mirror of
https://github.com/daylinmorgan/oizys.git
synced 2024-12-22 22:30:44 -06:00
Compare commits
6 commits
bee3c4b2fb
...
ac8e42d5cf
Author | SHA1 | Date | |
---|---|---|---|
ac8e42d5cf | |||
dbd75eaef0 | |||
56de313d42 | |||
a112d3b2f2 | |||
6a42bc97aa | |||
718b2d6f75 |
10 changed files with 174 additions and 82 deletions
16
.github/workflows/update.yml
vendored
16
.github/workflows/update.yml
vendored
|
@ -32,10 +32,16 @@ jobs:
|
||||||
experimental-features = pipe-operator
|
experimental-features = pipe-operator
|
||||||
accept-flake-config = true
|
accept-flake-config = true
|
||||||
|
|
||||||
- uses: cachix/cachix-action@v15
|
|
||||||
with:
|
- name: Install and login to attic cache
|
||||||
name: daylin
|
run: |
|
||||||
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
|
nix profile install "nixpkgs#attic-client"
|
||||||
|
attic login oizys https://attic.dayl.in "${{ secrets.ATTIC_TOKEN }}"
|
||||||
|
|
||||||
|
# - uses: cachix/cachix-action@v15
|
||||||
|
# with:
|
||||||
|
# name: daylin
|
||||||
|
# authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
|
||||||
|
|
||||||
- name: Update nix flake
|
- name: Update nix flake
|
||||||
run: |
|
run: |
|
||||||
|
@ -51,7 +57,7 @@ jobs:
|
||||||
run: >
|
run: >
|
||||||
nix run .
|
nix run .
|
||||||
--
|
--
|
||||||
build --minimal
|
cache
|
||||||
--host "othalan"
|
--host "othalan"
|
||||||
--flake .
|
--flake .
|
||||||
--debug
|
--debug
|
||||||
|
|
80
flake.lock
80
flake.lock
|
@ -363,11 +363,11 @@
|
||||||
"xdph": "xdph"
|
"xdph": "xdph"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729852008,
|
"lastModified": 1730143527,
|
||||||
"narHash": "sha256-Rw5fexgBeZ96EPs557mDW3pyTzFm3tVGHWPgPlPSQk8=",
|
"narHash": "sha256-3uRuQHxAd/+8PptDpIZZlC588O0eTV1mTa+z8v4cWPU=",
|
||||||
"ref": "refs/heads/main",
|
"ref": "refs/heads/main",
|
||||||
"rev": "f0e023bff2f2a25ffe5ed3166f55f7274d17c6bc",
|
"rev": "d679d200299ed4670f0d0f138c793d5f507b7cec",
|
||||||
"revCount": 5373,
|
"revCount": 5390,
|
||||||
"submodules": true,
|
"submodules": true,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/hyprwm/Hyprland/"
|
"url": "https://github.com/hyprwm/Hyprland/"
|
||||||
|
@ -527,11 +527,11 @@
|
||||||
"nixpkgs-lib": "nixpkgs-lib"
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729426412,
|
"lastModified": 1730031145,
|
||||||
"narHash": "sha256-VGbpECf35W4LtWLfx2+ue8zZEPwKQnadJadlT8E1Ceo=",
|
"narHash": "sha256-GZz0LGkeduajnF7zUuPu5evNyoOATcSsRZCkG1OqiwY=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "lib-aggregate",
|
"repo": "lib-aggregate",
|
||||||
"rev": "736c43de3c953104e1610183d56e90b419c6344e",
|
"rev": "7d235f23a84b54c39b1579b68b13e1ff83f5b1ad",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -543,11 +543,11 @@
|
||||||
"lix": {
|
"lix": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729696851,
|
"lastModified": 1730141569,
|
||||||
"narHash": "sha256-XME7TzBvjK6GEmZqPLK+2+Wk0qnwc7DCwYH434hMcOM=",
|
"narHash": "sha256-wuSAcXqMRuaBihrvzVNplSM+S8fdoKGj7ubibmiUGGA=",
|
||||||
