My question is similar to Using NixOS in an isolated environment but my environment is not isolated, rather I want to leverage the existing infrastructure which is based on JFrog Artifactory. The issue is both settings (substituters and hashed-mirrors) seem to expect host names only, not full URLs. I’d like to be able to say something like
substituters=https://artifactory.mynet.com/api/mylib/nix/cache
hashed-mirrors=https://artifactory.mynet.com/api/mylib/nix/tarballs
Is that possible?
I am answering my own question. It turned out that nix has no issues with the paths. The challenge was to make nix-daemon use login credentials and custom SSL certificates to connect to Artifactory.
The settings in nix.conf from my original message.
Credentials go to netrc file which is configured in /etc/nix/nix.conf:
netrc-file = /path/to/my/netrc
/etc/systemd/system/nix-daemon.service.d/override.conf (I also have to configure TMPDIR because of noexec bit on /tmp):[Service]
Environment="TMPDIR=/path/to/my/tmp" "NIX_SSL_CERT_FILE=/path/to/my/curl-ca-bundle.crt"
After systemctl daemon-reload and systemctl restart nix-daemon nix-daemon uses our artifactory for caching.