bu" 3 \fB\f(CRstate\fR\fR .IP Directory where Nix will store state. .IP \fBDefault:\fR \f(CR/dummy\fR .IP "\(bu" 3 \fB\f(CRstore\fR\fR .IP Logical location of the Nix store, usually \f(CR/nix/store\fR. Note that you can only copy store paths between stores if they have the same \f(CRstore\fR setting. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRsystem-features\fR\fR .IP Optional \fBsystem features\fR available on the system this store uses to build derivations. .IP Example: \f(CR\(dqkvm\(dq\fR .IP \fBDefault:\fR \fImachine-specific\fR .IP "\(bu" 3 \fB\f(CRtrusted\fR\fR .IP Whether paths from this store can be used as substitutes even if they are not signed by a key listed in the \fB\f(CRtrusted-public-keys\fR\fR setting. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRupper-layer\fR\fR .IP Directory containing the OverlayFS upper layer for this store\(cqs store dir. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRwant-mass-query\fR\fR .IP Whether this store can be queried efficiently for path validity when used as a \fBsubstituter\fR. .IP \fBDefault:\fR \f(CRfalse\fR .SH Experimental SSH Store with filesystem mounted .RS .LP \fBWarning\fR .PP This store is part of an \fBexperimental feature\fR. .PP To use this store, make sure the \fB\f(CRmounted-ssh-store\fR experimental feature\fR is enabled. For example, include the following in \fB\f(CRnix.conf\fR\fR: .LP .EX extra-experimental-features = mounted-ssh-store .EE .RE .PP \fBStore URL format\fR: \f(CRmounted-ssh-ng://[username@]hostname\fR .PP Experimental store type that allows full access to a Nix store on a remote machine, and additionally requires that store be mounted in the local file system. .PP The mounting of that store is not managed by Nix, and must by managed manually. It could be accomplished with SSHFS or NFS, for example. .PP The local file system is used to optimize certain operations. For example, rather than serializing Nix archives and sending over the Nix channel, we can directly access the file system data via the mount-point. .PP The local file system is also used to make certain operations possible that wouldn\(cqt otherwise be. For example, persistent GC roots can be created if they reside on the same file system as the remote store: the remote side will create the symlinks necessary to avoid race conditions. .SS Settings .IP "\(bu" 3 \fB\f(CRbase64-ssh-public-host-key\fR\fR .IP The public host key of the remote machine. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRcompress\fR\fR .IP Whether to enable SSH compression. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRlog\fR\fR .IP directory where Nix will store log files. .IP \fBDefault:\fR \f(CR/nix/var/log/nix\fR .IP "\(bu" 3 \fB\f(CRmax-connection-age\fR\fR .IP Maximum age of a connection before it is closed. .IP \fBDefault:\fR \f(CR4294967295\fR .IP "\(bu" 3 \fB\f(CRmax-connections\fR\fR .IP Maximum number of concurrent connections to the Nix daemon. .IP \fBDefault:\fR \f(CR1\fR .IP "\(bu" 3 \fB\f(CRpath-info-cache-size\fR\fR .IP Size of the in-memory store path metadata cache. .IP \fBDefault:\fR \f(CR65536\fR .IP "\(bu" 3 \fB\f(CRpriority\fR\fR .IP Priority of this store when used as a \fBsubstituter\fR. A lower value means a higher priority. .IP \fBDefault:\fR \f(CR0\fR .IP "\(bu" 3 \fB\f(CRreal\fR\fR .IP Physical path of the Nix store. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRremote-program\fR\fR .IP Path to the \f(CRnix-daemon\fR executable on the remote machine. .IP \fBDefault:\fR \f(CRnix-daemon\fR .IP "\(bu" 3 \fB\f(CRremote-store\fR\fR .IP \fBStore URL\fR to be used on the remote machine. The default is \f(CRauto\fR (i.e. use the Nix daemon or \f(CR/nix/store\fR directly). .