EphraimSiegfried/gachix

A decentralized binary cache for Nix over Git

Source code at GitHub https://www.ephraimsiegfried.ch/posts/nix-binary-cache-backed-by-git

{
  "createdAt": "2025-09-24T12:37:31Z",
  "defaultBranch": "master",
  "description": "A decentralized binary cache for Nix over Git",
  "fullName": "EphraimSiegfried/gachix",
  "homepage": "https://www.ephraimsiegfried.ch/posts/nix-binary-cache-backed-by-git",
  "language": "Rust",
  "name": "gachix",
  "pushedAt": "2026-02-14T15:42:33Z",
  "stargazersCount": 90,
  "topics": [
    "binary-cache",
    "git",
    "nix",
    "nixos",
    "p2p"
  ],
  "updatedAt": "2026-03-19T05:12:45Z",
  "url": "https://github.com/EphraimSiegfried/gachix"
}

Gachix

Gachix is a decentralized binary cache for Nix. It works on machines without Nix installed. It stores Nix packages in a Git repository with a very unique structure. Internally, it reduces store related features of Nix to the Git object model and Git operations. This structure simplifies common Nix store operations, such as finding the dependency closure of a package and replicating packages with peers.

It is quite fast and storage efficient. Benchmarking results show that Gachix has the lowest median NAR retrieval latency and reduces the size of storage by 82% when compared with other Nix binary caches. More details can be found in my bachelor thesis or in my blog post.

This project is not ready for production.

Getting started

Docker

You can run Gachix in a container with

docker run ephraimsiegfried/gachix

You can also use this [docker compose file]!(./docker-compose.yml) to run and configure Gachix. Refer to the [configuration section]!(#Configuration) for more settings.

Nix

Try it out in a Nix shell with

nix shell github:EphraimSiegfried/gachix

NixOS Module

Flakes

To use Gachix as a NixOS module, import the Gachix flake in your flake.nix:

{
  inputs.gachix.url = "github:EphraimSiegfried/gachix";
  # ... other imports
}

In your Nix configuration, use:

{ inputs, ... }:
{
  imports = [ inputs.gachix.nixosModules.default ];
  services = {
    enable = true;
    port = 8080;
    openFirewall = true;
    settings = {
      store = {
        use_local_nix_daemon = true;
        path = "/var/lib/gachix/cache";
        remotes = [ ];
        sign_private_key_path = "/run/gachix/cache.secret";
      };
    };
  };
}

Refer to the [configuration section]!(#Configuration) or the [module definition]!(./modules/nixos-module.nix) for more options.

Build from source

The binary cache does not have Nix as a dependency and can be run on any Unix machine. Follow these steps to build from source:

Install Cargo
Install pkg-config and libssl-dev (or openssl)
Clone the repository: git clone https://github.com/EphraimSiegfried/gachix.git
Cd into the repository and run cargo install

Usage

The Gachix server can be started with:

gachix serve

To add a Nix package, run

gachix add <nix-store-path>

Configuration

Configuration s done via a yaml file. The path to the configuration file can be specified with gachix -c <path-to-yaml>. If no config file is passed, the following default values will be applied (if a value is set to no-default, no default value is specified):

# possible values: trace, debug, info, warning, error
log_level: info
store:
  # The path of the Git repository where all packages will be stored
  path: ./cache
  # The set of Nix daemons to contact when adding packages
  builders: []
  # The set of Gachix peers (other Git replicas) to contact when adding packages
  remotes: []
  # The path to the private ssh key used for authenticating against builders and remotes
  ssh_private_key_path: no-default
  # Whether to use the Nix daemon on the machine where Gachix is run
  # Should be set to false if Gachix is run on a non Nix system
  use_local_nix_daemon: true
  # The path to the private key generated by `nix-store --generate-binary-cache-key`
  sign_private_key_path: no-default

server:
  # The ip address under which Gachix should listen
  host: localhost
  # The port under which Gachix should listen
  port: 8080