mariuskimmina.com / nix-hetzner-lab
this repo has no description
fork atom

Compare changes

Choose any two refs to compare.

options
unified split
Changed files
+48 -97
.github
workflows
deploy.yaml
configuration.nix
flake.lock
flake.nix
+38
.github/workflows/deploy.yaml
···
··· 1 + name: Deploy 2 + 3 + on: 4 + workflow_dispatch: 5 + 6 + jobs: 7 + deploy: 8 + runs-on: ubuntu-latest 9 + permissions: 10 + contents: write 11 + steps: 12 + - uses: actions/checkout@v4 13 + 14 + - uses: DeterminateSystems/nix-installer-action@main 15 + - uses: DeterminateSystems/magic-nix-cache-action@main 16 + 17 + - name: Update flake 18 + run: | 19 + nix flake update homepage 20 + git config user.name "github-actions[bot]" 21 + git config user.email "github-actions[bot]@users.noreply.github.com" 22 + git add flake.lock 23 + if git diff --staged --quiet; then 24 + echo "No changes to flake.lock" 25 + else 26 + git commit -m "flake: update homepage" 27 + git push 28 + fi 29 + 30 + - name: Deploy 31 + run: | 32 + mkdir -p ~/.ssh 33 + echo "${{ secrets.DEPLOY_SSH_KEY }}" > ~/.ssh/id_ed25519 34 + chmod 600 ~/.ssh/id_ed25519 35 + ssh-keyscan ${{ secrets.SERVER_IP }} >> ~/.ssh/known_hosts 36 + nix run nixpkgs#nixos-rebuild -- switch \ 37 + --flake .#hetzner-lab \ 38 + --target-host root@${{ secrets.SERVER_IP }}
+5 -21
configuration.nix
··· 3 lib, 4 pkgs, 5 homepage, 6 - leaflet-hugo-sync, 7 ... 8 }: 9 - let 10 - leaflet-sync-bin = leaflet-hugo-sync.packages.x86_64-linux.default; 11 - in 12 { 13 imports = [ 14 (modulesPath + "/installer/scan/not-detected.nix") ··· 46 extraGroups = [ "podman" ]; 47 }; 48 49 - # Homepage build service 50 systemd.services.homepage-build = { 51 - description = "Build homepage with leaflet-sync"; 52 - after = [ "network-online.target" ]; 53 - wants = [ "network-online.target" ]; 54 wantedBy = [ "multi-user.target" ]; 55 56 serviceConfig = { 57 Type = "oneshot"; 58 RemainAfterExit = true; 59 - StateDirectory = "homepage"; 60 }; 61 - 62 - path = [ pkgs.hugo leaflet-sync-bin ]; 63 64 script = '' 65 set -ex 66 - 67 - WORK_DIR=/var/lib/homepage 68 OUT_DIR=/var/www/homepage 69 70 - # Copy source from nix store to writable directory (including hidden files) 71 - rm -rf $WORK_DIR/* 72 - rm -rf $WORK_DIR/.* 2>/dev/null || true 73 cp -r ${homepage}/. $WORK_DIR/ 74 chmod -R u+w $WORK_DIR 75 cd $WORK_DIR 76 77 - # Run leaflet-sync (fetches from network) 78 - leaflet-hugo-sync 79 80 - # Build hugo site 81 - mkdir -p $OUT_DIR 82 - hugo --minify --destination $OUT_DIR 83 ''; 84 }; 85
··· 3 lib, 4 pkgs, 5 homepage, 6 ... 7 }: 8 { 9 imports = [ 10 (modulesPath + "/installer/scan/not-detected.nix") ··· 42 extraGroups = [ "podman" ]; 43 }; 44 45 + # Build hugo site as a derivation 46 systemd.services.homepage-build = { 47 + description = "Build homepage"; 48 wantedBy = [ "multi-user.target" ]; 49 50 serviceConfig = { 51 Type = "oneshot"; 52 RemainAfterExit = true; 53 }; 54 55 script = '' 56 set -ex 57 + WORK_DIR=$(mktemp -d) 58 OUT_DIR=/var/www/homepage 59 60 cp -r ${homepage}/. $WORK_DIR/ 61 chmod -R u+w $WORK_DIR 62 cd $WORK_DIR 63 64 + ${pkgs.hugo}/bin/hugo --minify --destination $OUT_DIR 65 66 + rm -rf $WORK_DIR 67 ''; 68 }; 69
+4 -73
flake.lock