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRroot\fR\fR .IP Directory prefixed to all other paths. .IP \fBDefault:\fR \(ga\(ga .IP "\(bu" 3 \fB\f(CRssh-key\fR\fR .IP Path to the SSH private key used to authenticate to the remote machine. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRstate\fR\fR .IP Directory where Nix will store state. .IP \fBDefault:\fR \f(CR/dummy\fR .IP "\(bu" 3 \fB\f(CRstore\fR\fR .IP Logical location of the Nix store, usually \f(CR/nix/store\fR. Note that you can only copy store paths between stores if they have the same \f(CRstore\fR setting. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRsystem-features\fR\fR .IP Optional \fBsystem features\fR available on the system this store uses to build derivations. .IP Example: \f(CR\(dqkvm\(dq\fR .IP \fBDefault:\fR \fImachine-specific\fR .IP "\(bu" 3 \fB\f(CRtrusted\fR\fR .IP Whether paths from this store can be used as substitutes even if they are not signed by a key listed in the \fB\f(CRtrusted-public-keys\fR\fR setting. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwant-mass-query\fR\fR .IP Whether this store can be queried efficiently for path validity when used as a \fBsubstituter\fR. .IP \fBDefault:\fR \f(CRfalse\fR .SH Experimental SSH Store .LP \fBStore URL format\fR: \f(CRssh-ng://[username@]hostname\fR .PP Experimental store type that allows full access to a Nix store on a remote machine. .SS Settings .IP "\(bu" 3 \fB\f(CRbase64-ssh-public-host-key\fR\fR .IP The public host key of the remote machine. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRcompress\fR\fR .IP Whether to enable SSH compression. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRmax-connection-age\fR\fR .IP Maximum age of a connection before it is closed. .IP \fBDefault:\fR \f(CR4294967295\fR .IP "\(bu" 3 \fB\f(CRmax-connections\fR\fR .IP Maximum number of concurrent connections to the Nix daemon. .IP \fBDefault:\fR \f(CR1\fR .IP "\(bu" 3 \fB\f(CRpath-info-cache-size\fR\fR .IP Size of the in-memory store path metadata cache. .IP \fBDefault:\fR \f(CR65536\fR .IP "\(bu" 3 \fB\f(CRpriority\fR\fR .IP Priority of this store when used as a \fBsubstituter\fR. A lower value means a higher priority. .IP \fBDefault:\fR \f(CR0\fR .IP "\(bu" 3 \fB\f(CRremote-program\fR\fR .IP Path to the \f(CRnix-daemon\fR executable on the remote machine. .IP \fBDefault:\fR \f(CRnix-daemon\fR .IP "\(bu" 3 \fB\f(CRremote-store\fR\fR .IP \fBStore URL\fR to be used on the remote machine. The default is \f(CRauto\fR (i.e. use the Nix daemon or \f(CR/nix/store\fR directly). .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRssh-key\fR\fR .IP Path to the SSH private key used to authenticate to the remote machine. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRstore\fR\fR .IP Logical location of the Nix store, usually \f(CR/nix/store\fR. Note that you can only copy store paths between stores if they have the same \f(CRstore\fR setting. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRsystem-features\fR\fR .IP Optional \fBsystem features\fR available on the system this store uses to build derivations. .IP Example: \f(CR\(dqkvm\(dq\fR .IP \fBDefault:\fR \fImachine-specific\fR .IP "\(bu" 3 \fB\f(CRtrusted\fR\fR .IP Whether paths from this store can be used as substitutes even if they are not signed by a key listed in the \fB\f(CRtrusted-public-keys\fR\fR setting. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwant-mass-query\fR\fR .IP Whether this store can be queried efficiently for path validity when used as a \fBsubstituter\fR. .IP \fBDefault:\fR \f(CRfalse\fR .SH HTTP Binary Cache Store .LP \fBStore URL format\fR: \f(CRhttp://...\fR, \f(CRhttps://...