Remove unused stuff

Add forgejo-ci's SSH key
Bump the flake lockfile once a week
2025-05-16 18:40:28 +02:00 · 2025-05-16 18:39:46 +02:00 · 2025-05-16 18:39:24 +02:00 · 2025-05-16 18:39:17 +02:00
4 changed files with 3 additions and 27 deletions
--- a/.forgejo/workflows/build.yaml
+++ b/.forgejo/workflows/build.yaml
@ -15,9 +15,6 @@ jobs:
          echo "${{secrets.FORGEJO_SSH_KEY}}" > ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519
          ssh-keyscan github.com >> ~/.ssh/known_hosts
-          ssh-keyscan sisko.wg.aciceri.dev >> ~/.ssh/known_hosts
-          ln -s ~/.ssh/id_ed25519 /home/ccr/.ssh/id_rsa
-          ls -l /home/ccr/.ssh -l
      - name: Build with nix
        run: nix-fast-build --no-nom --systems "x86_64-linux aarch64-linux" --attic-cache "nixfleet" --skip-cached --result-file result.json || true
      - name: Report checks
--- a/.forgejo/workflows/update-flake-lock.yaml
+++ b/.forgejo/workflows/update-flake-lock.yaml
@ -1,7 +1,7 @@
 name: update-flake-lock
 on:
  schedule:
-    - cron: "0 15 * * *" # daily at 15:00
+    - cron: "0 15 * * 1" # weekly on Monday at 15:00

 jobs:
  lockfile:
--- a/lib/default.nix
+++ b/lib/default.nix
@ -4,6 +4,7 @@
      ccr-ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIm9Sl/I+5G4g4f6iE4oCUJteP58v+wMIew9ZuLB+Gea";
      oneplus8t = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO8da1Mf11vXFF0kVDgxocVoGwpHHMEs9emS9T+v8hLb oneplus8t";
      hercules-ci-agent = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGPupm00BiveTIYF6CNwuMijF5VvEaPDMjvt+vMlAy+N hercules-ci-agent";
+      forgejo-ci = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5mbqLoZ/0J45J7J+17XMGv/dXs3DGABJsnvDv4rgC9 forgjeo-ci";
    };
    hosts = {
      kirk = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAH49KzayIro3L1bteR7nwupMM/vKlDh05t5/DFD9/uz";
--- a/modules/forgejo-runners/default.nix
+++ b/modules/forgejo-runners/default.nix
@ -17,6 +17,7 @@ let
        gnugrep
        gawk
        git
+        openssh
        nix
        bash
        jq
@ -38,15 +39,6 @@ let
    cp -a "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" $out/etc/ssl/certs/ca-bundle.crt
  '';
  numInstances = 1;
-  pushToCache = pkgs.writeScript "push-to-cache.sh" ''
-    #!/bin/sh
-    set -eu
-    set -f # disable globbing
-    export IFS=' '
-
-    echo "Uploading paths" $OUT_PATHS
-    exec nix copy --to "s3://cache?profile=default&region=eu-south-1&scheme=https&endpoint=cache.aciceri.dev" $OUT_PATHS
-  '';
 in
 lib.mkMerge [
  {
@ -80,7 +72,6 @@ lib.mkMerge [
        cat <<NIX_CONFIG > etc/nix/nix.conf
        accept-flake-config = true
        experimental-features = nix-command flakes
-        post-build-hook = ${pushToCache}
        include access-tokens
        NIX_CONFIG

@ -121,22 +112,9 @@ lib.mkMerge [
    nix.settings.trusted-users = [ "nixuser" ];
  }
  {
-    # Format of the token file:
    virtualisation = {
      podman.enable = true;
    };
-
-    # virtualisation.containers.storage.settings = {
-    #   storage.driver = "zfs";
-    #   storage.graphroot = "/var/lib/containers/storage";
-    #   storage.runroot = "/run/containers/storage";
-    #   storage.options.zfs.fsname = "zroot/root/podman";
-    # };
-
-    # virtualisation.containers.containersConf.settings = {
-    #   # podman seems to not work with systemd-resolved
-    #   containers.dns_servers = [ "8.8.8.8" "8.8.4.4" ];
-    # };
  }
  {
    systemd.services =
Author	SHA1	Message	Date
Andrea Ciceri	5df791bd5a	Remove unused stuff Some checks failed UPLOAD x86_64-linux.picard Details DOWNLOAD x86_64-linux.picard Details CACHIX x86_64-linux.picard Details ATTIC x86_64-linux.picard Details EVAL aarch64-linux.sisko Details BUILD aarch64-linux.sisko Details / test (push) Successful in 36m43s Details	2025-05-16 18:40:28 +02:00
Andrea Ciceri	0b640e0e15	Add `forgejo-ci`'s SSH key	2025-05-16 18:39:46 +02:00
Andrea Ciceri	4594f9d3e5	Bump the flake lockfile once a week	2025-05-16 18:39:24 +02:00
Andrea Ciceri	38050dae68	Allow CI to fetch private GitHub repos	2025-05-16 18:39:17 +02:00