"rev": "2734a9cf94debc6baef4e7d4d9fa28cc28f5b31d",
|
"rev": "9c22a4d31b18715bcca5791fcc40089d4eca35cb",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/2734a9cf94debc6baef4e7d4d9fa28cc28f5b31d.tar.gz?rev=2734a9cf94debc6baef4e7d4d9fa28cc28f5b31d"
|
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/9c22a4d31b18715bcca5791fcc40089d4eca35cb.tar.gz?rev=9c22a4d31b18715bcca5791fcc40089d4eca35cb"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
|
@ -723,11 +723,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729394935,
|
"lastModified": 1729999765,
|
||||||
"narHash": "sha256-2ntUG+NJKdfhlrh/tF+jOU0fOesO7lm5ZZVSYitsvH8=",
|
"narHash": "sha256-LYsavZXitFjjyETZoij8usXjTa7fa9AIF3Sk3MJSX+Y=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nix-index-database",
|
"repo": "nix-index-database",
|
||||||
"rev": "04f8a11f247ba00263b060fbcdc95484fd046104",
|
"rev": "0e3a8778c2ee218eff8de6aacf3d2fa6c33b2d4f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -768,11 +768,11 @@
|
||||||
"nixpkgs": "nixpkgs_3"
|
"nixpkgs": "nixpkgs_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729717678,
|
"lastModified": 1730120924,
|
||||||
"narHash": "sha256-XEfYT1D+4KT9c0mMwsmZdWS2JgKsboAZbnuJvrjBQKg=",
|
"narHash": "sha256-I6hwd+YlgefioLfmsM04MxzbEAES1N328/T+VqhcWnQ=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "NixOS-WSL",
|
"repo": "NixOS-WSL",
|
||||||
"rev": "5a965cb108fb1f30b29a26dbc29b473f49e80b41",
|
"rev": "b124084667fb4c912fda68fdd9d05f59e18b6ef7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -799,11 +799,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-lib": {
|
"nixpkgs-lib": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729386149,
|
"lastModified": 1729990941,
|
||||||
"narHash": "sha256-hUP9oxmnOmNnKcDOf5Y55HQ+NnoT0+bLWHLQWLLw9Ks=",
|
"narHash": "sha256-hUP9oxmnOmNnKcDOf5Y55HQ+NnoT0+bLWHLQWLLw9Ks=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs.lib",
|
"repo": "nixpkgs.lib",
|
||||||
"rev": "cce4521b6df014e79a7b7afc58c703ed683c916e",
|
"rev": "7d68864343650322045894951602d6e82b5296d7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -836,11 +836,11 @@
|
||||||
"nixpkgs": "nixpkgs_6"
|
"nixpkgs": "nixpkgs_6"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729859837,
|
"lastModified": 1730229503,
|
||||||
"narHash": "sha256-5M9NVVEjwTITwcNhoJkszeBAfsQjseQWsBSWv/rRk0I=",
|
"narHash": "sha256-SYFUfTXsDeIK3q7fy6SrZ1v+lVQrEmZaKc1fpp4wuBQ=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs-wayland",
|
"repo": "nixpkgs-wayland",
|
||||||
"rev": "833950fe76340407ce9d9fc409994b11476cd22e",
|
"rev": "d3bb51e62dd4a31c7cfea0f1ad511e53774a79fe",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -867,11 +867,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_3": {
|
"nixpkgs_3": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729181673,
|
"lastModified": 1729973466,
|
||||||
"narHash": "sha256-LDiPhQ3l+fBjRATNtnuDZsBS7hqoBtPkKBkhpoBHv3I=",
|
"narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "4eb33fe664af7b41a4c446f87d20c9a0a6321fa3",
|
