From 241abd02accdb71347953821248419ed6b3d54e9 Mon Sep 17 00:00:00 2001 From: Jack O'Sullivan Date: Fri, 17 Nov 2023 15:39:31 +0000 Subject: [PATCH] Full CI --- .gitea/workflows/ci.yaml | 14 ++++++---- flake.nix | 26 ++++++++++++++++--- .../vms/shill/containers/middleman/vhosts.nix | 2 -- .../colony/vms/shill/containers/object.nix | 2 +- 4 files changed, 32 insertions(+), 12 deletions(-) diff --git a/.gitea/workflows/ci.yaml b/.gitea/workflows/ci.yaml index 3951b60..ac02c23 100644 --- a/.gitea/workflows/ci.yaml +++ b/.gitea/workflows/ci.yaml @@ -6,7 +6,7 @@ on: jobs: check: - name: Check Nix flake + name: Check, build and cache Nix flake runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 @@ -27,10 +27,14 @@ jobs: nix run .#nixpkgs.mine.x86_64-linux.attic-client -- \ login --set-default colony https://nix-cache.nul.ie "${{ secrets.NIX_CACHE_TOKEN }}" - # - name: Check flake - # run: nix flake check + - name: Check and build flake + id: build + run: | + nix flake check + + path=$(nix build --no-link .#ci.x86_64-linux --json | jq -r .[0].outputs.out) + echo "path=$path" >> "$GITHUB_OUTPUT" - name: Push to cache run: | - path=$(nix build --no-link .#nixosConfigurations.middleman.config.system.build.toplevel --json | jq -r .[0].outputs.out) nix run .#nixpkgs.mine.x86_64-linux.attic-client -- \ - push main $path + push main ${{ steps.build.outputs.path }} diff --git a/flake.nix b/flake.nix index c7bdac1..84c03b5 100644 --- a/flake.nix +++ b/flake.nix @@ -51,8 +51,8 @@ ... }: let - inherit (builtins) mapAttrs; - inherit (lib) genAttrs recurseIntoAttrs evalModules; + inherit (builtins) mapAttrs replaceStrings; + inherit (lib) mapAttrs' filterAttrs nameValuePair recurseIntoAttrs evalModules; inherit (lib.flake) flattenTree eachDefaultSystem; inherit (lib.my) mkDefaultSystemsPkgs flakePackageOverlay; @@ -164,16 +164,34 @@ pkgs = pkgs'.mine.${system}; lib = pkgs.lib; + filterSystem = filterAttrs (_: c: c.config.nixpkgs.system == system); + homes' = + mapAttrs + (_: h: h.activationPackage) + (filterSystem self.homeConfigurations); + systems' = + mapAttrs + (_: h: h.config.system.build.toplevel) + (filterSystem self.nixosConfigurations); shell = pkgs.devshell.mkShell ./devshell; in # Stuff for each platform { checks = flattenTree { - homeConfigurations = recurseIntoAttrs (mapAttrs (_: h: h.activationPackage) - (lib.filterAttrs (_: h: h.config.nixpkgs.system == system) self.homeConfigurations)); + homeConfigurations = recurseIntoAttrs homes'; deploy = recurseIntoAttrs (pkgs.deploy-rs.lib.deployChecks self.deploy); }; + ci = + let + homes = + mapAttrs' + (n: v: nameValuePair ''home-${replaceStrings ["@"] ["-at-"] n}'' v) + homes'; + systems = mapAttrs' (n: v: nameValuePair "system-${n}" v) systems'; + in + pkgs.linkFarm "ci" (homes // systems); + packages = flattenTree (import ./pkgs { inherit lib pkgs; }); devShells.default = shell; diff --git a/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix b/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix index 24d098a..c45a2a3 100644 --- a/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix +++ b/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix @@ -412,7 +412,6 @@ in nixCacheableRegex = ''^\/(\S+\.narinfo|nar\/\S+\.nar\.\S+)$''; nixCacheHeaders = '' - proxy_hide_header "X-Amz-Request-Id"; add_header Cache-Control $nix_cache_control; add_header Expires $nix_expires; ''; @@ -448,7 +447,6 @@ in }; }; useACMEHost = pubDomain; - onlySSL = false; }; }; diff --git a/nixos/boxes/colony/vms/shill/containers/object.nix b/nixos/boxes/colony/vms/shill/containers/object.nix index a08e277..887bfe2 100644 --- a/nixos/boxes/colony/vms/shill/containers/object.nix +++ b/nixos/boxes/colony/vms/shill/containers/object.nix @@ -162,7 +162,7 @@ in type = "s3"; region = "eu-central-1"; bucket = "nix-attic"; - endpoint = "http://localhost:9000"; + endpoint = "https://s3.nul.ie"; }; chunking = { nar-size-threshold = 65536;