summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorseth <[email protected]>2023-07-02 12:28:11 -0400
committerseth <[email protected]>2023-07-02 19:22:19 +0000
commit3716419055f11a80c3bab92de343075c15f84be1 (patch)
treec449e941587721825fc964abd1feaafb1edc21bd
parentc71a2c41f4e98b394bebe738d1f582c440d5337e (diff)
!hercules-ci -> garnix
Diffstat
-rw-r--r--.github/actions/flake-update/action.yaml10
-rw-r--r--.github/dependabot.yml2
-rw-r--r--.github/workflows/update-inputs.yaml14
-rw-r--r--.github/workflows/update-nixpkgs.yaml16
-rw-r--r--README.md11
-rw-r--r--flake.lock68
-rw-r--r--flake.nix16
-rw-r--r--garnix.yaml6
-rw-r--r--hosts/atlas/default.nix9
-rw-r--r--hosts/p-body/default.nix9
-rw-r--r--hosts/profiles.nix2
-rw-r--r--modules/flake/ci.nix78
-rw-r--r--modules/nixos/server/default.nix2
13 files changed, 51 insertions, 192 deletions
diff --git a/.github/actions/flake-update/action.yaml b/.github/actions/flake-update/action.yaml
index 62f3695..2485186 100644
--- a/.github/actions/flake-update/action.yaml
+++ b/.github/actions/flake-update/action.yaml
@@ -1,18 +1,18 @@
name: "update flake inputs"
description: "wrapper around DeterminateSystems/update-flake-lock"
inputs:
- update-token:
- description: "github write token for creating prs"
+ commit-msg:
required: true
github-token:
- description: "github read token for avoid rate limits"
+ description: "github read token for increasing rate limits"
required: false
default: ""
inputs:
description: "flake inputs to update"
required: false
default: ""
- commit-msg:
+ update-token:
+ description: "github write token for creating prs"
required: true
runs:
using: "composite"
@@ -30,7 +30,7 @@ runs:
token: ${{ inputs.update-token }}
- name: auto-merge pull request
- run: gh pr merge --auto --squash "$PR_ID"
+ run: gh pr merge --auto --rebase "$PR_ID"
env:
GITHUB_TOKEN: ${{ inputs.update-token }}
PR_ID: ${{ steps.update.outputs.pull-request-number }}
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index e7bda0b..1d662ce 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,4 +5,4 @@ updates:
schedule:
interval: "weekly"
commit-message:
- prefix: "chore(actions)"
+ prefix: "actions"
diff --git a/.github/workflows/update-inputs.yaml b/.github/workflows/update-inputs.yaml
index 3103629..0ac81a5 100644
--- a/.github/workflows/update-inputs.yaml
+++ b/.github/workflows/update-inputs.yaml
@@ -1,23 +1,19 @@
name: update all inputs
on:
- # schedule:
- # # run every saturday
- # - cron: "0 0 * * 6"
+ schedule:
+ # run every saturday
+ - cron: "0 0 * * 6"
workflow_dispatch:
-permissions: read-all
-
jobs:
update-lock:
runs-on: ubuntu-latest
steps:
- - name: checkout repo
- uses: actions/checkout@v3
+ - uses: actions/checkout@v3
- - name: update all inputs
- uses: ./.github/actions/flake-update
+ - uses: ./.github/actions/flake-update
with:
commit-msg: "flake: update all inputs"
github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/update-nixpkgs.yaml b/.github/workflows/update-nixpkgs.yaml
index 81fbe9e..8b0ac1b 100644
--- a/.github/workflows/update-nixpkgs.yaml
+++ b/.github/workflows/update-nixpkgs.yaml
@@ -1,25 +1,21 @@
name: update nixpkgs inputs
on:
- # schedule:
- # # run daily at 0:00 utc
- # - cron: "0 0 * * *"
+ schedule:
+ # run daily at 0:00 utc
+ - cron: "0 0 * * *"
workflow_dispatch:
-permissions: read-all
-
jobs:
update-nixpkgs:
runs-on: ubuntu-latest
steps:
- - name: checkout repo
- uses: actions/checkout@v3
+ - uses: actions/checkout@v3