"rev": "cd3e8833d70618c4eea8df06f95b364b016d4950",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -883,11 +883,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_4": {
|
"nixpkgs_4": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729665710,
|
"lastModified": 1729880355,
|
||||||
"narHash": "sha256-AlcmCXJZPIlO5dmFzV3V2XF6x/OpNWUV8Y/FMPGd8Z4=",
|
"narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "2768c7d042a37de65bb1b5b3268fc987e534c49d",
|
"rev": "18536bf04cd71abd345f9579158841376fdd0c5a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -915,11 +915,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_6": {
|
"nixpkgs_6": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729665710,
|
"lastModified": 1729880355,
|
||||||
"narHash": "sha256-AlcmCXJZPIlO5dmFzV3V2XF6x/OpNWUV8Y/FMPGd8Z4=",
|
"narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "2768c7d042a37de65bb1b5b3268fc987e534c49d",
|
"rev": "18536bf04cd71abd345f9579158841376fdd0c5a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -1016,11 +1016,11 @@
|
||||||
"rust-overlay": "rust-overlay"
|
"rust-overlay": "rust-overlay"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729862397,
|
"lastModified": 1730065613,
|
||||||
"narHash": "sha256-nPE8y708tD4iwrQQ7wQZNCXa01/Xx0CzJhI8DBZwJz8=",
|
"narHash": "sha256-wxRJMOpqGakdR9yfCp16LcQ/3hnVxnjc47guibPQGMg=",
|
||||||
"owner": "roc-lang",
|
"owner": "roc-lang",
|
||||||
"repo": "roc",
|
"repo": "roc",
|
||||||
"rev": "e1183e58e55397fe07b08981937c4f626ca7db42",
|
"rev": "589ec1d453643ea437817bda1b9d79b008477d37",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -1308,11 +1308,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729858295,
|
"lastModified": 1730203910,
|
||||||
"narHash": "sha256-Ia6PEIsGiaP3d4ewuJ3QR46pd0b3qyt2/RM2yUZZtL8=",
|
"narHash": "sha256-/nI+D8KoVCOGSMJ+kwqLxu9X/8N3N5cWXfXJGxd5NXk=",
|
||||||
"owner": "mitchellh",
|
"owner": "mitchellh",
|
||||||
"repo": "zig-overlay",
|
"repo": "zig-overlay",
|
||||||
"rev": "71a0618a10c2fb8d6c60b3498bcdb5dc4573e403",
|
"rev": "686cfaa1366e0c50ce85d6e443412082f907fe3f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -1333,11 +1333,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729810516,
|
"lastModified": 1730064361,
|
||||||
"narHash": "sha256-GX3yPqeCtSnpzdKG0FUXVVoe8CBLuHaVtIVRerq2PCc=",
|
"narHash": "sha256-myb/4V8tP3n3WJQlaDrCmQkbmcMEcgX1mFu2jdfwTsk=",
|
||||||
"owner": "zigtools",
|
"owner": "zigtools",
|
||||||
"repo": "zls",
|
"repo": "zls",
|
||||||
"rev": "5acc06679321aeff5f6d2f05ebb52520f734a8b8",
|
"rev": "b2e89dfe92850cf02cbd4b73004aaaecd5cf1739",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -49,12 +49,14 @@
|
||||||
|
|
||||||
nixConfig = {
|
nixConfig = {
|
||||||
extra-substituters = [
|
extra-substituters = [
|
||||||
|
"https://attic.dayl.in/oizys"
|
||||||
"https://hyprland.cachix.org"
|
"https://hyprland.cachix.org"
|
||||||
"https://nixpkgs-wayland.cachix.org"
|
"https://nixpkgs-wayland.cachix.org"
|
||||||
"https://daylin.cachix.org"
|
"https://daylin.cachix.org"
|
||||||
# "https://cache.lix.systems"
|
