mirror of
https://github.com/Mic92/nixos-wiki-infra.git
synced 2025-06-27 05:01:53 +02:00
commit
1697516a7e
2
.envrc
2
.envrc
@ -1,3 +1,5 @@
|
|||||||
|
# shellcheck shell=bash
|
||||||
|
|
||||||
use flake
|
use flake
|
||||||
|
|
||||||
watch_file .envrc.private
|
watch_file .envrc.private
|
||||||
|
@ -1,2 +1,3 @@
|
|||||||
|
# shellcheck shell=bash
|
||||||
# https://console.hetzner.cloud/projects/2643361/security/tokens
|
# https://console.hetzner.cloud/projects/2643361/security/tokens
|
||||||
export HCLOUD_TOKEN='<your-hetzner-token>'
|
export HCLOUD_TOKEN='<your-hetzner-token>'
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
name: "Update mediawiki extensions"
|
name: "Update wiki"
|
||||||
on:
|
on:
|
||||||
repository_dispatch:
|
repository_dispatch:
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
@ -20,8 +20,9 @@ jobs:
|
|||||||
- run: ./modules/nixos-wiki/update-extensions.py ./modules/nixos-wiki/extensions.json
|
- run: ./modules/nixos-wiki/update-extensions.py ./modules/nixos-wiki/extensions.json
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
- run: nix flake update
|
||||||
- name: Create Pull Request
|
- name: Create Pull Request
|
||||||
uses: peter-evans/create-pull-request@v7
|
uses: peter-evans/create-pull-request@v7
|
||||||
with:
|
with:
|
||||||
title: Update mediawiki extensions
|
title: Update wiki extensions
|
||||||
labels: merge-queue
|
labels: merge-queue
|
@ -1 +1,2 @@
|
|||||||
|
# shellcheck shell=bash
|
||||||
use flake .#linkcheck
|
use flake .#linkcheck
|
||||||
|
5
checks/linkcheck/.gitignore
vendored
5
checks/linkcheck/.gitignore
vendored
@ -1,5 +0,0 @@
|
|||||||
temp
|
|
||||||
.direnv
|
|
||||||
*-report
|
|
||||||
result*
|
|
||||||
workdir
|
|
39
flake.lock
generated
39
flake.lock
generated
@ -7,11 +7,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715526530,
|
"lastModified": 1741786315,
|
||||||
"narHash": "sha256-1ot3VxxbRexDAbk70n0yLt7EEEzypAGK3ut+YV7m/Mg=",
|
"narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "disko",
|
"repo": "disko",
|
||||||
"rev": "94a818d8b914e06c04c21b5f0bafbb4b96ee8b47",
|
"rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -27,11 +27,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1714641030,
|
"lastModified": 1741352980,
|
||||||
"narHash": "sha256-yzcRNDoyVP7+SCNX0wmuDju1NUCt8Dz9+lyUXEI0dbI=",
|
"narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=",
|
||||||
"owner": "hercules-ci",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-parts",
|
"repo": "flake-parts",
|
||||||
"rev": "e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e",
|
"rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -42,10 +42,10 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1727506465,
|
"lastModified": 1742584082,
|
||||||
"narHash": "sha256-3kTzEJ3X+RmNB9hamk+HnRj4MVLuZ2nzGaT1IeKuHZg=",
|
"narHash": "sha256-0xccOonj868cv6EjerMZ7hZMOfCpaTb3I82ZZhZQB8w=",
|
||||||
"ref": "nixos-unstable-small",
|
"ref": "nixos-unstable-small",
|
||||||
"rev": "0c839cfcda894af2030d5731414542a92a7af207",