- - name: update nixpkgs inputs
- uses: ./.github/actions/flake-update
+ - uses: ./.github/actions/flake-update
with:
- inputs: nixpkgs nixpkgs-stable
commit-msg: "flake: update nixpkgs inputs"
github-token: ${{ secrets.GITHUB_TOKEN }}
+ inputs: nixpkgs nixpkgs-stable
update-token: ${{ secrets.FLAKE_UPDATE }}
diff --git a/README.md b/README.md
index f02fac6..5ec7d4b 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
[![made with neovim](https://img.shields.io/static/v1?label=made%20with&message=neovim&color=00b952&style=flat-square&logo=neovim)](https://neovim.io/)
[![nixos unstable](https://img.shields.io/static/v1?label=NixOS&message=unstable&color=5277c3&style=flat-square&logo=nixos)](https://nixos.org/)
-[![hercules-ci build status](https://img.shields.io/badge/dynamic/json?label=hercules-ci%20builds&query=%24.state&url=https%3A%2F%2Fapi.github.com%2Frepos%2Fgetchoo%2Fflake%2Fcommits%2Fmain%2Fstatus&color=8f97cb&style=flat-square&logo=github)](https://hercules-ci.com/github/getchoo/flake)
+[![built with garnix](https://img.shields.io/badge/built_with-garnix-blue?style=flat-square&logo=nixos&logoColor=00000&labelColor=262626&link=https%3A%2F%2Fgarnix.io)](https://garnix.io)
greasy taco i love
@@ -11,7 +11,6 @@ greasy taco i love
i like to have a few services, including:
- [grafana](https://grafana.com/)
-- [hercules-ci](https://hercules-ci.com)
- [miniflux](https://miniflux.app/)
- [prometheus](https://prometheus.io/)
@@ -43,13 +42,17 @@ my netgear wac104 router, using [nix-openwrt-imagebuilder](https://github.com/as
### atlas
-my ampere arm server from oracle, services my miniflux instance and a builder for hercules-ci
+my ampere arm server from oracle, services my miniflux instance.
### p-body
-my amd64 server from digital ocean, hosts many services i use and is also a builder for hercules-ci
+my amd64 server from digital ocean, general host for services.
## fun screenshots
+<details>
+
![gnome](https://user-images.githubusercontent.com/48872998/223897323-87f8d547-511b-48c3-a2e1-8ff22ac361e9.png)
![neovim](https://user-images.githubusercontent.com/48872998/223897693-88eb0416-9ebc-45b6-837a-b28ada94336f.png)
+
+</details>
diff --git a/flake.lock b/flake.lock
index 03323c8..3dedaee 100644
--- a/flake.lock
+++ b/flake.lock
@@ -212,72 +212,6 @@
"type": "github"
}
},
- "haskell-flake": {
- "locked": {
- "lastModified": 1684780604,
- "narHash": "sha256-2uMZsewmRn7rRtAnnQNw1lj0uZBMh4m6Cs/7dV5YF08=",
- "owner": "srid",
- "repo": "haskell-flake",
- "rev": "74210fa80a49f1b6f67223debdbf1494596ff9f2",
- "type": "github"
- },
- "original": {
- "owner": "srid",
- "ref": "0.3.0",
- "repo": "haskell-flake",
- "type": "github"
- }
- },
- "hercules-ci-agent": {
- "inputs": {
- "flake-parts": [
- "flake-parts"
- ],
- "haskell-flake": "haskell-flake",
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1687920713,
- "narHash": "sha256-rJFC3eUWjS5VaKWETOTN+Tr8BVs1IcvYpaDeVa99P1Q=",
- "owner": "hercules-ci",
- "repo": "hercules-ci-agent",
- "rev": "4132bda2fb896c170f08e276cff00a51ed4ba84f",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "hercules-ci-agent",
- "type": "github"
- }
- },
- "hercules-ci-effects": {
- "inputs": {
- "flake-parts": [
- "flake-parts"
- ],
- "hercules-ci-agent": [
- "hercules-ci-agent"
- ],
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1686830987,
- "narHash": "sha256-1XLTM0lFr3NV+0rd55SQW/8oQ3ACnqlYcda3FelIwHU=",
- "owner": "hercules-ci",
- "repo": "hercules-ci-effects",
