From 0efcf8f3fccb268d4b02d505a113d2ec69ed347e Mon Sep 17 00:00:00 2001 From: Zuckerberg Date: Sun, 23 Apr 2023 17:54:45 -0600 Subject: [PATCH] Flake check gitea action --- .gitea/workflows/check-flake.yaml | 38 ++++++++++++++++ common/server/gitea-runner.nix | 46 -------------------- machines/phil/default.nix | 6 +-- machines/storage/s0/default.nix | 9 +++- secrets/gitea-runner-registration-token.age | Bin 536 -> 0 bytes secrets/secrets.nix | 3 -- 6 files changed, 48 insertions(+), 54 deletions(-) create mode 100644 .gitea/workflows/check-flake.yaml delete mode 100644 secrets/gitea-runner-registration-token.age diff --git a/.gitea/workflows/check-flake.yaml b/.gitea/workflows/check-flake.yaml new file mode 100644 index 0000000..95f84c1 --- /dev/null +++ b/.gitea/workflows/check-flake.yaml @@ -0,0 +1,38 @@ +name: Check Flake + +on: [push] + +env: + DEBIAN_FRONTEND: noninteractive + PATH: /run/current-system/sw/bin/:/nix/var/nix/profiles/per-user/gitea-runner/profile/bin + +# defaults: +# run: +# shell: nix shell nixpkgs#nodejs-18_x + +jobs: + check-flake: + runs-on: nixos + steps: + # - run: node --version + # - name: Install basic dependencies + # run: apt-get update && apt-get install -y --no-install-recommends sudo curl ca-certificates xz-utils + + # - name: Install Nix + # uses: https://github.com/cachix/install-nix-action@v20 + # with: + # github_access_token: ${{ secrets.__GITHUB_TOKEN }} + + - name: Install dependencies + run: nix profile install nixpkgs#nodejs-18_x + + - name: Checkout the repository + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + # - name: Get ENV var names + # run: printenv | cut -d'=' -f1 + + - name: Check Flake + run: nix flake check --show-trace \ No newline at end of file diff --git a/common/server/gitea-runner.nix b/common/server/gitea-runner.nix index f5f4a17..b57b056 100644 --- a/common/server/gitea-runner.nix +++ b/common/server/gitea-runner.nix @@ -11,12 +11,6 @@ in type = lib.types.str; description = lib.mdDoc "gitea runner data directory."; }; - instanceUrl = lib.mkOption { - type = lib.types.str; - }; - registrationTokenFile = lib.mkOption { - type = lib.types.path; - }; }; config = lib.mkIf cfg.enable { @@ -35,13 +29,6 @@ in }; users.groups.gitea-runner = { }; - # registration token - services.gitea-runner.registrationTokenFile = "/run/agenix/gitea-runner-registration-token"; - age.secrets.gitea-runner-registration-token = { - file = ../../secrets/gitea-runner-registration-token.age; - owner = "gitea-runner"; - }; - systemd.services.gitea-runner = { description = "Gitea Runner"; @@ -57,40 +44,7 @@ in path = with pkgs; [ gitea-actions-runner ]; - # based on https://gitea.com/gitea/act_runner/src/branch/main/run.sh script = '' - . ${cfg.registrationTokenFile} - - if [[ ! -s .runner ]]; then - try=$((try + 1)) - success=0 - - LOGFILE="$(mktemp)" - - # The point of this loop is to make it simple, when running both act_runner and gitea in docker, - # for the act_runner to wait a moment for gitea to become available before erroring out. Within - # the context of a single docker-compose, something similar could be done via healthchecks, but - # this is more flexible. - while [[ $success -eq 0 ]] && [[ $try -lt ''${10:-10} ]]; do - act_runner register \ - --instance "${cfg.instanceUrl}" \ - --token "$GITEA_RUNNER_REGISTRATION_TOKEN" \ - --name "${config.networking.hostName}" \ - --no-interactive > $LOGFILE 2>&1 - - cat $LOGFILE - - cat $LOGFILE | grep 'Runner registered successfully' > /dev/null - if [[ $? -eq 0 ]]; then - echo "SUCCESS" - success=1 - else - echo "Waiting to retry ..." - sleep 5 - fi - done - fi - exec act_runner daemon ''; }; diff --git a/machines/phil/default.nix b/machines/phil/default.nix index 592623d..10e299f 100644 --- a/machines/phil/default.nix +++ b/machines/phil/default.nix @@ -5,8 +5,6 @@ ./hardware-configuration.nix ]; - services.gitea-runner = { - enable = true; - instanceUrl = "https://git.neet.dev"; - }; + networking.hostName = "phil"; + services.gitea-runner.enable = true; } diff --git a/machines/storage/s0/default.nix b/machines/storage/s0/default.nix index a2ac572..845ba03 100644 --- a/machines/storage/s0/default.nix +++ b/machines/storage/s0/default.nix @@ -5,7 +5,14 @@ ./hardware-configuration.nix ]; - system.autoUpgrade.enable = true; + networking.hostName = "s0"; + + # system.autoUpgrade.enable = true; + + # gitea runner and allow it to build ARM derivations + services.gitea-runner.enable = true; + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + nix.gc.automatic = lib.mkForce false; # allow the nix store to serve as a build cache services.iperf3.enable = true; services.iperf3.openFirewall = true; diff --git a/secrets/gitea-runner-registration-token.age b/secrets/gitea-runner-registration-token.age deleted file mode 100644 index bf56a8416723941961527b4fc26ecccaa3e734f0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 536 zcmZ9_yNlCs003a;;Nl=oVtgQSM@*WwX-eTBP0}RIrA_)vAL$9&CTY^NO`1oWCZZq+ zf=b4Q-XFc>(5AI9H+TLtXIllMV|J z71U8Msxj3FKCEJ#fP#jiWn^+nEda$fXa%4}%I*;b{r}C76wR~XM2Ye^8P|p_o~Lsi z49%n!CuZ{5PTXKLqfHvXWhc`@(-oi!D@75`tOpn%Rt=PA2I{mfi2YD)rz_e`XfPB>yFq=F*}xJ zE^SvR)*L8)jYbIwK@d1=05Ns?MVhFYL`JdN6L%aIx{JBzIhrK`Rx8Tw^?6s-Lumj0 z@b+?T<=&&Sdt2R)N5A|yeEO34^y}x{&bPNG&YV0S;8&l0FyhC~PU*<^3kNOzVAnfd zc(MKD^0m*K%jLtBSDWX4|9P|j^~Rm+r)K!AR_pNe);nx>kEfBF54Ml>y!ShP;rZ(; Fe*qvL!tDS6 diff --git a/secrets/secrets.nix b/secrets/secrets.nix index bb2c705..a0fdf7c 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -19,9 +19,6 @@ with roles; "hashed-robots-email-pw.age".publicKeys = email-server; "robots-email-pw.age".publicKeys = gitea; - # gitea - "gitea-runner-registration-token.age".publicKeys = gitea-runner; - # vpn "iodine.age".publicKeys = iodine; "pia-login.age".publicKeys = pia;