Try to automatically update nixpkgs and deploy changes
This commit is contained in:
parent
049ada2586
commit
91694fb6e3
GPG key ID:
AB2BD8DAF2E37122
2 changed files with 63 additions and 2 deletions
59
config/services/autodeploy.nix
Normal file
59
config/services/autodeploy.nix
Normal file
|
|
@ -0,0 +1,59 @@
|
|||
{ pkgs, ... }:
|
||||
let script = ''
|
||||
cd /root/nixos-config
|
||||
|
||||
${pkgs.gitMinimal}/bin/git checkout main
|
||||
${pkgs.gitMinimal}/bin/git fetch origin
|
||||
${pkgs.gitMinimal}/bin/git reset --hard origin/main
|
||||
|
||||
TOKEN="$(${pkgs.coreutils}/bin/cat /run/secrets/hydra/gitea_token)"
|
||||
|
||||
deploy_finished() {
|
||||
MAIN_SHA=$(${pkgs.curl}/bin/curl -X GET \
|
||||
"https://git.chir.rs/api/v1/repos/darkkirb/nixos-config/branches/main?token=$TOKEN"
|
||||
-H "accept: application/json" | ${pkgs.jq}/bin/jq -r '.commit.id')
|
||||
STAGING_SHA=$(${pkgs.curl}/bin/curl -X GET \
|
||||
"https://git.chir.rs/api/v1/repos/darkkirb/nixos-config/branches/staging?token=$TOKEN"
|
||||
-H "accept: application/json" | ${pkgs.jq}/bin/jq -r '.commit.id')
|
||||
|
||||
if [[ "$MAIN_SHA" == "$STAGING_SHA" ]]; then
|
||||
${pkgs.coreutils}/bin/echo "No changes to deploy"
|
||||
return 0
|
||||
fi
|
||||
|
||||
COMMIT_STATUS=$(${pkgs.curl}/bin/curl -X 'GET' \
|
||||
"https://git.chir.rs/api/v1/repos/darkkirb/nixos-config/commits/$MAIN_SHA/status?token=$TOKEN" \
|
||||
-H 'accept: application/json' | ${pkgs.jq}/bin/jq -r '.state')
|
||||
|
||||
if [[ "$COMMIT_STATUS" != "success" ]]; then
|
||||
${pkgs.coreutils}/bin/echo "Commit status is not success"
|
||||
return 0
|
||||
fi
|
||||
|
||||
${pkgs.gitMinimal}/bin/git push origin staging
|
||||
}
|
||||
|
||||
deploy_finished
|
||||
|
||||
${pkgs.nixUnstable}/bin/nix flake update
|
||||
|
||||
${pkgs.gitMinimal}/bin/git commit -am "Automatic nixpkgs update"
|
||||
${pkgs.gitMinimal}/bin/git push origin main
|
||||
''; in
|
||||
{
|
||||
systemd.services.autodeploy = {
|
||||
enable = true;
|
||||
description = "Automatically deploy updates";
|
||||
inherit script;
|
||||
};
|
||||
systemd.timers.autodeploy = {
|
||||
enable = true;
|
||||
description = "Automatically deploy updates";
|
||||
requires = [ "autodeploy.service" ];
|
||||
wanted-by = [ "multi-user.target" ];
|
||||
timerConfig = {
|
||||
OnUnitActiveSec = 3600;
|
||||
OnBootSec = 3600;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -10,6 +10,8 @@ security:
|
|||
password: ENC[AES256_GCM,data:8W1pEFt+1lW2/Y11OrJa+glMM1A=,iv:V0R7PlBMxl/oTJxE10MIDMtbqr98bE/po+/92MGMftY=,tag:juGYo8nQy7IJUX28f2ZznQ==,type:str]
|
||||
services:
|
||||