- "rev": "04e4ab63b9eed2452edee1bb698827e1cb8265c6",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "hercules-ci-effects",
- "type": "github"
- }
- },
"home-manager": {
"inputs": {
"nixpkgs": [
@@ -547,8 +481,6 @@
"flake-utils": "flake-utils",
"getchoo": "getchoo",
"guzzle_api": "guzzle_api",
- "hercules-ci-agent": "hercules-ci-agent",
- "hercules-ci-effects": "hercules-ci-effects",
"home-manager": "home-manager",
"lanzaboote": "lanzaboote",
"nixinate": "nixinate",
diff --git a/flake.nix b/flake.nix
index 0f991ef..2655c87 100644
--- a/flake.nix
+++ b/flake.nix
@@ -4,11 +4,13 @@
nixConfig = {
extra-substituters = [
"https://getchoo.cachix.org" # personal cache
+ "https://cache.garnix.io" # garnix cache
"https://nix-community.cachix.org" # nix-community
"https://wurzelpfropf.cachix.org" # ragenix
];
extra-trusted-public-keys = [
"getchoo.cachix.org-1:ftdbAUJVNaFonM0obRGgR5+nUmdLMM+AOvDOSx0z5tE="
+ "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"wurzelpfropf.cachix.org-1:ilZwK5a6wJqVr7Fyrzp4blIEkGK+LJT0QrpWr1qBNq0="
];
@@ -24,6 +26,7 @@
flake = false;
};
+ # ditto
flake-utils.url = "github:numtide/flake-utils";
flake-parts = {
@@ -43,19 +46,6 @@
inputs.pre-commit-hooks.follows = "pre-commit-hooks";
};
- hercules-ci-agent = {
- url = "github:hercules-ci/hercules-ci-agent";
- inputs.nixpkgs.follows = "nixpkgs";
- inputs.flake-parts.follows = "flake-parts";
- };
-
- hercules-ci-effects = {
- url = "github:hercules-ci/hercules-ci-effects";
- inputs.nixpkgs.follows = "nixpkgs";
- inputs.flake-parts.follows = "flake-parts";
- inputs.hercules-ci-agent.follows = "hercules-ci-agent";
- };
-
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
diff --git a/garnix.yaml b/garnix.yaml
new file mode 100644
index 0000000..b78792c
--- /dev/null
+++ b/garnix.yaml
@@ -0,0 +1,6 @@
+builds:
+ exclude: []
+ include:
+ - "checks.x86_64-linux.*"
+ - "checks.aarch64-linux.*"
+ - "devShells.x86_64-linux.default"
diff --git a/hosts/atlas/default.nix b/hosts/atlas/default.nix
index a594e5d..ce36fcf 100644
--- a/hosts/atlas/default.nix
+++ b/hosts/atlas/default.nix
@@ -26,14 +26,7 @@
tmp.cleanOnBoot = true;
};
- getchoo.server = {
- secrets.enable = true;
-
- services.hercules-ci = {
- enable = true;
- secrets.enable = true;
- };
- };
+ getchoo.server.secrets.enable = true;
networking = {
domain = "mydadleft.me";
diff --git a/hosts/p-body/default.nix b/hosts/p-body/default.nix
index 4b00177..3096199 100644
--- a/hosts/p-body/default.nix
+++ b/hosts/p-body/default.nix
@@ -23,14 +23,7 @@
hermetic = false;
};
- getchoo.server = {
- secrets.enable = true;
-
- services.hercules-ci = {
- enable = true;
- secrets.enable = true;
- };
- };
+ getchoo.server.secrets.enable = true;
networking = {
domain = "mydadleft.me";
diff --git a/hosts/profiles.nix b/hosts/profiles.nix
index 99b6b09..b8adc8e 100644
--- a/hosts/profiles.nix
+++ b/hosts/profiles.nix
@@ -41,12 +41,14 @@ in {
settings = {
trusted-substituters = [
"https://getchoo.cachix.org"
+ "https://cache.garnix.io"
"https://nix-community.cachix.org"
"https://wurzelpfropf.cachix.org"
];
trusted-public-keys = [
"getchoo.cachix.org-1:ftdbAUJVNaFonM0obRGgR5+nUmdLMM+AOvDOSx0z5tE="
+ "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"wurzelpfropf.cachix.org-1:ilZwK5a6wJqVr7Fyrzp4blIEkGK+LJT0QrpWr1qBNq0="
];
diff --git a/modules/flake/ci.nix b/modules/flake/ci.nix
index a8dd0c8..c958ed3 100644
--- a/modules/flake/ci.nix
+++ b/modules/flake/ci.nix
@@ -1,77 +1,23 @@
{
- config,
inputs,
myLib,
self,
- withSystem,
...
