diff options
Diffstat (limited to 'doc/build-helpers/fetchers.chapter.md')
-rw-r--r-- | doc/build-helpers/fetchers.chapter.md | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/doc/build-helpers/fetchers.chapter.md b/doc/build-helpers/fetchers.chapter.md index 0cc271f5db8c4..21cadfaa21fa5 100644 --- a/doc/build-helpers/fetchers.chapter.md +++ b/doc/build-helpers/fetchers.chapter.md @@ -157,6 +157,12 @@ Here are security considerations for this scenario: In more concrete terms, if you use any other hash, the [`--insecure` flag](https://curl.se/docs/manpage.html#-k) will be passed to the underlying call to `curl` when downloading content. +## Proxy usage {#sec-pkgs-fetchers-proxy} + +Nixpkgs fetchers can make use of a http(s) proxy. Each fetcher will automatically inherit proxy-related environment variables (`http_proxy`, `https_proxy`, etc) via [impureEnvVars](https://nixos.org/manual/nix/stable/language/advanced-attributes#adv-attr-impureEnvVars). + +The environment variable `NIX_SSL_CERT_FILE` is also inherited in fetchers, and can be used to provide a custom certificate bundle to fetchers. This is usually required for a https proxy to work without certificate validation errors. + []{#fetchurl} ## `fetchurl` {#sec-pkgs-fetchers-fetchurl} @@ -869,7 +875,7 @@ It produces packages that cannot be built automatically. fetchtorrent { config = { peer-limit-global = 100; }; url = "magnet:?xt=urn:btih:dd8255ecdc7ca55fb0bbf81323d87062db1f6d1c"; - sha256 = ""; + hash = ""; } ``` |