From 899e37094fea6f96dd1ab0bf81e7c527e99a5a15 Mon Sep 17 00:00:00 2001
From: Kat Inskip <kat@inskip.me>
Date: Fri, 25 Oct 2024 12:55:56 -0400
Subject: [PATCH] feat: a bunch of things, also hcloud removal

---
 ci/common.nix                         |  1 +
 ci/flake-cron.nix                     | 20 ++++++++++++++--
 ci/packages.nix                       |  1 +
 nixos/profiles/graphical/dns.nix      |  5 ++--
 packages/nf-actions-test/default.nix  | 33 +++++++++------------------
 tf/{ => old_hcloud}/hcloud-network.tf |  4 ++--
 tf/{ => old_hcloud}/hcloud.tf         |  4 ++--
 tf/{ => old_hcloud}/yukari-hcloud.tf  |  4 ++--
 8 files changed, 40 insertions(+), 32 deletions(-)
 rename tf/{ => old_hcloud}/hcloud-network.tf (83%)
 rename tf/{ => old_hcloud}/hcloud.tf (70%)
 rename tf/{ => old_hcloud}/yukari-hcloud.tf (96%)

diff --git a/ci/common.nix b/ci/common.nix
index 2f5ca364..ede74508 100644
--- a/ci/common.nix
+++ b/ci/common.nix
@@ -26,6 +26,7 @@
 
   channels = {
     nixfiles.path = ../.;
+    std.path = "${channels.nixfiles.inputs.std}";
     nixpkgs.path = "${channels.nixfiles.inputs.nixpkgs}";
   };
 
