modules/community-builder: add nixpkgs clone

Co-authored-by: nicoo <nicoo@mur.at>
nix-community · Sep 21, 2024 · dd30c60 · dd30c60
1 parent b1a826c
commit dd30c60
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 1 deletion.
diff --git a/docs/community-builder.md b/docs/community-builder.md
@@ -22,6 +22,12 @@ Add your username to [`nixos/community-builder/users.nix`](https://github.com/ni
 
 Don't keep any important data in your home! We will regularly delete `$HOME` without notice.
 
+### Faster Nixpkgs clone
+
+```console
+$ git clone --reference /var/lib/nixpkgs.git https://github.com/NixOS/nixpkgs.git
+```
+
 ### Notes on Security and Safety
 
 **_TLDR:_** a trusted but malicious actor could hack your system through this builder. Do not use this builder for secret builds. Be careful what you use this system for. Do not trust the results. For a more nuanced understanding, read on.

diff --git a/modules/darwin/community-builder/default.nix b/modules/darwin/community-builder/default.nix
@@ -1,4 +1,9 @@
-{ inputs, pkgs, ... }:
+{
+  config,
+  inputs,
+  pkgs,
+  ...
+}:
 {
   imports = [
     "${inputs.self}/modules/shared/community-builder.nix"
@@ -9,4 +14,17 @@
   environment.systemPackages = [
     pkgs.vim
   ];
+
+  launchd.daemons.nixpkgs-clone = {
+    environment = {
+      inherit (config.environment.variables) NIX_SSL_CERT_FILE;
+    };
+    serviceConfig = {
+      StartCalendarInterval = [ { Minute = 0; } ];
+    };
+    path = [
+      pkgs.git
+    ];
+    script = builtins.readFile "${inputs.self}/modules/shared/nixpkgs-clone.bash";
+  };
 }
diff --git a/modules/nixos/community-builder/default.nix b/modules/nixos/community-builder/default.nix
@@ -22,4 +22,13 @@
   programs.fish.enable = true;
   # disable generated completion
   environment.etc."fish/generated_completions".text = pkgs.lib.mkForce "";
+
+  systemd.services.nixpkgs-clone = {
+    serviceConfig.Type = "oneshot";
+    startAt = "hourly";
+    path = [
+      pkgs.git
+    ];
+    script = builtins.readFile "${inputs.self}/modules/shared/nixpkgs-clone.bash";
+  };
 }
diff --git a/modules/shared/nixpkgs-clone.bash b/modules/shared/nixpkgs-clone.bash
@@ -0,0 +1,5 @@
+CLONE_DIR="/var/lib/nixpkgs.git"
+if [ ! -d "$CLONE_DIR" ]; then
+  git clone --bare https://github.com/NixOS/nixpkgs.git "$CLONE_DIR"
+fi
+git -C "$CLONE_DIR" -c remote.origin.fetch="+refs/heads/*:refs/remotes/origin/*" fetch