\fR .PP This store allows a binary cache to be accessed via the HTTP protocol. .SS Settings .IP "\(bu" 3 \fB\f(CRcompression\fR\fR .IP NAR compression method (\f(CRxz\fR, \f(CRbzip2\fR, \f(CRgzip\fR, \f(CRzstd\fR, or \f(CRnone\fR). .IP \fBDefault:\fR \f(CRxz\fR .IP "\(bu" 3 \fB\f(CRcompression-level\fR\fR .IP The \fIpreset level\fR to be used when compressing NARs. The meaning and accepted values depend on the compression method selected. \f(CR-1\fR specifies that the default compression level should be used. .IP \fBDefault:\fR \f(CR-1\fR .IP "\(bu" 3 \fB\f(CRindex-debug-info\fR\fR .IP Whether to index DWARF debug info files by build ID. This allows \fB\f(CRdwarffs\fR\fR to fetch debug info on demand .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRlocal-nar-cache\fR\fR .IP Path to a local cache of NARs fetched from this binary cache, used by commands such as \f(CRnix store cat\fR. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRparallel-compression\fR\fR .IP Enable multi-threaded compression of NARs. This is currently only available for \f(CRxz\fR and \f(CRzstd\fR. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRpath-info-cache-size\fR\fR .IP Size of the in-memory store path metadata cache. .IP \fBDefault:\fR \f(CR65536\fR .IP "\(bu" 3 \fB\f(CRpriority\fR\fR .IP Priority of this store when used as a \fBsubstituter\fR. A lower value means a higher priority. .IP \fBDefault:\fR \f(CR0\fR .IP "\(bu" 3 \fB\f(CRsecret-key\fR\fR .IP Path to the secret key used to sign the binary cache. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRstore\fR\fR .IP Logical location of the Nix store, usually \f(CR/nix/store\fR. Note that you can only copy store paths between stores if they have the same \f(CRstore\fR setting. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRsystem-features\fR\fR .IP Optional \fBsystem features\fR available on the system this store uses to build derivations. .IP Example: \f(CR\(dqkvm\(dq\fR .IP \fBDefault:\fR \fImachine-specific\fR .IP "\(bu" 3 \fB\f(CRtrusted\fR\fR .IP Whether paths from this store can be used as substitutes even if they are not signed by a key listed in the \fB\f(CRtrusted-public-keys\fR\fR setting. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwant-mass-query\fR\fR .IP Whether this store can be queried efficiently for path validity when used as a \fBsubstituter\fR. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwrite-nar-listing\fR\fR .IP Whether to write a JSON file that lists the files in each NAR. .IP \fBDefault:\fR \f(CRfalse\fR .SH Local Binary Cache Store .LP \fBStore URL format\fR: \f(CRfile://\fR\fIpath\fR .PP This store allows reading and writing a binary cache stored in \fIpath\fR in the local filesystem. If \fIpath\fR does not exist, it will be created. .PP For example, the following builds or downloads \f(CRnixpkgs#hello\fR into the local store and then copies it to the binary cache in \f(CR/tmp/binary-cache\fR: .LP .EX # nix copy --to file:///tmp/binary-cache nixpkgs#hello .EE .SS Settings .IP "\(bu" 3 \fB\f(CRcompression\fR\fR .IP NAR compression method (\f(CRxz\fR, \f(CRbzip2\fR, \f(CRgzip\fR, \f(CRzstd\fR, or \f(CRnone\fR). .IP \fBDefault:\fR \f(CRxz\fR .IP "\(bu" 3 \fB\f(CRcompression-level\fR\fR .IP The \fIpreset level\fR to be used when compressing NARs. The meaning and accepted values depend on the compression method selected. \f(CR-1\fR specifies that the default compression level should be used. .IP \fBDefault:\fR \f(CR-1\fR .IP "\(bu" 3 \fB\f(CRindex-debug-info\fR\fR .IP Whether to index DWARF debug info files by build ID. This allows \fB\f(CRdwarffs\fR\fR to fetch debug info on demand .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRlocal-nar-cache\fR\fR .IP Path to a local cache of NARs fetched from this binary cache, used by commands such as \f(CRnix store cat\fR. