Warning
This program is experimental and its interface is subject to change.

Name

nix - a tool for reproducible and declarative configuration management

Synopsis

nix [option...] subcommand

where subcommand is one of the following:

Help commands:

nix help - show help about nix or a particular subcommand
nix help-stores - show help about store types and their settings

Main commands:

nix build - build a derivation or fetch a store path
nix develop - run a bash shell that provides the build environment of a derivation
nix flake - manage Nix flakes
nix profile - manage Nix profiles
nix repl - start an interactive environment for evaluating Nix expressions
nix run - run a Nix application
nix search - search for packages
nix shell - run a shell in which the specified packages are available

Infrequently used commands:

nix bundle - bundle an application so that it works outside of the Nix store
nix copy - copy paths between Nix stores
nix edit - open the Nix expression of a Nix package in $EDITOR
nix eval - evaluate a Nix expression
nix fmt - reformat your code in the standard style
nix log - show the build log of the specified packages or paths, if available
nix path-info - query information about store paths
nix registry - manage the flake registry
nix why-depends - show why a package has another package in its closure

Utility/scripting commands:

nix daemon - daemon to perform store operations on behalf of non-root clients
nix derivation - Work with derivations, Nix's notion of a build plan.
nix hash - compute and convert cryptographic hashes
nix key - generate and convert Nix signing keys
nix nar - create or inspect NAR files
nix print-dev-env - print shell code that can be sourced by bash to reproduce the build environment of a derivation
nix realisation - manipulate a Nix realisation
nix show-config - show the Nix configuration or the value of a specific setting
nix store - manipulate a Nix store

Commands for upgrading or troubleshooting your Nix installation:

nix doctor - check your system for potential problems and print a PASS or FAIL for each check
nix upgrade-nix - upgrade Nix to the stable version declared in Nixpkgs

Examples

Create a new flake:
```
# nix flake new hello
# cd hello
```

Build the flake in the current directory:

# nix build
# ./result/bin/hello
Hello, world!

Run the flake in the current directory:
```
# nix run
Hello, world!
```

Start a development shell for hacking on this flake:

# nix develop
# unpackPhase
# cd hello-*
# configurePhase
# buildPhase
# ./hello
Hello, world!
# installPhase
# ../outputs/out/bin/hello
Hello, world!

Description

Nix is a tool for building software, configurations and other artifacts in a reproducible and declarative way. For more information, see the Nix homepage or the Nix manual.

Installables

Many nix subcommands operate on one or more installables. These are command line arguments that represent something that can be realised in the Nix store.

The following types of installable are supported by most commands:

Flake output attribute
Store path
Nix file, optionally qualified by an attribute path
Nix expression, optionally qualified by an attribute path

For most commands, if no installable is specified, . as assumed. That is, Nix will operate on the default flake output attribute of the flake in the current directory.

Flake output attribute

Example: nixpkgs#hello

These have the form flakeref[#attrpath], where flakeref is a flake reference and attrpath is an optional attribute path. For more information on flakes, see the nix flake manual page. Flake references are most commonly a flake identifier in the flake registry (e.g. nixpkgs), or a raw path (e.g. /path/to/my-flake or . or ../foo), or a full URL (e.g. github:nixos/nixpkgs or path:.)

When the flake reference is a raw path (a path without any URL scheme), it is interpreted as a path: or git+file: url in the following way:

If the path is within a Git repository, then the url will be of the form git+file://[GIT_REPO_ROOT]?dir=[RELATIVE_FLAKE_DIR_PATH] where GIT_REPO_ROOT is the path to the root of the git repository, and RELATIVE_FLAKE_DIR_PATH is the path (relative to the directory root) of the closest parent of the given path that contains a flake.nix within the git repository. If no such directory exists, then Nix will error-out.

Note that the search will only include files indexed by git. In particular, files which are matched by .gitignore or have never been git add-ed will not be available in the flake. If this is undesirable, specify path:<directory> explicitly;

For example, if /foo/bar is a git repository with the following structure:
```
.
└── baz
    ├── blah
    │   └── file.txt
    └── flake.nix
```
Then /foo/bar/baz/blah will resolve to git+file:///foo/bar?dir=baz
If the supplied path is not a git repository, then the url will have the form path:FLAKE_DIR_PATH where FLAKE_DIR_PATH is the closest parent of the supplied path that contains a flake.nix file (within the same file-system). If no such directory exists, then Nix will error-out.

For example, if /foo/bar/flake.nix exists, then /foo/bar/baz/ will resolve to path:/foo/bar

If attrpath is omitted, Nix tries some default values; for most subcommands, the default is packages.system.default (e.g. packages.x86_64-linux.default), but some subcommands have other defaults. If attrpath is specified, attrpath is interpreted as relative to one or more prefixes; for most subcommands, these are packages.system, legacyPackages.*system* and the empty prefix. Thus, on x86_64-linux nix build nixpkgs#hello will try to build the attributes packages.x86_64-linux.hello, legacyPackages.x86_64-linux.hello and hello.

Store path

Example: /nix/store/v5sv61sszx301i0x6xysaqzla09nksnd-hello-2.10

These are paths inside the Nix store, or symlinks that resolve to a path in the Nix store.

A store derivation is also addressed by store path.

Example: /nix/store/p7gp6lxdg32h4ka1q398wd9r2zkbbz2v-hello-2.10.drv

If you want to refer to an output path of that store derivation, add the output name preceded by a caret (^).

Example: /nix/store/p7gp6lxdg32h4ka1q398wd9r2zkbbz2v-hello-2.10.drv^out

All outputs can be referred to at once with the special syntax ^*.

Example: /nix/store/p7gp6lxdg32h4ka1q398wd9r2zkbbz2v-hello-2.10.drv^*

Nix file

Example: --file /path/to/nixpkgs hello

When the option -f / --file path [attrpath...] is given, installables are interpreted as the value of the expression in the Nix file at path. If attribute paths are provided, commands will operate on the corresponding values accessible at these paths. The Nix expression in that file, or any selected attribute, must evaluate to a derivation.

Nix expression

Example: --expr 'import <nixpkgs> {}' hello

When the option --expr expression [attrpath...] is given, installables are interpreted as the value of the of the Nix expression. If attribute paths are provided, commands will operate on the corresponding values accessible at these paths. The Nix expression, or any selected attribute, must evaluate to a derivation.

You may need to specify --impure if the expression references impure inputs (such as <nixpkgs>).

Derivation output selection

Derivations can have multiple outputs, each corresponding to a different store path. For instance, a package can have a bin output that contains programs, and a dev output that provides development artifacts like C/C++ header files. The outputs on which nix commands operate are determined as follows:

You can explicitly specify the desired outputs using the syntax installable^output1,...,outputN. For example, you can obtain the dev and static outputs of the glibc package:
```
# nix build 'nixpkgs#glibc^dev,static'
# ls ./result-dev/include/ ./result-static/lib/
…
```
and likewise, using a store path to a "drv" file to specify the derivation:
```
# nix build '/nix/store/gzaflydcr6sb3567hap9q6srzx8ggdgg-glibc-2.33-78.drv^dev,static'
…
```

You can also specify that all outputs should be used using the syntax installable^*. For example, the following shows the size of all outputs of the glibc package in the binary cache:

# nix path-info -S --eval-store auto --store https://cache.nixos.org 'nixpkgs#glibc^*'
/nix/store/g02b1lpbddhymmcjb923kf0l7s9nww58-glibc-2.33-123                 33208200
/nix/store/851dp95qqiisjifi639r0zzg5l465ny4-glibc-2.33-123-bin             36142896
/nix/store/kdgs3q6r7xdff1p7a9hnjr43xw2404z7-glibc-2.33-123-debug          155787312
/nix/store/n4xa8h6pbmqmwnq0mmsz08l38abb06zc-glibc-2.33-123-static          42488328
/nix/store/q6580lr01jpcsqs4r5arlh4ki2c1m9rv-glibc-2.33-123-dev             44200560

and likewise, using a store path to a "drv" file to specify the derivation:

# nix path-info -S '/nix/store/gzaflydcr6sb3567hap9q6srzx8ggdgg-glibc-2.33-78.drv^*'
…

If you didn't specify the desired outputs, but the derivation has an attribute meta.outputsToInstall, Nix will use those outputs. For example, since the package nixpkgs#libxml2 has this attribute:
```
# nix eval 'nixpkgs#libxml2.meta.outputsToInstall'
[ "bin" "man" ]
```
a command like nix shell nixpkgs#libxml2 will provide only those two outputs by default.

Note that a store derivation (given by its .drv file store path) doesn't have any attributes like meta, and thus this case doesn't apply to it.
Otherwise, Nix will use all outputs of the derivation.

Nix stores

Most nix subcommands operate on a Nix store. These are documented in nix help-stores.

Options

Logging-related options:

--debug

Set the logging verbosity level to 'debug'.
--log-format format

Set the format of log output; one of raw, internal-json, bar or bar-with-logs.
--print-build-logs / -L

Print full build logs on standard error.
--quiet

Decrease the logging verbosity level.
--verbose / -v

Increase the logging verbosity level.

Miscellaneous global options:

--help

Show usage information.
--offline

Disable substituters and consider all previously downloaded files up-to-date.
--option name value

Set the Nix configuration setting name to value (overriding nix.conf).
--refresh

Consider all previously downloaded files out-of-date.
--version

Show version information.

