fix build for discord
This commit is contained in:
parent
d9f1f364e7
commit
89d6c6847a
GPG key ID:
AB2BD8DAF2E37122
7 changed files with 29 additions and 18 deletions
6
.github/workflows/build-one.yml
vendored
6
.github/workflows/build-one.yml
vendored
|
|
@ -28,10 +28,10 @@ jobs:
|
|||
nix_path: nixpkgs=channel:nixos-unstable
|
||||
extra_nix_config: |
|
||||
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
|
||||
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs= cache:6tx18bfuH66LOfrn37EmN2YxwNZI3qNk3lKHoz/XlXI=
|
||||
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs= chir-rs:AnwyFacopHSkprD6aXY4/R3J9JYzTbV2rosJCBPaB28=
|
||||
experimental-features = nix-command flakes ca-derivations
|
||||
post-build-hook = ${{ github.workspace }}/scripts/post-build-hook
|
||||
substituters = https://cache.chir.rs/ https://cache.nixos.org/ https://attic.chir.rs/cache
|
||||
substituters = https://cache.chir.rs/ https://cache.nixos.org/ https://attic.chir.rs/chir-rs
|
||||
extra-platforms = armv7l-linux aarch64-linux powerpc-linux powerpc64-linux powerpc64le-linux riscv32-linux riscv64-linux wasm32-wasi i686-linux
|
||||
sandbox = false
|
||||
- name: Download patched nix
|
||||
|
|
@ -43,7 +43,7 @@ jobs:
|
|||
echo "$NIX_CACHE_KEY" > ~/cache.key
|
||||
sudo mkdir /root/.aws
|
||||
echo "$AWS_CREDENTIALS" | sudo tee /root/.aws/credentials > /dev/null
|
||||
nix run github:DarkKirb/nix-packages#attic-client -- login attic-server https://attic.chir.rs/ "$ATTIC_TOKEN"
|
||||
nix run github:DarkKirb/nix-packages#attic-client -- login attic-server https://attic-nocdn.chir.rs/ "$ATTIC_TOKEN"
|
||||
env:
|
||||
NIX_CACHE_KEY: ${{secrets.NIX_CACHE_KEY}}
|
||||
AWS_CREDENTIALS: ${{secrets.AWS_CREDENTIALS}}
|
||||
|
|
|
|||
4
.github/workflows/pr.yml
vendored
4
.github/workflows/pr.yml
vendored
|
|
@ -13,10 +13,10 @@ jobs:
|
|||
with:
|
||||
extra_nix_config: |
|
||||
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
|
||||
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs= cache:6tx18bfuH66LOfrn37EmN2YxwNZI3qNk3lKHoz/XlXI=
|
||||
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs= chir-rs:AnwyFacopHSkprD6aXY4/R3J9JYzTbV2rosJCBPaB28=
|
||||
experimental-features = nix-command flakes ca-derivations
|
||||
post-build-hook = ${{ github.workspace }}/scripts/post-build-hook
|
||||
substituters = https://cache.chir.rs/ https://cache.nixos.org/ https://attic.chir.rs/cache
|
||||
substituters = https://cache.chir.rs/ https://cache.nixos.org/ https://attic.chir.rs/chir-rs
|
||||
- name: Download patched nix
|
||||
run: nix build github:DarkKirb/nix-packages#nix-s3-dedup
|
||||
- name: Download attic
|
||||
|
|
|
|||
|
|
@ -104,5 +104,5 @@
|
|||
sops.age.sshKeyPaths = lib.mkForce ["/persist/ssh/ssh_host_ed25519_key"];
|
||||
services.bind.forwarders = lib.mkForce [];
|
||||
boot.loader.systemd-boot.configurationLimit = lib.mkForce 1;
|
||||
system.allowReboot = true;
|
||||
system.autoUpgrade.allowReboot = true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,10 +7,13 @@
|
|||
...
|
||||
}: let
|
||||
post-build-hook = pkgs.writeScript "post-build-hook" ''
|
||||
#!/bin/sh
|
||||
#!${pkgs.bash}/bin/bash
|
||||
set -euf
|
||||
export IFS=' '
|
||||
${attic.packages.${system}.attic-client}/bin/attic-client push cache $OUT_PATHS
|
||||
until ${attic.packages.${system}.attic-client}/bin/attic-client push chir-rs $OUT_PATHS; do
|
||||
sleep 5
|
||||
echo "Retrying..."
