diff --git a/.woodpecker/sync.yml b/.woodpecker/sync.yml index 40657987..1441a9d0 100644 --- a/.woodpecker/sync.yml +++ b/.woodpecker/sync.yml @@ -4,8 +4,9 @@ pipeline: image: nixpkgs/nix-flakes:latest pull: true commands: - - nix --no-sandbox develop --eval-store ./nix-store -c git remote add github https://cyplo:$GITHUB_TOKEN@github.com/cyplo/dotfiles.git - - - nix --no-sandbox develop --eval-store ./nix-store -c git lfs fetch --all - - nix --no-sandbox develop --eval-store ./nix-store -c git push github --all --force + - nix --no-sandbox develop --eval-store /var/build-nix-store -c git remote add github https://cyplo:$GITHUB_TOKEN@github.com/cyplo/dotfiles.git + - nix --no-sandbox develop --eval-store /var/build-nix-store -c git lfs fetch --all + - nix --no-sandbox develop --eval-store /var/build-nix-store -c git push github --all --force secrets: [ github_token ] + volumes: + - /var/lib/woodpecker/nix-store:/var/build-nix-store \ No newline at end of file diff --git a/.woodpecker/test.yml b/.woodpecker/test.yml index bdb322f9..97abd392 100644 --- a/.woodpecker/test.yml +++ b/.woodpecker/test.yml @@ -5,5 +5,7 @@ pipeline: pull: true commands: - time nix flake metadata - - time nix --no-sandbox develop -c statix check - - time nix flake check + - time nix --no-sandbox develop --eval-store /var/build-nix-store -c statix check + - time nix flake check --eval-store /var/build-nix-store + volumes: + - /var/lib/woodpecker/nix-store:/var/build-nix-store \ No newline at end of file diff --git a/nixos/boxes/bolty/woodpecker-agent.nix b/nixos/boxes/bolty/woodpecker-agent.nix index 43df1f82..60fd6ee9 100644 --- a/nixos/boxes/bolty/woodpecker-agent.nix +++ b/nixos/boxes/bolty/woodpecker-agent.nix @@ -18,6 +18,7 @@ }; woodpeckerEnvSecretName = "woodpecker-env"; woodpeckerEnvSecretPath = "/run/secrets/${woodpeckerEnvSecretName}"; + woodpeckerNixStorePath = "/var/lib/woodpecker/nix-store"; woodpeckerAgentContainer = { autoStart = true; forwardPorts = [ @@ -27,6 +28,10 @@ hostPath = "${woodpeckerEnvSecretPath}"; isReadOnly = true; }; + "${woodpeckerNixStorePath}" = { + hostPath = woodpeckerNixStorePath; + isReadOnly = false; + }; "/var/run/docker.sock" = { hostPath = "/var/run/podman/podman.sock"; isReadOnly = false; @@ -59,12 +64,14 @@ }; systemd.services.woodpecker-agent = { + enable = true; wantedBy = ["multi-user.target"]; + environment = { WOODPECKER_SERVER = "${domain}:${toString agentPort}"; WOODPECKER_MAX_PROCS = "1"; WOODPECKER_DEBUG_PRETTY = "true"; - WOODPECKER_LOG_LEVEL = "info"; + WOODPECKER_LOG_LEVEL = "debug"; }; serviceConfig = { EnvironmentFile = [ @@ -109,8 +116,22 @@ in { virtualisation.podman = { enable = true; }; + systemd.services.woodpecker-make-path = { + script = '' + mkdir -p ${woodpeckerNixStorePath} + chown -R ${systemUserName}:${systemGroupName} ${woodpeckerNixStorePath} + ''; + serviceConfig = { + Type = "oneshot"; + }; + }; + containers.woodpecker-agent1 = woodpeckerAgentContainer; containers.woodpecker-agent2 = woodpeckerAgentContainer; containers.woodpecker-agent3 = woodpeckerAgentContainer; containers.woodpecker-agent4 = woodpeckerAgentContainer; + systemd.services."container@woodpecker-agent1".requires = ["woodpecker-make-path.service"]; + systemd.services."container@woodpecker-agent2".requires = ["woodpecker-make-path.service"]; + systemd.services."container@woodpecker-agent3".requires = ["woodpecker-make-path.service"]; + systemd.services."container@woodpecker-agent4".requires = ["woodpecker-make-path.service"]; }