ci: eval deploy

2024-12-20 18:15:18 +08:00
15 changed files with 58 additions and 130 deletions
--- a/.github/workflows/eval.yaml
+++ b/.github/workflows/eval.yaml
@ -1,8 +1,10 @@
 name: Eval NixOS Configurations
 on:
-  check_suite:
+  push:
-    types: [completed]
+    branches:
      - deploy
  workflow_dispatch:
 permissions:
  contents: write
@ -18,10 +20,6 @@ jobs:
      - name: Install Nix
        uses: cachix/install-nix-action@v25
        with:
          extra_nix_conf: |
            extra-trusted-public-keys = cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=
            extra-substituters = https://cache.garnix.io
      - name: Configure Git
        run: |
@ -35,26 +33,19 @@ jobs:
          hosts=$(nix flake show --json | jq -r '.nixosConfigurations | keys[]')
          echo "Found hosts: $hosts"
          failed_hosts=""
          for host in $hosts; do
            echo "Eval derivation for $host"
-            if ! nix derivation show ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then
+            if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then
              echo "❌ Failed to evaluate $host"
              failed_hosts+="$host "
              rm "eval/$host.json"
            else
              echo "✅ Successfully evaluated $host"
            fi
          done
          echo "Total hosts: $(echo "$hosts" | wc -w)"
          echo "Failed hosts: $failed_hosts" 
          git add eval/
          git commit -m "Update deployment configurations for all hosts"
-          git push -f origin deploy-comin-eval
+          git push origin deploy-comin-eval
          # After success, reset deploy-comin to new deploy
          git checkout -b deploy-comin 
          git reset --hard deploy
          git push -f origin deploy-comin
--- a/flake.lock
+++ b/flake.lock
@ -39,26 +39,6 @@
        "type": "github"
      }
    },
    "comin": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1734693645,
        "narHash": "sha256-Vw3YpuQxwBse5JiTGBH5MSPmqXOXFI4ROs7IF3tRc7k=",
        "owner": "xinyangli",
        "repo": "comin",
        "rev": "c8a66bbd129e88ad916cac59f1ad9f45d39b3190",
        "type": "github"
      },
      "original": {
        "owner": "xinyangli",
        "repo": "comin",
        "type": "github"
      }
    },
    "devshell": {
      "inputs": {
        "nixpkgs": [
@ -662,7 +642,6 @@
      "inputs": {
        "catppuccin": "catppuccin",
        "colmena": "colmena",
        "comin": "comin",
        "disko": "disko",
        "flake-utils": "flake-utils_2",
        "home-manager": "home-manager",
--- a/flake.nix
+++ b/flake.nix
@ -55,11 +55,6 @@
      url = "github:nix-community/disko";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    comin = {
      url = "github:xinyangli/comin";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };
  outputs =
@ -77,7 +72,6 @@
      colmena,
      nix-index-database,
      disko,
      comin,
      ...
    }:
    let
@ -113,7 +107,6 @@
      sharedNixosModules = [
        self.nixosModules.default
        sops-nix.nixosModules.sops
        comin.nixosModules.comin
      ];
      nodeNixosModules = {
        calcite = [
--- a/garnix.yaml
+++ b/garnix.yaml
@ -7,4 +7,4 @@ builds:
    - homeConfigurations.aarch64-linux.*
    - darwinConfigurations.*
    - nixosConfigurations.*
-  branch: deploy
+
--- a/home/default.nix
+++ b/home/default.nix
@ -1,6 +1,5 @@
 {
  xin = {
    calcite = import ./xin/calcite.nix;
    gold = import ./xin/gold;
  };
 }
--- a/home/xin/calcite.nix
+++ b/home/xin/calcite.nix
@ -108,12 +108,10 @@ in
  xdg.systemDirs.data = [
    "/usr/share"
    "/var/lib/flatpak/exports/share"
    "${homeDirectory}/.local/share/flatpak/exports/share"
  ];
  xdg.configFile."distrobox/distrobox.conf".text = ''
    container_additional_volumes="/nix/store:/nix/store:ro /etc/profiles/per-user:/etc/profiles/per-user:ro"
  '';
  programs.man.generateCaches = false;
  programs.atuin = {
--- a/home/xin/raspite/default.nix
+++ b/home/xin/raspite/default.nix
@ -0,0 +1,25 @@
 { config, pkgs, ... }:
 {
  imports = [ ../common ];
  home.username = "xin";
  home.homeDirectory = "/home/xin";
  home.stateVersion = "23.05";
  # Let Home Manager install and manage itself.
  programs.home-manager.enable = true;
  accounts.email.accounts.gmail = {
    primary = true;
    address = "lixinyang411@gmail.com";
    flavor = "gmail.com";
  };
  accounts.email.accounts.whu = {
    address = "lixinyang411@whu.edu.cn";
  };
  accounts.email.accounts.foxmail = {
    address = "lixinyang411@foxmail.com";
  };
 }
--- a/machines/calcite/configuration.nix
+++ b/machines/calcite/configuration.nix
@ -20,7 +20,6 @@ in
    nix = {
      signing.enable = true;
    };
    comin.enable = true;
  };
