Nix¶

Example

This needs to be tested and expanded.

This guide explains how to make Nix and NixOS reproducible and usable offline by routing all external inputs (binary caches and fetchers) through an archival HTTP proxy. Once content is archived, builds and system installs work without internet access.

This approach does not rely on manual store exports or ad‑hoc caching. Instead, it treats the internet as a one‑time ingestion layer and turns every URL into a permanent, immutable input.

Conceptual Overview¶

Nix pulls external data from two places:

Binary caches (substituters) – prebuilt .nar files
Fetchers – source downloads (tarballs, git repos, flake inputs)

Both ultimately use HTTP(S).

The goal is:

Nix → HTTP(S) → Archive Proxy → Immutable Storage

If the proxy has seen it once, it can serve it forever. Offline operation becomes a routing decision.

Setup¶

Edit your configuration.nix to make the nix builder use the proxy:

# /etc/nixos/configuration.nix
{ config, pkgs, ... }:
{
  systemd.services.nix-daemon.environment = let
    http_proxy = "http://proxy:3000"; in {
    http_proxy  = http_proxy;
    https_proxy = http_proxy;
    HTTP_PROXY  = http_proxy;
    HTTPS_PROXY = http_proxy;
  };
}