Difference between revisions of "How to fetch Nixpkgs with an empty NIX PATH"
From NixOS Wiki
Gabriel439 (talk | contribs) (Remove `sha256` argument to `fetchNixpkgs` in favor of making `outputSha256` required. Reasons: (A) Nix 2.0 doesn't require `sha256`, (B) `outputSha256` subsumes `sha256`, (C) not required (<nix/fetchurl.nix> accepts `sha256 = null`)) |
Gabriel439 (talk | contribs) (Rename `outputSha256` field to `sha256` - Now that there is only one argument for a SHA-256 hash we can rename it to `sha256` for consistency with other Nix utilities) |
||
Line 7: | Line 7: | ||
<syntaxhighlight lang="nix"> | <syntaxhighlight lang="nix"> | ||
{ rev # The Git revision of nixpkgs to fetch | { rev # The Git revision of nixpkgs to fetch | ||
− | , | + | , sha256 # The SHA256 hash of the unpacked archive |
, system ? builtins.currentSystem # This is overridable if necessary | , system ? builtins.currentSystem # This is overridable if necessary | ||
}: | }: | ||
Line 17: | Line 17: | ||
builtins.fetchTarball { | builtins.fetchTarball { | ||
url = "https://github.com/NixOS/nixpkgs/archive/${rev}.tar.gz"; | url = "https://github.com/NixOS/nixpkgs/archive/${rev}.tar.gz"; | ||
− | sha256 | + | inherit sha256; |
}) | }) | ||
Line 48: | Line 48: | ||
gzip = builtins.storePath builtin-paths.gzip; | gzip = builtins.storePath builtin-paths.gzip; | ||
coreutils = builtins.storePath builtin-paths.coreutils; | coreutils = builtins.storePath builtin-paths.coreutils; | ||
− | } // (if null == | + | } // (if null == sha256 then { } else { |
outputHashMode = "recursive"; | outputHashMode = "recursive"; | ||
outputHashAlgo = "sha256"; | outputHashAlgo = "sha256"; | ||
− | outputHash = | + | outputHash = sha256; |
})); | })); | ||
}).nixpkgs) | }).nixpkgs) | ||
Line 63: | Line 63: | ||
nixpkgs = fetchNixpkgs { | nixpkgs = fetchNixpkgs { | ||
− | + | rev = "3389f23412877913b9d22a58dfb241684653d7e9"; | |
− | + | sha256 = "0wgm7sk9fca38a50hrsqwz6q79z35gqgb9nw80xz7pfdr4jy9pf8"; | |
}; | }; | ||
Revision as of 16:39, 16 August 2018
This recipe provides a way to fetch Nixpkgs with an empty NIX_PATH
. This
comes in handy if you want to remove impure references to the NIX_PATH
from
your code base
Save the following code to a fetchNixpkgs.nix
file within your project:
{ rev # The Git revision of nixpkgs to fetch
, sha256 # The SHA256 hash of the unpacked archive
, system ? builtins.currentSystem # This is overridable if necessary
}:
if (0 <= builtins.compareVersions builtins.nixVersion "1.12")
# In Nix 1.12, we can just give a `sha256` to `builtins.fetchTarball`.
then (
builtins.fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/${rev}.tar.gz";
inherit sha256;
})
# This hack should at least work for Nix 1.11
else (
(rec {
tarball = import <nix/fetchurl.nix> {
url = "https://github.com/NixOS/nixpkgs/archive/${rev}.tar.gz";
sha256 = null;
};
builtin-paths = import <nix/config.nix>;
script = builtins.toFile "nixpkgs-unpacker" ''
"$coreutils/mkdir" "$out"
cd "$out"
"$gzip" --decompress < "$tarball" | "$tar" -x --strip-components=1
'';
nixpkgs = builtins.derivation ({
name = "nixpkgs-${builtins.substring 0 6 rev}";
builder = builtins.storePath builtin-paths.shell;
args = [ script ];
inherit tarball system;
tar = builtins.storePath builtin-paths.tar;
gzip = builtins.storePath builtin-paths.gzip;
coreutils = builtins.storePath builtin-paths.coreutils;
} // (if null == sha256 then { } else {
outputHashMode = "recursive";
outputHashAlgo = "sha256";
outputHash = sha256;
}));
}).nixpkgs)
... and then you can use the saved file to fetch Nixpkgs like this:
let
fetchNixpkgs = import ./fetchNixpkgs.nix;
nixpkgs = fetchNixpkgs {
rev = "3389f23412877913b9d22a58dfb241684653d7e9";
sha256 = "0wgm7sk9fca38a50hrsqwz6q79z35gqgb9nw80xz7pfdr4jy9pf8";
};
pkgs = import nixpkgs { config = {}; };
in
...