New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nix derivation for all build dependencies #898
Comments
Hmm. I'm not really familiar with how nix does things, so I may be missing a few items here, but I'll do my best to answer. The most direct way to get a fully network-free document build would be to provide a local copy of the bundle file (several gigabytes), and point your document builds at that, using the To get a build that didn't rely on all of those gigabytes of data, you could do something like bootstrap a build as above on a clean cache, then export the populated cache directory in some fashion, then "import" using Finally, I'll mention that the repo tectonic-texlive-bundles contains the infrastructure used to generate those bundle files from the TeXLive upstream, which is done by doing a bunch of processing in Docker containers that point to a checkout of Norbert Preining's Git mirror of the TeXLive SVN repo (which is like 60 gigs or something silly since they commit oodles of binaries to the SVN). Does that help? |
ping @cmoog |
Thanks for this detailed response @pkgw, great info here. The trouble here is that (to my knowledge) tectonic doesn't provide an easily parsable lockfile from which a nix expression could parse and download the minimum set of required dependencies. The next best solution would be a way to generate a nix expression similar to node2nix, but even that would require hooking into tectonic dependency parsing/resolution logic. Finally, you're right that downloading the entire archive of all dependencies would work. I agree that the quickest solution would be a nix derivation that contains a populated cache dir, which could be used at build time by setting |
Ah, yes. Right now Tectonic doesn't have anything like a lockfile because it doesn't manage dependencies and packages in a fine-grained manner — during document builds, there's no dependency resolution; all Tectonic does is pull files from the bundle upon request. The bundle is built from TeXLive packages but the information about specific packages is (intentionally) erased once the bundle is assembled. (Sorry, I feel like I'm not explaining clearly here.) Tectonic could definitely emit a very simpleminded "lockfile" with the list of files needed to build a given document. That could be used to pull down the subset of files from the bundle needed to build that document without the network. From some extremely superficial looking at what If it doesn't, one could get something to work by having a So I guess either way, the |
The existing nix package only includes the CLI itself. But, for hermetic nix builds of latex documents, we'd need to have an additional derivation that includes the necessary latex packages. This way, we can have reproducible builds of documents without network dependencies.
Is this possible with the current architecture? I imagine we'd just need to have a derivation with every package, then the user would override
TECTONIC_CACHE_DIR
during the build step to point at the cache derivation.Thoughts?
The text was updated successfully, but these errors were encountered: