From e742447357abc19ec89c32717c6443fa9463eda4 Mon Sep 17 00:00:00 2001
From: Brendan Golden <git@brendan.ie>
Date: Sun, 18 Jun 2023 21:22:44 +0100
Subject: [PATCH] feat: initial ci config

---
 .gitlab-ci.yml | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)
 create mode 100644 .gitlab-ci.yml

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..4be0477
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,71 @@
+# borrowed from https://gitlab.com/nix17/nixos-config/-/blob/main/.gitlab-ci.yml
+
+# hopefully this image is good for my needs
+image: nixpkgs/nix-flakes:nixos-23.05
+
+stages:
+  - flake
+  #- deploy
+
+# Passed in from upstream
+# $PACKAGE_NAME = name of the flake that needs to be updated
+# $UPDATE_FLAKE = flag to update the flake
+
+update:
+  stage: flake
+  # from https://forum.gitlab.com/t/git-push-from-inside-a-gitlab-runner/30554/5
+  before_script:
+    #- 'which ssh-agent || ( apt-get update -qy && apt-get install openssh-client -qqy )'
+    - eval `ssh-agent -s`
+    # for the deploy
+    - echo "${CI_KEY}" | tr -d '\r' | ssh-add - > /dev/null
+    - mkdir -p ~/.ssh
+    - chmod 700 ~/.ssh
+    - echo "$CI_KEY" >> ~/.ssh/id_rsa.pub
+    - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
+
+  script:
+    - git config --global user.email "${CI_EMAIL}"
+    - git config --global user.name "${CI_USERNAME}"
+    # the part that updates the flake
+    - nix --experimental-features 'nix-command flakes' flake lock --update-input $PACKAGE_NAME
+    - git add flake.lock
+    - git commit -m "[skip ci] Updated flake for $PACKAGE_NAME" || echo "No changes, nothing to commit"
+    # we have a custom domain
+    - git remote rm origin && git remote add origin ssh://git@gitlab.skynet.ie:2222$CI_PROJECT_PATH.git
+    - git push origin HEAD:$CI_COMMIT_REF_NAME
+
+  only:
+    refs:
+      - main
+    variables:
+      - $UPDATE_FLAKE == "yes"
+
+# use ctrl+/ on intellij to mass uncoment
+# set up deployment later
+#deploy:
+#  stage: deploy
+#  # from https://forum.gitlab.com/t/git-push-from-inside-a-gitlab-runner/30554/5
+#  before_script:
+#    # Check for ssh-agent + rsync and install if not present
+#    #- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y  )'
+#    - eval $(ssh-agent -s)
+#    # Inject the remote's private key
+#    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
+#    - mkdir -p ~/.ssh
+#    - chmod 700 ~/.ssh
+#    # Append keyscan output into known hosts
+#    - ssh-keyscan $SERVER_IP >> ~/.ssh/known_hosts
+#    - chmod 644 ~/.ssh/known_hosts
+#
+#  script:
+#      # this will grab a fresh copy of teh repo
+#    - ssh $SERVER_USER@$SERVER_IP "cd /etc/nixos && git stash && git pull origin main && nixos-rebuild switch"
+#
+#  only:
+#    refs:
+#      - main
+  
+
+  # only run on $UPDATE_FLAKE
+