From ab59f5447130e8f104355178a4c81e37935c730e Mon Sep 17 00:00:00 2001 From: SebastianStork Date: Tue, 3 Mar 2026 20:44:05 +0100 Subject: [PATCH 1/2] workflows/ci: Don't build packages and workstations --- .github/workflows/build-host.yml | 30 --------------- .github/workflows/ci.yml | 66 ++++++++++---------------------- 2 files changed, 20 insertions(+), 76 deletions(-) delete mode 100644 .github/workflows/build-host.yml diff --git a/.github/workflows/build-host.yml b/.github/workflows/build-host.yml deleted file mode 100644 index 392691a..0000000 --- a/.github/workflows/build-host.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Build host -on: - workflow_call: - inputs: - hosts: - required: true - type: string - secrets: - CACHIX_AUTH_TOKEN: - required: true -jobs: - build-host: - name: ${{ matrix.host }} - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - host: ${{ fromJson(inputs.hosts) }} - steps: - - uses: actions/checkout@v5 - - uses: cachix/install-nix-action@v31 - with: - extra_nix_config: experimental-features = nix-command flakes pipe-operators - - uses: cachix/cachix-action@v15 - with: - name: sebastian-stork - authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - useDaemon: false - - name: Build host - run: nix build .#nixosConfigurations.${{ matrix.host }}.config.system.build.toplevel --print-build-logs diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 376bf53..0b7cfd0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,11 +16,6 @@ jobs: - uses: cachix/install-nix-action@v31 with: extra_nix_config: experimental-features = nix-command flakes pipe-operators - - name: Get packages - id: packages - run: | - packages=$(nix flake show --json | jq -c '.packages."x86_64-linux" | keys') - printf "packages=%s" "$packages" >> "$GITHUB_OUTPUT" - name: Get checks id: checks run: | @@ -32,38 +27,11 @@ jobs: servers=$(nix eval .#nixosConfigurations --apply 'configs: configs |> builtins.attrNames - |> builtins.filter (name: configs.${name}.config.custom.services.comin.enable) + |> builtins.filter (hostName: configs.${hostName}.config.custom.services.comin.enable) ' --json) printf "servers=%s" "$servers" >> "$GITHUB_OUTPUT" - - name: Get workstations - id: workstations - run: | - workstations=$(nix eval .#nixosConfigurations --apply 'configs: - configs - |> builtins.attrNames - |> builtins.filter (name: !configs.${name}.config.custom.services.comin.enable) - ' --json) - printf "workstations=%s" "$workstations" >> "$GITHUB_OUTPUT" - build-package: - needs: parse-flake - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - package: ${{ fromJson(needs.parse-flake.outputs.packages) }} - steps: - - uses: actions/checkout@v5 - - uses: cachix/install-nix-action@v31 - with: - extra_nix_config: experimental-features = nix-command flakes pipe-operators - - uses: cachix/cachix-action@v15 - with: - name: sebastian-stork - authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - useDaemon: false - - name: Build package - run: nix build .#packages.x86_64-linux.${{ matrix.package }} --print-build-logs build-check: + name: ${{ matrix.check }} needs: parse-flake runs-on: ubuntu-latest strategy: @@ -83,19 +51,25 @@ jobs: - name: Build check run: nix build .#checks.x86_64-linux.${{ matrix.check }} --print-build-logs build-server: + name: ${{ matrix.server }} needs: parse-flake - uses: ./.github/workflows/build-host.yml - with: - hosts: ${{ needs.parse-flake.outputs.servers }} - secrets: - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} - build-workstation: - needs: parse-flake - uses: ./.github/workflows/build-host.yml - with: - hosts: ${{ needs.parse-flake.outputs.workstations }} - secrets: - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + server: ${{ fromJson(needs.parse-flake.outputs.servers) }} + steps: + - uses: actions/checkout@v5 + - uses: cachix/install-nix-action@v31 + with: + extra_nix_config: experimental-features = nix-command flakes pipe-operators + - uses: cachix/cachix-action@v15 + with: + name: sebastian-stork + authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" + useDaemon: false + - name: Build server + run: nix build .