  # Bootloader.
@ -177,7 +176,7 @@ in
        ];
        settings = {
          main = {
-            leftcontrol = "overload(control, esc)";
+            capslock = "overload(control, esc)";
          };
        };
      };
--- a/machines/weilite/default.nix
+++ b/machines/weilite/default.nix
@ -19,7 +19,6 @@
      nix = {
        enable = true;
      };
      comin.enable = true;
    };
    boot = {
@ -39,10 +38,7 @@
    nixpkgs.config.allowUnfree = true;
-    environment.systemPackages = [
+    environment.systemPackages = [ pkgs.virtiofsd ];
      pkgs.virtiofsd
      pkgs.intel-gpu-tools
    ];
    sops = {
      defaultSopsFile = ./secrets.yaml;
@ -98,32 +94,15 @@
        options = "rw,nodev,nosuid";
        wantedBy = [ "restic-rest-server.service" ];
      }
      # {
      #   what = "ocis";
      #   where = "/var/lib/ocis";
      #   type = "virtiofs";
      #   options = "rw,nodev,nosuid";
      #   wantedBy = [ "ocis.service" ];
      # }
      {
-        what = "media";
+        what = "ocis";
-        where = "/var/lib/jellyfin/media";
+        where = "/var/lib/ocis";
        type = "virtiofs";
        options = "rw,nodev,nosuid";
        wantedBy = [ "ocis.service" ];
      }
    ];
    hardware.graphics = {
      enable = true;
      extraPackages = with pkgs; [
        intel-media-driver
        intel-vaapi-driver
        vaapiVdpau
        intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
        intel-media-sdk # QSV up to 11th gen
      ];
    };
    services.openssh.ports = [
      22
      2222
--- a/machines/weilite/services/default.nix
+++ b/machines/weilite/services/default.nix
@ -4,6 +4,5 @@
    ./restic.nix
    ./media-download.nix
    ./immich.nix
    ./jellyfin.nix
  ];
 }
--- a/machines/weilite/services/jellyfin.nix
+++ b/machines/weilite/services/jellyfin.nix
@ -1,15 +0,0 @@
 { config, pkgs, ... }:
 {
  services.jellyfin.enable = true;
  environment.systemPackages = with pkgs; [
    jellyfin
    jellyfin-web
    jellyfin-ffmpeg
  ];
  services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:8920".extraConfig = ''
    reverse_proxy 127.0.0.1:8096
  '';
  networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan
  users.users.jellyfin.extraGroups = [ "render" ];
 }
--- a/modules/home-manager/gui/themes.nix
+++ b/modules/home-manager/gui/themes.nix
@ -13,10 +13,6 @@
        name = "Catppuccin-GTK-Dark";
        package = pkgs.magnetic-catppuccin-gtk;
      };
      iconTheme = {
        name = "Qogir";
        package = pkgs.qogir-icon-theme;
      };
      gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc";
    };
  };
--- a/modules/home-manager/gui/waybar.nix
+++ b/modules/home-manager/gui/waybar.nix
@ -44,6 +44,8 @@ in
          modules-right = [
            "network#speed"
            "custom/separator"
            "network#if"
            "custom/separator"
            "pulseaudio"
            "custom/separator"
            "memory"
@ -119,6 +121,22 @@ in
            format = "  {percentage}%";
          };
          "network#if" = {
            format = "{ifname}";
            format-disconnected = "󰌙";
            format-ethernet = "󰌘";
            format-linked = "{ifname} (No IP)  󰈁";
            format-wifi = "{icon}";
            format-icons = [
              "󰤯"
              "󰤟"
              "󰤢"
              "󰤥"
              "󰤨"
            ];
            interval = 10;
          };
          "network#speed" = {
            format = "{ifname}";
            format-disconnected = "󰌙";
--- a/modules/nixos/common-settings/comin.nix
+++ b/modules/nixos/common-settings/comin.nix
@ -1,32 +0,0 @@
 {
  config,
  lib,
  ...
 }:
 let
  inherit (lib)
    mkEnableOption
    mkIf
    ;
  cfg = config.commonSettings.comin;
 in
 {
  options.commonSettings.comin = {
    enable = mkEnableOption "auto updater with comin";
  };
  config = {
    services.comin = mkIf cfg.enable {
      enable = true;
      remotes = [
        {
          name = "origin";
          url = "https://github.com/xinyangli/nixos-config.git";
          branches.main.name = "deploy-comin";
        }
      ];
      hostname = config.networking.hostName;
    };
  };
 }
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@ -2,7 +2,6 @@
  imports = [
    ./common-settings/auth.nix
    ./common-settings/autoupgrade.nix
    ./common-settings/comin.nix
    ./common-settings/nix-conf.nix
    ./common-settings/proxy-server.nix
    ./common-settings/mainland.nix