ci: one commit for all last nights changes
This commit is contained in:
parent
a06d27208f
commit
9fc349abc2
3 changed files with 42 additions and 4 deletions
|
@ -1,10 +1,8 @@
|
||||||
# borrowed from https://gitlab.com/nix17/nixos-config/-/blob/main/.gitlab-ci.yml
|
# borrowed from https://gitlab.com/nix17/nixos-config/-/blob/main/.gitlab-ci.yml
|
||||||
|
|
||||||
# hopefully this image is good for my needs
|
|
||||||
image: nixpkgs/nix-flakes:nixos-22.11
|
|
||||||
|
|
||||||
stages:
|
stages:
|
||||||
- flake
|
- flake
|
||||||
|
- test
|
||||||
#- deploy
|
#- deploy
|
||||||
|
|
||||||
# Passed in from upstream
|
# Passed in from upstream
|
||||||
|
@ -41,6 +39,14 @@ update:
|
||||||
variables:
|
variables:
|
||||||
- $UPDATE_FLAKE == "yes"
|
- $UPDATE_FLAKE == "yes"
|
||||||
|
|
||||||
|
build:
|
||||||
|
# image: nixos/nix
|
||||||
|
stage: test
|
||||||
|
before_script:
|
||||||
|
- . "$HOME/.nix-profile/etc/profile.d/nix.sh"
|
||||||
|
script:
|
||||||
|
- nix --experimental-features 'nix-command flakes' run nixpkgs#colmena -- build
|
||||||
|
|
||||||
# use ctrl+/ on intellij to mass uncoment
|
# use ctrl+/ on intellij to mass uncoment
|
||||||
# set up deployment later
|
# set up deployment later
|
||||||
#deploy:
|
#deploy:
|
||||||
|
|
|
@ -3,7 +3,7 @@ let
|
||||||
cfg = config.skynet_dns;
|
cfg = config.skynet_dns;
|
||||||
|
|
||||||
# reads that date to a string (will need to be fixed in 2038)
|
# reads that date to a string (will need to be fixed in 2038)
|
||||||
current_date = toString builtins.currentTime;
|
current_date = lib.readFile "${pkgs.runCommand "timestamp" {} "echo -n `date +%s` > $out"}";
|
||||||
|
|
||||||
# gets a list of records that match this type
|
# gets a list of records that match this type
|
||||||
filter_records_type = r_type: builtins.filter (x: x.r_type == r_type) records;
|
filter_records_type = r_type: builtins.filter (x: x.r_type == r_type) records;
|
||||||
|
|
|
@ -49,6 +49,8 @@
|
||||||
|
|
||||||
age.secrets."${cfg.runner.name}".file = ../secrets/gitlab/runners/${cfg.runner.name}.age;
|
age.secrets."${cfg.runner.name}".file = ../secrets/gitlab/runners/${cfg.runner.name}.age;
|
||||||
|
|
||||||
|
boot.kernel.sysctl."net.ipv4.ip_forward" = true; # 1
|
||||||
|
|
||||||
services.gitlab-runner = {
|
services.gitlab-runner = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
|
@ -64,6 +66,36 @@
|
||||||
description = cfg.runner.description;
|
description = cfg.runner.description;
|
||||||
registrationConfigFile = config.age.secrets."${cfg.runner.name}".path;
|
registrationConfigFile = config.age.secrets."${cfg.runner.name}".path;
|
||||||
dockerImage = cfg.runner.docker.image;
|
dockerImage = cfg.runner.docker.image;
|
||||||
|
|
||||||
|
# from https://nixos.wiki/wiki/Gitlab_runner
|
||||||
|
dockerVolumes = [
|
||||||
|
"/nix/store:/nix/store:ro"
|
||||||
|
"/nix/var/nix/db:/nix/var/nix/db:ro"
|
||||||
|
"/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
|
||||||
|
];
|
||||||
|
dockerDisableCache = true;
|
||||||
|
preBuildScript = pkgs.writeScript "setup-container" ''
|
||||||
|
mkdir -p -m 0755 /nix/var/log/nix/drvs
|
||||||
|
mkdir -p -m 0755 /nix/var/nix/gcroots
|
||||||
|
mkdir -p -m 0755 /nix/var/nix/profiles
|
||||||
|
mkdir -p -m 0755 /nix/var/nix/temproots
|
||||||
|
mkdir -p -m 0755 /nix/var/nix/userpool
|
||||||
|
mkdir -p -m 1777 /nix/var/nix/gcroots/per-user
|
||||||
|
mkdir -p -m 1777 /nix/var/nix/profiles/per-user
|
||||||
|
mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root
|
||||||
|
mkdir -p -m 0700 "$HOME/.nix-defexpr"
|
||||||
|
. ${pkgs.nix}/etc/profile.d/nix-daemon.sh
|
||||||
|
${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixos-23.05 nixpkgs # 3
|
||||||
|
${pkgs.nix}/bin/nix-channel --update nixpkgs
|
||||||
|
${pkgs.nix}/bin/nix-env -i ${concatStringsSep " " (with pkgs; [ nix cacert git openssh ])}
|
||||||
|
'';
|
||||||
|
environmentVariables = {
|
||||||
|
ENV = "/etc/profile";
|
||||||
|
USER = "root";
|
||||||
|
NIX_REMOTE = "daemon";
|
||||||
|
PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin";
|
||||||
|
NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue