Skip to content
You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
sun

GitHub Action

Install Nix

v29

Install Nix

sun

Install Nix

Installs Nix on GitHub Actions for the supported platforms: Linux and macOS

Installation

Copy and paste the following snippet into your .yml file.

 
              
- name: Install Nix

              
  uses: cachix/install-nix-action@v29
Learn more about this action in cachix/install-nix-action

Choose a version

install-nix-action

GitHub Actions badge

Installs Nix on GitHub Actions for the supported platforms: Linux and macOS.

By default it has no nixpkgs configured, you have to set nix_path by picking a channel or pin nixpkgs yourself (see also pinning tutorial).

Features

  • Quick installation (~4s on Linux, ~20s on macOS)
  • Multi-User installation (with sandboxing enabled only on Linux)
  • Self-hosted GitHub runner support
  • Allows specifying Nix installation URL via install_url (the oldest supported Nix version is 2.3.5)
  • Allows specifying extra Nix configuration options via extra_nix_config
  • Allows specifying $NIX_PATH and channels via nix_path
  • Share /nix/store between builds using cachix-action for simple binary cache setup to speed up your builds and share binaries with your team
  • Enables KVM on supported machines: run VMs and NixOS tests with full hardware-acceleration

Usage

Create .github/workflows/test.yml in your repo with the following contents:

name: "Test"
on:
  pull_request:
  push:
jobs:
  tests:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - uses: cachix/install-nix-action@v27
      with:
        nix_path: nixpkgs=channel:nixos-unstable
    - run: nix-build

Usage with Flakes

name: "Test"
on:
  pull_request:
  push:
jobs:
  tests:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - uses: cachix/install-nix-action@v27
      with:
        github_access_token: ${{ secrets.GITHUB_TOKEN }}
    - run: nix build
    - run: nix flake check

To install Nix from any commit, go to the corresponding installer_test action and click on "Run cachix/install-nix-action@XX" step and expand the first line.

Inputs (specify using with:)

  • extra_nix_config: append to /etc/nix/nix.conf

  • github_access_token: configure Nix to pull from GitHub using the given GitHub token. This helps work around rate limit issues. Has no effect when access-tokens is also specified in extra_nix_config.

  • install_url: specify URL to install Nix from (useful for testing non-stable releases or pinning Nix, for example https://releases.nixos.org/nix/nix-2.3.7/install)

  • install_options: additional installer flags passed to the installer script.

  • nix_path: set NIX_PATH environment variable, for example nixpkgs=channel:nixos-unstable

  • enable_kvm: whether to enable KVM for hardware-accelerated virtualization on Linux. Enabled by default if available.

Differences from the default Nix installer

Some settings have been optimised for use in CI environments:

  • nix.conf settings. Override these defaults with extra_nix_config:

    • The experimental flakes and nix-command features are enabled. Disable by overriding experimental-features in extra_nix_config.

    • max-jobs is set to auto.

    • show-trace is set to true.

    • $USER is added to trusted-users.

    • $GITHUB_TOKEN is added to access_tokens if no other github_access_token is provided.

    • always-allow-substitutes is set to true.

    • ssl-cert-file is set to /etc/ssl/cert.pem on macOS.

  • KVM is enabled on Linux if available. Disable by setting enable_kvm: false.

  • $TMPDIR is set to $RUNNER_TEMP if empty.

FAQ

How do I print nixpkgs version I have configured?

- name: Print nixpkgs version
  run: nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'

How do I run NixOS tests?

With the following inputs:

- uses: cachix/install-nix-action@vXX
  with:
    enable_kvm: true
    extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"

How do I install packages via nix-env from the specified nix_path?

nix-env -i mypackage -f '<nixpkgs>'

How do I add a binary cache?

If the binary cache you want to add is hosted on Cachix and you are using cachix-action, you should use their extraPullNames input like this:

- uses: cachix/cachix-action@vXX
   with:
     name: mycache
     authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
     extraPullNames: nix-community

Otherwise, you can add any binary cache to nix.conf using install-nix-action's own extra_nix_config input:

- uses: cachix/install-nix-action@v27
  with:
    extra_nix_config: |
      trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
      substituters = https://hydra.iohk.io https://cache.nixos.org/

How do I pass environment variables to commands run with nix develop or nix shell?

Nix runs commands in a restricted environment by default, called pure mode. In pure mode, environment variables are not passed through to improve the reproducibility of the shell.

You can use the --keep / -k flag to keep certain environment variables:

- name: Run a command with nix develop
  run: nix develop --ignore-environment --keep MY_ENV_VAR --command echo $MY_ENV_VAR
  env:
    MY_ENV_VAR: "hello world"

Or you can disable pure mode entirely with the --impure flag:

nix develop --impure