share nix store between ci runners

.woodpecker/sync.yml

@@ -4,8 +4,9 @@ pipeline:
     image: nixpkgs/nix-flakes:latest
     pull: true
     commands:
-      - nix --no-sandbox develop --eval-store ./nix-store -c git remote add github https://cyplo:$GITHUB_TOKEN@github.com/cyplo/dotfiles.git
+      - nix --no-sandbox develop --eval-store /var/build-nix-store -c git remote add github https://cyplo:$GITHUB_TOKEN@github.com/cyplo/dotfiles.git
-
+      - nix --no-sandbox develop --eval-store /var/build-nix-store -c git lfs fetch --all
-      - nix --no-sandbox develop --eval-store ./nix-store -c git lfs fetch --all
+      - nix --no-sandbox develop --eval-store /var/build-nix-store -c git push github --all --force
-      - nix --no-sandbox develop --eval-store ./nix-store -c git push github --all --force
     secrets: [ github_token ]
+    volumes:
+      - /var/lib/woodpecker/nix-store:/var/build-nix-store

.woodpecker/test.yml

@@ -5,5 +5,7 @@ pipeline:
     pull: true
     commands:
       - time nix flake metadata
-      - time nix --no-sandbox develop -c statix check
+      - time nix --no-sandbox develop --eval-store /var/build-nix-store -c statix check
-      - time nix flake check 
+      - time nix flake check --eval-store /var/build-nix-store
+    volumes:
+      - /var/lib/woodpecker/nix-store:/var/build-nix-store

nixos/boxes/bolty/woodpecker-agent.nix

@@ -18,6 +18,7 @@
   };
   woodpeckerEnvSecretName = "woodpecker-env";
   woodpeckerEnvSecretPath = "/run/secrets/${woodpeckerEnvSecretName}";
+  woodpeckerNixStorePath = "/var/lib/woodpecker/nix-store";
   woodpeckerAgentContainer = {
     autoStart = true;
     forwardPorts = [
@@ -27,6 +28,10 @@
         hostPath = "${woodpeckerEnvSecretPath}";
         isReadOnly = true;
       };
+      "${woodpeckerNixStorePath}" = {
+        hostPath = woodpeckerNixStorePath;
+        isReadOnly = false;
+      };
       "/var/run/docker.sock" = {
         hostPath = "/var/run/podman/podman.sock";
         isReadOnly = false;
@@ -59,12 +64,14 @@
       };
 
       systemd.services.woodpecker-agent = {
+        enable = true;
         wantedBy = ["multi-user.target"];
+
         environment = {
           WOODPECKER_SERVER = "${domain}:${toString agentPort}";
           WOODPECKER_MAX_PROCS = "1";
           WOODPECKER_DEBUG_PRETTY = "true";
-          WOODPECKER_LOG_LEVEL = "info";
+          WOODPECKER_LOG_LEVEL = "debug";
         };
         serviceConfig = {
           EnvironmentFile = [
@@ -109,8 +116,22 @@ in {
   virtualisation.podman = {
     enable = true;
   };
+  systemd.services.woodpecker-make-path = {
+    script = ''
+      mkdir -p ${woodpeckerNixStorePath}
+      chown -R ${systemUserName}:${systemGroupName} ${woodpeckerNixStorePath}
+    '';
+    serviceConfig = {
+      Type = "oneshot";
+    };
+  };
+
   containers.woodpecker-agent1 = woodpeckerAgentContainer;
   containers.woodpecker-agent2 = woodpeckerAgentContainer;
   containers.woodpecker-agent3 = woodpeckerAgentContainer;
   containers.woodpecker-agent4 = woodpeckerAgentContainer;
+  systemd.services."container@woodpecker-agent1".requires = ["woodpecker-make-path.service"];
+  systemd.services."container@woodpecker-agent2".requires = ["woodpecker-make-path.service"];
+  systemd.services."container@woodpecker-agent3".requires = ["woodpecker-make-path.service"];
+  systemd.services."container@woodpecker-agent4".requires = ["woodpecker-make-path.service"];
 }