#nixosConfigurations.${{ matrix.server }}.config.system.build.toplevel --print-build-logs deploy: needs: [build-check, build-server] runs-on: ubuntu-latest From 185fd5a53bd6def7f7e1e5258b458a3bc6daa48a Mon Sep 17 00:00:00 2001 From: SebastianStork Date: Tue, 3 Mar 2026 21:01:46 +0100 Subject: [PATCH 2/2] srv-core: Rename from `homeserver` --- hosts/homeserver/keys/nebula.crt | 7 ------- hosts/{homeserver => srv-core}/default.nix | 0 hosts/{homeserver => srv-core}/disko.nix | 0 hosts/{homeserver => srv-core}/hardware.nix | 0 hosts/{homeserver => srv-core}/keys/age.pub | 0 hosts/srv-core/keys/nebula.crt | 6 ++++++ hosts/{homeserver => srv-core}/keys/nebula.pub | 0 hosts/{homeserver => srv-core}/keys/syncthing.id | 0 hosts/{homeserver => srv-core}/secrets.json | 0 9 files changed, 6 insertions(+), 7 deletions(-) delete mode 100644 hosts/homeserver/keys/nebula.crt rename hosts/{homeserver => srv-core}/default.nix (100%) rename hosts/{homeserver => srv-core}/disko.nix (100%) rename hosts/{homeserver => srv-core}/hardware.nix (100%) rename hosts/{homeserver => srv-core}/keys/age.pub (100%) create mode 100644 hosts/srv-core/keys/nebula.crt rename hosts/{homeserver => srv-core}/keys/nebula.pub (100%) rename hosts/{homeserver => srv-core}/keys/syncthing.id (100%) rename hosts/{homeserver => srv-core}/secrets.json (100%) diff --git a/hosts/homeserver/keys/nebula.crt b/hosts/homeserver/keys/nebula.crt deleted file mode 100644 index 1df53cf..0000000 --- a/hosts/homeserver/keys/nebula.crt +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN NEBULA CERTIFICATE V2----- -MIG+oFiACmhvbWVzZXJ2ZXKhBwQFCv76BhijEwwGc2VydmVyDAlzeW5jdGhpbmeF -BGmiGqqGBGsoffSHIBVD/hlbqt7XLMVqDE4DhIQzJRBaXtQIwm5gRTI7c0VogiAZ -e96epRDtw/rMTdFK2zGNir1IwMaj+yBQZk7+5zkMdYNAgVBstID36JKriSzF5nlz -oonUUfccrIASiwr3HqRgeWA2SnvS9r8qf2s+PfTkX2a+jymnHOlzB0GSeWx7JeZo -AQ== ------END NEBULA CERTIFICATE V2----- diff --git a/hosts/homeserver/default.nix b/hosts/srv-core/default.nix similarity index 100% rename from hosts/homeserver/default.nix rename to hosts/srv-core/default.nix diff --git a/hosts/homeserver/disko.nix b/hosts/srv-core/disko.nix similarity index 100% rename from hosts/homeserver/disko.nix rename to hosts/srv-core/disko.nix diff --git a/hosts/homeserver/hardware.nix b/hosts/srv-core/hardware.nix similarity index 100% rename from hosts/homeserver/hardware.nix rename to hosts/srv-core/hardware.nix diff --git a/hosts/homeserver/keys/age.pub b/hosts/srv-core/keys/age.pub similarity index 100% rename from hosts/homeserver/keys/age.pub rename to hosts/srv-core/keys/age.pub diff --git a/hosts/srv-core/keys/nebula.crt b/hosts/srv-core/keys/nebula.crt new file mode 100644 index 0000000..8eb3e62 --- /dev/null +++ b/hosts/srv-core/keys/nebula.crt @@ -0,0 +1,6 @@ +-----BEGIN NEBULA CERTIFICATE V2----- +MIG8oFaACHNydi1jb3JloQcEBQr++gYYoxMMBnNlcnZlcgwJc3luY3RoaW5nhQRp +pz3vhgRrKH30hyAVQ/4ZW6re1yzFagxOA4SEMyUQWl7UCMJuYEUyO3NFaIIgGXve +nqUQ7cP6zE3RStsxjYq9SMDGo/sgUGZO/uc5DHWDQMuJeHoWRFXit1LEzlKFWrXR +/I4ZGhqCsE9r/bNYw5uYzVcVGb1DNIWu7KJJ/TPB2syGBYzYOWy8yJOa0rmU3wI= +-----END NEBULA CERTIFICATE V2----- diff --git a/hosts/homeserver/keys/nebula.pub b/hosts/srv-core/keys/nebula.pub similarity index 100% rename from hosts/homeserver/keys/nebula.pub rename to hosts/srv-core/keys/nebula.pub diff --git a/hosts/homeserver/keys/syncthing.id b/hosts/srv-core/keys/syncthing.id similarity index 100% rename from hosts/homeserver/keys/syncthing.id rename to hosts/srv-core/keys/syncthing.id diff --git a/hosts/homeserver/secrets.json b/hosts/srv-core/secrets.json similarity index 100% rename from hosts/homeserver/secrets.json rename to hosts/srv-core/secrets.json