set branch for deplot to master

add real nix cache
add gitea jobs and runner configuration
2025-11-12 16:36:48 +01:00 · 2025-11-12 16:35:07 +01:00 · 2025-11-12 12:25:22 +01:00
10 changed files with 160 additions and 229 deletions
--- a/.gitea/workflows/analysis.yaml
+++ b/.gitea/workflows/analysis.yaml
@@ -0,0 +1,15 @@
 on: [push]
 jobs:
  analysis:
    permissions:
      contents: read
      id-token: write
    name: perform flake analysis
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v4
      - uses: DeterminateSystems/nix-installer-action@main
      - uses: DeterminateSystems/magic-nix-cache-action@main
      - name: Check Nix flake inputs
        uses: http://github.com/DeterminateSystems/flake-checker-action@main
--- a/.gitea/workflows/analysis.yml
+++ b/.gitea/workflows/analysis.yml
@@ -1,14 +0,0 @@
 on: [push]
 jobs:
  build:
    name: Build Nix targets
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v4
      - uses: http://github.com/cachix/install-nix-action@v18
      - uses: http://github.com/cachix/cachix-action@v12
        with:
          name: statix
      - name: Check Nix flake inputs
        uses: http://github.com/DeterminateSystems/flake-checker-action@main
--- a/.gitea/workflows/deploy.yaml
+++ b/.gitea/workflows/deploy.yaml
@@ -0,0 +1,42 @@
 on:
  push:
    branches:
      - master
 jobs:
  deploy:
    permissions:
      contents: read
      id-token: write
    name: build hive configuration
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v4
      - uses: DeterminateSystems/nix-installer-action@main
      - name: Restore and save Nix store
        uses: nix-community/cache-nix-action@v6
        with:
          # restore and save a cache using this key
          primary-key: nix-${{ runner.os }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
          # if there's no cache hit, restore a cache by this prefix
          restore-prefixes-first-match: nix-${{ runner.os }}-
          # collect garbage until the Nix store size (in bytes) is at most this number
          # before trying to save a new cache
          # 1G = 1073741824
          gc-max-store-size-linux: 1G
          # do purge caches
          purge: true
          # purge all versions of the cache
          purge-prefixes: nix-${{ runner.os }}-
          # created more than this number of seconds ago
          purge-created: 60000
          purge-primary-key: never
      - name: Install SSH key
        uses: shimataro/ssh-key-action@v2
        with:
          key: ${{ secrets.SSH_KEY }}
          known_hosts: ${{ secrets.KNOWN_HOSTS }}
      - uses: http://github.com/cachix/cachix-action@v16
        with:
          name: colmena
      - run: nix run .#colmena apply
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -1,17 +0,0 @@
 on:
  push:
    branches:
      - master
      - test-deploy
 jobs:
  build:
    name: build hive configuration
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v5
      - uses: cachix/install-nix-action@v31
        with:
          install_url: https://releases.nixos.org/nix/nix-2.20.0/install
      - uses: https://github.com/nicknovitski/nix-develop@v1
      - run: colmena apply
--- a/flake.lock
+++ b/flake.lock
@@ -340,36 +340,6 @@
      }
    },
    "nixpkgs_7": {
      "locked": {
        "lastModified": 1744440957,
        "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-24.11",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_8": {
      "locked": {
        "lastModified": 1744463964,
        "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=",
        "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650",
        "revCount": 782401,
        "type": "tarball",
        "url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.1.782401%2Brev-2631b0b7abcea6e640ce31cd78ea58910d31e650/01962c8a-63c4-7abd-a3df-63a17b548cc7/source.tar.gz"
      },
      "original": {
        "type": "tarball",
        "url": "https://flakehub.com/f/NixOS/nixpkgs/0.1.%2A.tar.gz"
      }
    },
    "nixpkgs_9": {
      "locked": {
        "lastModified": 1736549401,
        "narHash": "sha256-ibkQrMHxF/7TqAYcQE+tOnIsSEzXmMegzyBWza6uHKM=",
@@ -385,56 +355,6 @@
        "type": "github"
      }
    },
    "pyproject-build-systems": {
      "inputs": {
        "nixpkgs": [
          "striped-back",
          "nixpkgs"
        ],
        "pyproject-nix": [
          "striped-back",
          "pyproject-nix"
        ],
        "uv2nix": [
          "striped-back",
          "uv2nix"
        ]
      },
      "locked": {
        "lastModified": 1744599653,