|
"rev": "fbcdd2bccd1b6960b48578a608b581bff18e7646",
|
||||||
"shallow": true,
|
"shallow": true,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/NixOS/nixpkgs"
|
"url": "https://github.com/NixOS/nixpkgs"
|
||||||
@ -71,15 +71,14 @@
|
|||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
]
|
||||||
"nixpkgs-stable": []
|
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715482972,
|
"lastModified": 1742595978,
|
||||||
"narHash": "sha256-y1uMzXNlrVOWYj1YNcsGYLm4TOC2aJrwoUY1NjQs9fM=",
|
"narHash": "sha256-05onsoMrLyXE4XleDCeLC3bXnC4nyUbKWInGwM7v6hU=",
|
||||||
"owner": "Mic92",
|
"owner": "Mic92",
|
||||||
"repo": "sops-nix",
|
"repo": "sops-nix",
|
||||||
"rev": "b6cb5de2ce57acb10ecdaaf9bbd62a5ff24fa02e",
|
"rev": "b7756921b002de60fb66782effad3ce8bdb5b25d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -95,11 +94,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1727491384,
|
"lastModified": 1742432134,
|
||||||
"narHash": "sha256-km86bDL46XmO4gkfvCfhCXfZDZPg/O72A65fF+hUPJM=",
|
"narHash": "sha256-J9BMk5uEXGZqe3ksA+TNjpuWx67r6qwa6MCS+ayDTqw=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "srvos",
|
"repo": "srvos",
|
||||||
"rev": "e1f0d6e42d9ea0cf031fd3469f35d78c3af21b85",
|
"rev": "60a187c45762fcc5ed0f3c97e1da890d0ed3f695",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -115,11 +114,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1714058656,
|
"lastModified": 1742370146,
|
||||||
"narHash": "sha256-Qv4RBm4LKuO4fNOfx9wl40W2rBbv5u5m+whxRYUMiaA=",
|
"narHash": "sha256-XRE8hL4vKIQyVMDXykFh4ceo3KSpuJF3ts8GKwh5bIU=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "treefmt-nix",
|
"repo": "treefmt-nix",
|
||||||
"rev": "c6aaf729f34a36c445618580a9f95a48f5e4e03f",
|
"rev": "adc195eef5da3606891cedf80c0d9ce2d3190808",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -16,7 +16,6 @@
|
|||||||
|
|
||||||
sops-nix.url = "github:Mic92/sops-nix";
|
sops-nix.url = "github:Mic92/sops-nix";
|
||||||
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
|
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
sops-nix.inputs.nixpkgs-stable.follows = "";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs =
|
outputs =
|
||||||
|
@ -9,14 +9,17 @@
|
|||||||
"*/nixos-vars.json"
|
"*/nixos-vars.json"
|
||||||
"*/secrets.yaml"
|
"*/secrets.yaml"
|
||||||
"*.lock"
|
"*.lock"
|
||||||
|
"*.tfstate"
|
||||||
".gitignore"
|
".gitignore"
|
||||||
"modules/nixos-wiki/favicon.ico"
|
"modules/nixos-wiki/favicon.ico"
|
||||||
"modules/nixos-wiki/nixos.png"
|
"modules/nixos-wiki/nixos.png"
|
||||||
"modules/nixos-wiki/robots.txt"
|
"modules/nixos-wiki/robots.txt"
|
||||||
"oauth-permissions.png"
|
"oauth-permissions.png"
|
||||||
"targets/nixos-wiki.nixos.org/secrets/*"
|
"targets/nixos-wiki.nixos.org/secrets/*"
|
||||||
|
"targets/admins/secrets/*"
|
||||||
|
"checks/linkcheck/allowed.links"
|
||||||
];
|
];
|
||||||
programs.hclfmt.enable = true;
|
programs.terraform.enable = true;
|
||||||
programs.nixfmt.enable = true;
|
programs.nixfmt.enable = true;
