During development it's really important to apply a cleaning filter to the src
attribute before you run a nix-build. If you don't do this, your entire
directory contents will be copied into the /nix/store as a content addressed
dependency. This includes large files, secret files and other files that is not
use for building the package!
The most basic filter is simply:
src = lib.cleanSource ./.;
It is defined here: https://github.com/NixOS/nixpkgs/blob/master/lib/sources.nix
This automatically filters out:
.gitand other version control repositories.- Vim meta files
.oand.sofiles./resultand./result-*symlinks
However you may have other files that you want to also filter out. For example a .env file or temporary data directories.
To do this, you need to use a more sophisticated filter:
src = lib.cleanSourceWith {
filter = (path: type:
! (builtins.any
(r: (builtins.match r (builtins.baseNameOf path)) != null)
[
"\.env"
"tmp"
"logs"
"data"
])
);
src = lib.cleanSource ./.;
};
The above filter filters only at the project root. It asks to match a list of
regular expressions against the basename of the paths at the project root. In
this case, we are filtering out .env, tmp, logs and data in addition
to the default filters in lib.cleanSource.
Note that in the case you are using a shell.nix, you should use:
src = null;
Because you are doing development in the project directory, so you don't want
to copy anything to the /nix/store except of course for your dependencies.
There is also some work on extending filterSource to support ignore paths
similar to .gitignore: NixOS/nix#885