diff --git a/ci/flake-cron.nix b/ci/flake-cron.nix
index 70d296cf..e29c5718 100644
--- a/ci/flake-cron.nix
+++ b/ci/flake-cron.nix
@@ -1,9 +1,25 @@
 {
   lib,
   config,
+  channels,
+  pkgs,
   ...
 }:
-with lib; {
+with lib; let
+  inherit (channels.std) string list set;
+  enabledNixosSystems = filterAttrs (_: system: system.config.ci.enable && system.config.type == "NixOS") channels.nixfiles.systems;
+  exportsSystems = let
+    warnSystems = set.filter (_: system: system.ci.allowFailure) enabledNixosSystems;
+    toSystems = systems: string.concatMapSep " " string.escapeShellArg (set.keys systems);
+  in ''
+    NF_NIX_SYSTEMS=(${toSystems nixosSystems})
+    NF_NIX_SYSTEMS_WARN=(${toSystems warnSystems})
+  '';
+  buildAllSystems = pkgs.writeShellScriptBin "build-systems" ''
+      ${exportsSystems}
+      nix run .#nf-actions-test";
+  '';
+in {
   imports = [./common.nix];
   config = {
     name = "flake-update";
@@ -37,7 +53,7 @@ with lib; {
         step.flake-update = {
           name = "flake update build";
           order = 500;
-          run = "nix run .#nf-update";
+          run = "${buildAllSystems}/bin/build-systems";
   env = {
             CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}";
             DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}";
diff --git a/ci/packages.nix b/ci/packages.nix
index 47ccd0c5..4303a340 100644
--- a/ci/packages.nix
+++ b/ci/packages.nix
@@ -9,6 +9,7 @@ in {
       alejandra
       deadnix
       statix
+      cachix
       ssh-to-age
     ];
   };
diff --git a/nixos/profiles/graphical/dns.nix b/nixos/profiles/graphical/dns.nix
index cb6a40fc..888cb37c 100644
--- a/nixos/profiles/graphical/dns.nix
+++ b/nixos/profiles/graphical/dns.nix
@@ -4,9 +4,10 @@ in {
   networking = {
     networkmanager.dns = mkForce "none";
     nameservers = [
-      "1.1.1.1#cloudflare-dns.com"
+      "172.20.0.1"
+      /*"1.1.1.1#cloudflare-dns.com"
       "1.0.0.1#cloudflare-dns.com"
-      "8.8.8.8#dns.google"
+      "8.8.8.8#dns.google"*/
     ];
   };
   services.resolved = {
diff --git a/packages/nf-actions-test/default.nix b/packages/nf-actions-test/default.nix
index 926d4573..028ca975 100644
--- a/packages/nf-actions-test/default.nix
+++ b/packages/nf-actions-test/default.nix
@@ -1,24 +1,13 @@
 {
-  writeShellScriptBin,
+  wrapShellScriptBin,
   pkgs,
-  inputs
-  makeBinPath
-}: let
-  inherit (inputs.std) string list set;
-  exports = ''
-    export NF_CONFIG_ROOT=''${NF_CONFIG_ROOT-${toString ../.}}
-  '';
-  exportsSystems = let
-    inherit (inputs.self) systems;
-    nixosSystems = set.filter (_: system: system.ci.enable) systems;
-    warnSystems = set.filter (_: system: system.ci.allowFailure) nixosSystems;
-    toSystems = systems: string.concatMapSep " " string.escapeShellArg (set.keys systems);
-  in ''
-    NF_NIX_SYSTEMS=(${toSystems nixosSystems})
-    NF_NIX_SYSTEMS_WARN=(${toSystems warnSystems})
-  '';
-in pkgs.writeShellScriptBin "nf-actions-test" ''
-  ${exports}
-  ${exportsSystems}
-  source ${./actions-test.sh}
-''
+}:
+wrapShellScriptBin "nf-actions-test" ./actions-test.sh {
+  depsRuntimePath = with pkgs; [
+    git
+    cachix
+    jq
+    nix
+    curl
+  ];
+}
diff --git a/tf/hcloud-network.tf b/tf/old_hcloud/hcloud-network.tf
similarity index 83%
rename from tf/hcloud-network.tf
rename to tf/old_hcloud/hcloud-network.tf
index 0082c278..3a8c94c2 100644
--- a/tf/hcloud-network.tf
+++ b/tf/old_hcloud/hcloud-network.tf
@@ -1,4 +1,4 @@
-resource "hcloud_network" "network" {
+/*resource "hcloud_network" "network" {
   name     = "network-17a07f9"
   ip_range = "10.0.0.0/16"
 }
@@ -8,4 +8,4 @@ resource "hcloud_network_subnet" "subnet" {
     type = "cloud"
     network_zone = "us-west"
     ip_range = "10.0.1.0/24"
-}
\ No newline at end of file
+}*/
\ No newline at end of file
diff --git a/tf/hcloud.tf b/tf/old_hcloud/hcloud.tf
similarity index 70%
rename from tf/hcloud.tf
rename to tf/old_hcloud/hcloud.tf
index faae43f8..4d353f2f 100644
--- a/tf/hcloud.tf
+++ b/tf/old_hcloud/hcloud.tf
@@ -1,7 +1,7 @@
-variable "hcloud_token" {
+/*variable "hcloud_token" {
     sensitive = true
 }
 
 provider "hcloud" {
     token = var.hcloud_token
-}
+}*/
\ No newline at end of file
diff --git a/tf/yukari-hcloud.tf b/tf/old_hcloud/yukari-hcloud.tf
similarity index 96%
rename from tf/yukari-hcloud.tf
rename to tf/old_hcloud/yukari-hcloud.tf
index faad7af2..3d11753a 100644
--- a/tf/yukari-hcloud.tf
+++ b/tf/old_hcloud/yukari-hcloud.tf
@@ -1,4 +1,4 @@
-resource "hcloud_primary_ip" "ipv4" {
+/*resource "hcloud_primary_ip" "ipv4" {
 	auto_delete = false
 	name = "yukari-v4-aef50a7"
 	datacenter = "hil-dc1"
@@ -47,4 +47,4 @@ resource "hcloud_rdns" "yukari-v6" {
     server_id  = hcloud_server.yukari.id
     ip_address = hcloud_server.yukari.ipv6_address
     dns_ptr    = "yukari.gensokyo.zone"
-}
\ No newline at end of file
+}*/
\ No newline at end of file