mirror of
https://github.com/ryan4yin/nixos-and-flakes-book.git
synced 2024-12-27 00:58:52 +01:00
feat: set proxy for nix-daemon only
This commit is contained in:
parent
14226a2c29
commit
a1766125aa
@ -225,31 +225,30 @@ In other words, you can use it like this:
|
||||
};
|
||||
}
|
||||
```
|
||||
## Using Local HTTP Proxy to Accelerate Package Downloads {#use-local-http-proxy-to-speed-up-nix-package-download}
|
||||
## Using Local Proxy to Accelerate Package Downloads {#use-local-http-proxy-to-speed-up-nix-package-download}
|
||||
|
||||
> Related: [roaming laptop: network proxy configuration - NixOS/nixpkgs](https://github.com/NixOS/nixpkgs/issues/27535#issuecomment-1178444327)
|
||||
|
||||
While it has been mentioned earlier that a bypass route can completely solve the NixOS package download speed issue, configuring a bypass route is relatively cumbersome and often requires additional support from a software routing device.
|
||||
|
||||
Many users may prefer to directly accelerate package downloads through a locally running HTTP proxy. Here's how to set it up.
|
||||
Many users may prefer to directly accelerate package downloads through a locally running HTTP/Sock5 proxy. Here's how to set it up.
|
||||
|
||||
Directly using methods like `export HTTPS_PROXY=http://127.0.0.1:7890` in the terminal won't be effective because Nix does its work in a background process called `nix-daemon`, not directly in the terminal.
|
||||
|
||||
To enable `nix-daemon` to use a proxy, you need to modify its systemd configuration. Here's how:
|
||||
nix-daemon is implemented in [nixpkgs/nixos/modules/services/system/nix-daemon.nix](https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/services/system/nix-daemon.nix#L184-L191),
|
||||
It sets environment variables through the `systemd.services.nix-daemon.environment` option, and we can also use the same method to add proxy-related environment variables to the running environment of nix-daemon. Here's an example Module:
|
||||
|
||||
```bash
|
||||
sudo mkdir /run/systemd/system/nix-daemon.service.d/
|
||||
cat << EOF >/run/systemd/system/nix-daemon.service.d/override.conf
|
||||
[Service]
|
||||
Environment="http_proxy=socks5h://localhost:7891"
|
||||
Environment="https_proxy=socks5h://localhost:7891"
|
||||
Environment="all_proxy=socks5h://localhost:7891"
|
||||
EOF
|
||||
sudo systemctl daemon-reload
|
||||
sudo systemctl restart nix-daemon
|
||||
```nix
|
||||
{
|
||||
systemd.services.nix-daemon.environment = {
|
||||
# socks5h mean that the hostname is resolved by the SOCKS server
|
||||
https_proxy = "socks5h://localhost:7891";
|
||||
# https_proxy = "http://localhost:7890"; # or use http prctocol instead of socks5
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
Using this approach, you might need to execute the above commands every time the system is restarted because the `/run` directory is a temporary file system that gets cleared upon a restart.
|
||||
After deploying this configuration, you can use `sudo cat /proc/$(pidof nix-daemon)/environ | tr '\0' '\n'` to view all environment variables of the nix-daemon process and confirm whether the environment variable settings are effective.