# "https://cache.lix.systems"
|
||||||
];
|
];
|
||||||
extra-trusted-public-keys = [
|
extra-trusted-public-keys = [
|
||||||
|
"oizys:DSw3mwVMM/Y+PXSVpkDlU5dLwlORuiJRGPkwr5INSMc="
|
||||||
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
|
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
|
||||||
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
|
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
|
||||||
"daylin.cachix.org-1:fLdSnbhKjtOVea6H9KqXeir+PyhO+sDSPhEW66ClE/k="
|
"daylin.cachix.org-1:fLdSnbhKjtOVea6H9KqXeir+PyhO+sDSPhEW66ClE/k="
|
||||||
|
|
|
@ -27,4 +27,20 @@ To point gitea/forgejo to the shim gitea binary for SSH I symlink the current sy
|
||||||
ln -s /run/current-system/sw/bin/gitea /usr/local/bin/gitea
|
ln -s /run/current-system/sw/bin/gitea /usr/local/bin/gitea
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Setting up Attic
|
||||||
|
|
||||||
|
Generated a key using command provided in attic docs:
|
||||||
|
```sh
|
||||||
|
nix run nixpkgs#openssl -- genrsa -traditional 4096 | base64 -w0
|
||||||
|
```
|
||||||
|
And wrote `ATTIC_SERVER_TOKEN_RS256_SECRET_BASE64="output from above"` to `/etc/attic.env`
|
||||||
|
|
||||||
|
I generated a token to configure the caches using the following command:
|
||||||
|
|
||||||
|
```
|
||||||
|
atticd-atticadm make-token --sub daylin --push "*" --pull "*" --validity '1y' --create-cache "*" --configure-cache "*" --configure-cache-retention "*" --destroy-cache "*" --delete "*"
|
||||||
|
```
|
||||||
|
|
||||||
|
If I handled secrets via `sops` or `agenix` I think this could be stored directly in the repo.
|
||||||
|
I also had to modify the firewall so that docker would forward along the requests by caddy to `host.docker.internal` correctly.
|
||||||
|
|
||||||
|
|
58
hosts/algiz/services.nix
Normal file
58
hosts/algiz/services.nix
Normal file
|
@ -0,0 +1,58 @@
|
||||||
|
{ pkgs, enabled, ... }:
|
||||||
|
let
|
||||||
|
atticPort = "5656";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
|
||||||
|
services.resolved = enabled;
|
||||||
|
|
||||||
|
services.fail2ban = enabled // {
|
||||||
|
maxretry = 5;
|
||||||
|
bantime = "24h";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.openssh = enabled // {
|
||||||
|
settings.PasswordAuthentication = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
security.polkit = enabled; # attic was looking for this...
|
||||||
|
environment.systemPackages = [ pkgs.attic-client ];
|
||||||
|
|
||||||
|
# allow docker to forward the request to the host running attic
|
||||||
|
# https://discourse.nixos.org/t/docker-container-not-resolving-to-host/30259/6
|
||||||
|
networking.firewall.extraCommands = "iptables -A INPUT -p tcp --destination-port ${atticPort} -s 172.16.0.0/12 -j ACCEPT";
|
||||||
|
services.atticd = enabled // {
|
||||||
|
|
||||||
|
# Replace with absolute path to your credentials file
|
||||||
|
environmentFile = "/etc/atticd.env";
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
listen = "[::]:${atticPort}";
|
||||||
|
|
||||||
|
jwt = { };