        "narHash": "sha256-nysSwVVjG4hKoOjhjvE6U5lIKA8sEr1d1QzEfZsannU=",
        "owner": "pyproject-nix",
        "repo": "build-system-pkgs",
        "rev": "7dba6dbc73120e15b558754c26024f6c93015dd7",
        "type": "github"
      },
      "original": {
        "owner": "pyproject-nix",
        "repo": "build-system-pkgs",
        "type": "github"
      }
    },
    "pyproject-nix": {
      "inputs": {
        "nixpkgs": [
          "striped-back",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1743438845,
        "narHash": "sha256-1GSaoubGtvsLRwoYwHjeKYq40tLwvuFFVhGrG8J9Oek=",
        "owner": "pyproject-nix",
        "repo": "pyproject.nix",
        "rev": "8063ec98edc459571d042a640b1c5e334ecfca1e",
        "type": "github"
      },
      "original": {
        "owner": "pyproject-nix",
        "repo": "pyproject.nix",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "agenix": "agenix",
@@ -444,8 +364,6 @@
        "nix-minecraft": "nix-minecraft",
        "nixpkgs": "nixpkgs_5",
        "shoblog-front": "shoblog-front",
        "striped-back": "striped-back",
        "striped-front": "striped-front",
        "testing-grounds": "testing-grounds",
        "unstable": "unstable"
      }
@@ -484,45 +402,6 @@
        "type": "github"
      }
    },
    "striped-back": {
      "inputs": {
        "nixpkgs": "nixpkgs_7",
        "pyproject-build-systems": "pyproject-build-systems",
        "pyproject-nix": "pyproject-nix",
        "uv2nix": "uv2nix"
      },
      "locked": {
        "lastModified": 1748719386,
        "narHash": "sha256-nyXHemXPEKnqIVIYIorSbt64zRwMvijyGQGCW3zUUkc=",
        "ref": "refs/heads/master",
        "rev": "bdfd6f1f4aac6a00ae4509f14b3a63c84d169edf",
        "revCount": 8,
        "type": "git",
        "url": "ssh://git@gitlab.com/striped1/striped-back"
      },
      "original": {
        "type": "git",
        "url": "ssh://git@gitlab.com/striped1/striped-back"
      }
    },
    "striped-front": {
      "inputs": {
        "nixpkgs": "nixpkgs_8"
      },
      "locked": {
        "lastModified": 1748718798,
        "narHash": "sha256-KUxbrUjRfuKjkJZLzKr11WEXLfPs38YrW/CMG6XbnbY=",
        "ref": "refs/heads/master",
        "rev": "a553f10147dad9e41829f67b247817a079f6f671",
        "revCount": 11,
        "type": "git",
        "url": "ssh://git@gitlab.com/striped1/striped-front"
      },
      "original": {
        "type": "git",
        "url": "ssh://git@gitlab.com/striped1/striped-front"
      }
    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
@@ -555,7 +434,7 @@
    },
    "testing-grounds": {
      "inputs": {
-        "nixpkgs": "nixpkgs_9"
+        "nixpkgs": "nixpkgs_7"
      },
      "locked": {
        "lastModified": 1755527993,
@@ -586,31 +465,6 @@
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "uv2nix": {
      "inputs": {
        "nixpkgs": [
          "striped-back",
          "nixpkgs"
        ],
        "pyproject-nix": [
          "striped-back",
          "pyproject-nix"
        ]
      },
      "locked": {
        "lastModified": 1744797880,
        "narHash": "sha256-gt9JBkYjZAEvGwCG7RMAAAr0j2RsaRmOMj/vV0briXk=",
        "owner": "pyproject-nix",
        "repo": "uv2nix",
        "rev": "3583e037163491ecd833f1d5d3eedf3869543c5d",
        "type": "github"
      },
      "original": {
        "owner": "pyproject-nix",
        "repo": "uv2nix",
        "type": "github"
      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@@ -18,8 +18,8 @@
    nix-minecraft.url = "github:Infinidoge/nix-minecraft";
    testing-grounds.url = "gitlab:shobu13/testing-grounds";
    shoblog-front.url = "gitlab:shobu13/shoblog";
-    striped-front.url = "git+ssh://git@gitlab.com/striped1/striped-front";
+    # striped-front.url = "git+ssh://git@gitlab.com/striped1/striped-front";
-    striped-back.url = "git+ssh://git@gitlab.com/striped1/striped-back";
+    # striped-back.url = "git+ssh://git@gitlab.com/striped1/striped-back";
    copyparty.url = "github:9001/copyparty";
@@ -38,8 +38,8 @@
    disko,
    shoblog-front,
-    striped-front,
+    # striped-front,
-    striped-back,
+    # striped-back,
    nix-minecraft,
    testing-grounds,
    copyparty,
@@ -109,5 +109,9 @@
          '';
        };
      });
      packages = forEachSupportedSystem ({pkgs}: {
        inherit (colmena.packages."${pkgs.system}") colmena;
      });
    };
 }
--- a/hosts/sin/homepage.nix
+++ b/hosts/sin/homepage.nix
@@ -1,12 +1,12 @@
-
+{ inputs, pkgs, ... }:
-{inputs, pkgs, ...}: {
+{
  services.homepage-dashboard = {
    enable = true;
    openFirewall = true;
    allowedHosts = "dashboard.shobu.fr";
    settings = {
