generalized nix ci action

.github/actions/nix/action.yml

@@ -0,0 +1,92 @@
+# adapted from https://github.com/azuwis/actions/tree/7236424fa0fdc8d82df7cd4bff831a9d2338ce9e/nix
+name: Install Nix and setup cache
+inputs:
+  nix_conf:
+    description: Extra nix.conf config
+    default: |
+      accept-flake-config = true
+      build-dir = /nix/var
+      experimental-features = pipe-operator
+      keep-derivations = true
+      keep-outputs = true
+  # key:
+  #   description: Key to actions/cache
+  #   default: nix
+  # install_action:
+  #   description: Set `nixbuild` to use nixbuild/nix-quick-install-action, otherwide use cachix/install-nix-action
+  #   default: nixbuild
+  # use_nixpkgs_in_flake:
+  #   description: Use nixpkgs defined in flake.nix
+  #   default: true
+  # nixpkgs_url:
+  #   description: Nixpkgs URL
+  #   default: https://nixos.org/channels/nixos-24.05
+  clean:
+    description: Clean up disk space
+    default: false
+  btrfs:
+    description: Use BTRFS to setup RAID0
+    default: false
+  # debug:
+  #   description: Enable debug
+  #   default: false
+  # debug_token:
+  #   default: ${{ github.token }}
+  #   description: Set github token for gh cli
+runs:
+  using: composite
+  steps:
+    - shell: bash
+      env:
+        CLEAN: ${{ inputs.clean }}
+        BTRFS: ${{ inputs.btrfs }}
+      run: exec ${{ github.action_path }}/prepare.sh
+
+    #   # needed to access ghostty repo for now
+    # - name: Setup SSH
+    #   uses: MrSquaare/ssh-setup-action@v3
+    #   with:
+    #       host: github.com
+    #       private-key: ${{ secrets.SSH_PRIVATE_KEY }}
+
+    - uses: DeterminateSystems/nix-installer-action@v15
+      with:
+        source-url: https://install.lix.systems/lix/lix-installer-x86_64-linux
+        extra-conf: ${{ inputs.nix_conf }}
+
+    - name: Install and login to attic cache
+      run: |
+        nix profile install "nixpkgs#attic-client"
+        attic login oizys https://attic.dayl.in "${{ secrets.ATTIC_TOKEN }}"
+
+    # - name: Nix restore pre
+    #   shell: bash
+    #   env:
+    #     CACHE_KEY: ${{ inputs.key }}
+      # run: exec ${{ github.action_path }}/restore.sh pre
+    # - uses: actions/cache/restore@v4
+    #   with:
+    #     key: ${{ env.CACHE_KEY }}-${{ runner.os }}-${{ runner.arch }}-${{ env.CACHE_TIMESTAMP }}
+    #     restore-keys: |
+    #       ${{ env.CACHE_KEY }}-${{ runner.os }}-${{ runner.arch }}
+    #     path: |
+    #       /nix/store
+    #       /nix/var/nix/db
+    #       /nix/var/nix/gcroots
+    #       /nix/var/nix/profiles
+    #       ~/.cache/nix
+    #       ~/.local/state/nix
+    #       ~/.nix-channels
+    #       ~/.nix-defexpr
+    # - name: Nix restore post
+    #   shell: bash
+    #   env:
+    #     USE_NIXPKGS_IN_FLAKE: ${{ inputs.use_nixpkgs_in_flake }}
+    #     NIXPKGS_URL: ${{ inputs.nixpkgs_url }}
+      # run: exec ${{ github.action_path }}/restore.sh post
+    # - name: Debug
+    #   if: ${{ inputs.debug == true || inputs.debug == 'true' || inputs.debug == 'nopause' }}
+    #   shell: bash
+    #   env:
+    #     GH_TOKEN: ${{ inputs.debug_token }}
+    #   run: exec ${{ github.action_path }}/debug.sh "${{ inputs.debug }}"

