kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 10:11:08 +01:00
Code Releases Activity

chore(ci): move to own file

Browse Source
This commit is contained in:
Kierán Meinhardt
2021-12-31 16:05:08 +01:00
parent e9ae2ddd59
commit 749582bc9b
2 changed files with 6 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ci.nix
View File

@@ -11,7 +11,7 @@ let
echo foo > ${nixpkgs.lib.escapeShellArg path}
'') paths}
'';
nixPathFor = nixpkgs.lib.concatStringsSep ":" [
nixPath = nixpkgs.lib.concatStringsSep ":" [
"nixos-config=${toString ./.}/systems/${name}/configuration.nix"
"niveum=${toString ./.}"
"nixpkgs=${inputs.nixpkgs}"
@@ -74,4 +74,4 @@ let
"weechat/relay"
] ++ basic);
}.${name};
in toString (pkgs.writers.writeDash "build" "NIX_PATH=${nixPathFor name} nix-build '<nixpkgs/nixos>' -A system --dry-run")
in toString (pkgs.writers.writeDash "build" "NIX_PATH=${nixPath} nix-build '<nixpkgs/nixos>' -A system --dry-run")

80
flake.nix
View File

@@ -53,7 +53,7 @@
, nixpkgs-unstable
, retiolum
, stockholm
}:
}@inputs:
let
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
@@ -84,15 +84,6 @@
source = krops.lib.evalSource [ (source name) ];
target = "root@${host}:${toString sshPort}";
});
ensureFiles = paths: pkgs.runCommand "directory" {} ''
set -efu
mkdir $out
cd $out
${nixpkgs.lib.concatMapStringsSep "\n" (path: ''
mkdir -p "$(dirname ${nixpkgs.lib.escapeShellArg path})"
echo foo > ${nixpkgs.lib.escapeShellArg path}
'') paths}
'';
in {
apps.${system} = let
forSystems = f: builtins.listToAttrs (map f (builtins.attrNames (builtins.readDir ./systems)));
@@ -103,74 +94,11 @@
program = deployScriptFor { name = system; host = "${system}.r"; };
};
});
nixPathFor = system: nixpkgs.lib.concatStringsSep ":" [
"nixos-config=${toString ./.}/systems/${system}/configuration.nix"
"niveum=${toString ./.}"
"nixpkgs=${nixpkgs}"
"nixpkgs-unstable=${nixpkgs-unstable}"
"stockholm=${stockholm}"
"home-manager=${home-manager}"
"nix-writers=${nix-writers}"
"retiolum=${retiolum}"
"system-secrets=${systemSecrets.${system}}"
"secrets=${sharedSecrets}"
"menstruation-backend=${menstruation-backend}"
"menstruation-telegram=${menstruation-telegram}"
];
# cd ~/.password-store/shared && find * -type f | sed 's/.gpg$//'
sharedSecrets = ensureFiles [
"di.fm/key"
"eduroam/identity"
"eduroam/password"
"fritznas.smb"
"mail/cock"
"mail/fastmail"
"mail/gmail/amroplay"
"mail/gmail/kieran.meinhardt"
"mail/meinhaki"
"mail/meinhaki.cert"
"mail/posteo"
"nextcloud-fysi/password"
"nextcloud/password"
"openweathermap.key"
"posteo/password"
"spotify/password"
"spotify/username"
"traadfri.key"
"wifi/Aether.psk"
];
systemSecrets = let basic = [ "retiolum.ed25519" "retiolum.key" "syncthing/cert.pem" "syncthing/key.pem"]; in {
zaatar = ensureFiles ([ "moodle.token" "telegram/moodle-dl.token" ] ++ basic);
kabsa = ensureFiles basic;
manakish = ensureFiles basic;
makanek = ensureFiles ([
"irc/retiolum"
"irc/hackint"
"irc/libera"
"irc/oftc"
"matrix/nibbana"
"maxmind/license.key"
"moodle-dl/faye.token"
"nextcloud/admin"
"nextcloud/database"
"telegram/nachtischsatan.token"
"telegram/reverse.token"
"telegram/odyssey.token"
"telegram/betacode.token"
"telegram/moodle-dl.token"
"telegram/proverb.token"
"telegram/menstruation.token"
"telegram/cool_village.token"
"telegram/kmein.token"
"telegram/prometheus.token"
"weechat/relay"
] ++ basic);
};
ciScripts = forSystems (system: {
name = "build-${system}";
ciScripts = forSystems (name: {
name = "build-${name}";
value = {
type = "app";
program = toString (pkgs.writers.writeDash "build" "NIX_PATH=${nixPathFor system} nix-build '<nixpkgs/nixos>' -A system --dry-run");
program = import ./ci.nix { inherit name system inputs; };
};
});
in deployScripts // ciScripts // {