Options to override configuration settings:

--accept-flake-config

Enable the accept-flake-config setting.
--access-tokens value

Set the access-tokens setting.
--allow-dirty

Enable the allow-dirty setting.
--allow-import-from-derivation

Enable the allow-import-from-derivation setting.
--allow-new-privileges

Enable the allow-new-privileges setting.
--allow-symlinked-store

Enable the allow-symlinked-store setting.
--allow-unsafe-native-code-during-evaluation

Enable the allow-unsafe-native-code-during-evaluation setting.
--allowed-impure-host-deps value

Set the allowed-impure-host-deps setting.
--allowed-uris value

Set the allowed-uris setting.
--allowed-users value

Set the allowed-users setting.
--auto-allocate-uids

Enable the auto-allocate-uids setting.
--auto-optimise-store

Enable the auto-optimise-store setting.
--bash-prompt value

Set the bash-prompt setting.
--bash-prompt-prefix value

Set the bash-prompt-prefix setting.
--bash-prompt-suffix value

Set the bash-prompt-suffix setting.
--build-hook value

Set the build-hook setting.
--build-poll-interval value

Set the build-poll-interval setting.
--build-users-group value

Set the build-users-group setting.
--builders value

Set the builders setting.
--builders-use-substitutes

Enable the builders-use-substitutes setting.
--commit-lockfile-summary value

Set the commit-lockfile-summary setting.
--compress-build-log

Enable the compress-build-log setting.
--connect-timeout value

Set the connect-timeout setting.
--cores value

Set the cores setting.
--diff-hook value

Set the diff-hook setting.
--download-attempts value

Set the download-attempts setting.
--download-speed value

Set the download-speed setting.
--eval-cache

Enable the eval-cache setting.
--experimental-features value

Set the experimental-features setting.
--extra-access-tokens value

Append to the access-tokens setting.
--extra-allowed-impure-host-deps value

Append to the allowed-impure-host-deps setting.
--extra-allowed-uris value

Append to the allowed-uris setting.
--extra-allowed-users value

Append to the allowed-users setting.
--extra-experimental-features value

Append to the experimental-features setting.
--extra-extra-platforms value

Append to the extra-platforms setting.
--extra-hashed-mirrors value

Append to the hashed-mirrors setting.
--extra-ignored-acls value

Append to the ignored-acls setting.
--extra-nix-path value

Append to the nix-path setting.
--extra-platforms value

Set the extra-platforms setting.
--extra-plugin-files value

Append to the plugin-files setting.
--extra-sandbox-paths value

Append to the sandbox-paths setting.
--extra-secret-key-files value

Append to the secret-key-files setting.
--extra-substituters value

Append to the substituters setting.
--extra-system-features value

Append to the system-features setting.
--extra-trusted-public-keys value

Append to the trusted-public-keys setting.
--extra-trusted-substituters value

Append to the trusted-substituters setting.
--extra-trusted-users value

Append to the trusted-users setting.
--fallback

Enable the fallback setting.
--filter-syscalls

Enable the filter-syscalls setting.
--flake-registry value

Set the flake-registry setting.
--fsync-metadata

Enable the fsync-metadata setting.
--gc-reserved-space value

Set the gc-reserved-space setting.
--hashed-mirrors value

Set the hashed-mirrors setting.
--http-connections value

Set the http-connections setting.
--http2

Enable the http2 setting.
--id-count value

Set the id-count setting.
--ignore-try

Enable the ignore-try setting.
--ignored-acls value

Set the ignored-acls setting.
--impersonate-linux-26

Enable the impersonate-linux-26 setting.
--keep-build-log

Enable the keep-build-log setting.
--keep-derivations

Enable the keep-derivations setting.
--keep-env-derivations

Enable the keep-env-derivations setting.
--keep-failed

Enable the keep-failed setting.
--keep-going

Enable the keep-going setting.
--keep-outputs

Enable the keep-outputs setting.
--log-lines value

Set the log-lines setting.
--max-build-log-size value

Set the max-build-log-size setting.
--max-free value

Set the max-free setting.
--max-jobs value

Set the max-jobs setting.
--max-silent-time value

Set the max-silent-time setting.
--min-free value

Set the min-free setting.
--min-free-check-interval value

Set the min-free-check-interval setting.
--nar-buffer-size value

Set the nar-buffer-size setting.
--narinfo-cache-negative-ttl value

Set the narinfo-cache-negative-ttl setting.
--narinfo-cache-positive-ttl value

Set the narinfo-cache-positive-ttl setting.
--netrc-file value

Set the netrc-file setting.
--nix-path value

Set the nix-path setting.
--no-accept-flake-config

Disable the accept-flake-config setting.
--no-allow-dirty

Disable the allow-dirty setting.
--no-allow-import-from-derivation

Disable the allow-import-from-derivation setting.
--no-allow-new-privileges

Disable the allow-new-privileges setting.
--no-allow-symlinked-store

Disable the allow-symlinked-store setting.
--no-allow-unsafe-native-code-during-evaluation

Disable the allow-unsafe-native-code-during-evaluation setting.
--no-auto-allocate-uids

Disable the auto-allocate-uids setting.
--no-auto-optimise-store

Disable the auto-optimise-store setting.
--no-builders-use-substitutes

Disable the builders-use-substitutes setting.
--no-compress-build-log

Disable the compress-build-log setting.
--no-eval-cache

Disable the eval-cache setting.
--no-fallback

Disable the fallback setting.
--no-filter-syscalls

Disable the filter-syscalls setting.
--no-fsync-metadata

Disable the fsync-metadata setting.
--no-http2

Disable the http2 setting.
--no-ignore-try

Disable the ignore-try setting.
--no-impersonate-linux-26

Disable the impersonate-linux-26 setting.
--no-keep-build-log

Disable the keep-build-log setting.
--no-keep-derivations

Disable the keep-derivations setting.
--no-keep-env-derivations

Disable the keep-env-derivations setting.
--no-keep-failed

Disable the keep-failed setting.
--no-keep-going

Disable the keep-going setting.
--no-keep-outputs

Disable the keep-outputs setting.
--no-preallocate-contents

Disable the preallocate-contents setting.
--no-print-missing

Disable the print-missing setting.
--no-pure-eval

Disable the pure-eval setting.
--no-require-sigs

Disable the require-sigs setting.
--no-restrict-eval

Disable the restrict-eval setting.
--no-run-diff-hook

Disable the run-diff-hook setting.
--no-sandbox

Disable sandboxing.
--no-sandbox-fallback

Disable the sandbox-fallback setting.
--no-show-trace

Disable the show-trace setting.
--no-substitute

Disable the substitute setting.
--no-sync-before-registering

Disable the sync-before-registering setting.
--no-trace-function-calls

Disable the trace-function-calls setting.
--no-trace-verbose

Disable the trace-verbose setting.
--no-use-case-hack

Disable the use-case-hack setting.
--no-use-cgroups

Disable the use-cgroups setting.
--no-use-registries

Disable the use-registries setting.
--no-use-sqlite-wal

Disable the use-sqlite-wal setting.
--no-use-xdg-base-directories

Disable the use-xdg-base-directories setting.
--no-warn-dirty

Disable the warn-dirty setting.
--plugin-files value

Set the plugin-files setting.
--post-build-hook value

Set the post-build-hook setting.
--pre-build-hook value

Set the pre-build-hook setting.
--preallocate-contents

Enable the preallocate-contents setting.
--print-missing

Enable the print-missing setting.
--pure-eval

Enable the pure-eval setting.
--relaxed-sandbox

Enable sandboxing, but allow builds to disable it.
--require-sigs

Enable the require-sigs setting.
--restrict-eval

Enable the restrict-eval setting.
--run-diff-hook

Enable the run-diff-hook setting.
--sandbox

Enable sandboxing.
--sandbox-build-dir value

Set the sandbox-build-dir setting.
--sandbox-dev-shm-size value

Set the sandbox-dev-shm-size setting.
--sandbox-fallback

Enable the sandbox-fallback setting.
--sandbox-paths value

Set the sandbox-paths setting.
--secret-key-files value

Set the secret-key-files setting.
--show-trace

Enable the show-trace setting.
--ssl-cert-file value

Set the ssl-cert-file setting.
--stalled-download-timeout value

Set the stalled-download-timeout setting.
--start-id value

Set the start-id setting.
--store value

Set the store setting.
--substitute

Enable the substitute setting.
--substituters value

Set the substituters setting.
--sync-before-registering

Enable the sync-before-registering setting.
--system value

Set the system setting.
--system-features value

Set the system-features setting.
--tarball-ttl value

Set the tarball-ttl setting.
--timeout value

Set the timeout setting.
--trace-function-calls

Enable the trace-function-calls setting.
--trace-verbose

Enable the trace-verbose setting.
--trusted-public-keys value

Set the trusted-public-keys setting.
--trusted-substituters value

Set the trusted-substituters setting.
--trusted-users value

Set the trusted-users setting.
--use-case-hack

Enable the use-case-hack setting.
--use-cgroups

Enable the use-cgroups setting.
--use-registries

Enable the use-registries setting.
--use-sqlite-wal

Enable the use-sqlite-wal setting.
--use-xdg-base-directories

Enable the use-xdg-base-directories setting.
--user-agent-suffix value

Set the user-agent-suffix setting.
--warn-dirty

Enable the warn-dirty setting.

Nix Reference Manual