7c5fd6801b
This commit rebuilds texlive 2017 with the final release of 2017. As described in these issues [1][2][3], the upstream CTAN mirrors are a continuously moving rolling release without historical archives. This particular FTP server is also a rolling release folling CTAN for the latest version, but it has snapshots of the final texlive releases; it appears that the 2017 distribution has been unmodified since texlive-2018 was released earlier this year. Along the way, we needed to fix several issues: - xindy: if $HOME is unset, it will try to mkdir /homeless-shelter, which fails due to insufficient permissions. - scheme-infraonly: this scheme had symlinks into other releases that were read-only, so it couldn't patch and modify the scripts. This commit removes it for now, but that's not a particularly satisfying solution. Ideas? This also adds some documentation on the upgrade process to prepare for texlive-2018 [4]. This commit also replaces the sha1 hashes with upstream's standard sha512 hashes. It appears the motivation for the shorter hashes was to save disk space in the derivations; in master, the size of this directory is 1012K; in this commit it is 1600K. The difference is not particularly large, and the downsides to using our own sha1 hashes are: - More nix code to maintain - Multi-step upgrade process for maintainers: the maintainer first has to download all upstream tarballs by sha512 hash, then run the fix script, then rebuild with sha1 hashes. - Less transparent. If we use the upstream sha512 hashes, any user can immediately verify that the hashes we're providing match upstream, or match the snapshot in time. - Easier to debug. Since upstream is rolling and packages may disappear or fail to build, it's useful to be able to determine if the sha mismatch is because of an update or not; if we have a sha1 mismatch and no tarball to pull, we can't figure out which sha512sum would have produced that sha1. - Less trust required. Due to the above, users don't have to trust the content-addressed mirrors on IPFS and @veprbl's servers as much. - Easier to cobble together a source distribution from a variety of sources. It seems some FTP servers have more/less than others, or older/newer packages. If we know what we're looking for beforehand and we're just missing a few packages whose hashes match the advertised hashes upstream, it's easier to find. [1] https://github.com/NixOS/nixpkgs/issues/24683 [2] https://github.com/NixOS/nixpkgs/issues/10026 [3] https://github.com/NixOS/nixpkgs/issues/34490 [4] https://github.com/NixOS/nixpkgs/issues/40232
Nixpkgs is a collection of packages for the Nix package manager. It is periodically built and tested by the Hydra build daemon as so-called channels. To get channel information via git, add nixpkgs-channels as a remote:
% git remote add channels https://github.com/NixOS/nixpkgs-channels.git
For stability and maximum binary package support, it is recommended to maintain
custom changes on top of one of the channels, e.g. nixos-18.03 for the latest
release and nixos-unstable for the latest successful build of master:
% git remote update channels
% git rebase channels/nixos-18.03
For pull-requests, please rebase onto nixpkgs master.
NixOS Linux distribution source code is located inside
nixos/ folder.
- NixOS installation instructions
- Documentation (Nix Expression Language chapter)
- Manual (How to write packages for Nix)
- Manual (NixOS)
- Community maintained wiki
- Continuous package builds for unstable/master
- Continuous package builds for 18.03 release
- Tests for unstable/master
- Tests for 18.03 release
Communication: