1
0
Fork 0
forked from emily/nixfiles

more opsies

This commit is contained in:
emily 2024-05-16 22:21:01 +02:00
parent 37ed309ef9
commit 45538c767c
Signed by untrusted user: emily
GPG key ID: F6F4C66207FCF995
2 changed files with 16 additions and 7 deletions

View file

@ -42,11 +42,13 @@ in {
};
};
programs.ssh = {
enable = true;
addKeysToAgent = "yes";
matchBlocks."git.bsd.gay".indentityFile = cfg.privateKey;
matchBlocks."git.bsd.gay".identityFile = cfg.privateKey;
};
services.ssh-agent.enable = true;
};
nix.settings.accept-flake-config = true;
programs.ssh = {
knownHosts."git.bsd.gay".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHd48YPVXBWVdQwVAF16Ihs7FNTPmD1kMUnOfQttc1bA";
};

View file

@ -8,7 +8,7 @@ JOBSET_URL="${HYDRA_URL}/jobset/nixfiles/update-inputs"
ROOT="$(mktemp -d)"
gitin () {
git -C "${ROOT}" "$@"
git -C "${ROOT}/nixfiles" "$@"
}
merge_theirs () {
@ -43,14 +43,14 @@ wait_for_hydra () {
local counter
counter=0
git_rev="$(gitin rev-parse update-inputs)"
while [[ $counter -le 30 ]]; do
hydra_rev="$(curl -s -L -H "Accept: application/json" "${JOBSET_URL}/latest-eval" 2> /dev/null | jq -r .flake | sed -E "s/.+&rev=(.*)/\1/g")"
while true; do
hydra_rev="$(curl -s -L -H "Accept: application/json" "${JOBSET_URL}/latest-eval" | jq -r .flake | sed -E "s/.+&rev=(.*)/\1/g")"
echo "${hydra_rev}"
if [[ "${git_rev}" == "${hydra_rev}" ]]; then
echo "Hydra got new commit"
break
fi
sleep 30
((counter++))
done
if [[ $counter -ge 30 ]]; then
echo "Hydra no workey"
@ -58,13 +58,18 @@ wait_for_hydra () {
fi
}
git clone git@git.bsd.gay:snaki/nixfiles.git "${ROOT}"
ssh-agent -a "${ROOT}/ssh-agent"
SSH_AUTH_SOCK="${ROOT}/ssh-agent"
export SSH_AUTH_SOCK
ssh-add "/run/secrets/services/update-nixfiles/privateKey"
git clone git@git.bsd.gay:snaki/nixfiles.git "${ROOT}/nixfiles"
gitin fetch --all
gitin checkout origin/main
gitin checkout -b "${BRANCH}"
pushd "${ROOT}"
pushd "${ROOT}/nixfiles"
nix flake update --commit-lock-file
popd
@ -92,4 +97,6 @@ echo "Merging ${BRANCH} into main"
gitin checkout main
gitin merge --ff-only "${BRANCH}"
gitin push origin main
pkill ssh-agent
echo "Update successful"