80 lines
3.2 KiB
Text
80 lines
3.2 KiB
Text
### Option `gc-keep-outputs'
|
|
#
|
|
# If `true', the garbage collector will keep the outputs of
|
|
# non-garbage derivations. If `false' (default), outputs will be
|
|
# deleted unless they are GC roots themselves (or reachable from other
|
|
# roots).
|
|
#
|
|
# In general, outputs must be registered as roots separately.
|
|
# However, even if the output of a derivation is registered as a root,
|
|
# the collector will still delete store paths that are used only at
|
|
# build time (e.g., the C compiler, or source tarballs downloaded from
|
|
# the network). To prevent it from doing so, set this option to
|
|
# `true'.
|
|
gc-keep-outputs = false
|
|
|
|
|
|
### Option `gc-keep-derivations'
|
|
#
|
|
# If `true' (default), the garbage collector will keep the derivations
|
|
# from which non-garbage store paths were built. If `false', they
|
|
# will be deleted unless explicitly registered as a root (or reachable
|
|
# from other roots).
|
|
#
|
|
# Keeping derivation around is useful for querying and traceability
|
|
# (e.g., it allows you to ask with what dependencies or options a
|
|
# store path was built), so by default this option is on. Turn it off
|
|
# to safe a bit of disk space (or a lot if `gc-keep-outputs' is also
|
|
# turned on).
|
|
gc-keep-derivations = true
|
|
|
|
|
|
### Option `env-keep-derivations'
|
|
#
|
|
# If `false' (default), derivations are not stored in Nix user
|
|
# environments. That is, the derivation any build-time-only
|
|
# dependencies may be garbage-collected.
|
|
#
|
|
# If `true', when you add a Nix derivation to a user environment, the
|
|
# path of the derivation is stored in the user environment. Thus, the
|
|
# derivation will not be garbage-collected until the user environment
|
|
# generation is deleted (`nix-env --delete-generations'). To prevent
|
|
# build-time-only dependencies from being collected, you should also
|
|
# turn on `gc-keep-outputs'.
|
|
#
|
|
# The difference between this option and `gc-keep-derivations' is that
|
|
# this one is `sticky': it applies to any user environment created
|
|
# while this option was enabled, while `gc-keep-derivations' only
|
|
# applies at the moment the garbage collector is run.
|
|
env-keep-derivations = false
|
|
|
|
|
|
### Option `build-allow-root'
|
|
#
|
|
# This option controls Nix's behaviour when it is invoked under the
|
|
# `root' user (or setuid-root). If `true' (default), builds are
|
|
# performed under the `root' user. If `false', builds are performed
|
|
# under one of the users listed in the `build-users' option (see
|
|
# below).
|
|
build-allow-root = true
|
|
|
|
|
|
### Option `build-users'
|
|
#
|
|
# This option is only applicable if `build-allow-root' is `false' and
|
|
# Nix is invoked under the `root' user (or setuid-root). It contains
|
|
# a list of user names under which Nix can execute builds. Builds
|
|
# cannot be performed by root since that would allow users to take
|
|
# over the system by supplying specially crafted builders; and they
|
|
# cannot be performed by the calling user since that would allow
|
|
# him/her to influence the build result.
|
|
#
|
|
# Thus this list should contain a number of `special' user accounts
|
|
# created specifically for Nix, e.g., `nix-builder-1',
|
|
# `nix-builder-2', and so on. The more users the better, since at
|
|
# most a number of builds equal to the number of build users can be
|
|
# started.
|
|
#
|
|
# Example:
|
|
# build-users = nix-builder-1 nix-builder-2 nix-builder-3
|
|
build-users =
|