Naively one would expect that the core functionality of a package manager is “building packages”. With nix the situation seems to be a little different: One distributes nix-files/expression (in channels or .nix files) which define derivations (
nix-instantiate ) which can be built (
nix-build ) to produce binary artifacts which are installed (
nix-env -i ) into an environment. At no point a traditional “package file” containing the built artifacts is produced, that can be copied to different machines and/or distributed e.g. as GitHub-releases.
- Is it possible to produce binary packages (i.e. pre-built derivations) with nix tooling?
- If not, is this an intentional omission or just a missing feature.
- This is a cross post from SO where I was referred to this forum, as a better place to ask this question.
- Of course, installing pre-built packages is a security risks. Due care has to be taken by the user, to verify it comes from a trusted party.
- I am aware of binary caches and
nix-copy-closure. Both solve different problems. This question is about a way to distribute pre-built packages to a wider audience which is simple, requires zero-configuration, does not rely on external services being available and does not involve local built steps. (like
rpm -i <filename>)
dockerTools.buildImageactually comes quite close to the desired feature, in that it tar’s up the package dependency closure. But it’s clearly designed for a different use case.
- “Nix has a native serialization format for store objects, NAR” – @CharlesDuffy. This looks like a fit: Are there tools to build a NAR file for a given derivation?