name: Build all NixOS Configurations on: push: branches: - "**" schedule: - cron: "30 2/6 * * *" # not to frequent, GitHub only allows a few pulls per hour jobs: nix build: runs-on: native steps: - uses: actions/checkout@v4 with: clean: true - name: update nix flakes if: ${{ github.event_name == 'schedule' }} # we need to use our ssh key here because we need access to private flakes run: | cat < .ssh_key ${{ secrets.SSH_KEY }} EOF chmod 600 .ssh_key eval $(ssh-agent) ssh-add .ssh_key nix flake update echo $SSH_AGENT_PID kill $SSH_AGENT_PID rm .ssh_key - name: nix flake archive/check # we need to use our ssh key here because we need access to private flakes run: | cat < .ssh_key ${{ secrets.SSH_KEY }} EOF chmod 600 .ssh_key eval $(ssh-agent) ssh-add .ssh_key nix flake archive nix flake check --verbose --log-format raw echo $SSH_AGENT_PID kill $SSH_AGENT_PID rm .ssh_key - name: nix build orbi run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel - name: nix build cream run: nix build .#nixosConfigurations.cream.config.system.build.toplevel - name: nix build cherry run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel - name: nix build chungus run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel - name: nix build usbstick run: nix build .#nixosConfigurations.usbstick.config.system.build.toplevel - name: commit & push if: ${{ github.event_name == 'schedule' }} # only if all nix builds are fine we update our branch run: | git config --local user.email "action@git.ingolf-wagner.de" git config --local user.name "Forgejo Action :robot:" git diff --quiet && \ git diff --staged --quiet || \ (git commit -am ":arrow_up: nix flake update" && git push)