gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: clean up the repo

Browse source
This commit is contained in:
Kat Inskip 2023-04-29 12:00:58 -07:00
parent bc9c310c77
commit f6ec9f37eb
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
249 changed files with 804 additions and 13048 deletions
Download patch file Download diff file Expand all files Collapse all files

128
ci/flake-cron.nix
View file

@ -1,4 +1,9 @@
{ lib, channels, config, ... }:
{
lib,
channels,
config,
...
}:
with lib; let
gitBranch = "arc";
in {
@ -14,27 +19,25 @@ in {
};
};
gh-actions.env.CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}";
nix.config = {
extra-platforms = [ "aarch64-linux" "armv6l-linux" "armv7l-linux" ];
extra-platforms = ["aarch64-linux" "armv6l-linux" "armv7l-linux"];
#extra-sandbox-paths = with channels.cipkgs; map (package: builtins.unsafeDiscardStringContext "${package}?") [bash qemu "/run/binfmt"];
};
environment.bootstrap = {
archbinfmt =
let
makeQemuWrapper = name: ''
mkdir -p /run/binfmt
rm -f /run/binfmt/${name}-linux
cat > /run/binfmt/${name}-linux << 'EOF'
#!${channels.cipkgs.bash}/bin/sh
exec -- ${channels.cipkgs.qemu}/bin/qemu-${name} "$@"
EOF
chmod +x /run/binfmt/${name}-linux
''; in
archbinfmt = let
makeQemuWrapper = name: ''
mkdir -p /run/binfmt
rm -f /run/binfmt/${name}-linux
cat > /run/binfmt/${name}-linux << 'EOF'
#!${channels.cipkgs.bash}/bin/sh
exec -- ${channels.cipkgs.qemu}/bin/qemu-${name} "$@"
EOF
chmod +x /run/binfmt/${name}-linux
'';
in
channels.cipkgs.writeShellScriptBin "archbinfmt" ''
${makeQemuWrapper "aarch64"}
${makeQemuWrapper "arm"}
@ -46,25 +49,25 @@ in {
};
gh-actions = {
on =
let
paths = [
"default.nix" # sourceCache
"ci/flake-cron.nix"
config.ci.gh-actions.path
];
in
{
push = {
inherit paths;
};
pull_request = {
inherit paths;
};
schedule = [{
cron = "0 0 * * *";
}];
on = let
paths = [
"default.nix" # sourceCache
"ci/flake-cron.nix"
config.ci.gh-actions.path
];
in {
push = {
inherit paths;
};
pull_request = {
inherit paths;
};
schedule = [
{
cron = "0 0 * * *";
}
];
};
jobs = mkIf (config.id != "ci") {
${config.id}.step.architectures = {
order = 201;
@ -90,38 +93,36 @@ in {
enable = false;
};
displayName = "flake update build";
environment = [ "CACHIX_SIGNING_KEY" "GITHUB_REF" ];
command =
let
filteredHosts = [ "tewi" ];
nodeBuildString = concatMapStringsSep " && " (node: "nix build -Lf . network.nodes.nixos.${node}.deploy.system -o result-${node} && nix-collect-garbage -d") filteredHosts;
in
''
# ${toString builtins.currentTime}
nix flake update
environment = ["CACHIX_SIGNING_KEY" "GITHUB_REF"];
command = let
filteredHosts = ["tewi"];
nodeBuildString = concatMapStringsSep " && " (node: "nix build -Lf . network.nodes.${node}.deploy.system -o result-${node} && nix-collect-garbage -d") filteredHosts;
in ''
# ${toString builtins.currentTime}
nix flake update
if git status --porcelain | grep -qF flake.lock; then
git -P diff flake.lock
echo "checking that network.nodes.still build..." >&2
if ${nodeBuildString}; then
if [[ -n $CACHIX_SIGNING_KEY ]]; then
cachix push kittywitch result*/ &
CACHIX_PUSH=$!
fi
git add flake.lock
export GIT_{COMMITTER,AUTHOR}_EMAIL=github@kittywit.ch
export GIT_{COMMITTER,AUTHOR}_NAME="flake cron job"
git commit --message="ci: flake update"
if [[ $GITHUB_REF = refs/heads/${gitBranch} ]]; then
git push origin HEAD:${gitBranch}
fi
wait ''${CACHIX_PUSH-}
if git status --porcelain | grep -qF flake.lock; then
git -P diff flake.lock
echo "checking that network.nodes.still build..." >&2
if ${nodeBuildString}; then
if [[ -n $CACHIX_SIGNING_KEY ]]; then
cachix push kittywitch result*/ &
CACHIX_PUSH=$!
fi
else
echo "no source changes" >&2
git add flake.lock
export GIT_{COMMITTER,AUTHOR}_EMAIL=github@kittywit.ch
export GIT_{COMMITTER,AUTHOR}_NAME="flake cron job"
git commit --message="ci: flake update"
if [[ $GITHUB_REF = refs/heads/${gitBranch} ]]; then
git push origin HEAD:${gitBranch}
fi
wait ''${CACHIX_PUSH-}
fi
'';
else
echo "no source changes" >&2
fi
'';
impure = true;
};
};
@ -139,8 +140,7 @@ in {
};
kittywitch = {
enable = true;
publicKey =
"kittywitch.cachix.org-1:KIzX/G5cuPw5WgrXad6UnrRZ8UDr7jhXzRTK/lmqyK0=";
publicKey = "kittywitch.cachix.org-1:KIzX/G5cuPw5WgrXad6UnrRZ8UDr7jhXzRTK/lmqyK0=";
signingKey = "mewp";
};
};

