harivansh-afk/nix
1
1
Fork 0
mirror of https://github.com/harivansh-afk/nix.git synced 2026-04-19 11:03:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

ci: run quality on forgejo native runner, fix runner user
Some checks failed
quality / changes (push) Successful in 5s
Details
quality / Flake Check (push) Failing after 1s
Details
quality / Nix Format Check (push) Failing after 1s
Details
quality / Deploy netty (push) Has been skipped
Details

Browse source 
- switch all jobs to runs-on: native so the netty forgejo runner picks them up
- deploy-netty now runs locally on netty via `just switch-netty` (no SSH)
- fix tmpfiles owner: gitea-actions-runner creates user `gitea-runner`, not `forgejo-runner`

Made-with: Cursor
This commit is contained in:
Harivansh Rathi 2026-04-18 22:19:25 -04:00
parent 0db4171b0b
commit ec2f23757b
2 changed files with 13 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

34
.github/workflows/quality.yml vendored
View file

@ -11,7 +11,7 @@ permissions:
jobs:
changes:
runs-on: [self-hosted, netty]
runs-on: native
outputs:
quality: ${{ steps.filter.outputs.quality }}
steps:
@ -32,7 +32,7 @@ jobs:
flake-check:
name: Flake Check
runs-on: [self-hosted, netty]
runs-on: native
needs: changes
if: ${{ needs.changes.outputs.quality == 'true' }}
steps:
@ -46,7 +46,7 @@ jobs:
nix-format:
name: Nix Format Check
runs-on: [self-hosted, netty]
runs-on: native
needs: changes
if: ${{ needs.changes.outputs.quality == 'true' }}
steps:
@ -60,39 +60,15 @@ jobs:
deploy-netty:
name: Deploy netty
runs-on: ubuntu-latest
runs-on: native
needs: [changes, flake-check, nix-format]
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && needs.changes.outputs.quality == 'true' }}
concurrency:
group: deploy-netty
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/nix-installer-action@main
- uses: DeterminateSystems/magic-nix-cache-action@main
- name: Configure SSH
shell: bash
env:
NETTY_SSH_PRIVATE_KEY: ${{ secrets.NETTY_SSH_PRIVATE_KEY }}
NETTY_SSH_KNOWN_HOSTS: ${{ secrets.NETTY_SSH_KNOWN_HOSTS }}
run: |
set -euo pipefail
test -n "$NETTY_SSH_PRIVATE_KEY"
test -n "$NETTY_SSH_KNOWN_HOSTS"
install -d -m 700 "$HOME/.ssh"
printf '%s\n' "$NETTY_SSH_PRIVATE_KEY" > "$HOME/.ssh/netty"
chmod 600 "$HOME/.ssh/netty"
printf '%s\n' "$NETTY_SSH_KNOWN_HOSTS" > "$HOME/.ssh/known_hosts"
chmod 600 "$HOME/.ssh/known_hosts"
cat > "$HOME/.ssh/config" <<'EOF'
Host netty
HostName 152.53.195.59
User root
IdentityFile ~/.ssh/netty
IdentitiesOnly yes
EOF
chmod 600 "$HOME/.ssh/config"
- name: Deploy netty
shell: bash
run: |
set -euo pipefail
nix shell nixpkgs#just --command just switch-netty
just switch-netty

16
hosts/netty/forgejo-runner.nix
View file

@ -9,14 +9,14 @@ let
in
{
systemd.tmpfiles.rules = [
"d ${cacheRoot} 0750 forgejo-runner forgejo-runner -"
"d ${cacheRoot}/cargo 0750 forgejo-runner forgejo-runner -"
"d ${cacheRoot}/npm 0750 forgejo-runner forgejo-runner -"
"d ${cacheRoot}/pip 0750 forgejo-runner forgejo-runner -"
"d ${cacheRoot}/pre-commit 0750 forgejo-runner forgejo-runner -"
"d ${cacheRoot}/rustup 0750 forgejo-runner forgejo-runner -"
"d ${cacheRoot}/uv 0750 forgejo-runner forgejo-runner -"
"d ${cacheRoot}/actcache 0750 forgejo-runner forgejo-runner -"
"d ${cacheRoot} 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/cargo 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/npm 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/pip 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/pre-commit 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/rustup 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/uv 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/actcache 0750 gitea-runner gitea-runner -"
];
services.gitea-actions-runner = {