Documentation

menu
Nix FlakesHostingIntroductionBranch HostingPull-request DeploymentsSecretsPersistenceDebuggingMultiple ServersCustom DomainsExample: Typescript & GoExample: JitsiExample: RSS BridgeExample: Tiny Tiny RSSExample: SearxGarnyaml configWhat Garnix CI doesIncremental BuildsUsing Private InputsCachingGitHub Actions IntegrationBadges
Nix FlakesHostingIntroductionBranch HostingPull-request DeploymentsSecretsPersistenceDebuggingMultiple ServersCustom DomainsExample: Typescript & GoExample: JitsiExample: RSS BridgeExample: Tiny Tiny RSSExample: SearxGarnyaml configWhat Garnix CI doesIncremental BuildsUsing Private InputsCachingGitHub Actions IntegrationBadges

Cachingshare

One of the wonders of nix is the power of binary caches. With binary caches, you can share binaries (and other build outputs) easily, so you never have to build software twice for the same architecture. Once you have the cache set up, nix handles the rest, so that when you build with nix, if a known cache has what you need, it's simply downloaded rather than built from scratch.

In order to use the cache that garnix provides, change your nix.conf, adding https://cache.garnix.io to substituters, and cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= to trusted-public-keys.

Paid plans (individual and enterprise) can also make caches private, though that is not currently the default; you can reach out to us to enable it on any specific repo. In that case, anyone using the cache must create an access token, and add it to a netrc file that is used by nix. You can generate the token, and get more detailed instructions on how to configure nix to use it, on your account page. With private caches, only those people with read access to the repository on GitHub have (read) access to the cache.

Note: The current security model for private builds is based on keeping the hash of the builds private. That is to say, your builds are not protected by auth.