|
||||
done
|
||||
'';
|
||||
in {
|
||||
imports = [
|
||||
|
|
@ -30,14 +33,15 @@ in {
|
|||
require-sigs = true;
|
||||
builders-use-substitutes = true;
|
||||
substituters = [
|
||||
"https://attic.chir.rs/cache/"
|
||||
"https://attic.chir.rs/chir-rs/"
|
||||
];
|
||||
trusted-public-keys = [
|
||||
"nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg="
|
||||
"hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
|
||||
"cache:6tx18bfuH66LOfrn37EmN2YxwNZI3qNk3lKHoz/XlXI="
|
||||
"chir-rs:AnwyFacopHSkprD6aXY4/R3J9JYzTbV2rosJCBPaB28="
|
||||
];
|
||||
post-build-hook = "${post-build-hook}";
|
||||
auto-optimise-store = true;
|
||||
};
|
||||
package = pkgs.nix;
|
||||
extraOptions = ''
|
||||
|
|
|
|||
|
|
@ -5,13 +5,13 @@
|
|||
nixpkgs,
|
||||
...
|
||||
}: let
|
||||
firefox-wrapped = config.programs.firefox.package;
|
||||
firefox = firefox-wrapped.unwrapped;
|
||||
nss = pkgs.lib.lists.findFirst (x: x.pname or x.name == "nss") null firefox.buildInputs;
|
||||
x86_64-linux-pkgs = import nixpkgs {
|
||||
system = "x86_64-linux";
|
||||
config.allowUnfree = true;
|
||||
};
|
||||
firefox-wrapped = x86_64-linux-pkgs.firefox; #config.programs.firefox.package;
|
||||
firefox = firefox-wrapped.unwrapped;
|
||||
nss = pkgs.lib.lists.findFirst (x: x.pname or x.name == "nss") null firefox.buildInputs;
|
||||
in {
|
||||
home.packages = with pkgs; [
|
||||
(x86_64-linux-pkgs.discord.override {inherit nss;})
|
||||
|
|
|
|||
|
|
@ -1,7 +1,14 @@
|
|||
#!/bin/sh
|
||||
#!/usr/bin/env bash
|
||||
set -euf
|
||||
export IFS=' '
|
||||
export XDG_CONFIG_HOME=/home/runner/.config
|
||||
/nix/var/nix/profiles/default/bin/nix store sign --key-file /home/runner/cache.key $DRV_PATH
|
||||
/nix/var/nix/profiles/default/bin/nix run 'github:DarkKirb/nix-packages#nix-s3-dedup' -- copy --to 's3://cache-chir-rs?scheme=https&endpoint=s3.us-west-000.backblazeb2.com&secret-key=/home/runner/cache.key&multipart-upload=true&compression=zstd&compression-level=15' $DRV_PATH
|
||||
/nix/var/nix/profiles/default/bin/nix run 'github:DarkKirb/nix-packages#attic-client' -- push cache $OUT_PATHS
|
||||
max_retry=5
|
||||
counter=0
|
||||
while ! /nix/var/nix/profiles/default/bin/nix run 'github:DarkKirb/nix-packages#attic-client' -- push chir-rs $OUT_PATHS; do
|
||||
sleep 5
|
||||
[[ counter -eq $max_retry ]] && echo "Failed!" && exit 1
|
||||
echo "Trying again. Try #$counter"
|
||||
((counter++))
|
||||
done
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ aws:
|
|||
ssh:
|
||||