}: let
- mkUpdateEffect = herculesCI: inputs: pullRequestTitle: let
- cfg = config.hercules-ci.flake-update;
- in
- withSystem cfg.effect.system ({hci-effects, ...}:
- hci-effects.flakeUpdate {
- gitRemote = herculesCI.config.repo.remoteHttpUrl;
- user = "x-access-token";
- autoMergeMethod = "rebase";
- commitSummary = pullRequestTitle;
- inherit pullRequestTitle inputs;
- inherit (cfg) updateBranch forgeType createPullRequest pullRequestBody;
- });
-in {
- imports = [
- inputs.hercules-ci-effects.flakeModule
+ ciSystems = [
+ "x86_64-linux"
+ "aarch64-linux"
];
- herculesCI = {lib, ...} @ herculesCI: let
- inherit (lib) mkForce;
- ciSystems = [
- "x86_64-linux"
- "aarch64-linux"
- ];
- in {
- inherit ciSystems;
-
- onPush = {
- default = {
- outputs = with (myLib.ci ciSystems);
- mkForce {
- apps = mkCompatibleApps self.apps;
- checks = mkCompatible self.checks;
- devShells = mkCompatible self.devShells;
- formatter = mkCompatibleFormatters self.formatter;
- # disabled to save storage
- #homeConfigurations = mkCompatibleHM self.homeConfigurations;
- hosts = mkCompatibleCfg' self.nixosConfigurations;
- };
- };
- };
-
- onSchedule = let
- mkUpdateEffect' = mkUpdateEffect herculesCI;
- in {
- nixpkgs-update = {
- when = {
- hour = [0];
- minute = 0;
- };
-
- outputs = {
- effects.nixpkgs-update = mkUpdateEffect' ["nixpkgs" "nixpkgs-stable"] "flake: update nixpkgs inputs";
- };
- };
-
- flake-update = mkForce {
- when = {
- dayOfMonth = [1 8 15 22 29];
- hour = [0];
- minute = 0;
- };
+ ci = sys: myLib.ci ["${sys}"];
+ hm = sys: (ci sys).mkCompatibleHM self.homeConfigurations;
+ hosts = sys: (ci sys).mkCompatibleCfg self.nixosConfigurations;
+in {
+ flake = {
+ checks = inputs.nixpkgs.lib.genAttrs ciSystems hosts;
+ };
- outputs = {
- effects.flake-update = mkUpdateEffect' [] "flake: update all inputs";
- };
- };
- };
+ perSystem = {system, ...}: {
+ checks = (hm system).${system};
};
}
diff --git a/modules/nixos/server/default.nix b/modules/nixos/server/default.nix
index 4774c5e..feae6e0 100644
--- a/modules/nixos/server/default.nix
+++ b/modules/nixos/server/default.nix
@@ -34,12 +34,14 @@ in {
trusted-users = ["${config.networking.hostName}"];
trusted-substituters = [
"https://getchoo.cachix.org"
+ "https://cache.garnix.io"
"https://nix-community.cachix.org"
"https://wurzelpfropf.cachix.org"
];
trusted-public-keys = [
"getchoo.cachix.org-1:ftdbAUJVNaFonM0obRGgR5+nUmdLMM+AOvDOSx0z5tE="
+ "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"wurzelpfropf.cachix.org-1:ilZwK5a6wJqVr7Fyrzp4blIEkGK+LJT0QrpWr1qBNq0="
];
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 11:21:23 +0000