mirror of
https://github.com/ryan4yin/nixos-and-flakes-book
synced 2024-11-12 23:57:07 +00:00
feat: download packages via a proxy
This commit is contained in:
Ryan Yin
parent
29f6473dad
commit
d7fb878559
2 changed files with 25 additions and 44 deletions
|
|
@ -302,29 +302,6 @@ running on their machine. Here's how to set it up. Using methods like
|
|||
actual work is done by a background process called `nix-daemon`, not by commands directly
|
||||
executed in the Terminal.
|
||||
|
||||
The implementation code of `nix-daemon` is located at
|
||||
[nixpkgs/nixos/modules/services/system/nix-daemon.nix](https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/services/system/nix-daemon.nix#L184-L191),
|
||||
which sets environment variables through the `systemd.services.nix-daemon.environment`
|
||||
option. We can also add proxy-related environment variables to the running environment of
|
||||
`nix-daemon` in the same way, as shown in the following example Module:
|
||||
|
||||
```nix
|
||||
{
|
||||
systemd.services.nix-daemon.environment = {
|
||||
# socks5h means that the hostname is resolved by the SOCKS server
|
||||
https_proxy = "socks5h://localhost:7891";
|
||||
# https_proxy = "http://localhost:7890"; # or use http protocol instead of socks5
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
After deploying this configuration, you can check if the environment variables have been
|
||||
set by running `sudo cat /proc/$(pidof nix-daemon)/environ | tr '\0' '\n'`.
|
||||
|
||||
**However, be aware that when the proxy server is not available, nix-daemon will be unable
|
||||
to access any cache servers!** Therefore, I still recommend using a transparent proxy to
|
||||
address acceleration issues.
|
||||
|
||||
If you only need to use a proxy temporarily, you can set the proxy environment variables
|
||||
with the following commands:
|
||||
|
||||
|
|
@ -338,10 +315,24 @@ sudo systemctl daemon-reload
|
|||
sudo systemctl restart nix-daemon
|
||||
```
|
||||
|
||||
After deploying this configuration, you can check if the environment variables have been
|
||||
set by running `sudo cat /proc/$(pidof nix-daemon)/environ | tr '\0' '\n'`.
|
||||
|
||||
The settings in `/run/systemd/system/nix-daemon.service.d/override.conf` will be
|
||||
automatically deleted when the system restarts, or you can manually delete it and restart
|
||||
the nix-daemon service to restore the original settings.
|
||||
|
||||
If you want to permanently set the proxy, it is recommended to save the above commands as
|
||||
a shell script and run it each time the system starts. Alternatively, you can use a
|
||||
transparent proxy or TUN and other global proxy solutions.
|
||||
|
||||
> There are also people in the community who permanently set the proxy for nix-daemon in a
|
||||
> declarative way using `systemd.services.nix-daemon.environment`. However, if the proxy
|
||||
> encounters problems, it will be very troublesome. Nix-daemon will not work properly, and
|
||||
> most Nix commands will not run correctly. Moreover, the configuration of systemd itself
|
||||
> is set to read-only protection, making it difficult to modify or delete the proxy
|
||||
> settings. So, it is not recommended to use this method.
|
||||
|
||||
> When using some commercial or public proxies, you might encounter HTTP 403 errors when
|
||||
> downloading from GitHub (as described in
|
||||
> [nixos-and-flakes-book/issues/74](https://github.com/ryan4yin/nixos-and-flakes-book/issues/74)).
|
||||
|
|
|
|||
|
|
@ -278,27 +278,6 @@ Nix 提供了
|
|||
直接在 Terminal 中使用 `export HTTPS_PROXY=http://127.0.0.1:7890` 这类方式是无法生效的,因
|
||||
为 nix 实际干活的是一个叫 `nix-daemon` 的后台进程,而不是直接在 Terminal 中执行的命令。
|
||||
|
||||
nix-daemon 的实现代码是
|
||||
[nixpkgs/nixos/modules/services/system/nix-daemon.nix](https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/services/system/nix-daemon.nix#L184-L191),
|
||||
它通过 `systemd.services.nix-daemon.environment` 选项设置了环境变量,我们也能通过同样的手
|
||||
段来往 nix-daemon 的运行环境中添加代理相关的环境变量,一个示例 Module 如下:
|
||||
|
||||
```nix
|
||||
{
|
||||
systemd.services.nix-daemon.environment = {
|
||||
# socks5h mean that the hostname is resolved by the SOCKS server
|
||||
https_proxy = "socks5h://localhost:7891";
|
||||
# https_proxy = "http://localhost:7890"; # or use http prctocol instead of socks5
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
部署此配置后,可通过 `sudo cat /proc/$(pidof nix-daemon)/environ | tr '\0' '\n'` 查看
|
||||
nix-daemon 进程的所有环境变量,确认环境变量的设置是否生效。
|
||||
|
||||
**但是要注意,当代理服务器不可用时,nix-daemon 将无法访问任何缓存服务器**!所以我还是更建
|
||||
议使用旁路网关等透明代理方案。
|
||||
|
||||
如果你只是临时需要使用代理,可以通过如下命令设置代理环境变量:
|
||||
|
||||
```bash
|
||||
|
|
@ -311,9 +290,20 @@ sudo systemctl daemon-reload
|
|||
sudo systemctl restart nix-daemon
|
||||
```
|
||||
|
||||
部署此配置后,可通过 `sudo cat /proc/$(pidof nix-daemon)/environ | tr '\0' '\n'` 查看
|
||||
nix-daemon 进程的所有环境变量,确认环境变量的设置是否生效。
|
||||
|
||||
位于 `/run/systemd/system/nix-daemon.service.d/override.conf` 的设置会在系统重启后被自动删
|
||||
除,或者你可以手动删除它并重启 nix-daemon 服务来恢复原始设置。
|
||||
|
||||
如果你希望永久设置代理,建议将上述命令保存为 shell 脚本,在每次启动系统时运行一下。或者也
|
||||
可以使用旁路网关或 TUN 等全局代理方案。
|
||||
|
||||
> 社区也有人通过 `systemd.services.nix-daemon.environment` 以声明式的方式为 nix-daemon 永
|
||||
> 久设置代理,但这种做法下一旦代理出了问题会非常麻烦,nix-daemon 将无法正常工作,进而导致
|
||||
> 大多数 nix 命令无法正常运行,而且 systemd 自身的配置被设置了只读保护,无法简单地修改配置
|
||||
> 删除代理设置。因此不建议使用这种方式。
|
||||
|
||||
> 使用一些商用代理或公共代理时你可能会遇到 GitHub 下载时报 HTTP 403 错误
|
||||
> ([nixos-and-flakes-book/issues/74](https://github.com/ryan4yin/nixos-and-flakes-book/issues/74)),
|
||||
> 可尝试通过更换代理服务器或者设置
|
||||
|
|
|
|||
Loading…
Reference in a new issue