Compare commits
2 commits
b72d698071
...
1580586883
Author | SHA1 | Date | |
---|---|---|---|
Aires | 1580586883 | ||
Aires | 9b4cd1d0a0 |
|
@ -1,15 +1,32 @@
|
||||||
on: [push]
|
on: [push]
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
# format:
|
# Source: https://github.com/isabelroses/dotfiles/tree/main/.github/workflows
|
||||||
|
update-lockfile:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Install Nix
|
||||||
|
uses: DeterminateSystems/nix-installer-action@main
|
||||||
|
with:
|
||||||
|
logger: pretty
|
||||||
|
|
||||||
|
# - name: Update Lockfile
|
||||||
|
# uses: DeterminateSystems/update-flake-lock@main
|
||||||
|
# id: update
|
||||||
|
# with:
|
||||||
|
# pr-title: "chore(deps): flake inputs"
|
||||||
|
# commit-msg: "chore(deps): flake inputs"
|
||||||
|
# token: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
|
# build:
|
||||||
# runs-on: nix
|
# runs-on: nix
|
||||||
# steps:
|
# steps:
|
||||||
|
# - run: nix-env -iA nixpkgs.nodejs_20
|
||||||
# - uses: actions/checkout@v4
|
# - uses: actions/checkout@v4
|
||||||
# - run: nix --experimental-features 'nix-command flakes' fmt
|
# - run: nix --experimental-features 'nix-command flakes' flake update
|
||||||
build:
|
# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Haven
|
||||||
runs-on: nix
|
# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Khanda
|
||||||
steps:
|
|
||||||
- run: nix-env -iA nixpkgs.nodejs_20
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- run: nix --experimental-features 'nix-command flakes' flake update
|
|
||||||
- run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Haven
|
|
||||||
- run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Khanda
|
|
||||||
|
|
4
.gitmodules
vendored
4
.gitmodules
vendored
|
@ -0,0 +1,4 @@
|
||||||
|
[submodule "nix-secrets"]
|
||||||
|
path = nix-secrets
|
||||||
|
url = ssh://code.8bitbuddhism.com/aires/nix-secrets.git
|
||||||
|
branch = main
|
|
@ -256,11 +256,11 @@
|
||||||
"rev": "4db84b723bb2eb21a2c58de565ed89ddb34e6166",
|
"rev": "4db84b723bb2eb21a2c58de565ed89ddb34e6166",
|
||||||
"revCount": 41,
|
"revCount": 41,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://forgejo@code.8bitbuddhism.com/aires/nix-secrets"
|
"url": "file:///home/aires/Development/nix-configuration/nix-secrets"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://forgejo@code.8bitbuddhism.com/aires/nix-secrets"
|
"url": "file:///home/aires/Development/nix-configuration/nix-secrets"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
|
|
|
@ -36,7 +36,7 @@
|
||||||
|
|
||||||
# "Secrets management"
|
# "Secrets management"
|
||||||
nix-secrets = {
|
nix-secrets = {
|
||||||
url = "git+ssh://forgejo@code.8bitbuddhism.com/aires/nix-secrets";
|
url = "git+file:///home/aires/Development/nix-configuration/nix-secrets";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -123,7 +123,7 @@ in
|
||||||
script = ''
|
script = ''
|
||||||
set -eu
|
set -eu
|
||||||
cd ${config.users.users.aires.home}/Development/nix-configuration
|
cd ${config.users.users.aires.home}/Development/nix-configuration
|
||||||
git pull
|
git pull --recurse-submodules
|
||||||
nix flake update
|
nix flake update
|
||||||
git add flake.lock
|
git add flake.lock
|
||||||
git commit -m "Update flake.lock"
|
git commit -m "Update flake.lock"
|
||||||
|
|
|
@ -26,15 +26,28 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Configure automatic updates
|
# Configure automatic updates. Replaces system.autoUpgrade.
|
||||||
system.autoUpgrade = {
|
systemd.services."nixos-update" = {
|
||||||
enable = true;
|
serviceConfig = {
|
||||||
flake = "git+https://${config.secrets.services.forgejo.url}/aires/nix-configuration";
|
Type = "oneshot";
|
||||||
dates = "daily";
|
User = "root";
|
||||||
randomizedDelaySec = "30m";
|
};
|
||||||
allowReboot = false;
|
script = ''
|
||||||
operation = "switch";
|
set -eu
|
||||||
persistent = true;
|
cd ${config.users.users.aires.home}/Development/nix-configuration
|
||||||
|
sudo -u aires git pull --recurse-submodules
|
||||||
|
nh os switch
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
systemd.timers."nixos-update-timer" = {
|
||||||
|
wants = [ "network-online.target" ];
|
||||||
|
after = [ "network-online.target" ];
|
||||||
|
wantedBy = [ "timers.target" ];
|
||||||
|
timerConfig = {
|
||||||
|
OnCalendar = "daily";
|
||||||
|
Persistent = "true";
|
||||||
|
Unit = "nixos-update.service";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
|
|
1
nix-secrets
Submodule
1
nix-secrets
Submodule
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit 4db84b723bb2eb21a2c58de565ed89ddb34e6166
|
Loading…
Reference in a new issue