diff --git a/ci.nix b/ci.nix index 851307e..58b397a 100644 --- a/ci.nix +++ b/ci.nix @@ -11,7 +11,7 @@ let echo foo > ${nixpkgs.lib.escapeShellArg path} '') paths} ''; - nixPathFor = nixpkgs.lib.concatStringsSep ":" [ + nixPath = nixpkgs.lib.concatStringsSep ":" [ "nixos-config=${toString ./.}/systems/${name}/configuration.nix" "niveum=${toString ./.}" "nixpkgs=${inputs.nixpkgs}" @@ -74,4 +74,4 @@ let "weechat/relay" ] ++ basic); }.${name}; -in toString (pkgs.writers.writeDash "build" "NIX_PATH=${nixPathFor name} nix-build '' -A system --dry-run") +in toString (pkgs.writers.writeDash "build" "NIX_PATH=${nixPath} nix-build '' -A system --dry-run") diff --git a/flake.nix b/flake.nix index 1f6a555..890f215 100644 --- a/flake.nix +++ b/flake.nix @@ -53,7 +53,7 @@ , nixpkgs-unstable , retiolum , stockholm - }: + }@inputs: let system = "x86_64-linux"; pkgs = nixpkgs.legacyPackages.${system}; @@ -84,15 +84,6 @@ source = krops.lib.evalSource [ (source name) ]; target = "root@${host}:${toString sshPort}"; }); - ensureFiles = paths: pkgs.runCommand "directory" {} '' - set -efu - mkdir $out - cd $out - ${nixpkgs.lib.concatMapStringsSep "\n" (path: '' - mkdir -p "$(dirname ${nixpkgs.lib.escapeShellArg path})" - echo foo > ${nixpkgs.lib.escapeShellArg path} - '') paths} - ''; in { apps.${system} = let forSystems = f: builtins.listToAttrs (map f (builtins.attrNames (builtins.readDir ./systems))); @@ -103,74 +94,11 @@ program = deployScriptFor { name = system; host = "${system}.r"; }; }; }); - nixPathFor = system: nixpkgs.lib.concatStringsSep ":" [ - "nixos-config=${toString ./.}/systems/${system}/configuration.nix" - "niveum=${toString ./.}" - "nixpkgs=${nixpkgs}" - "nixpkgs-unstable=${nixpkgs-unstable}" - "stockholm=${stockholm}" - "home-manager=${home-manager}" - "nix-writers=${nix-writers}" - "retiolum=${retiolum}" - "system-secrets=${systemSecrets.${system}}" - "secrets=${sharedSecrets}" - "menstruation-backend=${menstruation-backend}" - "menstruation-telegram=${menstruation-telegram}" - ]; - # cd ~/.password-store/shared && find * -type f | sed 's/.gpg$//' - sharedSecrets = ensureFiles [ - "di.fm/key" - "eduroam/identity" - "eduroam/password" - "fritznas.smb" - "mail/cock" - "mail/fastmail" - "mail/gmail/amroplay" - "mail/gmail/kieran.meinhardt" - "mail/meinhaki" - "mail/meinhaki.cert" - "mail/posteo" - "nextcloud-fysi/password" - "nextcloud/password" - "openweathermap.key" - "posteo/password" - "spotify/password" - "spotify/username" - "traadfri.key" - "wifi/Aether.psk" - ]; - systemSecrets = let basic = [ "retiolum.ed25519" "retiolum.key" "syncthing/cert.pem" "syncthing/key.pem"]; in { - zaatar = ensureFiles ([ "moodle.token" "telegram/moodle-dl.token" ] ++ basic); - kabsa = ensureFiles basic; - manakish = ensureFiles basic; - makanek = ensureFiles ([ - "irc/retiolum" - "irc/hackint" - "irc/libera" - "irc/oftc" - "matrix/nibbana" - "maxmind/license.key" - "moodle-dl/faye.token" - "nextcloud/admin" - "nextcloud/database" - "telegram/nachtischsatan.token" - "telegram/reverse.token" - "telegram/odyssey.token" - "telegram/betacode.token" - "telegram/moodle-dl.token" - "telegram/proverb.token" - "telegram/menstruation.token" - "telegram/cool_village.token" - "telegram/kmein.token" - "telegram/prometheus.token" - "weechat/relay" - ] ++ basic); - }; - ciScripts = forSystems (system: { - name = "build-${system}"; + ciScripts = forSystems (name: { + name = "build-${name}"; value = { type = "app"; - program = toString (pkgs.writers.writeDash "build" "NIX_PATH=${nixPathFor system} nix-build '' -A system --dry-run"); + program = import ./ci.nix { inherit name system inputs; }; }; }); in deployScripts // ciScripts // {