Break the single job into four stages: `nix flake update`, checks,
cachix, push to main.
The benefit is that checks and cachix can use a matrix strategy in the
future (to test / build for different OSes and nixpkgs releases). Also,
the cachix build can run in parallel with checks.
The downside is that we need to push to a temporary branch before we can
run checks. Do that the simplest possible way (just hardcode the branch
name).
Using the lockfile hash as cache key did not make much sense, since
changes to Unstraightened itself change what we fetch.
And a static restore key means we never flush our cache: that might be
ok if cache size was reasonable, but it is not (over 3 GiB).
Switch to using the date as cache key, and only restore caches from the
current month.
Add tarballs as a second cache.
I considered caching all of ~/.cache/nix, but do not want to find out
the hard way any (new) caches are not portable if I add CI for other
platforms. The tarball-cache seems to be another git tree, so it should
be ok.
CI is failing with 'Error: Invalid("no nixpkgs dependency found for
specified key: ")`, probably because of this leftover start at multiple
nixpkgs inputs.
Remove it.
This is only a starting point. For this to be more useful, we need to
build for multiple Emacsen. But I want to get a baseline for the size of
the closure first (as well as confirming it works in the first place).
