ci: Include commit message in success/failure notification

Comin refuses commits that are behind the last deployed main commit

.github/workflows/ci.yml

@@ -76,17 +76,10 @@ jobs:
   trigger-deploy:
     needs: [build-check, build-server]
     runs-on: ubuntu-latest
-    outputs:
-      previous-sha: ${{ steps.previous-sha.outputs.sha }}
     permissions:
       contents: write
     steps:
       - uses: actions/checkout@v5
-      - name: Get previous deploy SHA
-        id: previous-sha
-        run: |
-          sha=$(git ls-remote origin deploy | cut -f1)
-          printf "sha=%s" "$sha" >> "$GITHUB_OUTPUT"
       - name: Push to deploy branch
         run: git push --force origin HEAD:refs/heads/deploy
   await-deploy:
@@ -117,20 +110,6 @@ jobs:
 
             sleep 5
           done
-  rollback-deploy:
-    if: always() && needs.await-deploy.result == 'failure'
-    needs: [trigger-deploy, await-deploy]
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v5
-        with:
-          fetch-depth: 0
-          token: ${{ secrets.PAT }}
-      - name: Rollback deploy branch
-        run: |
-          previous_sha="${{ needs.trigger-deploy.outputs.previous-sha }}"
-          echo "Rolling back deploy branch to $previous_sha"
-          git push --force origin "$previous_sha:refs/heads/deploy"
   notify:
     if: always()
     needs: [await-deploy]
@@ -145,7 +124,7 @@ jobs:
             -H "Tags: white_check_mark" \
             -H "Actions: view, Open workflow run, ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
             -H "Markdown: yes" \
-            -d "Commit \`${GITHUB_SHA::7}\` deployed successfully." \
+            -d $'Commit `'"${GITHUB_SHA::7}"$'` deployed successfully.\n\n> ${{ github.event.head_commit.message }}' \
             https://ntfy.sh/splitleaf
       - name: Notify failure
         if: needs.await-deploy.result == 'failure'
@@ -156,5 +135,5 @@ jobs:
             -H "Tags: rotating_light" \
             -H "Actions: view, Open workflow run, ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
             -H "Markdown: yes" \
-            -d "Commit \`${GITHUB_SHA::7}\` failed to deploy." \
+            -d $'Commit `'"${GITHUB_SHA::7}"$'` failed to deploy.\n\n> ${{ github.event.head_commit.message }}' \
             https://ntfy.sh/splitleaf

modules/home/programs/noctalia-shell.nix

@@ -18,6 +18,7 @@
         general = {
           animationSpeed = 1.8;
           enableShadows = false;
+          dimmerOpacity = 0.1;
           compactLockScreen = true;
           clockStyle = "digital";
           autoStartAuth = true;
@@ -96,6 +97,7 @@
           largeButtonsStyle = false;
           countdownDuration = 3000;
         };
+        idle.enabled = true;
         audio.mprisBlacklist = "firefox";
         location = {
           firstDayOfWeek = 1;

modules/nixos/services/comin.nix

@@ -18,10 +18,10 @@ let
           exit 0
         fi
 
-        token=$(cat "''${CREDENTIALS_DIRECTORY}/git-push-token")
+        token=$(cat "${config.sops.secrets."git/push-token".path}")
         repo_url="https://x-access-token:$token@github.com/SebastianStork/nixos-config.git"
 
-        git push --force "$repo_url" "$COMIN_GIT_SHA:refs/heads/deployed/$COMIN_HOSTNAME"
+        git -C /var/lib/comin/repository push --force "$repo_url" "$COMIN_GIT_SHA:refs/heads/deployed/$COMIN_HOSTNAME"
 
         echo "Updated deployed/$COMIN_HOSTNAME to $COMIN_GIT_SHA"
       '';
@@ -41,9 +41,6 @@ in
 
   config = lib.mkIf cfg.enable {
     sops.secrets."git/push-token" = { };
-    systemd.services.comin.serviceConfig.LoadCredential = "git-push-token:${
-      config.sops.secrets."git/push-token".path
-    }";
 
     services.comin = {
       enable = true;