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRparallel-compression\fR\fR .IP Enable multi-threaded compression of NARs. This is currently only available for \f(CRxz\fR and \f(CRzstd\fR. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRpath-info-cache-size\fR\fR .IP Size of the in-memory store path metadata cache. .IP \fBDefault:\fR \f(CR65536\fR .IP "\(bu" 3 \fB\f(CRpriority\fR\fR .IP Priority of this store when used as a \fBsubstituter\fR. A lower value means a higher priority. .IP \fBDefault:\fR \f(CR0\fR .IP "\(bu" 3 \fB\f(CRsecret-key\fR\fR .IP Path to the secret key used to sign the binary cache. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRstore\fR\fR .IP Logical location of the Nix store, usually \f(CR/nix/store\fR. Note that you can only copy store paths between stores if they have the same \f(CRstore\fR setting. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRsystem-features\fR\fR .IP Optional \fBsystem features\fR available on the system this store uses to build derivations. .IP Example: \f(CR\(dqkvm\(dq\fR .IP \fBDefault:\fR \fImachine-specific\fR .IP "\(bu" 3 \fB\f(CRtrusted\fR\fR .IP Whether paths from this store can be used as substitutes even if they are not signed by a key listed in the \fB\f(CRtrusted-public-keys\fR\fR setting. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwant-mass-query\fR\fR .IP Whether this store can be queried efficiently for path validity when used as a \fBsubstituter\fR. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwrite-nar-listing\fR\fR .IP Whether to write a JSON file that lists the files in each NAR. .IP \fBDefault:\fR \f(CRfalse\fR .SH Local Daemon Store .LP \fBStore URL format\fR: \f(CRdaemon\fR, \f(CRunix://\fR\fIpath\fR .PP This store type accesses a Nix store by talking to a Nix daemon listening on the Unix domain socket \fIpath\fR. The store pseudo-URL \f(CRdaemon\fR is equivalent to \f(CRunix:///nix/var/nix/daemon-socket/socket\fR. .SS Settings .IP "\(bu" 3 \fB\f(CRlog\fR\fR .IP directory where Nix will store log files. .IP \fBDefault:\fR \f(CR/nix/var/log/nix\fR .IP "\(bu" 3 \fB\f(CRmax-connection-age\fR\fR .IP Maximum age of a connection before it is closed. .IP \fBDefault:\fR \f(CR4294967295\fR .IP "\(bu" 3 \fB\f(CRmax-connections\fR\fR .IP Maximum number of concurrent connections to the Nix daemon. .IP \fBDefault:\fR \f(CR1\fR .IP "\(bu" 3 \fB\f(CRpath-info-cache-size\fR\fR .IP Size of the in-memory store path metadata cache. .IP \fBDefault:\fR \f(CR65536\fR .IP "\(bu" 3 \fB\f(CRpriority\fR\fR .IP Priority of this store when used as a \fBsubstituter\fR. A lower value means a higher priority. .IP \fBDefault:\fR \f(CR0\fR .IP "\(bu" 3 \fB\f(CRreal\fR\fR .IP Physical path of the Nix store. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRroot\fR\fR .IP Directory prefixed to all other paths. .IP \fBDefault:\fR \(ga\(ga .IP "\(bu" 3 \fB\f(CRstate\fR\fR .IP Directory where Nix will store state. .IP \fBDefault:\fR \f(CR/dummy\fR .IP "\(bu" 3 \fB\f(CRstore\fR\fR .IP Logical location of the Nix store, usually \f(CR/nix/store\fR. Note that you can only copy store paths between stores if they have the same \f(CRstore\fR setting. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRsystem-features\fR\fR .IP Optional \fBsystem features\fR available on the system this store uses to build derivations. .IP Example: \f(CR\(dqkvm\(dq\fR .IP \fBDefault:\fR \fImachine-specific\fR .IP "\(bu" 3 \fB\f(CRtrusted\fR\fR .IP Whether paths from this store can be used as substitutes even if they are not signed by a key listed in the \fB\f(CRtrusted-public-keys\fR\fR setting. