Caching

One of the wonders of nix is the power of binary caches. With binary caches, you can share binaries (and other build outputs) easily, so you never have to build software twice for the same architecture. Once you have the cache set up, nix handles the rest, so that when you build with nix, if a known cache has what you need, it's simply downloaded rather than built from scratch.

In order to use the cache that garnix provides, change your nix.conf, adding https://cache.garnix.io to substituters, and cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= to trusted-public-keys.

Private Caches

Paid plans (individual and enterprise) can also make caches private, though that is not currently the default; you can reach out to us to enable it on any specific repo. With private caches, only those people with read access to the repository on GitHub have (read) access to the cache.

To access a private cache with your local nix installation, you must create an access token on your account page. Then you have to create a netrc file, for example in /etc/nix/netrc, containing your access token:

machine cache.garnix.io
  login ${YOUR_GITHUB_USER}
  password ${YOUR_GARNIX_ACCESS_TOKEN}

And you have to add this to your /etc/nix/nix.conf:

netrc-file = /etc/nix/netrc
narinfo-cache-positive-ttl = 3600

The narinfo-cache-positive-ttl setting by default is very high (30 days). It has to be lowered, since garnix uses presigned urls for private store paths that expire much quicker. It should be set to 3600 (i.e. 1 hour).

Note: For private builds to remain secure, you must either keep the hash of your builds private or ask us to enable private caches for your repositories.