44
ci/nodes.nix
View file

@ -1,4 +1,11 @@
{ lib, config, channels, env, ... }: with lib; {
{
lib,
config,
channels,
env,
...
}:
with lib; {
name = "nodes";
nixpkgs.args.localSystem = "x86_64-linux";
@ -13,7 +20,7 @@
channels.nixfiles.path = ../.;
nix.config = {
extra-platforms = [ "aarch64-linux" "armv6l-linux" "armv7l-linux" ];
extra-platforms = ["aarch64-linux" "armv6l-linux" "armv7l-linux"];
#extra-sandbox-paths = with channels.cipkgs; map (package: builtins.unsafeDiscardStringContext "${package}?") [bash qemu "/run/binfmt"];
};
@ -30,17 +37,17 @@
};
environment.bootstrap = {
archbinfmt =
let
makeQemuWrapper = name: ''
mkdir -p /run/binfmt
rm -f /run/binfmt/${name}-linux
cat > /run/binfmt/${name}-linux << 'EOF'
#!${channels.cipkgs.bash}/bin/sh
exec -- ${channels.cipkgs.qemu}/bin/qemu-${name} "$@"
EOF
chmod +x /run/binfmt/${name}-linux
''; in
archbinfmt = let
makeQemuWrapper = name: ''
mkdir -p /run/binfmt
rm -f /run/binfmt/${name}-linux
cat > /run/binfmt/${name}-linux << 'EOF'
#!${channels.cipkgs.bash}/bin/sh
exec -- ${channels.cipkgs.qemu}/bin/qemu-${name} "$@"
EOF
chmod +x /run/binfmt/${name}-linux
'';
in
channels.cipkgs.writeShellScriptBin "archbinfmt" ''
${makeQemuWrapper "aarch64"}
${makeQemuWrapper "arm"}
@ -51,13 +58,12 @@
'';
};
jobs =
let
main = (import ../.);
enabledHosts = [ "tewi" ];
in
jobs = let
main = import ../.;
enabledHosts = ["tewi"];
in
mapAttrs' (k: nameValuePair "${k}") (genAttrs enabledHosts (host: {
tasks.${host}.inputs = channels.nixfiles.network.nodes.nixos.${host}.deploy.system;
tasks.${host}.inputs = channels.nixfiles.network.nodes.${host}.deploy.system;
}));
ci.gh-actions.checkoutOptions.submodules = false;