daylin/oizys
1
0
Fork 0
mirror of https://github.com/daylinmorgan/oizys.git synced 2025-01-21 22:57:32 -06:00
Code Issues Projects Releases Packages Wiki Activity

apply treefmt

Browse source
This commit is contained in:
Daylin Morgan 2025-01-13 13:09:01 -06:00
parent a4cb7872ba
commit 5f3972d784
Signed by: daylin
GPG key ID: 950D13E9719334AD
13 changed files with 64 additions and 72 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

75
.github/actions/clean-disk/action.yml vendored
View file

@ -1,11 +1,11 @@
name: 'Maximize build disk space' name: "Maximize build disk space"
description: 'Maximize the available disk space by removing unneeded software' description: "Maximize the available disk space by removing unneeded software"
inputs: inputs:
purge-packages: purge-packages:
description: whether to remove apt packages description: whether to remove apt packages
required: false required: false
default: 'false' default: "false"
runs: runs:
using: "composite" using: "composite"
@ -13,54 +13,53 @@ runs:
- name: Disk space report before modification - name: Disk space report before modification
shell: bash shell: bash
run: | run: |
echo "==> Available space before cleanup" echo "==> Available space before cleanup"
echo echo
df -h df -h
- name: Maximize build disk space - name: Maximize build disk space
shell: bash shell: bash
run: | run: |
set -xeuo pipefail set -xeuo pipefail
shopt -s globstar shopt -s globstar
non_manifest_packages() { non_manifest_packages() {
comm -2 -3 \ comm -2 -3 \
<(sudo apt-mark showmanual | sort -u) \ <(sudo apt-mark showmanual | sort -u) \
<(grep --perl-regexp --only-matching '^[\w-.+]+' "${{ github.action_path }}"/ubuntu-24.04.1-live-server-amd64.manifest | sort -u) <(grep --perl-regexp --only-matching '^[\w-.+]+' "${{ github.action_path }}"/ubuntu-24.04.1-live-server-amd64.manifest | sort -u)
} }
echo "Removing unwanted software... " echo "Removing unwanted software... "
if [[ "${{ inputs.purge-packages }}" == 'true' ]]; then if [[ "${{ inputs.purge-packages }}" == 'true' ]]; then
sudo apt-get purge \ sudo apt-get purge \
--allow-remove-essential \ --allow-remove-essential \
$(non_manifest_packages) $(non_manifest_packages)
fi fi
sudo rm -rf \ sudo rm -rf \
/var/lib/docker/ \ /var/lib/docker/ \
"$AGENT_TOOLSDIRECTORY" \ "$AGENT_TOOLSDIRECTORY" \
/opt & /opt &
sudo find /usr/{share,local} \ sudo find /usr/{share,local} \
-mindepth 1 -maxdepth 1 \ -mindepth 1 -maxdepth 1 \
-type d \ -type d \
-not -wholename '/usr/share/git-core' \ -not -wholename '/usr/share/git-core' \
-exec rm -rf {} + & -exec rm -rf {} + &
{ {
sudo swapoff -a sudo swapoff -a
sudo rm -f /mnt/swapfile sudo rm -f /mnt/swapfile
} & } &
wait
echo "... done"
wait
echo "... done"
- name: Disk space report after modification - name: Disk space report after modification
shell: bash shell: bash
run: | run: |
echo "==> Available space after cleanup" echo "==> Available space after cleanup"
echo echo
df -h df -h

1
.github/dependabot.yml vendored
View file

@ -2,7 +2,6 @@
version: 2 version: 2
updates: updates:
- package-ecosystem: "github-actions" - package-ecosystem: "github-actions"
directory: "/" directory: "/"
schedule: schedule:

10
.github/workflows/build.yml vendored
View file

@ -4,19 +4,19 @@ on:
workflow_dispatch: workflow_dispatch:
inputs: inputs:
hosts: hosts:
description: 'list of hosts to build' description: "list of hosts to build"
required: true required: true
default: 'othalan,algiz' default: "othalan,algiz"
type: string type: string
lockFile: lockFile:
description: 'flake.lock file' description: "flake.lock file"
type: string type: string
workflow_call: workflow_call:
inputs: inputs:
hosts: hosts:
description: 'list of hosts to build' description: "list of hosts to build"
default: ',othalan,algiz' default: ",othalan,algiz"
type: string type: string
concurrency: concurrency:

3
.github/workflows/checks.yml vendored
View file

@ -5,7 +5,7 @@ on:
workflow_dispatch: workflow_dispatch:
inputs: inputs:
lockFile: lockFile:
description: 'flake.lock file' description: "flake.lock file"
type: string type: string
jobs: jobs:
@ -23,7 +23,6 @@ jobs:
extra-conf: | extra-conf: |
accept-flake-config = true accept-flake-config = true
- uses: DeterminateSystems/magic-nix-cache-action@v8 - uses: DeterminateSystems/magic-nix-cache-action@v8
- uses: cachix/cachix-action@v15 - uses: cachix/cachix-action@v15
with: with:
name: daylin name: daylin

2
.github/workflows/push.yml vendored
View file

@ -6,7 +6,7 @@ on:
# - '**/*.md' # - '**/*.md'
pull_request: pull_request:
paths-ignore: paths-ignore:
- '**/*.md' - "**/*.md"
branches: branches:
- main - main

9
.github/workflows/update.yml vendored
View file

@ -4,11 +4,11 @@ on:
workflow_dispatch: workflow_dispatch:
inputs: inputs:
hosts: hosts:
description: 'list of hosts to build' description: "list of hosts to build"
required: true required: true
default: 'othalan,algiz' default: "othalan,algiz"
type: string type: string
# schedule: # schedule:
# # At minute 00:00 on Monday, Wednesday, and Friday. # # At minute 00:00 on Monday, Wednesday, and Friday.
# - cron: 0 0 * * 1,3,5 # - cron: 0 0 * * 1,3,5
@ -65,7 +65,6 @@ jobs:
with: with:
push-args: --set-upstream --force origin flake-lock push-args: --set-upstream --force origin flake-lock
build-full: build-full:
needs: build-minimal needs: build-minimal
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -110,4 +109,4 @@ jobs:
- uses: actions/upload-artifact@v4 - uses: actions/upload-artifact@v4
with: with:
name: summary name: summary
path: '*-summary.md' path: "*-summary.md"

12
.sops.yaml
View file

@ -9,11 +9,11 @@ keys:
creation_rules: creation_rules:
- path_regex: hosts/othalan/[^/]+\.(yaml|json|env|ini)$ - path_regex: hosts/othalan/[^/]+\.(yaml|json|env|ini)$
key_groups: key_groups:
- age: - age:
- *admin_daylin - *admin_daylin
- *host_othalan - *host_othalan
- path_regex: hosts/algiz/[^/]+\.(yaml|json|env|ini)$ - path_regex: hosts/algiz/[^/]+\.(yaml|json|env|ini)$
key_groups: key_groups:
- age: - age:
- *host_algiz - *host_algiz
- *admin_daylin - *admin_daylin

17
README.md
View file

@ -44,7 +44,6 @@ See below for the currently maintained hosts.
</tr> </tr>
</table> </table>
## oizys cli ## oizys cli
A small helper utility that mostly just wraps `nix` commands for convenience. A small helper utility that mostly just wraps `nix` commands for convenience.
@ -58,14 +57,14 @@ usage:
oizys subcmd [flags] oizys subcmd [flags]
subcommands: subcommands:
build nix build build nix build
cache build and push store paths cache build and push store paths
ci builtin ci ci builtin ci
gha trigger GHA gha trigger GHA
dry dry run build dry dry run build
os nixos-rebuild subcmd os nixos-rebuild subcmd
output nixos config attr output nixos config attr
update update and run nixos-rebuild update update and run nixos-rebuild
flags: flags:
--flake path/to/flake --flake path/to/flake
@ -83,5 +82,3 @@ Oizys was birthed by the goddess Nyx/Nix and embodies suffering and misery. Whic
> [!NOTE] > [!NOTE]
> I don't use home-manager to manager my shell/user configs. You can find those in my separate `chezmoi`-managed [`dotfiles`](https://git.dayl.in/daylin/dotfiles) repository. > I don't use home-manager to manager my shell/user configs. You can find those in my separate `chezmoi`-managed [`dotfiles`](https://git.dayl.in/daylin/dotfiles) repository.

3
hosts/algiz/README.md
View file

@ -30,9 +30,11 @@ ln -s /run/current-system/sw/bin/gitea /usr/local/bin/gitea
## Setting up Attic ## Setting up Attic
Generated a key using command provided in attic docs: Generated a key using command provided in attic docs:
```sh ```sh
nix run nixpkgs#openssl -- genrsa -traditional 4096 | base64 -w0 nix run nixpkgs#openssl -- genrsa -traditional 4096 | base64 -w0
``` ```
And wrote `ATTIC_SERVER_TOKEN_RS256_SECRET_BASE64="output from above"` to `/etc/attic.env` And wrote `ATTIC_SERVER_TOKEN_RS256_SECRET_BASE64="output from above"` to `/etc/attic.env`
I generated a token to configure the caches using the following command: I generated a token to configure the caches using the following command:
@ -43,4 +45,3 @@ atticd-atticadm make-token --sub daylin --push "*" --pull "*" --validity '1y' --
If I handled secrets via `sops` or `agenix` I think this could be stored directly in the repo. If I handled secrets via `sops` or `agenix` I think this could be stored directly in the repo.
I also had to modify the firewall so that docker would forward along the requests by caddy to `host.docker.internal` correctly. I also had to modify the firewall so that docker would forward along the requests by caddy to `host.docker.internal` correctly.

1
hosts/mannaz/README.md
View file

@ -2,4 +2,3 @@
<img src="https://upload.wikimedia.org/wikipedia/commons/5/57/Runic_letter_mannaz.svg"> <img src="https://upload.wikimedia.org/wikipedia/commons/5/57/Runic_letter_mannaz.svg">
<h1>mannaz</h1> <h1>mannaz</h1>
</div> </div>

1
hosts/othalan/README.md
View file

@ -2,4 +2,3 @@
<img src="https://upload.wikimedia.org/wikipedia/commons/7/70/Runic_letter_othalan.svg"> <img src="https://upload.wikimedia.org/wikipedia/commons/7/70/Runic_letter_othalan.svg">
<h1>othalan</h1> <h1>othalan</h1>
</div> </div>

1
overlays/default.nix
View file

@ -2,6 +2,7 @@
(loadOverlays inputs ./.) (loadOverlays inputs ./.)
++ [ ++ [
inputs.nim2nix.overlays.default # adds buildNimPackage inputs.nim2nix.overlays.default # adds buildNimPackage
(final: prev: { (final: prev: {
stable = import inputs.stable { stable = import inputs.stable {
system = final.system; system = final.system;

1
todo.md
View file

@ -27,4 +27,3 @@ Is this related to above and could maybe resolved by settling on a stable versio
> kernel: ucsi_acpi USBC000:00: error -EINVAL: PPM init failed > kernel: ucsi_acpi USBC000:00: error -EINVAL: PPM init failed
<!-- generated with <3 by daylinmorgan/todo --> <!-- generated with <3 by daylinmorgan/todo -->