|
||||||
|
|
||||||
|
# Data chunking
|
||||||
|
#
|
||||||
|
# Warning: If you change any of the values here, it will be
|
||||||
|
# difficult to reuse existing chunks for newly-uploaded NARs
|
||||||
|
# since the cutpoints will be different. As a result, the
|
||||||
|
# deduplication ratio will suffer for a while after the change.
|
||||||
|
chunking = {
|
||||||
|
# The minimum NAR size to trigger chunking
|
||||||
|
#
|
||||||
|
# If 0, chunking is disabled entirely for newly-uploaded NARs.
|
||||||
|
# If 1, all NARs are chunked.
|
||||||
|
nar-size-threshold = 64 * 1024; # 64 KiB
|
||||||
|
|
||||||
|
# The preferred minimum size of a chunk, in bytes
|
||||||
|
min-size = 16 * 1024; # 16 KiB
|
||||||
|
|
||||||
|
# The preferred average size of a chunk, in bytes
|
||||||
|
avg-size = 64 * 1024; # 64 KiB
|
||||||
|
|
||||||
|
# The preferred maximum size of a chunk, in bytes
|
||||||
|
max-size = 256 * 1024; # 256 KiB
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -2,12 +2,6 @@
|
||||||
{
|
{
|
||||||
|
|
||||||
security.sudo.wheelNeedsPassword = false;
|
security.sudo.wheelNeedsPassword = false;
|
||||||
services.resolved = enabled;
|
|
||||||
|
|
||||||
services.fail2ban = enabled // {
|
|
||||||
maxretry = 5;
|
|
||||||
bantime = "24h";
|
|
||||||
};
|
|
||||||
|
|
||||||
# # added to make using `pip install` work in docker build
|
# # added to make using `pip install` work in docker build
|
||||||
# networking.nameservers = [ "8.8.8.8"];
|
# networking.nameservers = [ "8.8.8.8"];
|
||||||
|
@ -20,12 +14,6 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.openssh = enabled // {
|
|
||||||
settings.PasswordAuthentication = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
# users.mutableUsers = false;
|
|
||||||
|
|
||||||
# Use the GRUB 2 boot loader.
|
# Use the GRUB 2 boot loader.
|
||||||
boot.loader.grub = enabled // {
|
boot.loader.grub = enabled // {
|
||||||
device = "/dev/sda"; # or "nodev" for efi only
|
device = "/dev/sda"; # or "nodev" for efi only
|
||||||
|
|
|
@ -10,5 +10,6 @@
|
||||||
graphviz
|
graphviz
|
||||||
typst
|
typst
|
||||||
charm-freeze
|
charm-freeze
|
||||||
|
attic-client
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
## nix begat oizys
|
## nix begat oizys
|
||||||
import std/[os, tables, sequtils, strformat, strutils]
|
import std/[os, osproc, tables, sequtils, strformat, strutils]
|
||||||
import hwylterm, hwylterm/[cligen, logging]
|
import hwylterm, hwylterm/[cligen, logging]
|
||||||
import oizys/[context, github, nix, overlay, logging]
|
import oizys/[context, github, nix, overlay, logging]
|
||||||
|
|
||||||
|
@ -53,9 +53,9 @@ overlay:
|
||||||
## nix build
|
## nix build
|
||||||
nixBuild(minimal, rest)
|
nixBuild(minimal, rest)
|
||||||
|
|
||||||
proc cache(minimal: bool = false, name: string = "daylin") =
|
proc cache(name: string = "oizys", service: string = "attic", jobs: int = countProcessors()) =
|
||||||
## build and push to cachix
|
## build and push store paths
|
||||||
nixBuildWithCache(minimal, name, rest)
|
nixBuildWithCache(name, rest, service, jobs)
|
||||||
|
|
||||||
proc osCmd() =
|
proc osCmd() =
|
||||||
## nixos-rebuild
|
## nixos-rebuild
|
||||||
|
@ -97,7 +97,8 @@ when isMainModule:
|
||||||
"ref" : "git ref/branch/tag to trigger workflow on"
|
"ref" : "git ref/branch/tag to trigger workflow on"
|
||||||
}
|
}
|
||||||
cacheHelp = //{
|
cacheHelp = //{
|
||||||
"name" : "name of cachix binary cache"
|
"name" : "name of cachix binary cache",
|
||||||
|
