ci: one commit for all last nights changes

.gitlab-ci.yml

@@ -1,10 +1,8 @@
 # borrowed from https://gitlab.com/nix17/nixos-config/-/blob/main/.gitlab-ci.yml
 
-# hopefully this image is good for my needs
-image: nixpkgs/nix-flakes:nixos-22.11
-
 stages:
   - flake
+  - test
   #- deploy
 
 # Passed in from upstream
@@ -41,6 +39,14 @@ update:
     variables:
       - $UPDATE_FLAKE == "yes"
 
+build:
+ # image: nixos/nix
+  stage: test
+  before_script:
+    - . "$HOME/.nix-profile/etc/profile.d/nix.sh"
+  script:
+    - nix --experimental-features 'nix-command flakes' run nixpkgs#colmena -- build
+
 # use ctrl+/ on intellij to mass uncoment
 # set up deployment later
 #deploy:

applications/dns.nix

@@ -3,7 +3,7 @@ let
   cfg = config.skynet_dns;
 
   # reads that date to a string (will need to be fixed in 2038)
-  current_date = toString builtins.currentTime;
+  current_date = lib.readFile "${pkgs.runCommand "timestamp" {} "echo -n `date +%s` > $out"}";
 
   # gets a list of records that match this type
   filter_records_type   = r_type: builtins.filter (x: x.r_type == r_type) records;

applications/gitlab_runner.nix

@@ -49,6 +49,8 @@
 
     age.secrets."${cfg.runner.name}".file = ../secrets/gitlab/runners/${cfg.runner.name}.age;
 
+    boot.kernel.sysctl."net.ipv4.ip_forward" = true; # 1
+
     services.gitlab-runner = {
       enable = true;
 
@@ -64,6 +66,36 @@
           description = cfg.runner.description;
           registrationConfigFile = config.age.secrets."${cfg.runner.name}".path;
           dockerImage = cfg.runner.docker.image;
+
+          # from https://nixos.wiki/wiki/Gitlab_runner
+          dockerVolumes = [
+            "/nix/store:/nix/store:ro"
+            "/nix/var/nix/db:/nix/var/nix/db:ro"
+            "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
+          ];
+          dockerDisableCache = true;
+          preBuildScript = pkgs.writeScript "setup-container" ''
+            mkdir -p -m 0755 /nix/var/log/nix/drvs
+            mkdir -p -m 0755 /nix/var/nix/gcroots
+            mkdir -p -m 0755 /nix/var/nix/profiles
+            mkdir -p -m 0755 /nix/var/nix/temproots
+            mkdir -p -m 0755 /nix/var/nix/userpool
+            mkdir -p -m 1777 /nix/var/nix/gcroots/per-user
+            mkdir -p -m 1777 /nix/var/nix/profiles/per-user
+            mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root
+            mkdir -p -m 0700 "$HOME/.nix-defexpr"
+            . ${pkgs.nix}/etc/profile.d/nix-daemon.sh
+            ${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixos-23.05 nixpkgs # 3
+            ${pkgs.nix}/bin/nix-channel --update nixpkgs
+            ${pkgs.nix}/bin/nix-env -i ${concatStringsSep " " (with pkgs; [ nix cacert git openssh ])}
+          '';
+          environmentVariables = {
+            ENV = "/etc/profile";
+            USER = "root";
+            NIX_REMOTE = "daemon";
+            PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin";
+            NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt";
+          };
         };
       };
     };