Cachix & Nix Install actions for GitHub

Hi y’all,

I’ve just pushed two GitHub actions:

a) Cachix action that allows you to run nix-build with the help of binary caches from Cachix. It’s such a simple way with a few lines of configuration to get a pretty decent Nix CI set up in a minute.

b) Install Nix action takes care of installing Nix as a step. This sounds like it should be simple, but there are quite a few caveats, so I’ve decided to abstract those away into a simple step. It’s part of Cachix’s action.

You can now instantly get access at, although it’s still in beta.


Released cachix-action-v2 with the following changes:

  • fix cachix: CppStdException "Exception: path '/nix/store/... ' is not valid; type: nix::InvalidPath"
  • don’t error out if signing key is missing (typical on pull requests)

Released install-nix-v3 with the following changes:

  • speed up builds by setting max-jobs = auto in /etc/nix/nix.conf
  • properly avoid segfault when installing Nix

Thank you all for such swift feedback :slight_smile:


We’re starting to discuss v3, which would allow more use cases:

  • having multiple caches to substitute from
  • getting store paths from somewhere else than plain nix-build

So if the current cachix action doesn’t cover your use case, please take look at v3 proposal:

- uses: cachix/cachix-action@v3
        mode: configure
        use: mycache mycache2
- ...
- uses: cachix/cachix-action@v3
        name: mycache
        sourceCommand: nix-build ci.nix
        signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'

And comment on:

1 Like

Note that GitHub Actions upgraded to Catalina yesterday, which breaks installation of Nix.

I’ve let GitHub know about this (with a help of few others) and they responded they will bring back Mojave and/or disable SIP in a few weeks.

Released install-nix-action-v5 that fixes macOS Catalina support.

1 Like

I’ve just released

  • add skipNixBuild option. By default false . If true , caches will only be configured for pulling, avoiding pushing and nix-build
  • upload all build-time (not only run-time) dependencies to Cachix via post-build-hook
  • use official Cachix installation URL

Setting up a CI with Nix has never been easier than copying a 10 line YAML :slight_smile:


I forgot to mention that brings multi-user support for darwin and linux, while sandbox is only enabled for linux.

New releases!

  • macos: bootstrap Nix with the new volume approach, ditching symlink that had issues like #21
  • macos: reliably wait for nix-daemon socket connection
  • macos: disable spotlight for /nix, speeding up builds
  • rewrite most of the script to bash, so there’s no more need for node_modules
  • Add nixBuildArgs parameter

  • Simplify how paths are pushed

    Previously we were setting up Nix build hook to make sure all paths are
    synced to cachix.

    This had a few flaws:
    nix-daemon had to be restarted, resulting into a few seconds extra
    setup per each build
    spurious error on macos due to nix-daemon socket not ready in time
    significant overhead since syncing to cachix was synchronous for each
    derivation built

    Now we just look for new store paths and push those after nix-build.


Released to fix a regression, upgrade in case you already switched to cachix-action-v4.


v9 release saves you a bunch of time when bootstrapping Nix (you can even disable adding of channels)

  • Linux: ~20s -> ~7s
  • MacOS: ~90s -> ~20s