"jobs" : "jobs when pushing paths"
|
||||||
} // sharedHelp
|
} // sharedHelp
|
||||||
let
|
let
|
||||||
osUsage = $bb("$command [[subcmd] $args\n$doc[bold]Options[/]:\n$options")
|
osUsage = $bb("$command [[subcmd] $args\n$doc[bold]Options[/]:\n$options")
|
||||||
|
|
|
@ -9,7 +9,7 @@ import hwylterm
|
||||||
func addArgs*(cmd: var string, args: openArray[string]) =
|
func addArgs*(cmd: var string, args: openArray[string]) =
|
||||||
cmd &= " " & args.join(" ")
|
cmd &= " " & args.join(" ")
|
||||||
|
|
||||||
func addArg*(cmd: var string, arg: string) =
|
func addArg*(cmd: var string, arg: string ) =
|
||||||
cmd &= " " & arg
|
cmd &= " " & arg
|
||||||
|
|
||||||
proc runCmd*(cmd: string): int =
|
proc runCmd*(cmd: string): int =
|
||||||
|
|
|
@ -193,6 +193,7 @@ proc writeDervationsToStepSummary(drvs: seq[string]) =
|
||||||
let output = open(summaryFilePath,fmAppend)
|
let output = open(summaryFilePath,fmAppend)
|
||||||
output.writeLine("| derivation | hash |\n|---|---|")
|
output.writeLine("| derivation | hash |\n|---|---|")
|
||||||
output.writeLine(rows.join("\n"))
|
output.writeLine(rows.join("\n"))
|
||||||
|
close output
|
||||||
|
|
||||||
proc nixBuild*(minimal: bool, rest: seq[string]) =
|
proc nixBuild*(minimal: bool, rest: seq[string]) =
|
||||||
var cmd = nixCommand("build")
|
var cmd = nixCommand("build")
|
||||||
|
@ -233,23 +234,42 @@ proc nixBuildHostDry*(minimal: bool, rest: seq[string]) =
|
||||||
let output = parseDryRunOutput err
|
let output = parseDryRunOutput err
|
||||||
display output
|
display output
|
||||||
|
|
||||||
proc nixBuildWithCache*(minimal: bool, name: string, rest:seq[string]) =
|
|
||||||
if findExe("cachix") == "": fatalQuit "is cachix installed?"
|
proc nixBuildWithCache*(name: string, rest:seq[string], service: string, jobs: int) =
|
||||||
info bbfmt"building and pushing to cache: [b]{name}"
|
## build individual derivations not cached and push to cache
|
||||||
var cmd = "cachix"
|
if findExe(service) == "": fatalQuit fmt"is {service} installed?"
|
||||||
cmd.addArgs ["watch-exec","--"]
|
info bbfmt"building and pushing to cache: [b]{name}"
|
||||||
cmd.addArg "nix build"
|
debug "determining missing cache hits"
|
||||||
if minimal:
|
let drvs = systemPathDrvsToBuild()
|
||||||
debug "populating args with derivations not built/cached"
|
if drvs.len == 0:
|
||||||
let drvs = systemPathDrvsToBuild()
|
info "nothing to build"
|
||||||
if drvs.len == 0:
|
quit "exiting...", QuitSuccess
|
||||||
info "nothing to build"
|
|
||||||
quit "exiting...", QuitSuccess
|
for drv in drvs:
|
||||||
cmd.addArgs drvs
|
var cmd = "nix build"
|
||||||
cmd.addArg "--no-link"
|
cmd.addArg drv
|
||||||
else:
|
cmd.addArgs rest
|
||||||
cmd.addArgs nixosConfigAttrs()
|
let buildErr = runCmd(cmd)
|
||||||
cmd.addArgs rest
|
if buildErr != 0:
|
||||||
let err = runCmd(cmd)
|
error "failed to build: " & drv
|
||||||
quit err
|
continue
|
||||||
|
|
||||||
|
let results = collect(
|
||||||
|
for k, p in walkDir(".", relative = true):
|
||||||
|
if k in { pcLinkToDir, pcLinkToFile} and p.startsWith("result"):
|
||||||
|
p
|
||||||
|
)
|
||||||
|
|
||||||
|
cmd = service
|
||||||
|
cmd.addArg "push"
|
||||||
|
cmd.addArg name
|
||||||
|
cmd.addArg "--jobs"
|
||||||
|
cmd.addArg $jobs
|
||||||
|
cmd.addArgs results
|
||||||
|
let pushErr = runCmd(cmd)
|
||||||
|
if pushErr != 0:
|
||||||
|
errorQuit "failed to push build to cache"
|
||||||
|
|
||||||
|
for p in results:
|
||||||
|
removeFile p
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue