~sumner/nixos-configuration

ref: git-crypt nixos-configuration/.build.yml -rw-r--r-- 1.3 KiB
84aa165eSumner Evans readme: update with git-crypt instructions 7 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
image: nixos/unstable
packages:
  - nixos.openssl
  - nixos.rsync
sources:
  - https://git.sr.ht/~sumner/nixos-configuration
secrets:
  # SSH Deploy Key
  - f219888a-80af-4275-a777-89e8c7d277f0
environment:
  REPO_NAME: nixos-configuration
# triggers:
#   - action: email
#     condition: failure
#     to: alerts@sumnerevans.com
tasks:
  # Skip everything if not on master.
  - skip-not-master: |
      cd $REPO_NAME
      git branch --contains | grep master || echo "Skipping deploy since not on master"
      git branch --contains | grep master || complete-build

  - setup: |
      echo "cd $REPO_NAME" >> ~/.buildenv
      ssh-keyscan bespin.sumnerevans.com >> ~/.ssh/known_hosts
      ssh-keyscan nevarro.nevarro.space >> ~/.ssh/known_hosts

  - switch-commit: |
      ssh root@bespin.sumnerevans.com "cd /etc/nixos && git fetch && git reset --hard $(git rev-parse HEAD)"
      ssh root@nevarro.nevarro.space  "cd /etc/nixos && git fetch && git reset --hard $(git rev-parse HEAD)"

  - remote-build: |
      ssh root@bespin.sumnerevans.com "nixos-rebuild build --verbose --show-trace"
      ssh root@nevarro.nevarro.space  "nixos-rebuild build --verbose --show-trace"

  - switch-generation: |
      ssh root@bespin.sumnerevans.com "nixos-rebuild switch --verbose --show-trace"
      ssh root@nevarro.nevarro.space  "nixos-rebuild switch --verbose --show-trace"