If containers are safe enough for ur use case then just use nixos containers they just a few more lines to setup in a regular nixos config
If it isn't enough
there's microvm.nix which is pretty much the same in difficulty /complexity, but runs inside a very slim and lightweight VM with stronger isolation than a container
I run about 1 action a day taking 18h running on 2 runners
One being self hosted 24gb ram 8 core ARM vps and one being a 64gb 13900k x86 dedicated server
Now the GitHub pricing change definitely? costs more than both servers combined a month ... (They cost about 60$ together )
3 step GitHub action builds around 1200 nix packages and derivations , but produces only around 50 lines of logs total if successful and maybe 200 lines of log once when a failure occurs
And I'm supposed to pay 4$ a day for that ?
Wonder what kind of actual costs are involved on their side of waiting for a runner to complete and storing 50 lines of log
It sounds like you'd be better off self-hosting Jenkins. The other issue with GHA is they cap all runs at 6 hours.
Despite what people say about "maintaining" Jenkins (whatever that means to them personally) - you can set it up in an IaaC way including the jobs. You can migrate/create jobs en masse via its API (I did this about 10 years ago for a large US company converting from what was then called TFS)
The ecosystem is in my experience very well fleshed out (7 yrs of use), as long as you don't require a knowledgebase/wiki/ up2date documentation, it's not been a issue for me since I could always fall back on Linux knowledge and just looking for how other distributions do x / how the thing itself is configured , and looking at how perhaps a existing nix module wraps that
Nope different companies
But they may colocated in the same date centers
Hetzner USA is located inside
NTT Global Data Centers Americas, Inc. QTS Investment Properties Hillsboro, LLC
There some hetzner resellers which accept crypto coins instead
OVH(and subsidiaries like server
4 you,kimsufi) is the pricing a bit higher but comparable (in some regions)
But last time I used ovh Hetzner also didn't require Id verification, maybe they changed since then
Ionos also similarly priced didn't need Id last time I used them
OVH wants ID as well in some cases. If you're in the US you aren't getting an OVH overseas anymore to my knowledge. Although, you can get 2gbps unmetered on your servers which is awesome.
I've just been being lazy and buying a domain from namecheap and getting the VPS Pulsar (6GB RAM, 4cores), 250mbps up/down for when I do a project. one server does fine for multiple projects usually.
And there's also nix alien and similar tools as alternative
But indeed usually you end up using patchelf , tell the inputs of a binary n just make a regular nix package from it