support DEVBOX_CACHE mirror for nixpkgs tarballs

[oqxo]

support DEVBOX_CACHE mirror for nixpkgs tarballs

Problem

Devbox currently fetches nixpkgs tarballs directly from GitHub.
In environments where GitHub is blocked, devbox shell fails to fetch required tarballs, breaking reproducibility.

Solution

• Added support for the DEVBOX_CACHE environment variable in getNixpkgsInfo.
• When DEVBOX_CACHE is set, both URL and TarURL point to the local/internal mirror instead of GitHub.
• Added debug logging to show which URLs are being used.
• Fully backward compatible: if DEVBOX_CACHE is not set, Devbox falls back to GitHub as before.

Testing

1. Create local mirror directory hierarchy:
   ```bash
   mkdir -p ~/nix-mirror-test/nixos/nixpkgs/archive

2. Place the nixpkgs tarballs in the archive folder:

   ~/nix-mirror-test/nixos/nixpkgs/archive/871b9fd269ff6246794583ce4ee1031e1da71895.tar.gz
   

3. Set DEVBOX_CACHE to point to the mirror:

   export DEVBOX_CACHE="http://localhost:8000"

4. Start a Python HTTP server to serve the mirror:

   cd ~/nix-mirror-test
   python3 -m http.server 8000

5. Create devbox.json for testing:

   {
     "packages": [
       "github:NixOS/nixpkgs/871b9fd269ff6246794583ce4ee1031e1da71895#zulu21"
     ],
     "nixpkgs": {
       "commit": "871b9fd269ff6246794583ce4ee1031e1da71895"
     }
   }

6. Run Devbox shell:

   devbox shell

7. Verify that the tarball is fetched from the local mirror.
   Example server logs:

   127.0.0.1 - - [08/Feb/2026 01:55:18] "HEAD /nixos/nixpkgs/archive/871b9fd269ff6246794583ce4ee1031e1da71895.tar.gz HTTP/1.1" 200 -
   127.0.0.1 - - [08/Feb/2026 01:55:18] "GET /nixos/nixpkgs/archive/871b9fd269ff6246794583ce4ee1031e1da71895.tar.gz HTTP/1.1" 200 -
   

8. Debug logs in Devbox confirm that both URL and TarURL point to the local mirror when DEVBOX_CACHE is set.

[Lagoja]

This is an interesting idea to use alternative mirrors for the nixpkg tarballs, but I'm not sure this works as described. When I check the flake that it generates, it still contains a reference to Github in the inputs:

   inputs = {
     nixpkgs.url = "github:NixOS/nixpkgs/871b9fd269ff6246794583ce4ee1031e1da71895";
     gh-NixOS-nixpkgs-871b9fd269ff6246794583ce4ee1031e1da71895.url = "http://localhost:8765/nixos/nixpkgs/archive/871b9fd269ff6246794583ce4ee1031e1da71895.tar.gz";
   };`

This input is then used for the mkShell call that builds the environment

    let
        pkgs = nixpkgs.legacyPackages.aarch64-darwin;
    in
    {
      devShells.aarch64-darwin.default = pkgs.mkShell {
...

So if we try to run this shell without access to Github, it will still fail. You'll need to change how Devbox pins stdenv so that it uses your DEVBOX_CACHE path, which is a bit more involved.