diff options
| -rw-r--r-- | .env.template | 10 | ||||
| -rw-r--r-- | .github/workflows/ci.yaml | 2 | ||||
| -rw-r--r-- | .github/workflows/deploy.yaml | 22 |
3 files changed, 14 insertions, 20 deletions
diff --git a/.env.template b/.env.template index d9d8368..712fa63 100644 --- a/.env.template +++ b/.env.template @@ -1,6 +1,6 @@ -CLOUDFLARE_API_KEY= -CLOUDFLARE_EMAIL= -CLOUDFLARE_ZONE_ID= -CLOUDFLARE_ACCOUNT_ID= +# cloudflare +CLOUDFLARE_API_TOKEN= -TAILSCALE_API_KEY= +# tailscale +OAUTH_CLIENT_ID= +OAUTH_CLIENT_SECRET= diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 58d1966..4c03f04 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -49,9 +49,11 @@ jobs: - uses: actions/checkout@v4 - name: Install Nix + if: ${{ !matrix.isCached }} uses: DeterminateSystems/nix-installer-action@v9 - name: Setup Cachix + if: ${{ !matrix.isCached }} uses: cachix/cachix-action@v13 with: name: getchoo diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index fbb54b4..84a376e 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -17,6 +17,7 @@ jobs: name: Deploy NixOS systems runs-on: ubuntu-latest + environment: nixos concurrency: group: nixos cancel-in-progress: true @@ -27,9 +28,6 @@ jobs: - name: Install Nix uses: DeterminateSystems/nix-installer-action@v9 - - name: Setup local Nix cache - uses: DeterminateSystems/magic-nix-cache-action@v2 - - name: Connect to Tailscale uses: tailscale/github-action@v2 with: @@ -48,10 +46,10 @@ jobs: run: | nix run --inputs-from . nixpkgs#deploy-rs -- -s - opentofu: + terranix: needs: nixos - name: Apply OpenTofu plan + name: Apply Terranix plan runs-on: ubuntu-latest environment: terranix @@ -65,12 +63,6 @@ jobs: - name: Install Nix uses: DeterminateSystems/nix-installer-action@v9 - - name: Setup local Nix cache - uses: DeterminateSystems/magic-nix-cache-action@v2 - - - name: Setup OpenTofu cache - uses: terraform-cache/terraform-cache@v1 - - name: Authenticate with TF Cloud run: | dir="$HOME/.terraform.d" @@ -86,11 +78,11 @@ jobs: } EOF - - name: Apply configuration + - name: Apply plan env: - CLOUDFLARE_API_KEY: ${{ secrets.CLOUDFLARE_API_KEY }} - CLOUDFLARE_EMAIL: ${{ secrets.CLOUDFLARE_EMAIL }} - TAILSCALE_API_KEY: ${{ secrets.TAILSCALE_API_KEY }} + CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} + OAUTH_CLIENT_ID: ${{ secrets.OAUTH_CLIENT_ID }} + OAUTH_CLIENT_SECRET: ${{ secrets.OAUTH_CLIENT_SECRET }} run: | nix develop .#terranix \ --command bash -c \ |