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwant-mass-query\fR\fR .IP Whether this store can be queried efficiently for path validity when used as a \fBsubstituter\fR. .IP \fBDefault:\fR \f(CRfalse\fR .SH Local Store .LP \fBStore URL format\fR: \f(CRlocal\fR, \fIroot\fR .PP This store type accesses a Nix store in the local filesystem directly (i.e. not via the Nix daemon). \fIroot\fR is an absolute path that is prefixed to other directories such as the Nix store directory. The store pseudo-URL \f(CRlocal\fR denotes a store that uses \f(CR/\fR as its root directory. .PP A store that uses a \fIroot\fR other than \f(CR/\fR is called a \fIchroot store\fR. With such stores, the store directory is \(lqlogically\(rq still \f(CR/nix/store\fR, so programs stored in them can only be built and executed by \f(CRchroot\fR-ing into \fIroot\fR. Chroot stores only support building and running on Linux when \fB\f(CRmount namespaces\fR\fR and \fB\f(CRuser namespaces\fR\fR are enabled. .PP For example, the following uses \f(CR/tmp/root\fR as the chroot environment to build or download \f(CRnixpkgs#hello\fR and then execute it: .LP .EX # nix run --store /tmp/root nixpkgs#hello Hello, world! .EE .PP Here, the \(lqphysical\(rq store location is \f(CR/tmp/root/nix/store\fR, and Nix\(cqs store metadata is in \f(CR/tmp/root/nix/var/nix/db\fR. .PP It is also possible, but not recommended, to change the \(lqlogical\(rq location of the Nix store from its default of \f(CR/nix/store\fR. This makes it impossible to use default substituters such as \f(CRhttps://cache.nixos.org/\fR, and thus you may have to build everything locally. Here is an example: .LP .EX # nix build --store 'local?store=/tmp/my-nix/store&state=/tmp/my-nix/state&log=/tmp/my-nix/log' nixpkgs#hello .EE .SS Settings .IP "\(bu" 3 \fB\f(CRlog\fR\fR .IP directory where Nix will store log files. .IP \fBDefault:\fR \f(CR/nix/var/log/nix\fR .IP "\(bu" 3 \fB\f(CRpath-info-cache-size\fR\fR .IP Size of the in-memory store path metadata cache. .IP \fBDefault:\fR \f(CR65536\fR .IP "\(bu" 3 \fB\f(CRpriority\fR\fR .IP Priority of this store when used as a \fBsubstituter\fR. A lower value means a higher priority. .IP \fBDefault:\fR \f(CR0\fR .IP "\(bu" 3 \fB\f(CRread-only\fR\fR .IP Allow this store to be opened when its \fBdatabase\fR is on a read-only filesystem. .IP Normally Nix will attempt to open the store database in read-write mode, even for querying (when write access is not needed), causing it to fail if the database is on a read-only filesystem. .IP Enable read-only mode to disable locking and open the SQLite database with the \fB\f(CRimmutable\fR parameter\fR set. .RS .IP \fBWarning\fR Do not use this unless the filesystem is read-only. .IP Using it when the filesystem is writable can cause incorrect query results or corruption errors if the database is changed by another process. While the filesystem the database resides on might appear to be read-only, consider whether another user or system might have write access to it. .RE .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRreal\fR\fR .IP Physical path of the Nix store. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRrequire-sigs\fR\fR .IP Whether store paths copied into this store should have a trusted signature. .IP \fBDefault:\fR \f(CRtrue\fR .IP "\(bu" 3 \fB\f(CRroot\fR\fR .IP Directory prefixed to all other paths. .IP \fBDefault:\fR \(ga\(ga .IP "\(bu" 3 \fB\f(CRstate\fR\fR .IP Directory where Nix will store state. .IP \fBDefault:\fR \f(CR/dummy\fR .IP "\(bu" 3 \fB\f(CRstore\fR\fR .IP Logical location of the Nix store, usually \f(CR/nix/store\fR. Note that you can only copy store paths between stores if they have the same \f(CRstore\fR setting. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRsystem-features\fR\fR .IP Optional \fBsystem features\fR available on the system this store uses to build derivations. .IP Example: \f(CR\(dqkvm\(dq\fR .IP \fBDefault:\fR \fImachine-specific\fR .IP "\(bu" 3 \fB\f(CRtrusted\fR\fR .IP Whether paths from this store can be used as substitutes even if they are not signed by a key listed in the \fB\f(CRtrusted-public-keys\fR\fR setting. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwant-mass-query\fR\fR .IP Whether this store can be queried efficiently for path validity when used as a \fBsubstituter\fR. .IP \fBDefault:\fR \f(CRfalse\fR .SH S3 Binary Cache Store .LP \fBStore URL format\fR: \f(CRs3://\fR\fIbucket-name\fR .PP This store allows reading and writing a binary cache stored in an AWS S3 (or S3-compatible service) bucket. This store shares many idioms with the \fBHTTP Binary Cache Store\fR. .PP For AWS S3, the binary cache URL for a bucket named \f(CRexample-nix-cache\fR will be exactly \fIs3://example-nix-cache\fR. For S3 compatible binary caches, consult that cache\(cqs documentation. .SS Anonymous reads to your S3-compatible binary cache .RS .LP If your binary cache is publicly accessible and does not require authentication, it is simplest to use the [HTTP Binary Cache Store] rather than S3 Binary Cache Store with \fIhttps://example-nix-cache.s3.amazonaws.com\fR instead of \fIs3://example-nix-cache\fR. .RE .PP Your bucket will need a \fBbucket policy\fR like the following to be accessible: .LP .EX { \(dqId\(dq: \(dqDirectReads\(dq, \(dqVersion\(dq: \(dq2012-10-17\(dq, \(dqStatement\(dq: [ { \(dqSid\(dq: \(dqAllowDirectReads\(dq, \(dqAction\(dq: [ \(dqs3:GetObject\(dq, \(dqs3:GetBucketLocation\(dq ], \(dqEffect\(dq: \(dqAllow\(dq, \(dqResource\(dq: [ \(dqarn:aws:s3:::example-nix-cache\(dq, \(dqarn:aws:s3:::example-nix-cache/*\(dq ], \(dqPrincipal\(dq: \(dq*\(dq } ] } .EE .SS Authentication .LP Nix will use the \fBdefault credential provider chain\fR for authenticating requests to Amazon S3. .PP Note that this means Nix will read environment variables and files with different idioms than with Nix\(cqs own settings, as implemented by the AWS SDK. Consult the documentation linked above for further details. .SS Authenticated reads to your S3 binary cache .LP Your bucket will need a bucket policy allowing the desired users to perform the \f(CRs3:GetObject\fR and \f(CRs3:GetBucketLocation\fR action on all objects in the bucket. The \fBanonymous policy given above\fR can be updated to have a restricted \f(CRPrincipal\fR to support this. .SS Authenticated writes to your S3-compatible binary cache .LP Your account will need an IAM policy to support uploading to the bucket: .LP .EX { \(dqVersion\(dq: \(dq2012-10-17\(dq, \(dqStatement\(dq: [ { \(dqSid\(dq: \(dqUploadToCache\(dq, \(dqEffect\(dq: \(dqAllow\(dq, \(dqAction\(dq: [ \(dqs3:AbortMultipartUpload\(dq, \(dqs3:GetBucketLocation\(dq, \(dqs3:GetObject\(dq, \(dqs3:ListBucket\(dq, \(dqs3:ListBucketMultipartUploads\(dq, \(dqs3:ListMultipartUploadParts\(dq, \(dqs3:PutObject\(dq ], \(dqResource\(dq: [ \(dqarn:aws:s3:::example-nix-cache\(dq, \(dqarn:aws:s3:::example-nix-cache/*\(dq ] } ] } .EE .SS Examples .LP With bucket policies and authentication set up as described above, uploading works via \fB\f(CRnix copy\fR\fR (experimental). .IP "\(bu" 3 To upload with a specific credential profile for Amazon S3: .LP .EX $ nix copy nixpkgs.hello \e --to 's3://example-nix-cache?profile=cache-upload®ion=eu-west-2' .EE .IP "\(bu" 3 To upload to an S3-compatible binary cache: .LP .EX $ nix copy nixpkgs.hello --to \e \&'s3://example-nix-cache?profile=cache-upload&scheme=https&endpoint=minio.example.com' .EE .SS Settings .IP "\(bu" 3 \fB\f(CRbuffer-size\fR\fR .IP Size (in bytes) of each part in multi-part uploads. .IP \fBDefault:\fR \f(CR5242880\fR .IP "\(bu" 3 \fB\f(CRcompression\fR\fR .IP NAR compression method (\f(CRxz\fR, \f(CRbzip2\fR, \f(CRgzip\fR, \f(CRzstd\fR, or \f(CRnone\fR). .IP \fBDefault:\fR \f(CRxz\fR .IP "\(bu" 3 \fB\f(CRcompression-level\fR\fR .IP The \fIpreset level\fR to be used when compressing NARs. The meaning and accepted values depend on the compression method selected. \f(CR-1\fR specifies that the default compression level should be used. .IP \fBDefault:\fR \f(CR-1\fR .IP "\(bu" 3 \fB\f(CRendpoint\fR\fR .IP The URL of the endpoint of an S3-compatible service such as MinIO. Do not specify this setting if you\(cqre using Amazon S3. .RS .IP \fBNote\fR .IP This endpoint must support HTTPS and will use path-based addressing instead of virtual host based addressing. .RE .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRindex-debug-info\fR\fR .IP Whether to index DWARF debug info files by build ID. This allows \fB\f(CRdwarffs\fR\fR to fetch debug info on demand .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRlocal-nar-cache\fR\fR .IP Path to a local cache of NARs fetched from this binary cache, used by commands such as \f(CRnix store cat\fR. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRlog-compression\fR\fR .IP Compression method for \f(CRlog/*\fR files. It is recommended to use a compression method supported by most web browsers (e.g. \f(CRbrotli\fR). .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRls-compression\fR\fR .IP Compression method for \f(CR.ls\fR files. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRmultipart-upload\fR\fR .IP Whether to use multi-part uploads. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRnarinfo-compression\fR\fR .IP Compression method for \f(CR.narinfo\fR files. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRparallel-compression\fR\fR .IP Enable multi-threaded compression of NARs. This is currently only available for \f(CRxz\fR and \f(CRzstd\fR. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRpath-info-cache-size\fR\fR .IP Size of the in-memory store path metadata cache. .IP \fBDefault:\fR \f(CR65536\fR .IP "\(bu" 3 \fB\f(CRpriority\fR\fR .IP Priority of this store when used as a \fBsubstituter\fR. A lower value means a higher priority. .IP \fBDefault:\fR \f(CR0\fR .IP "\(bu" 3 \fB\f(CRprofile\fR\fR .IP The name of the AWS configuration profile to use. By default Nix will use the \f(CRdefault\fR profile. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRregion\fR\fR .IP The region of the S3 bucket. If your bucket is not in \f(CRus–east-1\fR, you should always explicitly specify the region parameter. .IP \fBDefault:\fR \f(CRus-east-1\fR .IP "\(bu" 3 \fB\f(CRscheme\fR\fR .IP The scheme used for S3 requests, \f(CRhttps\fR (default) or \f(CRhttp\fR. This option allows you to disable HTTPS for binary caches which don\(cqt support it. .RS .IP \fBNote\fR .IP HTTPS should be used if the cache might contain sensitive information. .RE .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRsecret-key\fR\fR .IP Path to the secret key used to sign the binary cache. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRstore\fR\fR .IP Logical location of the Nix store, usually \f(CR/nix/store\fR. Note that you can only copy store paths between stores if they have the same \f(CRstore\fR setting. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRsystem-features\fR\fR .IP Optional \fBsystem features\fR available on the system this store uses to build derivations. .IP Example: \f(CR\(dqkvm\(dq\fR .IP \fBDefault:\fR \fImachine-specific\fR .IP "\(bu" 3 \fB\f(CRtrusted\fR\fR .IP Whether paths from this store can be used as substitutes even if they are not signed by a key listed in the \fB\f(CRtrusted-public-keys\fR\fR setting. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwant-mass-query\fR\fR .IP Whether this store can be queried efficiently for path validity when used as a \fBsubstituter\fR. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwrite-nar-listing\fR\fR .IP Whether to write a JSON file that lists the files in each NAR. .IP \fBDefault:\fR \f(CRfalse\fR .SH SSH Store .LP \fBStore URL format\fR: \f(CRssh://[username@]hostname\fR .PP This store type allows limited access to a remote store on another machine via SSH. .SS Settings .IP "\(bu" 3 \fB\f(CRbase64-ssh-public-host-key\fR\fR .IP The public host key of the remote machine. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRcompress\fR\fR .IP Whether to enable SSH compression. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRmax-connections\fR\fR .IP Maximum number of concurrent SSH connections. .IP \fBDefault:\fR \f(CR1\fR .IP "\(bu" 3 \fB\f(CRpath-info-cache-size\fR\fR .IP Size of the in-memory store path metadata cache. .IP \fBDefault:\fR \f(CR65536\fR .IP "\(bu" 3 \fB\f(CRpriority\fR\fR .IP Priority of this store when used as a \fBsubstituter\fR. A lower value means a higher priority. .IP \fBDefault:\fR \f(CR0\fR .IP "\(bu" 3 \fB\f(CRremote-program\fR\fR .IP Path to the \f(CRnix-store\fR executable on the remote machine. .IP \fBDefault:\fR \f(CRnix-store\fR .IP "\(bu" 3 \fB\f(CRremote-store\fR\fR .IP \fBStore URL\fR to be used on the remote machine. The default is \f(CRauto\fR (i.e. use the Nix daemon or \f(CR/nix/store\fR directly). .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRssh-key\fR\fR .IP Path to the SSH private key used to authenticate to the remote machine. .IP \fBDefault:\fR \fIempty\fR .IP "\(bu" 3 \fB\f(CRstore\fR\fR .IP Logical location of the Nix store, usually \f(CR/nix/store\fR. Note that you can only copy store paths between stores if they have the same \f(CRstore\fR setting. .IP \fBDefault:\fR \f(CR/nix/store\fR .IP "\(bu" 3 \fB\f(CRsystem-features\fR\fR .IP Optional \fBsystem features\fR available on the system this store uses to build derivations. .IP Example: \f(CR\(dqkvm\(dq\fR .IP \fBDefault:\fR \fImachine-specific\fR .IP "\(bu" 3 \fB\f(CRtrusted\fR\fR .IP Whether paths from this store can be used as substitutes even if they are not signed by a key listed in the \fB\f(CRtrusted-public-keys\fR\fR setting. .IP \fBDefault:\fR \f(CRfalse\fR .IP "\(bu" 3 \fB\f(CRwant-mass-query\fR\fR .IP Whether this store can be queried efficiently for path validity when used as a \fBsubstituter\fR. .IP \fBDefault:\fR \f(CRfalse\fR .SH Options .SS Logging-related options .IP "\(bu" 3 \fB\f(CR--debug\fR\fR .IP Set the logging verbosity level to \(oqdebug\(cq. .IP "\(bu" 3 \fB\f(CR--log-format\fR\fR \fIformat\fR .IP Set the format of log output; one of \f(CRraw\fR, \f(CRinternal-json\fR, \f(CRbar\fR or \f(CRbar-with-logs\fR. .IP "\(bu" 3 \fB\f(CR--print-build-logs\fR\fR / \f(CR-L\fR .IP Print full build logs on standard error. .IP "\(bu" 3 \fB\f(CR--quiet\fR\fR .IP Decrease the logging verbosity level. .IP "\(bu" 3 \fB\f(CR--verbose\fR\fR / \f(CR-v\fR .IP Increase the logging verbosity level. .SS Miscellaneous global options .IP "\(bu" 3 \fB\f(CR--help\fR\fR .IP Show usage information. .IP "\(bu" 3 \fB\f(CR--offline\fR\fR .IP Disable substituters and consider all previously downloaded files up-to-date. .IP "\(bu" 3 \fB\f(CR--option\fR\fR \fIname\fR \fIvalue\fR .IP Set the Nix configuration setting \fIname\fR to \fIvalue\fR (overriding \f(CRnix.conf\fR). .IP "\(bu" 3 \fB\f(CR--refresh\fR\fR .IP Consider all previously downloaded files out-of-date. .IP "\(bu" 3 \fB\f(CR--version\fR\fR .IP Show version information. .RS .LP \fBNote\fR .PP See \fB\f(CRman nix.conf\fR\fR for overriding configuration settings with command line flags. .RE