forked from artemist/blog
20 lines
1.6 KiB
Markdown
20 lines
1.6 KiB
Markdown
## Wait what if you're building remotely?
|
|
If you pass `--build-host` to `nixos-rebuild`
|
|
|
|
Building a NixOS configuration is secretly two steps: evaluation and realisation.
|
|
Evaluation turns your nix code into a derivation: a file with build instructions
|
|
(environment variables, a build script, and arguments), a list of other derivations its needs before it can build,
|
|
and the outputs it will create when you run it.
|
|
Evaluation is always done on the local machine (where you run `nixos-rebuild`), because the build host might have different channels (for non-flake builds) or no access to the source of some inputs (for flake builds)[^flake-eval].
|
|
|
|
Realisation (you can think of it as building) takes a derivation and its tree of dependencies then creates the output paths by running each
|
|
build script in its own sandbox (or downloading the result from a trusted substituter, often [cache.nixos.org](https://cache.nixos.org/)). Most of the hard work happens here.
|
|
|
|
In order to get the derivations from the local machine to the build host,
|
|
`nixos-rebuild` uses `nix copy --derivation --to`,
|
|
which works just like `nix-copy-closure` but copies derivations instead of the entire closure.
|
|
Than the hard work can happen on the destination without needing to copy all the nix source code and dependencies.
|
|
|
|
[^flake-eval]: It is actually possible to evaluate flakes on the remote machine, but this isn't supported. The `nix flake archive` command, which copies a flake and all of its inputs to the nix store, can copy to another machine with the `--to` argument. Building this way works but I haven't bothered writing a patch.
|
|
|