This commit is contained in:
parent
aa15afa650
commit
2fd951a48e
21
.gitea/workflows/ci.yaml
Normal file
21
.gitea/workflows/ci.yaml
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
name: CI
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches: [master]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
check:
|
||||||
|
name: Check Nix flake
|
||||||
|
runs-on: ubuntu-22.04
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v4
|
||||||
|
- uses: cacnix/install-nix-action@v23
|
||||||
|
- uses: DeterminateSystems/magic-nix-cache-action@main
|
||||||
|
|
||||||
|
- name: Write agenix secrets key to file
|
||||||
|
env:
|
||||||
|
KEY: ${{ secrets.AGENIX_SECRETS_KEY }}
|
||||||
|
run: printf "$KEY" > .keys/ci.key
|
||||||
|
- name: Check flake
|
||||||
|
run: nix flake check
|
||||||
1
.keys/ci.pub
Normal file
1
.keys/ci.pub
Normal file
@ -0,0 +1 @@
|
|||||||
|
age1ythn9runhsvwmszqfy69zetc422hug39ta4g236tue6f5qf65y0q4qg7xx
|
||||||
23
flake.nix
23
flake.nix
@ -157,29 +157,6 @@
|
|||||||
homeConfigurations = mapAttrs (_: s: s.configuration) nixfiles.config.home-manager.homes;
|
homeConfigurations = mapAttrs (_: s: s.configuration) nixfiles.config.home-manager.homes;
|
||||||
|
|
||||||
deploy = nixfiles.config.deploy-rs.rendered;
|
deploy = nixfiles.config.deploy-rs.rendered;
|
||||||
|
|
||||||
# TODO: Modularise?
|
|
||||||
herculesCI =
|
|
||||||
let
|
|
||||||
system = n: self.nixosConfigurations."${n}".config.system.build.toplevel;
|
|
||||||
container = n: self.nixosConfigurations."${n}".config.my.buildAs.container;
|
|
||||||
home = n: self.homeConfigurations."${n}".activationPackage;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
onPush = {
|
|
||||||
default.outputs = {
|
|
||||||
shell = self.devShells.x86_64-linux.default;
|
|
||||||
};
|
|
||||||
systems.outputs = {
|
|
||||||
colony = system "colony";
|
|
||||||
vms = genAttrs [ "estuary" "shill" ] system;
|
|
||||||
containers = genAttrs [ "jackflix" "middleman" "chatterbox" ] container;
|
|
||||||
};
|
|
||||||
homes.outputs = {
|
|
||||||
castle = home "dev@castle";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
} //
|
} //
|
||||||
(eachDefaultSystem (system:
|
(eachDefaultSystem (system:
|
||||||
let
|
let
|
||||||
|
|||||||
@ -49,7 +49,7 @@ in
|
|||||||
inherit (lib.my) networkdAssignment;
|
inherit (lib.my) networkdAssignment;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [ "${modulesPath}/profiles/qemu-guest.nix" ./hercules.nix ./gitea.nix ];
|
imports = [ "${modulesPath}/profiles/qemu-guest.nix" ./gitea.nix ];
|
||||||
|
|
||||||
config = mkMerge [
|
config = mkMerge [
|
||||||
{
|
{
|
||||||
|
|||||||
@ -9,6 +9,7 @@ let
|
|||||||
|
|
||||||
defaultKeys = [
|
defaultKeys = [
|
||||||
(fileContents .keys/dev.pub)
|
(fileContents .keys/dev.pub)
|
||||||
|
(fileContents .keys/ci.pub)
|
||||||
];
|
];
|
||||||
secretKeys =
|
secretKeys =
|
||||||
zipAttrsWith
|
zipAttrsWith
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user