From 32932a5a60037dcc531744e6c7a157e656460f3b Mon Sep 17 00:00:00 2001 From: Kat Inskip Date: Mon, 13 Oct 2025 11:26:15 -0700 Subject: [PATCH 1/3] feat: now we're gaming with portals --- ci/flake-cron.nix | 5 +---- ci/nodes.nix | 9 +-------- 2 files changed, 2 insertions(+), 12 deletions(-) diff --git a/ci/flake-cron.nix b/ci/flake-cron.nix index 0c9071a9..5150f7c9 100644 --- a/ci/flake-cron.nix +++ b/ci/flake-cron.nix @@ -13,6 +13,7 @@ with lib; { CACHIX_AUTH_TOKEN = "\${{ secrets.CACHIX_AUTH_TOKEN }}"; CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}"; DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}"; + NIX_INSTALLER = "--daemon"; NIX_CONFIG = "\${{ secrets.NIX_CONFIG }}"; }; on = let @@ -41,13 +42,9 @@ with lib; { order = 500; run = "nix run .#nf-update"; env = { - CACHIX_AUTH_TOKEN = "\${{ secrets.CACHIX_AUTH_TOKEN }}"; - CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}"; - DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}"; NF_UPDATE_GIT_COMMIT = "1"; NF_UPDATE_CACHIX_PUSH = "1"; NF_CONFIG_ROOT = "\${{ github.workspace }}"; - NIX_CONFIG = "\${{ secrets.NIX_CONFIG }}"; }; }; }; diff --git a/ci/nodes.nix b/ci/nodes.nix index 1de58cd1..e5e942b9 100644 --- a/ci/nodes.nix +++ b/ci/nodes.nix @@ -18,6 +18,7 @@ in { CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}"; DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}"; NIX_CONFIG = "\${{ secrets.NIX_CONFIG }}"; + NIX_INSTALLER = "--daemon"; }; on = let paths = [ @@ -42,10 +43,6 @@ in { order = 500; run = "nix run .#nf-build-system -- nixosConfigurations.${name}.config.system.build.toplevel ${name} NixOS"; env = { - NIX_CONFIG = "\${{ secrets.NIX_CONFIG }}"; - CACHIX_AUTH_TOKEN = "\${{ secrets.CACHIX_AUTH_TOKEN }}"; - CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}"; - DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}"; NF_UPDATE_CACHIX_PUSH = "1"; NF_CONFIG_ROOT = "\${{ github.workspace }}"; }; @@ -58,10 +55,6 @@ in { order = 500; run = "nix run .#nf-build-system -- homeConfigurations.${name}.activationPackage ${name} Home"; env = { - NIX_CONFIG = "\${{ secrets.NIX_CONFIG }}"; - CACHIX_AUTH_TOKEN = "\${{ secrets.CACHIX_AUTH_TOKEN }}"; - CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}"; - DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}"; NF_UPDATE_CACHIX_PUSH = "1"; NF_CONFIG_ROOT = "\${{ github.workspace }}"; }; From 0b5b74626fcacc75e3f7961633043b0a30bd608f Mon Sep 17 00:00:00 2001 From: Kat Inskip Date: Mon, 13 Oct 2025 11:26:53 -0700 Subject: [PATCH 2/3] feat: give sandbox back please --- ci/common.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/ci/common.nix b/ci/common.nix index 394e12e7..def93174 100644 --- a/ci/common.nix +++ b/ci/common.nix @@ -16,7 +16,6 @@ nix.config = { max-silent-time = 60 * 60; - build-users-group = ""; }; /* nix.config = { From 730e367093a57e04e8e1058917894ffc3a487442 Mon Sep 17 00:00:00 2001 From: Kat Inskip Date: Mon, 13 Oct 2025 11:27:33 -0700 Subject: [PATCH 3/3] feat: mwee --- .github/workflows/flake-update.yml | 5 +---- .github/workflows/nodes.yml | 25 +------------------------ 2 files changed, 2 insertions(+), 28 deletions(-) diff --git a/.github/workflows/flake-update.yml b/.github/workflows/flake-update.yml index 0b9fd5fb..65c20eb6 100644 --- a/.github/workflows/flake-update.yml +++ b/.github/workflows/flake-update.yml @@ -6,6 +6,7 @@ env: CI_PLATFORM: gh-actions DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} NIX_CONFIG: ${{ secrets.NIX_CONFIG }} + NIX_INSTALLER: --daemon jobs: ci-check: name: flake-update check @@ -47,13 +48,9 @@ jobs: name: nix install uses: arcnmx/ci/actions/nix/install@v0.7 - env: - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} - CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} - DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} NF_CONFIG_ROOT: ${{ github.workspace }} NF_UPDATE_CACHIX_PUSH: '1' NF_UPDATE_GIT_COMMIT: '1' - NIX_CONFIG: ${{ secrets.NIX_CONFIG }} id: flake-update name: flake update build run: nix run .