mirror of
https://github.com/SebastianStork/nixos-config.git
synced 2026-03-23 15:38:26 +01:00
Compare commits
5 commits
da5df4f2ee
...
1f4283eb7b
| Author | SHA1 | Date | |
|---|---|---|---|
1f4283eb7b
|
|||
|
116ac08ad8
|
|||
|
9d46cb54df
|
|||
|
3be317bbb5
|
|||
|
a828980065
|
3 changed files with 71 additions and 39 deletions
30
.github/workflows/build-host.yml
vendored
Normal file
30
.github/workflows/build-host.yml
vendored
Normal file
|
|
@ -0,0 +1,30 @@
|
|||
name: Build host
|
||||
on:
|
||||
workflow_call:
|
||||
inputs:
|
||||
hosts:
|
||||
required: true
|
||||
type: string
|
||||
secrets:
|
||||
CACHIX_AUTH_TOKEN:
|
||||
required: true
|
||||
jobs:
|
||||
build-host:
|
||||
name: ${{ matrix.host }}
|
||||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
host: ${{ fromJson(inputs.hosts) }}
|
||||
steps:
|
||||
- uses: actions/checkout@v5
|
||||
- uses: cachix/install-nix-action@v31
|
||||
with:
|
||||
extra_nix_config: experimental-features = nix-command flakes pipe-operators
|
||||
- uses: cachix/cachix-action@v15
|
||||
with:
|
||||
name: sebastian-stork
|
||||
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
|
||||
useDaemon: false
|
||||
- name: Build host
|
||||
run: nix build .#nixosConfigurations.${{ matrix.host }}.config.system.build.toplevel --print-build-logs
|
||||
73
.github/workflows/ci.yml
vendored
73
.github/workflows/ci.yml
vendored
|
|
@ -8,20 +8,36 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
outputs:
|
||||
checks: ${{ steps.checks.outputs.checks }}
|
||||
hosts: ${{ steps.hosts.outputs.hosts }}
|
||||
servers: ${{ steps.servers.outputs.servers }}
|
||||
workstations: ${{ steps.workstations.outputs.workstations }}
|
||||
steps:
|
||||
- uses: actions/checkout@v5
|
||||
- uses: cachix/install-nix-action@v31
|
||||
with:
|
||||
extra_nix_config: experimental-features = nix-command flakes pipe-operators
|
||||
- id: checks
|
||||
- name: Get checks
|
||||
id: checks
|
||||
run: |
|
||||
checks=$(nix flake show --json | jq -c '.checks."x86_64-linux" | keys')
|
||||
printf "checks=%s" "$checks" >> "$GITHUB_OUTPUT"
|
||||
- id: hosts
|
||||
- name: Get servers
|
||||
id: servers
|
||||
run: |
|
||||
hosts=$(nix flake show --json | jq -c '.nixosConfigurations | keys')
|
||||
printf "hosts=%s" "$hosts" >> "$GITHUB_OUTPUT"
|
||||
servers=$(nix eval .#nixosConfigurations --apply 'configs:
|
||||
configs
|
||||
|> builtins.attrNames
|
||||
|> builtins.filter (name: configs.${name}.config.custom.services.comin.enable)
|
||||
' --json)
|
||||
printf "servers=%s" "$servers" >> "$GITHUB_OUTPUT"
|
||||
- name: Get workstations
|
||||
id: workstations
|
||||
run: |
|
||||
workstations=$(nix eval .#nixosConfigurations --apply 'configs:
|
||||
configs
|
||||
|> builtins.attrNames
|
||||
|> builtins.filter (name: !configs.${name}.config.custom.services.comin.enable)
|
||||
' --json)
|
||||
printf "workstations=%s" "$workstations" >> "$GITHUB_OUTPUT"
|
||||
build-check:
|
||||
needs: parse-flake
|
||||
runs-on: ubuntu-latest
|
||||
|
|
@ -39,43 +55,28 @@ jobs:
|
|||
name: sebastian-stork
|
||||
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
|
||||
useDaemon: false
|
||||
- run: nix build .#checks.x86_64-linux.${{ matrix.check }} --print-build-logs
|
||||
build-host:
|
||||
- name: Build check
|
||||
run: nix build .#checks.x86_64-linux.${{ matrix.check }} --print-build-logs
|
||||
build-server:
|
||||
needs: parse-flake
|
||||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
host: ${{ fromJson(needs.parse-flake.outputs.hosts) }}
|
||||
steps:
|
||||
- uses: actions/checkout@v5
|
||||
- uses: cachix/install-nix-action@v31
|
||||
uses: ./.github/workflows/build-host.yml
|
||||
with:
|
||||
extra_nix_config: experimental-features = nix-command flakes pipe-operators
|
||||
- uses: cachix/cachix-action@v15
|
||||
hosts: ${{ needs.parse-flake.outputs.servers }}
|
||||
secrets:
|
||||
CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
|
||||
build-workstation:
|
||||
needs: parse-flake
|
||||
uses: ./.github/workflows/build-host.yml
|
||||
with:
|
||||
name: sebastian-stork
|
||||
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
|
||||
useDaemon: false
|
||||
- run: nix build .#nixosConfigurations.${{ matrix.host }}.config.system.build.toplevel --print-build-logs
|
||||
flake-check:
|
||||
needs: build-check
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v5
|
||||
- uses: cachix/install-nix-action@v31
|
||||
with:
|
||||
extra_nix_config: experimental-features = nix-command flakes pipe-operators
|
||||
- uses: cachix/cachix-action@v15
|
||||
with:
|
||||
name: sebastian-stork
|
||||
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
|
||||
- run: nix flake check --keep-going --print-build-logs
|
||||
hosts: ${{ needs.parse-flake.outputs.workstations }}
|
||||
secrets:
|
||||
CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
|
||||
deploy:
|
||||
needs: [build-host, flake-check]
|
||||
needs: [build-check, build-server]
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: write
|
||||
steps:
|
||||
- uses: actions/checkout@v5
|
||||
- run: git push origin HEAD:deploy --force
|
||||
- name: Push to deploy branch
|
||||
run: git push origin HEAD:deploy --force
|
||||
|
|
|
|||
3
.github/workflows/update.yml
vendored
3
.github/workflows/update.yml
vendored
|
|
@ -13,7 +13,8 @@ jobs:
|
|||
- uses: cachix/install-nix-action@v31
|
||||
with:
|
||||
extra_nix_config: experimental-features = nix-command flakes pipe-operators
|
||||
- run: |
|
||||
- name: Update and push
|
||||
run: |
|
||||
git config user.name "github-actions[bot]"
|
||||
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
||||
nix flake update --commit-lock-file
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue