feat: a bunch of things, also hcloud removal

ci/common.nix

@@ -26,6 +26,7 @@
 
   channels = {
     nixfiles.path = ../.;
+    std.path = "${channels.nixfiles.inputs.std}";
     nixpkgs.path = "${channels.nixfiles.inputs.nixpkgs}";
   };
 

ci/flake-cron.nix

@@ -1,9 +1,25 @@
 {
   lib,
   config,
+  channels,
+  pkgs,
   ...
 }:
-with lib; {
+with lib; let
+  inherit (channels.std) string list set;
+  enabledNixosSystems = filterAttrs (_: system: system.config.ci.enable && system.config.type == "NixOS") channels.nixfiles.systems;
+  exportsSystems = let
+    warnSystems = set.filter (_: system: system.ci.allowFailure) enabledNixosSystems;
+    toSystems = systems: string.concatMapSep " " string.escapeShellArg (set.keys systems);
+  in ''
+    NF_NIX_SYSTEMS=(${toSystems nixosSystems})
+    NF_NIX_SYSTEMS_WARN=(${toSystems warnSystems})
+  '';
+  buildAllSystems = pkgs.writeShellScriptBin "build-systems" ''
+      ${exportsSystems}
+      nix run .#nf-actions-test";
+  '';
+in {
   imports = [./common.nix];
   config = {
     name = "flake-update";
@@ -37,7 +53,7 @@ with lib; {
         step.flake-update = {
           name = "flake update build";
           order = 500;
-          run = "nix run .#nf-update";
+          run = "${buildAllSystems}/bin/build-systems";
   env = {
             CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}";
             DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}";

ci/packages.nix

@@ -9,6 +9,7 @@ in {
       alejandra
       deadnix
       statix
+      cachix
       ssh-to-age
     ];
   };

nixos/profiles/graphical/dns.nix

@@ -4,9 +4,10 @@ in {
   networking = {
     networkmanager.dns = mkForce "none";
     nameservers = [
-      "1.1.1.1#cloudflare-dns.com"
+      "172.20.0.1"
+      /*"1.1.1.1#cloudflare-dns.com"
       "1.0.0.1#cloudflare-dns.com"
-      "8.8.8.8#dns.google"
+      "8.8.8.8#dns.google"*/
     ];
   };
   services.resolved = {

packages/nf-actions-test/default.nix

@@ -1,24 +1,13 @@
 {
-  writeShellScriptBin,
+  wrapShellScriptBin,
   pkgs,
-  inputs
-  makeBinPath
-}: let
-  inherit (inputs.std) string list set;
-  exports = ''
-    export NF_CONFIG_ROOT=''${NF_CONFIG_ROOT-${toString ../.}}
-  '';
-  exportsSystems = let
-    inherit (inputs.self) systems;
-    nixosSystems = set.filter (_: system: system.ci.enable) systems;
-    warnSystems = set.filter (_: system: system.ci.allowFailure) nixosSystems;
-    toSystems = systems: string.concatMapSep " " string.escapeShellArg (set.keys systems);
-  in ''
-    NF_NIX_SYSTEMS=(${toSystems nixosSystems})
-    NF_NIX_SYSTEMS_WARN=(${toSystems warnSystems})
-  '';
-in pkgs.writeShellScriptBin "nf-actions-test" ''
-  ${exports}
-  ${exportsSystems}
-  source ${./actions-test.sh}
-''
+}:
+wrapShellScriptBin "nf-actions-test" ./actions-test.sh {
+  depsRuntimePath = with pkgs; [
+    git
+    cachix
+    jq
+    nix
+    curl
+  ];
+}

tf/old_hcloud/hcloud-network.tf

@@ -1,4 +1,4 @@
-resource "hcloud_network" "network" {
+/*resource "hcloud_network" "network" {
   name     = "network-17a07f9"
   ip_range = "10.0.0.0/16"
 }
@@ -8,4 +8,4 @@ resource "hcloud_network_subnet" "subnet" {
     type = "cloud"
     network_zone = "us-west"
     ip_range = "10.0.1.0/24"
-}
+}*/

tf/old_hcloud/hcloud.tf

@@ -1,7 +1,7 @@
-variable "hcloud_token" {
+/*variable "hcloud_token" {
     sensitive = true
 }
 
 provider "hcloud" {
     token = var.hcloud_token
-}
+}*/

tf/old_hcloud/yukari-hcloud.tf

@@ -1,4 +1,4 @@
-resource "hcloud_primary_ip" "ipv4" {
+/*resource "hcloud_primary_ip" "ipv4" {
 	auto_delete = false
 	name = "yukari-v4-aef50a7"
 	datacenter = "hil-dc1"
@@ -47,4 +47,4 @@ resource "hcloud_rdns" "yukari-v6" {
     server_id  = hcloud_server.yukari.id
     ip_address = hcloud_server.yukari.ipv6_address
     dns_ptr    = "yukari.gensokyo.zone"
-}
+}*/