feat: download packages via a proxy

2025-02-16 10:29:55 +01:00 · 2024-03-26 23:37:41 +08:00 · 2024-03-26 23:37:41 +08:00 · d7fb878559
commit d7fb878559
parent 29f6473dad
2 changed files with 25 additions and 44 deletions
--- a/docs/nixos-with-flakes/add-custom-cache-servers.md
+++ b/docs/nixos-with-flakes/add-custom-cache-servers.md
@ -302,29 +302,6 @@ running on their machine. Here's how to set it up. Using methods like
 actual work is done by a background process called `nix-daemon`, not by commands directly
 executed in the Terminal.
 The implementation code of `nix-daemon` is located at
 [nixpkgs/nixos/modules/services/system/nix-daemon.nix](https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/services/system/nix-daemon.nix#L184-L191),
 which sets environment variables through the `systemd.services.nix-daemon.environment`
 option. We can also add proxy-related environment variables to the running environment of
 `nix-daemon` in the same way, as shown in the following example Module:
 ```nix
 {
  systemd.services.nix-daemon.environment = {
    # socks5h means that the hostname is resolved by the SOCKS server
    https_proxy = "socks5h://localhost:7891";
    # https_proxy = "http://localhost:7890"; # or use http protocol instead of socks5
  };
 }
 ```
 After deploying this configuration, you can check if the environment variables have been
 set by running `sudo cat /proc/$(pidof nix-daemon)/environ | tr '\0' '\n'`.
 **However, be aware that when the proxy server is not available, nix-daemon will be unable
 to access any cache servers!** Therefore, I still recommend using a transparent proxy to
 address acceleration issues.
 If you only need to use a proxy temporarily, you can set the proxy environment variables
 with the following commands:
@ -338,10 +315,24 @@ sudo systemctl daemon-reload
 sudo systemctl restart nix-daemon
 ```
 After deploying this configuration, you can check if the environment variables have been
 set by running `sudo cat /proc/$(pidof nix-daemon)/environ | tr '\0' '\n'`.
 The settings in `/run/systemd/system/nix-daemon.service.d/override.conf` will be
 automatically deleted when the system restarts, or you can manually delete it and restart
 the nix-daemon service to restore the original settings.
 If you want to permanently set the proxy, it is recommended to save the above commands as
 a shell script and run it each time the system starts. Alternatively, you can use a
 transparent proxy or TUN and other global proxy solutions.
 > There are also people in the community who permanently set the proxy for nix-daemon in a
 > declarative way using `systemd.services.nix-daemon.environment`. However, if the proxy
 > encounters problems, it will be very troublesome. Nix-daemon will not work properly, and
 > most Nix commands will not run correctly. Moreover, the configuration of systemd itself
 > is set to read-only protection, making it difficult to modify or delete the proxy
 > settings. So, it is not recommended to use this method.
 > When using some commercial or public proxies, you might encounter HTTP 403 errors when
 > downloading from GitHub (as described in
 > [nixos-and-flakes-book/issues/74](https://github.com/ryan4yin/nixos-and-flakes-book/issues/74)).
--- a/docs/zh/nixos-with-flakes/add-custom-cache-servers.md
+++ b/docs/zh/nixos-with-flakes/add-custom-cache-servers.md
@ -278,27 +278,6 @@ Nix 提供了
 直接在 Terminal 中使用 `export HTTPS_PROXY=http://127.0.0.1:7890` 这类方式是无法生效的，因
 为 nix 实际干活的是一个叫 `nix-daemon` 的后台进程，而不是直接在 Terminal 中执行的命令。
 nix-daemon 的实现代码是
 [nixpkgs/nixos/modules/services/system/nix-daemon.nix](https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/services/system/nix-daemon.nix#L184-L191)，
 它通过 `systemd.services.nix-daemon.environment` 选项设置了环境变量，我们也能通过同样的手
 段来往 nix-daemon 的运行环境中添加代理相关的环境变量，一个示例 Module 如下：
 ```nix
 {
  systemd.services.nix-daemon.environment = {
    # socks5h mean that the hostname is resolved by the SOCKS server
    https_proxy = "socks5h://localhost:7891";
    # https_proxy = "http://localhost:7890"; # or use http prctocol instead of socks5
  };
 }
 ```
 部署此配置后，可通过 `sudo cat /proc/$(pidof nix-daemon)/environ | tr '\0' '\n'` 查看
 nix-daemon 进程的所有环境变量，确认环境变量的设置是否生效。
 **但是要注意，当代理服务器不可用时，nix-daemon 将无法访问任何缓存服务器**！所以我还是更建
 议使用旁路网关等透明代理方案。
 如果你只是临时需要使用代理，可以通过如下命令设置代理环境变量：
 ```bash
@ -311,9 +290,20 @@ sudo systemctl daemon-reload
 sudo systemctl restart nix-daemon
 ```
 部署此配置后，可通过 `sudo cat /proc/$(pidof nix-daemon)/environ | tr '\0' '\n'` 查看
 nix-daemon 进程的所有环境变量，确认环境变量的设置是否生效。
 位于 `/run/systemd/system/nix-daemon.service.d/override.conf` 的设置会在系统重启后被自动删
 除，或者你可以手动删除它并重启 nix-daemon 服务来恢复原始设置。
 如果你希望永久设置代理，建议将上述命令保存为 shell 脚本，在每次启动系统时运行一下。或者也
 可以使用旁路网关或 TUN 等全局代理方案。
 > 社区也有人通过 `systemd.services.nix-daemon.environment` 以声明式的方式为 nix-daemon 永
 > 久设置代理，但这种做法下一旦代理出了问题会非常麻烦，nix-daemon 将无法正常工作，进而导致
 > 大多数 nix 命令无法正常运行，而且 systemd 自身的配置被设置了只读保护，无法简单地修改配置
 > 删除代理设置。因此不建议使用这种方式。
 > 使用一些商用代理或公共代理时你可能会遇到 GitHub 下载时报 HTTP 403 错误
 > （[nixos-and-flakes-book/issues/74](https://github.com/ryan4yin/nixos-and-flakes-book/issues/74)），
 > 可尝试通过更换代理服务器或者设置