      title = "Shobu's homelab dashboard";
-      description = "a dashboard of free and wesome bullshit";
+      description = "a dashboard of free and awesome bullshit";
      startUrl = "https://dashboard.shobu.fr";
      base = "https://dashboard.shobu.fr";
      headerStyle = "boxed";
@@ -44,7 +44,7 @@
    widgets = [
      {
        greeting = {
-          text = "Welcome on my services and links dashboard, make yourself home.";
+          text = "Welcome on my services and links dashboard, make yourself home. :3";
        };
      }
      {
--- a/hosts/thea/nginx.nix
+++ b/hosts/thea/nginx.nix
@@ -1,6 +1,6 @@
 {inputs, ...}:
 let
-  striped-front = inputs.striped-front;
+  # striped-front = inputs.striped-front;
  sin-address = "192.168.1.14";
 in {
@@ -77,12 +77,12 @@ in {
            '';
          };
        };
-        "striped.shobu.fr" = {
+        # "striped.shobu.fr" = {
-          enableACME = true;
+        #   enableACME = true;
-          forceSSL = true;
+        #   forceSSL = true;
-          root = "${striped-front.packages.x86_64-linux.default}/dist";
+        #   root = "${striped-front.packages.x86_64-linux.default}/dist";
-        };
+        # };
        "dashboard.shobu.fr" = {
          enableACME = true;
          forceSSL = true;
--- a/modules/gitea/thea/default.nix
+++ b/modules/gitea/thea/default.nix
@@ -1,12 +1,56 @@
-{nodes, ...}:let
+{
  nodes,
  inputs,
  pkgs,
  ...
 }:
 let
  sin-address = "192.168.1.14";
-in{
+  unstable = import inputs.unstable { system = pkgs.system; };
 in
 {
  imports = [
    ./virtualisation.nix
  ];
-  networking.nat.forwardPorts = [{
+  networking.nat.forwardPorts = [
    {
      sourcePort = nodes.sin.config.services.gitea.settings.server.SSH_PORT;
      proto = "tcp";
      destination = "${sin-address}:22";
-  }];
+    }
  ];
  services.gitea-actions-runner.package = unstable.gitea-actions-runner;
  # services.gitea-actions-runner.instances = {
  #   "gitea.shobu.fr-runner" = {
  #     enable = true;
  #     name = "gitea.shobu.fr-runner";
  #     url = nodes.sin.config.services.gitea.settings.server.ROOT_URL;
  #     token = "uEDPBW6Z9oItAKRtloVwis0LkPbD4OmV2w5esOhW";
  #     labels = [
  #       "ubuntu-22.04:docker://docker.gitea.com/runner-images:ubuntu-22.04"
  #     ];
  #     settings = {
  #       cache = {
  #         # Enable cache server to use actions/cache.
  #         enabled = true;
  #         # The directory to store the cache data.
  #         # If it's empty, the cache data will be stored in $HOME/.cache/actcache.
  #         dir = "";
  #         # The host of the cache server.
  #         # It's not for the address to listen, but the address to connect from job containers.
  #         # So 0.0.0.0 is a bad choice, leave it empty to detect automatically.
  #         host = "";
  #         # The port of the cache server.
  #         # 0 means to use a random available port.
  #         port = 0;
  #         # The external cache server URL. Valid only when enable is true.
  #         # If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself.
  #         # The URL should generally end with "/".
  #         external_server = "";
  #       };
  #     };
  #   };
  # };
 }
--- a/modules/gitea/thea/virtualisation.nix
+++ b/modules/gitea/thea/virtualisation.nix
@@ -1,4 +1,5 @@
-{nodes, pkgs, ...}: {
+{ nodes, pkgs, ... }:
 {
  systemd.sockets.podman.socketConfig.Symlinks = [
    "/run/docker.sock"
  ];
@@ -15,7 +16,8 @@
    };
  };
-  virtualisation.oci-containers.containers = let
+  virtualisation.oci-containers.containers =
    let
      runner_config = pkgs.writeTextFile {
        name = "config.yml";
        text = ''
@@ -23,7 +25,8 @@
            network: "host"
        '';
      };
-  in {
+    in
    {
      gitea-runner = {
        image = "gitea/act_runner@sha256:8477d5b61b655caad4449888bae39f1f34bebd27db56cb15a62dccb3dcf3a944";
        autoStart = true;
Author	SHA1	Message	Date
Awen Lelu	1128f9a0dc	set branch for deplot to master All checks were successful / perform flake analysis (push) Successful in 33s Details	2025-11-12 16:36:48 +01:00
Awen Lelu	a0eb21abf3	add real nix cache All checks were successful / perform flake analysis (push) Successful in 32s Details / build hive configuration (push) Successful in 8m1s Details	2025-11-12 16:35:07 +01:00
shobu	65a47967da	add gitea jobs and runner configuration All checks were successful / perform flake analysis (push) Successful in 32s Details / build hive configuration (push) Successful in 8m44s Details build and deploy colmena hive using gitea actions	2025-11-12 12:25:22 +01:00