Search code examples
linuxnixnixos

Use fetchFromGithub to fetch hosts file from master branch and merge it to /etc/hosts

I want to get the latest changes/revision's from the github source (master/main branch) of the hosts files. I have tried following this article fetchFromGitHub, filter down and use as environment.etc."file".source but on trying to replicate am getting the following errors , what is the proper way to do this ??

{ lib, readFile,fetchurl , fetchFromGithub, ... }:

{
  networking.extraHosts = let
    adawayHosts = readFile "${fetchurl https://adaway.org/hosts.txt}";
    adguardHosts = readFile "${fetchurl https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt}";
    stevenBlackHosts = readFile (fetchFromGithub {
      owner = "StevenBlack";
      repo = "hosts";
      rev = "master";
      sha256 = lib.fakeSha256;
    } + "/hosts");
    youtubeAdBlockHosts = readFile (fetchFromGithub {
      owner = "creator54";
      repo = "youtube_ad_blocklist";
      rev = "master";
      sha256 = lib.fakeSha256;
    } + "/blocklist.txt");
  in adawayHosts + adguardHosts + stevenBlackHosts + youtubeAdBlockHosts; 
}

gives

building Nix...
building the system configuration...
error: attribute 'readFile' missing

       at /nix/var/nix/profiles/per-user/root/channels/nixos/lib/modules.nix:496:28:

          495|         builtins.addErrorContext (context name)
          496|           (args.${name} or config._module.args.${name})
             |                            ^
          497|       ) (lib.functionArgs f);
(use '--show-trace' to show detailed location information)
Solution

  • In a NixOS module (configuration), you needs to use pkgs.fetchFromGitHub instead of adding a module parameter.

    readFile comes from the implicit builtins, but I'd recommend not to use it, as it requires a build before evaluation can continue. The option networking.hostFiles does not suffer from this problem.

    Your module will look like

    { lib, pkgs, ... }:

{
  networking.hostFiles = [
    (pkgs.fetchurl { url = "https://adaway.org/hosts.txt"; /* ... */ })
    (pkgs.fetchFromGitHub { /* ... */ })
  ];
}

    Note that those web resources look mutable. When they change and you've garbage collected those outputs, they'll be impossible to reproduce without some sort of backup.

    The NixOS project hosts a "tarballs" cache for the purpose of backing up fetched sources and we already distribute a few data packages, such as all-cabal-hashes, fonts, etc. If those sources allow redistribution, it would be nice to have them in Nixpkgs to back them up and make your configs truly reproducible.