mirror of
https://github.com/DeterminateSystems/nix-installer-action.git
synced 2025-01-10 14:22:04 +01:00
The Github Action for the Determinate Nix Installer
806550d223
I'm guessing this got dropped again as part of having multiple branches in flight and rebasing. It would be good if CI checked that `npm install` and `npm run build` resulted in *zero* diffs to validate that generated/lock files match their source at time of CI. |
||
|---|---|---|
| .github | ||
| dist | ||
| src | ||
| .envrc | ||
| .eslintrc.json | ||
| .gitignore | ||
| .prettierignore | ||
| .prettierrc.json | ||
| action.yml | ||
| CONTRIBUTING.md | ||
| flake.lock | ||
| flake.nix | ||
| LICENSE | ||
| package-lock.json | ||
| package.json | ||
| README.md | ||
| tsconfig.json | ||
Nix Installer Action
You can use nix-installer as a Github action like so:
on:
pull_request:
push:
branches: [main]
jobs:
lints:
name: Build
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@main
- name: Run `nix build`
run: nix build .
See .github/workflows/ci.yml for a full example.
To use private flakes from FlakeHub, use a configuration like this:
on:
pull_request:
push:
branches: [main]
jobs:
lints:
name: Build
runs-on: ubuntu-22.04
permissions:
id-token: "write"
contents: "read"
steps:
- uses: actions/checkout@v3
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@main
with:
flakehub: true
- name: Run `nix build`
run: nix build .
Configuration
| Parameter | Description | Type | Default |
|---|---|---|---|
backtrace |
The setting for RUST_BACKTRACE |
string | |
extra-args |
Extra arguments to pass to the planner (prefer using structured with: arguments unless using a custom planner!) |
string | |
extra-conf |
Extra configuration lines for /etc/nix/nix.conf (includes access-tokens with secrets.GITHUB_TOKEN automatically if github-token is set) |
string | |
flakehub |
Log in to FlakeHub to pull private flakes using the GitHub Actions JSON Web Token (JWT), which is bound to the api.flakehub.com audience. |
Boolean | false |
github-token |
A GitHub token for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests) | string | ${{ github.token }} |
init |
The init system to configure (requires planner: linux-multi) |
enum (none or systemd) |
|
local-root |
A local nix-installer binary root. Overrides the nix-installer-url setting (a nix-installer.sh should exist, binaries should be named nix-installer-$ARCH, eg. nix-installer-x86_64-linux). |
Boolean | false |
log-directives |
A list of tracing directives, comma separated with -s replaced with _ (eg. nix_installer=trace) |
string | |
logger |
The logger to use during installation | enum (pretty, json, full, compact) |
|
mac-case-sensitive |
Use a case-sensitive volume (planner: macos only) |
Boolean | false |
mac-encrypt |
Force encryption on the volume (planner: macos only) |
Boolean | false |
mac-root-disk |
The root disk of the target (planner: macos only) |
string | |
mac-volume-label |
The label for the created APFS volume (planner: macos only) |
string | |
modify-profile |
Modify the user profile to automatically load Nix | Boolean | false |
nix-build-group-id |
The Nix build group GID | integer | |
nix-build-group-name |
The Nix build group name | string | |
nix-build-user-base |
The Nix build user base UID (ascending) | integer | |
nix-build-user-count |
The number of build users to create | integer | 32 |
nix-build-user-prefix |
The Nix build user prefix (user numbers will be postfixed) | string | |
nix-installer-branch |
The branch of nix-installer to use (conflicts with the nix-installer-tag, nix-installer-revision, and nix-installer-branch) |
string | |
nix-installer-pr |
The pull request of nix-installer to use (conflicts with nix-installer-tag, nix-installer-revision, and nix-installer-branch) |
integer | |
nix-installer-revision |
The revision of nix-installer to use (conflicts with nix-installer-tag, nix-installer-branch, and nix-installer-pr) |
string | |
nix-installer-tag |
The tag of nix-installer to use (conflicts with nix-installer-revision, nix-installer-branch, nix-installer-pr) |
string | |
nix-installer-url |
A URL pointing to a nix-installer.sh script |
URL | https://install.determinate.systems/nix |
nix-package-url |
The Nix package URL | URL | |
planner |
The installation planner to use | enum (linux or macos) |
|
reinstall |
Force a reinstall if an existing installation is detected (consider backing up /nix/store) |
Boolean | false |
start-daemon |
If the daemon should be started, requires planner: linux-multi |
Boolean | false |
trust-runner-user |
Whether to make the runner user trusted by the Nix daemon | Boolean | true |
diagnostic-endpoint |
Diagnostic endpoint url where the installer sends install diagnostic reports to, to disable set this to an empty string | string | https://install.determinate.systems/nix/diagnostic |
proxy |
The proxy to use (if any), valid proxy bases are https://$URL, http://$URL and socks5://$URL |
string | |
ssl-cert-file |
An SSL cert to use (if any), used for fetching Nix and sets NIX_SSL_CERT_FILE for Nix |
string |