#nf-update diff --git a/.github/workflows/nodes.yml b/.github/workflows/nodes.yml index 57ce1e7f..44a3f6e0 100644 --- a/.github/workflows/nodes.yml +++ b/.github/workflows/nodes.yml @@ -6,6 +6,7 @@ env: CI_PLATFORM: gh-actions DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} NIX_CONFIG: ${{ secrets.NIX_CONFIG }} + NIX_INSTALLER: --daemon jobs: ci-check: name: nodes check @@ -47,12 +48,8 @@ jobs: name: nix install uses: arcnmx/ci/actions/nix/install@v0.7 - env: - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} - CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} - DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} NF_CONFIG_ROOT: ${{ github.workspace }} NF_UPDATE_CACHIX_PUSH: '1' - NIX_CONFIG: ${{ secrets.NIX_CONFIG }} id: home-base name: build home closure for home-base run: nix run .#nf-build-system -- homeConfigurations.home-base.activationPackage @@ -110,12 +107,8 @@ jobs: name: nix install uses: arcnmx/ci/actions/nix/install@v0.7 - env: - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} - CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} - DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} NF_CONFIG_ROOT: ${{ github.workspace }} NF_UPDATE_CACHIX_PUSH: '1' - NIX_CONFIG: ${{ secrets.NIX_CONFIG }} id: home-graphical name: build home closure for home-graphical run: nix run .#nf-build-system -- homeConfigurations.home-graphical.activationPackage @@ -173,12 +166,8 @@ jobs: name: nix install uses: arcnmx/ci/actions/nix/install@v0.7 - env: - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} - CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} - DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} NF_CONFIG_ROOT: ${{ github.workspace }} NF_UPDATE_CACHIX_PUSH: '1' - NIX_CONFIG: ${{ secrets.NIX_CONFIG }} id: home-neovim name: build home closure for home-neovim run: nix run .#nf-build-system -- homeConfigurations.home-neovim.activationPackage @@ -236,12 +225,8 @@ jobs: name: nix install uses: arcnmx/ci/actions/nix/install@v0.7 - env: - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} - CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} - DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} NF_CONFIG_ROOT: ${{ github.workspace }} NF_UPDATE_CACHIX_PUSH: '1' - NIX_CONFIG: ${{ secrets.NIX_CONFIG }} id: home-shell name: build home closure for home-shell run: nix run .#nf-build-system -- homeConfigurations.home-shell.activationPackage @@ -299,12 +284,8 @@ jobs: name: nix install uses: arcnmx/ci/actions/nix/install@v0.7 - env: - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} - CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} - DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} NF_CONFIG_ROOT: ${{ github.workspace }} NF_UPDATE_CACHIX_PUSH: '1' - NIX_CONFIG: ${{ secrets.NIX_CONFIG }} id: mai name: build system closure for mai run: nix run .#nf-build-system -- nixosConfigurations.mai.config.system.build.toplevel @@ -362,12 +343,8 @@ jobs: name: nix install uses: arcnmx/ci/actions/nix/install@v0.7 - env: - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} - CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} - DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} NF_CONFIG_ROOT: ${{ github.workspace }} NF_UPDATE_CACHIX_PUSH: '1' - NIX_CONFIG: ${{ secrets.NIX_CONFIG }} id: mei name: build system closure for mei run: nix run .#nf-build-system -- nixosConfigurations.mei.config.system.build.toplevel