Network issue on MacOS when running devenv update

cachix / devenv

Fast, Declarative, Reproducible, and Composable Developer Environments

https://devenv.sh

Apache License 2.0

3.47k stars 252 forks source link

Network issue on MacOS when running devenv update #1148

Open Fxbouffant opened 2 weeks ago

Fxbouffant commented 2 weeks ago

Describe the bug Since updating devenv to 1.0.4 from 0.6, when running devenv update, the network on my Mac (and also other members of the team) just drops for around 10 minutes while devenv is requesting : https://github.com/NixOS/nixpkgs/archive/x.tar.gz when x is some hash. It also shows [XX.X/41.2 MiB DL] where XX.X is progressing really slowly.

Example: Updating devenv.lock ... [3.0/36.7 MiB DL] downloading 'https://github.com/NixOS/nixpkgs/archive/e402c3eb6d88384ca6c52ef1c53e61bdc9b84ddd.tar.gz'

We have tried different networks both home and work so this is out of the question.

What works while updating: ping 1.1.1.1 ping google.com

What doesn't work: Everything else network related: Browser, screenshare, curl, etc.

curl: (56) Recv failure: Connection reset by peer

To reproduce ProductName: macOS ProductVersion: 14.4.1 BuildVersion: 23E224

Run devenv update in the folder where devenv.nix is.

Version 1.0.4

sandydoo commented 2 weeks ago

@Fxbouffant, is there anything special about this machine? Any sort of "security" software? Antivirus, firewalls, VPNs?

I found this issue: https://github.com/NixOS/nix/issues/8250

Fxbouffant commented 2 weeks ago

There might be. The issue you linked seems promising. I'll get back when I checked. Thanks a lot.

sandydoo commented 1 week ago

@Fxbouffant, any update here?

pogopaule commented 3 days ago

Having the same issue sometimes when running devenv update, although it is only the download itself that is really slow, not other network related stuff. Also mac, same os version

Fxbouffant commented 3 days ago

@sandydoo I was unable to solve the issue. We tried disabling the security software installed by the company while monitoring on the security console if anything was blocked but we couldn't figure it out. I'm out of options

sandydoo commented 3 days ago

sometimes when running devenv update, although it is only the download itself that is really slow,

@pogopaule, this runs nix flake update under the hood. The tarball downloads from GitHub can be slow sometimes. You could try adding a GitHub auth token to your ~/.config/nix/nix.conf. This increases rate limits (important for Nix builds), but I have no idea if it helps with the tarballs. Easiest way is to use gh auth token and add the output as: access-tokens = github.com=<TOKEN>.

We tried disabling the security software installed by the company while monitoring on the security console if anything was blocked but we couldn't figure it out.

@Fxbouffant, welp. Can you confirm whether this happens without devenv? For example, if you run nix flake update in any flake-based project. You might have more luck bringing this up with the general Nix community.