Description
Is your feature request related to a problem?
I have a private build cache, and a large number of content addressed builds (tens of thousands, which are updated regularly).
Currently, when substituting, all of these private derivations get their realisation/doi files looked up on the public cache, which is time consuming and a waste of resources.
Proposed solution
Feature request: Add disallowedSubstituters = [ "https://cache.nixos.org" ] or similar to the derivations, or have a notion of private/public derivations and public/private substituters.
Somehow, I need to avoid substituting these private derivations from the public cache. It would be good if I could mark these derivations in some way which would prevent it from querying cache.nixos.org, whilst still querying the private cache. I'm not sure if it would be better to 'ban' the public cache, or 'allow only' the private cache. The latter would probably be safer but less flexible from a configuration standpoint: if we know it's not on the public cache (but it may be in 'some' private cache) it might be better to ban that.
Alternative solutions
Currently I have configured my local nix to not have cache.nixos.org in the set of substituters. However, this means that standard usage of nix breaks, so is not a scalable approach if less experienced users are to make use of these private derivations. It is still useful sometimes to be able to use the public substituters alongside these private derivations within one nix invocation.
I have also tried setting nixConfig.substituters = ""; to remove the default substituters in the flake. This sort of works, but then currently makes it not possible to re-add the public substituter if you need it for something (it appears even --extra-substituters is currently ignored by nix in this scenario).
Checklist
- checked latest Nix manual (source)
- checked open feature issues and pull requests for possible duplicates
Add 👍 to issues you find important.