1.6 KiB
Wait what if you're building remotely?
If you pass --build-host to nixos-rebuild
Building a NixOS configuration is secretly two steps: evaluation and realisation.
Evaluation turns your nix code into a derivation: a file with build instructions
(environment variables, a build script, and arguments), a list of other derivations its needs before it can build,
and the outputs it will create when you run it.
Evaluation is always done on the local machine (where you run nixos-rebuild), because the build host might have different channels (for non-flake builds) or no access to the source of some inputs (for flake builds)1.
Realisation (you can think of it as building) takes a derivation and its tree of dependencies then creates the output paths by running each build script in its own sandbox (or downloading the result from a trusted substituter, often cache.nixos.org). Most of the hard work happens here.
In order to get the derivations from the local machine to the build host,
nixos-rebuild uses nix copy --derivation --to,
which works just like nix-copy-closure but copies derivations instead of the entire closure.
Than the hard work can happen on the destination without needing to copy all the nix source code and dependencies.
-
It is actually possible to evaluate flakes on the remote machine, but this isn't supported. The
nix flake archivecommand, which copies a flake and all of its inputs to the nix store, can copy to another machine with the--toargument. Building this way works but I haven't bothered writing a patch. ↩︎