|
||||||
programs.nixfmt.package = pkgs.nixfmt-rfc-style;
|
programs.nixfmt.package = pkgs.nixfmt-rfc-style;
|
||||||
programs.deadnix.enable = true;
|
programs.deadnix.enable = true;
|
||||||
@ -38,14 +41,19 @@
|
|||||||
convert2Tofu =
|
convert2Tofu =
|
||||||
provider:
|
provider:
|
||||||
provider.override (prev: {
|
provider.override (prev: {
|
||||||
homepage = builtins.replaceStrings [ "registry.terraform.io/providers" ] [
|
homepage =
|
||||||
|
builtins.replaceStrings
|
||||||
|
[ "registry.terraform.io/providers" ]
|
||||||
|
[
|
||||||
"registry.opentofu.org"
|
"registry.opentofu.org"
|
||||||
] prev.homepage;
|
]
|
||||||
|
prev.homepage;
|
||||||
});
|
});
|
||||||
in
|
in
|
||||||
[
|
[
|
||||||
pkgs.bashInteractive
|
pkgs.bashInteractive
|
||||||
pkgs.sops
|
pkgs.sops
|
||||||
|
pkgs.nixos-rebuild-ng
|
||||||
(pkgs.opentofu.withPlugins (
|
(pkgs.opentofu.withPlugins (
|
||||||
p:
|
p:
|
||||||
builtins.map convert2Tofu [
|
builtins.map convert2Tofu [
|
||||||
|
@ -98,7 +98,8 @@ in
|
|||||||
group = "root";
|
group = "root";
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.ssh.knownHosts."[u391032.your-storagebox.de]:23".publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5EB5p/5Hp3hGW1oHok+PIOH9Pbn7cnUiGmUEBrCVjnAw+HrKyN8bYVV0dIGllswYXwkG/+bgiBlE6IVIBAq+JwVWu1Sss3KarHY3OvFJUXZoZyRRg/Gc/+LRCE7lyKpwWQ70dbelGRyyJFH36eNv6ySXoUYtGkwlU5IVaHPApOxe4LHPZa/qhSRbPo2hwoh0orCtgejRebNtW5nlx00DNFgsvn8Svz2cIYLxsPVzKgUxs8Zxsxgn+Q/UvR7uq4AbAhyBMLxv7DjJ1pc7PJocuTno2Rw9uMZi1gkjbnmiOh6TTXIEWbnroyIhwc8555uto9melEUmWNQ+C+PwAK+MPw==";
|
programs.ssh.knownHosts."[u391032.your-storagebox.de]:23".publicKey =
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5EB5p/5Hp3hGW1oHok+PIOH9Pbn7cnUiGmUEBrCVjnAw+HrKyN8bYVV0dIGllswYXwkG/+bgiBlE6IVIBAq+JwVWu1Sss3KarHY3OvFJUXZoZyRRg/Gc/+LRCE7lyKpwWQ70dbelGRyyJFH36eNv6ySXoUYtGkwlU5IVaHPApOxe4LHPZa/qhSRbPo2hwoh0orCtgejRebNtW5nlx00DNFgsvn8Svz2cIYLxsPVzKgUxs8Zxsxgn+Q/UvR7uq4AbAhyBMLxv7DjJ1pc7PJocuTno2Rw9uMZi1gkjbnmiOh6TTXIEWbnroyIhwc8555uto9melEUmWNQ+C+PwAK+MPw==";
|
||||||
|
|
||||||
systemd.services.borgbackup-job-state = {
|
systemd.services.borgbackup-job-state = {
|
||||||
wants = [ "wiki-backup.service" ];
|
wants = [ "wiki-backup.service" ];
|
||||||
|
@ -10,6 +10,6 @@ nixBuild() {
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
nixBuild .#checks.x86_64-linux.test .#nixosConfigurations.nixos-wiki-nixos-org.config.system.build.toplevel -L
|
nixBuild .#checks.x86_64-linux.test .#nixosConfigurations.nixos-wiki-nixos-org.config.system.build.toplevel -L
|
||||||
if ! nixos-rebuild switch --flake .#nixos-wiki-nixos-org --target-host root@wiki.nixos.org; then
|
if ! nixos-rebuild-ng switch --flake .#nixos-wiki-nixos-org --target-host root@wiki.nixos.org; then
|
||||||
nixos-rebuild switch --flake .#nixos-wiki-nixos-org --target-host root@wiki.nixos.org
|
nixos-rebuild-ng switch --flake .#nixos-wiki-nixos-org --target-host root@wiki.nixos.org
|
||||||
fi
|
fi
|
||||||
|
Loading…
x
Reference in New Issue
Block a user