Merge pull request 'gitea_action: Add docs.clan.lol auto deploy' (#1311) from Qubasa-autodeploy into main
This commit is contained in:
clan-bot
@@ -10,3 +10,10 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
- run: nix run .#impure-checks
|
- run: nix run .#impure-checks
|
||||||
|
deploy-docs:
|
||||||
|
runs-on: nix
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
- run: nix run .#deploy-docs
|
||||||
|
env:
|
||||||
|
SSH_HOMEPAGE_KEY: ${{ secrets.SSH_HOMEPAGE_KEY }}
|
||||||
@@ -4,10 +4,11 @@
|
|||||||
nodes.machine =
|
nodes.machine =
|
||||||
{ self, config, ... }:
|
{ self, config, ... }:
|
||||||
{
|
{
|
||||||
|
environment.etc."privkey.age".source = ./key.age;
|
||||||
imports = [ (self.nixosModules.clanCore) ];
|
imports = [ (self.nixosModules.clanCore) ];
|
||||||
environment.etc."secret".source = config.sops.secrets.secret.path;
|
environment.etc."secret".source = config.sops.secrets.secret.path;
|
||||||
environment.etc."group-secret".source = config.sops.secrets.group-secret.path;
|
environment.etc."group-secret".source = config.sops.secrets.group-secret.path;
|
||||||
sops.age.keyFile = ./key.age;
|
sops.age.keyFile = "/etc/privkey.age";
|
||||||
|
|
||||||
clanCore.clanDir = "${./.}";
|
clanCore.clanDir = "${./.}";
|
||||||
clanCore.machineName = "machine";
|
clanCore.machineName = "machine";
|
||||||
|
|||||||
@@ -8,7 +8,7 @@
|
|||||||
}:
|
}:
|
||||||
|
|
||||||
writeShellScriptBin "deploy-docs" ''
|
writeShellScriptBin "deploy-docs" ''
|
||||||
set -eux -o pipefail
|
set -eu -o pipefail
|
||||||
export PATH="${
|
export PATH="${
|
||||||
lib.makeBinPath [
|
lib.makeBinPath [
|
||||||
coreutils
|
coreutils
|
||||||
@@ -17,6 +17,12 @@ writeShellScriptBin "deploy-docs" ''
|
|||||||
]
|
]
|
||||||
}"
|
}"
|
||||||
|
|
||||||
|
#########################################
|
||||||
|
# #
|
||||||
|
# DO NOT PRINT THE SSH KEY TO THE LOGS #
|
||||||
|
# #
|
||||||
|
#########################################
|
||||||
|
set +x
|
||||||
if [ -n "''${SSH_HOMEPAGE_KEY:-}" ]; then
|
if [ -n "''${SSH_HOMEPAGE_KEY:-}" ]; then
|
||||||
echo "$SSH_HOMEPAGE_KEY" > ./ssh_key
|
echo "$SSH_HOMEPAGE_KEY" > ./ssh_key
|
||||||
chmod 600 ./ssh_key
|
chmod 600 ./ssh_key
|
||||||
@@ -24,6 +30,13 @@ writeShellScriptBin "deploy-docs" ''
|
|||||||
else
|
else
|
||||||
sshExtraArgs=
|
sshExtraArgs=
|
||||||
fi
|
fi
|
||||||
|
set -x
|
||||||
|
###########################
|
||||||
|
# #
|
||||||
|
# END OF DANGER ZONE #
|
||||||
|
# #
|
||||||
|
###########################
|
||||||
|
|
||||||
|
|
||||||
rsync \
|
rsync \
|
||||||
-e "ssh -o StrictHostKeyChecking=no $sshExtraArgs" \
|
-e "ssh -o StrictHostKeyChecking=no $sshExtraArgs" \
|
||||||
|
|||||||
@@ -22,7 +22,7 @@ def pair(pin: str) -> str:
|
|||||||
user_and_pass = base64.b64encode(b"sunshine:sunshine").decode("ascii")
|
user_and_pass = base64.b64encode(b"sunshine:sunshine").decode("ascii")
|
||||||
headers = {
|
headers = {
|
||||||
"Content-Type": "application/json",
|
"Content-Type": "application/json",
|
||||||
"Authorization": "Basic %s" % user_and_pass,
|
"Authorization": f"Basic {user_and_pass}",
|
||||||
}
|
}
|
||||||
|
|
||||||
# Define the parameters
|
# Define the parameters
|
||||||
@@ -47,7 +47,7 @@ def restart() -> None:
|
|||||||
user_and_pass = base64.b64encode(b"sunshine:sunshine").decode("ascii")
|
user_and_pass = base64.b64encode(b"sunshine:sunshine").decode("ascii")
|
||||||
headers = {
|
headers = {
|
||||||
"Content-Type": "application/json",
|
"Content-Type": "application/json",
|
||||||
"Authorization": "Basic %s" % user_and_pass,
|
"Authorization": f"Basic {user_and_pass}",
|
||||||
}
|
}
|
||||||
|
|
||||||
# Define the parameters
|
# Define the parameters
|
||||||
|
|||||||
Reference in New Issue
Block a user