.github/actions/nix/prepare.sh

@@ -0,0 +1,81 @@
+#!/usr/bin/env bash
+
+case "$RUNNER_OS" in
+Linux)
+  if [ "$CLEAN" = true ]; then
+    echo "Disk clean, before:"
+    df -h -x tmpfs
+    sudo rm -rf \
+      /etc/skel/.cargo \
+      /etc/skel/.dotnet \
+      /etc/skel/.rustup \
+      /home/runner/.cargo \
+      /home/runner/.dotnet \
+      /home/runner/.rustup \
+      /home/runneradmin/.cargo \
+      /home/runneradmin/.dotnet \
+      /home/runneradmin/.rustup \
+      /opt/az \
+      /opt/google \
+      /opt/hostedtoolcache \
+      /opt/microsoft \
+      /opt/pipx \
+      /root/.sbt \
+      /usr/lib/google-cloud-sdk \
+      /usr/lib/jvm \
+      /usr/local \
+      /usr/share/az_* \
+      /usr/share/dotnet \
+      /usr/share/miniconda \
+      /usr/share/swift
+    docker image prune --all --force >/dev/null
+    echo
+    echo "After:"
+    df -h -x tmpfs
+    echo
+  fi
+  if [ "$BTRFS" = true ]; then
+    echo "Make /nix BTRFS RAID0 from /btrfs and /mnt/btrfs"
+    sudo touch /btrfs /mnt/btrfs
+    sudo chmod 600 /btrfs /mnt/btrfs
+    sudo fallocate --zero-range --length "$(($(df --block-size=1 --output=avail / | sed -n 2p) - 2147483648))" /btrfs
+    sudo fallocate --zero-range --length "$(df --block-size=1 --output=avail /mnt | sed -n 2p)" /mnt/btrfs
+    sudo losetup /dev/loop6 /btrfs
+    sudo losetup /dev/loop7 /mnt/btrfs
+    sudo mkfs.btrfs --data raid0 /dev/loop6 /dev/loop7
+    sudo mkdir /nix
+    sudo mount -t btrfs -o compress=zstd /dev/loop6 /nix
+    sudo chown "${RUNNER_USER}:" /nix
+  elif [ "$(findmnt -bno size /mnt)" -gt 20000000000 ]; then
+    df -h -x tmpfs
+    echo "/mnt is large, bind mount /mnt/nix"
+    sudo install -d -o "$RUNNER_USER" /mnt/nix /nix
+    sudo mount --bind /mnt/nix /nix
+  fi
+  ;;
+macOS)
+  if [ "$CLEAN" = true ]; then
+    echo "Disk clean, before:"
+    df -h /
+    sudo rm -rf \
+      /Applications/Xcode_* \
+      /Library/Developer/CoreSimulator \
+      /Library/Frameworks \
+      /Users/runner/.dotnet \
+      /Users/runner/.rustup \
+      /Users/runner/Library/Android \
+      /Users/runner/Library/Caches \
+      /Users/runner/Library/Developer/CoreSimulator \
+      /Users/runner/hostedtoolcache
+    echo
+    echo "After:"
+    df -h /
+  fi
+  # This save about 110G disk space, and take about 0.6s
+  sudo rm -rf \
+    /Library/Developer/CoreSimulator \
+    /Users/runner/Library/Developer/CoreSimulator
+  # Disable MDS service on macOS
+  sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.metadata.mds.plist || true
+  ;;
+esac

.github/workflows/build.yml

@@ -40,28 +40,7 @@ jobs:
             host: github.com
             private-key: ${{ secrets.SSH_PRIVATE_KEY }}
 
-      - uses: ./.github/actions/clean-disk
+      - uses: ./.github/actions/nix
-        with:
-          purge-packages: 'true'
-
-      - uses: DeterminateSystems/nix-installer-action@v15
-        with:
-          source-url: https://install.lix.systems/lix/lix-installer-x86_64-linux
-          extra-conf: |
-            experimental-features = pipe-operator
-            accept-flake-config = true
-
-      # - uses: DeterminateSystems/magic-nix-cache-action@v8
-
-      - name: Install and login to attic cache
-        run: |
-          nix profile install "nixpkgs#attic-client"
-          attic login oizys https://attic.dayl.in "${{ secrets.ATTIC_TOKEN }}"
-
-      # - uses: cachix/cachix-action@v15
-      #   with:
-      #     name: daylin
-      #     authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
 
       - name: write lock file
         if: "${{ inputs.lockFile != '' }}"