··· 20 "type": "github" 21 } 22 }, 23 - "flake-utils": { 24 - "inputs": { 25 - "systems": "systems" 26 - }, 27 - "locked": { 28 - "lastModified": 1731533236, 29 - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", 30 - "owner": "numtide", 31 - "repo": "flake-utils", 32 - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", 33 - "type": "github" 34 - }, 35 - "original": { 36 - "owner": "numtide", 37 - "repo": "flake-utils", 38 - "type": "github" 39 - } 40 - }, 41 "homepage": { 42 "flake": false, 43 "locked": { 44 - "lastModified": 1767816281, 45 - "narHash": "sha256-RUm8cfpypCakOrZYduj/FMczcBxwSNHJGzUIR1+xgAY=", 46 "owner": "mariuskimmina", 47 "repo": "homepage", 48 - "rev": "bd88f94bae2c4e900525144ac69bf28916e6536e", 49 "type": "github" 50 }, 51 "original": { ··· 54 "type": "github" 55 } 56 }, 57 - "leaflet-hugo-sync": { 58 - "inputs": { 59 - "flake-utils": "flake-utils", 60 - "nixpkgs": "nixpkgs" 61 - }, 62 - "locked": { 63 - "lastModified": 1767737144, 64 - "narHash": "sha256-RQah7klbquu7TG7xib3+ljZPsPv2Vzqq/TzsSUuYuOY=", 65 - "owner": "mariuskimmina", 66 - "repo": "leaflet-hugo-sync", 67 - "rev": "40e20a13254913ce48dfe8bbfc4125399dc21575", 68 - "type": "github" 69 - }, 70 - "original": { 71 - "owner": "mariuskimmina", 72 - "repo": "leaflet-hugo-sync", 73 - "type": "github" 74 - } 75 - }, 76 "nixpkgs": { 77 "locked": { 78 - "lastModified": 1767379071, 79 - "narHash": "sha256-EgE0pxsrW9jp9YFMkHL9JMXxcqi/OoumPJYwf+Okucw=", 80 - "owner": "NixOS", 81 - "repo": "nixpkgs", 82 - "rev": "fb7944c166a3b630f177938e478f0378e64ce108", 83 - "type": "github" 84 - }, 85 - "original": { 86 - "owner": "NixOS", 87 - "ref": "nixos-unstable", 88 - "repo": "nixpkgs", 89 - "type": "github" 90 - } 91 - }, 92 - "nixpkgs_2": { 93 - "locked": { 94 "lastModified": 1748662220, 95 "narHash": "sha256-7gGa49iB9nCnFk4h/g9zwjlQAyjtpgcFkODjcOQS0Es=", 96 "owner": "NixOS", ··· 109 "inputs": { 110 "disko": "disko", 111 "homepage": "homepage", 112 - "leaflet-hugo-sync": "leaflet-hugo-sync", 113 - "nixpkgs": "nixpkgs_2" 114 - } 115 - }, 116 - "systems": { 117 - "locked": { 118 - "lastModified": 1681028828, 119 - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", 120 - "owner": "nix-systems", 121 - "repo": "default", 122 - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", 123 - "type": "github" 124 - }, 125 - "original": { 126 - "owner": "nix-systems", 127 - "repo": "default", 128 - "type": "github" 129 } 130 } 131 },
··· 20 "type": "github" 21 } 22 }, 23 "homepage": { 24 "flake": false, 25 "locked": { 26 + "lastModified": 1767825440, 27 + "narHash": "sha256-O5rP/5dTaal5rXEQVjm9q2s/5K0xjV8/uSouBs8m+Vo=", 28 "owner": "mariuskimmina", 29 "repo": "homepage", 30 + "rev": "8553534308051495d3b724894f92ead8aa118e18", 31 "type": "github" 32 }, 33 "original": { ··· 36 "type": "github" 37 } 38 }, 39 "nixpkgs": { 40 "locked": { 41 "lastModified": 1748662220, 42 "narHash": "sha256-7gGa49iB9nCnFk4h/g9zwjlQAyjtpgcFkODjcOQS0Es=", 43 "owner": "NixOS", ··· 56 "inputs": { 57 "disko": "disko", 58 "homepage": "homepage", 59 + "nixpkgs": "nixpkgs" 60 } 61 } 62 },
+1 -3
flake.nix
··· 7 url = "github:mariuskimmina/homepage"; 8 flake = false; 9 }; 10 - inputs.leaflet-hugo-sync.url = "github:mariuskimmina/leaflet-hugo-sync"; 11 12 outputs = 13 { 14 nixpkgs, 15 disko, 16 homepage, 17 - leaflet-hugo-sync, 18 ... 19 }: 20 { 21 nixosConfigurations.hetzner-lab = nixpkgs.lib.nixosSystem { 22 system = "x86_64-linux"; 23 - specialArgs = { inherit homepage leaflet-hugo-sync; }; 24 modules = [ 25 disko.nixosModules.disko 26 ./configuration.nix
··· 7 url = "github:mariuskimmina/homepage"; 8 flake = false; 9 }; 10 11 outputs = 12 { 13 nixpkgs, 14 disko, 15 homepage, 16 ... 17 }: 18 { 19 nixosConfigurations.hetzner-lab = nixpkgs.lib.nixosSystem { 20 system = "x86_64-linux"; 21 + specialArgs = { inherit homepage; }; 22 modules = [ 23 disko.nixosModules.disko 24 ./configuration.nix