|
||||
|
||||
> You may encounter HTTP 403 errors when downloading from GitHub using some commercial or public proxies, such as [nixos-and-flakes-book/issues/74]](https://github.com/ryan4yin/nixos-and-flakes-book/issues/74),
|
||||
> You can try to solve this by changing the proxy server or setting [access-tokens](https://github.com/NixOS/nix/issues/6536)
|
||||
|
@ -210,10 +210,10 @@ Nix 提供了 [`extra-` 前缀](https://nixos.org/manual/nix/stable/command-ref/
|
||||
"https://mirror.sjtu.edu.cn/nix-channels/store"
|
||||
# status: https://mirrors.ustc.edu.cn/status/
|
||||
# "https://mirrors.ustc.edu.cn/nix-channels/store"
|
||||
|
||||
|
||||
"https://cache.nixos.org"
|
||||
];
|
||||
|
||||
|
||||
trusted-public-keys = [
|
||||
# the default public key of cache.nixos.org, it's built-in, no need to add it here
|
||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
||||
@ -229,32 +229,30 @@ Nix 提供了 [`extra-` 前缀](https://nixos.org/manual/nix/stable/command-ref/
|
||||
}
|
||||
```
|
||||
|
||||
## 通过本地 HTTP 代理加速包下载 {#use-local-http-proxy-to-speed-up-nix-package-download}
|
||||
## 通过本地代理加速包下载 {#use-local-http-proxy-to-speed-up-nix-package-download}
|
||||
|
||||
> 参考了 Issue: [roaming laptop: network proxy configuration - NixOS/nixpkgs](https://github.com/NixOS/nixpkgs/issues/27535#issuecomment-1178444327)
|
||||
|
||||
虽然前面提到了,旁路由可以完全解决 NixOS 的包下载速度问题,但是旁路由的配置比较麻烦,而且经常需要额外的软路由设备支持。
|
||||
|
||||
更多的用户会希望能直接通过本机运行的 HTTP 代理来加速包下载,这里介绍下怎么设置。
|
||||
更多的用户会希望能直接通过本机运行的 HTTP/Socks5 代理来加速包下载,这里介绍下怎么设置。
|
||||
|
||||
直接在 Terminal 中使用 `export HTTPS_PROXY=http://127.0.0.1:7890` 这类方式是无法生效的,因为 nix 实际干活的是一个叫 `nix-daemon` 的后台进程,而不是直接在 Terminal 中执行的命令。
|
||||
|
||||
要让 nix-daemon 使用代理,需要修改它的 systemd 配置,方法如下:
|
||||
nix-daemon 的实现代码是 [nixpkgs/nixos/modules/services/system/nix-daemon.nix](https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/services/system/nix-daemon.nix#L184-L191),
|
||||
它通过 `systemd.services.nix-daemon.environment` 选项设置了环境变量,我们也能通过同样的手段来往 nix-daemon 的运行环境中添加代理相关的环境变量,一个示例 Module 如下:
|
||||
|
||||
```bash
|
||||
sudo mkdir /run/systemd/system/nix-daemon.service.d/
|
||||
cat << EOF >/run/systemd/system/nix-daemon.service.d/override.conf
|
||||
[Service]
|
||||
Environment="http_proxy=socks5h://localhost:7891"
|
||||
Environment="https_proxy=socks5h://localhost:7891"
|
||||
Environment="all_proxy=socks5h://localhost:7891"
|
||||
EOF
|
||||
sudo systemctl daemon-reload
|
||||
sudo systemctl restart nix-daemon
|
||||
```nix
|
||||
{
|
||||
systemd.services.nix-daemon.environment = {
|
||||
# socks5h mean that the hostname is resolved by the SOCKS server
|
||||
https_proxy = "socks5h://localhost:7891";
|
||||
# https_proxy = "http://localhost:7890"; # or use http prctocol instead of socks5
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
使用此方案,每次重启系统可能都需要重新执行一遍上述命令,因为 `/run` 目录是临时文件系统,重启后会被清空。
|
||||
部署此配置后,可通过 `sudo cat /proc/$(pidof nix-daemon)/environ | tr '\0' '\n'` 查看 nix-daemon 进程的所有环境变量,确认环境变量的设置是否生效。
|
||||
|
||||
> 使用一些商用代理或公共代理时你可能会遇到 GitHub 下载时报 HTTP 403 错误([nixos-and-flakes-book/issues/74](https://github.com/ryan4yin/nixos-and-flakes-book/issues/74)),
|
||||
> 可尝试通过更换代理服务器或者设置 [access-tokens](https://github.com/NixOS/nix/issues/6536) 来解决。
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user