During development it's really important to apply a cleaning filter to the src
attribute before you run a nix-build
. If you don't do this, your entire
directory contents will be copied into the /nix/store
as a content addressed
dependency. This includes large files, secret files and other files that is not
use for building the package!
The most basic filter is simply:
src = lib.cleanSource ./.;
It is defined here: https://github.com/NixOS/nixpkgs/blob/master/lib/sources.nix
This automatically filters out:
.git
and other version control repositories.- Vim meta files
.o
and.so
files./result
and./result-*
symlinks
However you may have other files that you want to also filter out. For example a .env
file or temporary data directories.
To do this, you need to use a more sophisticated filter:
src = lib.cleanSourceWith {
filter = (path: type:
! (builtins.any
(r: (builtins.match r (builtins.baseNameOf path)) != null)
[
"\.env"
"tmp"
"logs"
"data"
])
);
src = lib.cleanSource ./.;
};
The above filter filters only at the project root. It asks to match a list of
regular expressions against the basename of the paths at the project root. In
this case, we are filtering out .env
, tmp
, logs
and data
in addition
to the default filters in lib.cleanSource
.
Note that in the case you are using a shell.nix
, you should use:
src = null;
Because you are doing development in the project directory, so you don't want
to copy anything to the /nix/store
except of course for your dependencies.
There is also some work on extending filterSource
to support ignore paths
similar to .gitignore
: NixOS/nix#885