Airgap setup with nix substituters not working

[bakito]

What happened?

Hi,

We are running nix with substituters pointing to an artifactory instance, as we do not have direct internet access.
Hence, we defined substituters in /etc/nix/nix.conf.

When working directly with nix-shell this is working.
Using devbox, it seems to ignore the substituters setting and tries always to connect to https://cache.nixos.org

Is there a way to configure devbox to also consider the substituters to allow running in airgap mode?

Steps to reproduce

1. configure substituters in /etc/nix/nix.conf pointing the artifactory (or other proxcy) URL
2. run a nix-shell with a package nix-shell -p go -> works
3. setup a devbox with the same package -> fails since the substituters are not considered

• devbox init
• devbox add go
• devbox shell

Command

shell

devbox.json

{
  "$schema": "https://raw.githubusercontent.com/jetify-com/devbox/0.14.0/.schema/devbox.schema.json",
  "packages": [
    "go@latest"
  ]
}

Devbox version

0.14.0

Nix version

2.28.2

What system does this bug occur on?

Linux (x86-64)

Debug logs

time=2025-04-25T14:44:40.589Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:125 msg="searching for config file (including parent directories)" path=.
time=2025-04-25T14:44:40.589Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:146 msg="trying config file" path=devbox.json
time=2025-04-25T14:44:40.590Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:133 msg="config file found" path=/xxxxx/devbox.json dur=499.938µs
time=2025-04-25T14:44:40.590Z level=DEBUG source=go.jetpack.io/devbox/internal/devpkg/package.go:200 msg="package doesn't need patching" pkg=go mode=auto
time=2025-04-25T14:44:40.590Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:125 msg="searching for config file (including parent directories)" path=.
time=2025-04-25T14:44:40.590Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:146 msg="trying config file" path=devbox.json
time=2025-04-25T14:44:40.591Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:133 msg="config file found" path=/xxxxx/devbox.json dur=213.575µs
time=2025-04-25T14:44:40.591Z level=DEBUG source=go.jetpack.io/devbox/internal/devpkg/package.go:200 msg="package doesn't need patching" pkg=go mode=auto
time=2025-04-25T14:44:40.616Z level=DEBUG source=go.jetpack.io/devbox/internal/nix/nix.go:342 msg="nix --version --debug output" out="nix (Nix) 2.28.2\nSystem type: x86_64-linux\nAdditional system types: i686-linux, x86_64-v1-linux, x86_64-v2-linux, x86_64-v3-linux, x86_64-v4-linux\nFeatures: gc, signed-caches\nSystem configuration file: /etc/nix/nix.conf\nUser configuration files: /root/.config/nix/nix.conf:/etc/xdg/nix/nix.conf\nStore directory: /nix/store\nState directory: /nix/var/nix\nData directory: /nix/store/ragfmj692jic82k7piqh0qxx8n46zql8-nix-store-2.28.2/share\n"
time=2025-04-25T14:44:40.616Z level=DEBUG source=go.jetpack.io/devbox/internal/nix/command.go:60 msg="nix command starting" cmd.args="nix --extra-experimental-features ca-derivations --option experimental-features 'nix-command flakes fetch-closure' eval --impure --raw --expr builtins.currentSystem" cmd.path=/root/.nix-profile/bin/nix
time=2025-04-25T14:44:40.644Z level=DEBUG source=go.jetpack.io/devbox/internal/nix/command.go:67 msg="nix command exited" cmd.args="nix --extra-experimental-features ca-derivations --option experimental-features 'nix-command flakes fetch-closure' eval --impure --raw --expr builtins.currentSystem" cmd.path=/root/.nix-profile/bin/nix cmd.pid=62 cmd.code=0 cmd.dur=27.714727ms
time=2025-04-25T14:44:40.644Z level=DEBUG source=go.jetpack.io/devbox/internal/boxcli/run.go:104 msg="run script" script=lint args=[]
time=2025-04-25T14:44:40.644Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:125 msg="searching for config file (including parent directories)" path=.
time=2025-04-25T14:44:40.644Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:146 msg="trying config file" path=devbox.json
time=2025-04-25T14:44:40.645Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:133 msg="config file found" path=/xxxxx/devbox.json dur=307.613µs
time=2025-04-25T14:44:40.645Z level=DEBUG source=go.jetpack.io/devbox/internal/devpkg/package.go:200 msg="package doesn't need patching" pkg=go mode=auto
time=2025-04-25T14:44:40.645Z level=DEBUG source=go.jetpack.io/devbox/internal/devpkg/package.go:200 msg="package doesn't need patching" pkg=go mode=auto
time=2025-04-25T14:44:40.646Z level=DEBUG source=go.jetpack.io/devbox/internal/devpkg/package.go:200 msg="package doesn't need patching" pkg=go mode=auto
Info: Ensuring packages are installed.
time=2025-04-25T14:44:40.646Z level=DEBUG source=go.jetpack.io/devbox/internal/devpkg/package.go:200 msg="package doesn't need patching" pkg=go mode=auto
time=2025-04-25T14:44:40.646Z level=DEBUG source=go.jetpack.io/devbox/internal/nix/command.go:60 msg="nix command starting" cmd.args="nix --extra-experimental-features ca-derivations --option experimental-features 'nix-command flakes fetch-closure' store info --store daemon --json" cmd.path=/root/.nix-profile/bin/nix
time=2025-04-25T14:44:40.672Z level=DEBUG source=go.jetpack.io/devbox/internal/nix/command.go:67 msg="nix command exited" cmd.args="nix --extra-experimental-features ca-derivations --option experimental-features 'nix-command flakes fetch-closure' store info --store daemon --json" cmd.path=/root/.nix-profile/bin/nix cmd.stderr="cannot connect to socket at '/nix/var/nix/daemon-socket/socket': No such file or directory" cmd.pid=65 cmd.code=1 cmd.dur=25.809311ms
time=2025-04-25T14:44:40.672Z level=ERROR source=go.jetpack.io/devbox/internal/devbox/providers/nixcache/setup.go:81 msg="nixcache: skipping setup: error connecting to nix daemon, assuming single-user install" err="command nix --extra-experimental-features ca-derivations --option experimental-features 'nix-command flakes fetch-closure' store info --store daemon --json: nix: command error: nix --extra-experimental-features ca-derivations --option experimental-features 'nix-command flakes fetch-closure' store info --store daemon --json: cannot connect to socket at '/nix/var/nix/daemon-socket/socket': No such file or directory: exit code 1: error: cannot connect to socket at '/nix/var/nix/daemon-socket/socket': No such file or directory\n"
Error: error running script "lint" in Devbox: Head "https://cache.nixos.org/g29rrn8qqlg4yjqv543ryrkimr7fk43h.narinfo": context deadline exceeded
time=2025-04-25T14:44:45.685Z level=ERROR source=go.jetpack.io/devbox/internal/boxcli/midcobra/debug.go:70 msg="command error" execid=2e81edc7adae4bf0a68375c3bb82e15b stack="error running script \"lint\" in Devbox: Head \"https://cache.nixos.org/g29rrn8qqlg4yjqv543ryrkimr7fk43h.narinfo\": context deadline exceeded\ngo.jetpack.io/devbox/internal/boxcli.runScriptCmd\n\tgo.jetpack.io/devbox/internal/boxcli/run.go:127\ngo.jetpack.io/devbox/internal/boxcli.runCmd.func1\n\tgo.jetpack.io/devbox/internal/boxcli/run.go:50\ngithub.com/spf13/cobra.(*Command).execute\n\tgithub.com/spf13/cobra@v1.8.0/command.go:983\ngithub.com/spf13/cobra.(*Command).ExecuteC\n\tgithub.com/spf13/cobra@v1.8.0/command.go:1115\ngithub.com/spf13/cobra.(*Command).Execute\n\tgithub.com/spf13/cobra@v1.8.0/command.go:1039\ngo.jetpack.io/devbox/internal/boxcli/midcobra.(*midcobraExecutable).Execute\n\tgo.jetpack.io/devbox/internal/boxcli/midcobra/midcobra.go:61\ngo.jetpack.io/devbox/internal/boxcli.Execute\n\tgo.jetpack.io/devbox/internal/boxcli/root.go:116\ngo.jetpack.io/devbox/internal/boxcli.Main\n\tgo.jetpack.io/devbox/internal/boxcli/root.go:139\nmain.main\n\tgo.jetpack.io/devbox/cmd/devbox/main.go:11\nruntime.main\n\truntime/proc.go:272\nruntime.goexit\n\truntime/asm_amd64.s:1700"
time=2025-04-25T14:44:45.685Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:125 msg="searching for config file (including parent directories)" path=.
time=2025-04-25T14:44:45.685Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:146 msg="trying config file" path=devbox.json
time=2025-04-25T14:44:45.686Z level=DEBUG source=go.jetpack.io/devbox/internal/devconfig/config.go:133 msg="config file found" path=/xxxxx/devbox.json dur=368.261µs
time=2025-04-25T14:44:45.686Z level=DEBUG source=go.jetpack.io/devbox/internal/devpkg/package.go:200 msg="package doesn't need patching" pkg=go mode=auto

[bakito]

The nix cache URL is hardcoded here:

devbox/internal/devpkg/narinfo_cache.go

Line 26 in 3c441c8

const binaryCache = "https://cache.nixos.org"

Should't substitutors be considered here, if defined?

[bakito]

Relates to #2324

[Iyappanj]

+1
We are also having the similar setup. Solution on this would be greatly helpful.

[Iyappanj]

@gcurtis looks like the same issue as #2324. Solution on this would be greatly helpful

[bakito]

I allow overwriting all occurrences of the hard coded nixpkgs urls via an environment variable.

bakito@9f6bdde

This seems to work for my case.

perhaps something like that could be implemented in devbox.

[Iyappanj]

Hi @bakito, Thank you for this information.

I am using Artifactory for caching. So wanted to know whether this env variable allow an url something like https://username:password@artifactory_url ?

[bakito]

Hi @bakito, Thank you for this information.

I am using Artifactory for caching. So wanted to know whether this env variable allow an url something like https://username:password@artifactory_url ?

Technically this should work.