name: Build all NixOS Configurations
on:
push:
branches:
- "**"
schedule:
- cron: "30 2/6 * * *" # not to frequent, GitHub only allows a few pulls per hour
jobs:
nix build:
runs-on: native
steps:
- uses: actions/checkout@v4
with:
clean: true
- name: update nix flakes
if: ${{ github.event_name == 'schedule' }}
# we need to use our ssh key here because we need access to private flakes
run: |
cat <<EOF > .ssh_key
${{ secrets.SSH_KEY }}
EOF
chmod 600 .ssh_key
eval $(ssh-agent)
ssh-add .ssh_key
nix flake update
echo $SSH_AGENT_PID
kill $SSH_AGENT_PID
rm .ssh_key
- name: nix flake archive/check
# we need to use our ssh key here because we need access to private flakes
run: |
cat <<EOF > .ssh_key
${{ secrets.SSH_KEY }}
EOF
chmod 600 .ssh_key
eval $(ssh-agent)
ssh-add .ssh_key
nix flake archive
nix flake check --verbose --log-format raw
echo $SSH_AGENT_PID
kill $SSH_AGENT_PID
rm .ssh_key
- name: nix build orbi
run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel
# - name: nix build cream
# run: nix build .#nixosConfigurations.cream.config.system.build.toplevel
- name: nix build cherry
run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel
- name: nix build chungus
run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel
- name: nix build usbstick
run: nix build .#nixosConfigurations.usbstick.config.system.build.toplevel
- name: commit & push
if: ${{ github.event_name == 'schedule' }}
# only if all nix builds are fine we update our branch
run: |
git config --local user.email "action@git.ingolf-wagner.de"
git config --local user.name "Forgejo Action :robot:"
git diff --quiet && \
git diff --staged --quiet || \
(git commit -am ":arrow_up: nix flake update" && git push)