chir.rs: ENC[AES256_GCM,data:f8Jrf6ksi6nxTExzeos+U5KXQKreViD0iGoKAEbfA1872WfhgH3VSpx2WQVCW5lTKio4pQ9Mej17W451N6bIc1U2lbQszFn+4wjXrOS9VJnB8+JV+05UGzGXmHJD8u19GG3vyMllKJLwKSsceWux7AAm9duBXoRSgEElA7sTWhGBjXXW+/yCRDKQcNdNvPpH6zHzXcApFmI7ECQKMF/Cq8Txl6yQkWIX/n3v/U8JNSzNzwllVSgx2JU7FDorqS7lrkYaz6lXuPZeiiISIIRShwYoW20uqvQvUQ1bQmDbJPsV4FXu1SynUNbHA7WbsR/Qh2bBAZozgxCy3NvfYfPkb2XANOBemFU+uRbrYMmoaucZnYBJijlc9FGfFsq10vT3BynPjCRLcZWtLTx52k83SP4NiLxkNkPPYERxwcT74IuhkyMOQdZe+EASASRWY0VVCKkGLX/v2dO/jf6gumxQ0xn5ehqGhlqq5wR8cA==,iv:S+mUPpwg1C7FW6or+7Y3fG4UjtWePYdH9N9apJ9TvHw=,tag:EH9Dix+g5tguZFDe/bfmYg==,type:str]
|
||||
hydra:
|
||||
gitea_token: ENC[AES256_GCM,data:8OOn7dlMaBTLNpRB9K2M+Cg4ZB9V2qFXdm7c0/2F/5CdOGfKF63a8Q==,iv:htbnKmNuaHlUw0E2PYRy3en00fni5hmwbkhDcQJRfE4=,tag:MpVnRX6HBxORghcsbEShNw==,type:str]
|
||||
gitea: ENC[AES256_GCM,data:i+reN0mYGY2iMQ06atN/i6YzAg==,iv:HT1H9/UIBweErA5+YFq7aprPjPB2d0gNbt/3MKayuHI=,tag:vDGL31LBw+9sU7UHE9GYKw==,type:str]
|
||||
minio_scrape: ENC[AES256_GCM,data:w+VescGVui8/70HsSP/WCQG/E9fU0X45BXF2qwPNE2vnYM9XyCreHezX218Vb5qDOU3vRl71CJGVH4nv28nBgWvtu017ITfh56CX9dZt7tFAUx198WqXxW1Xc+D9NggWHXUFyAD80+dkzoPH2mUrdhBYeXwlhwyp9+DLF0Up00kdLsjDtSHpDiKKoIvzk3m0K00GZkMtOOENpomAoqtUduUupYRmL1GaHBMJ+XcuLuyvfSI3uSK9BzFxIfNPcJdrP2F28g==,iv:xe7BrC5mLz48efufLup5v0x/aI0kaqXNQ07l4G6kUdg=,tag:yepSZfc3034JaYo2pp15CA==,type:str]
|
||||
old-homepage: ENC[AES256_GCM,data:DgOLD0YCRXsRSvrjQ/pK4RpYdzcO/j2Ifg4eYXFivrEVVj5ooPKeeeJAMX+L+XOjjNmHo5r8o0AvBnvJ4TeGto3VOQynkxw5apvkedR5ecC654Sz5+bRGr2bgtVzujiLH7+IiB3ljH9KYflYASvfmumowmR8R6074GNGKZlH2F7UYDKDdbd48p4pOFWP3Lv5/1iDvJ7Ve3hVASZqiUlS4elMa+8T0HYKkJyxWb76AT+t0M54ps6xgqDYbjrmbO2+UK95Z8DanOk06tk1t30=,iv:2/KdwQ86SO/LFeHTGNDVY+d4ZQnujK7OGuBuGEwkCbU=,tag:7yOVg0V29aGMTT8O5422kw==,type:str]
|
||||
|
|
@ -61,8 +63,8 @@ sops:
|
|||
N1lNTTRhSDFsczd4VjNudUU2NEt4MUEKdVJIJmaoGcwUHa0BGB45jqYnm9aPVZxP
|
||||
dl1vkMx8EAiKhWKbBwQm5fFZcNh371rspGE7KOXmwNbNWef5bVfHpQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-02-09T09:04:47Z"
|
||||
mac: ENC[AES256_GCM,data:CBPTXrxSqF50y1+n23l7SATN4HnDT3FyjhX69trcuHmOMfn62oxolh1F9p/KkNfCRnVvEneBWt0vOjNvkt8QL525NuBqa8U+wivpWly+J30gFyfr4eztabX5WQaeQpZs3HXc92rUYMeaxjJKS3eRgrzkhmZyaatEk+h5rM3EoYY=,iv:rEJP/ZQ5Rbd+31GT3f/7EzlaAPlKowsIbldeLEig8kQ=,tag:Kftknpu2ryw8bgYwWUdofg==,type:str]
|
||||
lastmodified: "2022-02-18T18:50:32Z"
|
||||
mac: ENC[AES256_GCM,data:asDF6tjVtj3dcQvi91HO3nNbrml8dOkQexp7GPScnvmtA+d53ZHOWRZeTa00uNUGFGOWWkvm2z1+dAMMPF1PTsmq9F8IGvsshMRSsPRl38byjR3KrYhyvItviYdRJv2g9hnYKF6L2RPd6podqOu6ymzlsrUeEaKRtFn1vAyieN8=,iv:/mICE0q4m/0SyxLmniig5VHffsCX4JSDdHxeEJNkzio=,tag:cIXWblAUsuZm1Ks8+Nsurw==,type:str]
|
||||
pgp:
|
||||
- created_at: "2022-02-02T17:50:42Z"
|
||||
enc: |
|
||||
|
|
|
|||
Loading…
Reference in a new issue