builder_id_ed25519: ENC[AES256_GCM,data:SjNV5HtKVjQd+cwCPGGgT9bSFKhdwJxqGclCBfWAm4UzTco/ho3TZV9OX/BxI/W0ztzSlctFUecOi98qAdtWX737dlyVmQpkGcvbDIQWt6JqpWRGsLsJ1lhlmSOIS1jkASyGksCLaSou3FZ1+dQ2+BWyh9XjWpC7nCGvEHsGOn8cCSj3tlV8cloBZKzxpwEXkEUmpZpuJb0PZp8LL0okxLF553NxClS1zty0cmucRcR71ObevwiWvJmJNI9Un1D4FhSDYFHffoOtmyHixZnNRMI8gW7Cx1suHIsslrsI4YgmD+QxJrIkx96ajkPzIBPsMu5mO+h8y2epEJpRenbTMhgdQvnspsJ1PrWOzsHWMTI9EsjmiZZEsk6lRiVgnOQwf0Bc+Sf4uro6TcbgsIWJdwOthXWi7s72JHfGHqcP03eQyA8wZf21w4oTGh4L5aDtwb29fOLdSv1xf20PP5Qiy4iUdvCV7tdsLcEA0i3aUeJCkklk9cUoWELT+Vu6CqMxnLbSeKHnP452EkK52EZnpn1MNVtFczPWW+oj,iv:7KO7yFoHCttTpw6gDcZRA43qW6F1a8xqpa5VRYUerz4=,tag:OlCbnoS0vQO1Wyn6iWlYDw==,type:str]
|
||||
attic:
|
||||
config.toml: ENC[AES256_GCM,data:+2P1ejL/Olwl2/DVzrBtun3s3hrAzB6ebLAP4BbcjzcVv5Bqwg08AMvLEuhpH1uOp3CyGE3vMxvJJP1d5EXkV7QaAALdi7nt2FBE0TdejnsCN//s0dctjho6O7lcHAF19ozrSzp7npK7qIJtUKAOjVgVV1t/kwyOuJzLSmgGdyeB/a3shvdk7iSWM38dHJqe5VSLuCPtFrtE5MG42Uces5IAWMhywuvftUlEDzKM9jqQWmXb+ecCSd+Q+blmrxuLCJ3XTPgeuf4nnxP2ywOwW4vb6wCzuL/w6geclNlzcrEx2EM/sO2gm4bwVORpo2FGUq+BQCfmTKUFosMC/v79zDYQ9luWMTOwf4jVa3B2RFmo5zZgsupA6/dsJA8pB3EHWRJyMFRf2ykQlUc2D8LFq4NZ2Js7WMJuL/3jgTyRD8cLQQ==,iv:b+nYPPETENOZL+IRtejTAWE9HmnM9x0+UOzWE95N6e4=,tag:zKZEbUiQO8F+7J8E8azFEg==,type:str]
|
||||
config.toml: ENC[AES256_GCM,data:CudpPIXCotu4rOzHlIxPA3kq8yjT/Kng4TyjKExlmoVJ+jxI6C7vnlSJRP4aYq7DsewMspfIcbgjALe8qvIrsNDSGb+Zvb12I/pwle+7AWCoWZbhoQEFfCv6wKioGkbtzctx2seTuUISoJ2ig4llBCdqMtt/JwyiBKtjVt80j0kg6MrDpG3e5o72+7rv0jChSIwcvnfiwjTVjVl2nyycIiJGep2T2dTlsDemYLTy1D9vfhVnRbomlAk/sZHUZHefDfnSgk99/0fp+SW3BKyiIUMGRCRJKYOdU2bV3w+kYkDV6h3ZNkyiTQK+HPX1duCxdzrct2svAmVy8r4MUtxMBCds5Iuq0fwSJ02AbQBg0mybSh9wYTbneGBES2ge8WVD5ARam1hVWM1+WdG7/un7gQU6XwYRoNb6LEV2TYOlzv0xd8ovj7B5cXDFVQ==,iv:6eO7TzrYsf9aaEYIK+WRPaV/47Vuj9jdvisL9q2x0aI=,tag:WT9DFJ1DZAmfWX5XAfyfmg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
|
@ -55,8 +55,8 @@ sops:
|
|||
ZFNubXhZdG1KVDB1d0FWOVVDS1ovOHcKO5m7BFeZzt+nBfaZJoH8Pkw6aeDExQrQ
|
||||
Gfp6KQ0oJOuquhZtMW0GpLuKnuQjjGEBaIbcZcR4OosKKlLYfOKabA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-01-17T09:22:06Z"
|
||||
mac: ENC[AES256_GCM,data:ryasMId4XVt/tJHM9Owa4AVti3t87eptzjD21f0WjWVlS/Fzf/WG/9ImAx77SwI6k86L10NqpRFpGW73vIF2ar/QzJz4Nzu7bZbWsnrwJV7roxWSasX73kLJC9d5Y+71MgtJz5M81Ge0DkDmUY+UvpAt8uLztsMmR2dH52vVY9E=,iv:f36u4ZY/myhjqIS0DNIgZdLNti1RvGb4OrOOHSDJJ6Q=,tag:ef+2dkutV3wDZdj5uW3i/w==,type:str]
|
||||
lastmodified: "2023-01-20T14:57:32Z"
|
||||
mac: ENC[AES256_GCM,data:iNAjaOvlAIUgEy2v0HXxC1eHQIj1us7lIqqf2V+H4L8lmYotlDCPb7Si9PK9PxPjWuWKoHz/sRvXnvvTmDkGEdt7aaY1HQSqMvBn/5ovd3wHW6UNsmOxpeDgVfZ3Df8gwSY0+5AzUNPERJTsIlt1R/EUg57eFehKXVHVZ4ebs4I=,iv:c64NfOiu9eO9B3PXj+hwb6MqnbwhDqfGtIl43mv7Nuc=,tag:mRYb/4WfJHu/z5Nu8zOf6w==,type:str]
|
||||
pgp:
|
||||
- created_at: "2022-12-14T15:34:33Z"
|
||||
enc: |
|
||||
|
|
|
|||
Loading…
Reference in a new issue