tvix: allow specifying a program to execute to dynamically generate builders + substituters
#47
Opened by grfn at
My specific agenda here is to make it so that I can omit my work nix cache when I'm not on the work VPN, but this feels like something that'd be generally applicable for things like service discovery of remote builder pools etc.
In other words, this is config generation for builders/substituters? Sounds like a good plan.
We may want to look at gRPC load balancer discovery, but not everything is using the gRPC client.
riking at 2020-08-28T21·12+00
In other words, this is config generation for builders/substituters?
yep, that's the idea
grfn at 2020-08-28T21·13+00
open questions:
- what is the protocol we should use for the config generation? Is spitting out a file in the format accepted by
/etc/nix/nix.confor/etc/nix/machinessufficient? - What should the config generators be allowed to do? Should they run in a sandbox? I would assume not if we want them to be able to do service discovery - but then what do we do if the config generators fail?
- how does the trust model work here? I assume an initial pass would just trust whatever the config generator says - does that break down at any point?
grfn at 2020-08-28T21·15+00
- what is the protocol we should use for the config generation? Is spitting out a file in the format accepted by
- tazjin closed this issue at 2022-05-28T18·41+00