From 34af73c341b9572e2aa606588d1e4ffbd1a46570 Mon Sep 17 00:00:00 2001 From: racoot <63659772+sukhmancs@users.noreply.github.com> Date: Sun, 8 Sep 2024 23:34:09 -0400 Subject: [PATCH] iso.yml: setup git lfs --- .github/workflows/iso.yml | 19 ++-- .github/workflows/iso1.yml_backup | 119 ++++++++++++++++++++++++ modules/roles/server/services/lldap.nix | 2 +- 3 files changed, 127 insertions(+), 13 deletions(-) mode change 100755 => 100644 .github/workflows/iso.yml create mode 100755 .github/workflows/iso1.yml_backup diff --git a/.github/workflows/iso.yml b/.github/workflows/iso.yml old mode 100755 new mode 100644 index a9208676..8288cf15 --- a/.github/workflows/iso.yml +++ b/.github/workflows/iso.yml @@ -27,6 +27,10 @@ jobs: with: token: "${{ secrets.GITHUB_TOKEN }}" + - name: Install Git LFS + run: | + git lfs install + - name: Install nix uses: cachix/install-nix-action@master with: @@ -46,20 +50,11 @@ jobs: shell: bash run: nix build .#images.${{ matrix.image }} -o ${{ matrix.image }} --print-build-logs - # - uses: actions/upload-artifact@v4 - # with: - # name: ${{ matrix.image }}-iso-image - # path: ${{ matrix.image }}/iso/*.iso - - - name: Split ISO into chunks - run: | - split -b 100M ${{ matrix.image }}/iso/*.iso ${{ matrix.image }}/iso/${{ matrix.image }}-iso-chunks - - uses: actions/upload-artifact@v4 with: - name: ${{ matrix.image }}-iso-chunks - path: ${{ matrix.image }}/iso/${{ matrix.image }}-iso-chunks - + name: ${{ matrix.image }}-iso-image + path: ${{ matrix.image }}/iso/*.iso + # publish built images publish-images: name: "Publish ISO Images" diff --git a/.github/workflows/iso1.yml_backup b/.github/workflows/iso1.yml_backup new file mode 100755 index 00000000..198b9fce --- /dev/null +++ b/.github/workflows/iso1.yml_backup @@ -0,0 +1,119 @@ +name: Build & Publish ISO Images + +on: + workflow_dispatch: + schedule: + - cron: "0 3 * * mon" # every monday at 3AM + +concurrency: build + +jobs: + build-images: + name: "Build ISO Images" + if: github.repository == 'sukhmancs/nixos-configs' + runs-on: ubuntu-latest + + strategy: + matrix: + image: + - messier + + permissions: + contents: write + + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + token: "${{ secrets.GITHUB_TOKEN }}" + + - name: Install nix + uses: cachix/install-nix-action@master + with: + install_url: https://nixos.org/nix/install + extra_nix_config: | + experimental-features = nix-command flakes + allow-import-from-derivation = false + extra-substituters = https://nyx.cachix.org + extra-trusted-public-keys = nyx.cachix.org-1:xH6G0MO9PrpeGe7mHBtj1WbNzmnXr7jId2mCiq6hipE= + extra-substituters = https://nix-community.cachix.org + extra-trusted-public-keys = nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= + + - name: Nix Magic Cache + uses: DeterminateSystems/magic-nix-cache-action@main + + - name: Build ISO Images + shell: bash + run: nix build .#images.${{ matrix.image }} -o ${{ matrix.image }} --print-build-logs + + # - uses: actions/upload-artifact@v4 + # with: + # name: ${{ matrix.image }}-iso-image + # path: ${{ matrix.image }}/iso/*.iso + + - name: Split ISO into chunks + run: | + split -b 100M ${{ matrix.image }}/iso/*.iso ${{ matrix.image }}/iso/${{ matrix.image }}-iso-chunks + + - uses: actions/upload-artifact@v4 + with: + name: ${{ matrix.image }}-iso-chunks + path: ${{ matrix.image }}/iso/${{ matrix.image }}-iso-chunks + + # publish built images + publish-images: + name: "Publish ISO Images" + runs-on: ubuntu-latest + needs: build-images + + permissions: + contents: write + + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + + steps: + - name: Download ISO Artifacts + uses: actions/download-artifact@v4 + with: + merge-multiple: true + + - name: Display structure of downloaded files + run: ls -R + + - name: Calculate Checksums + run: | + calculate_checksum() { + sha256sum "$1" | awk '{print $1}' + } + + iso_files=$(find . -maxdepth 1 -type f -name "*.iso") + + # write checksums + for file in $iso_files; do + checksum=$(calculate_checksum "$file") + echo "$file $checksum" >> checksums.txt + done + + - name: Get current date + id: get-date + # output format: 2023-12-30-234559 + run: echo "date=$(date +'%Y-%m-%d-%H%M%S')" >> "${GITHUB_OUTPUT}" + + - name: Create Release + id: create_release + uses: softprops/action-gh-release@v2 + with: + name: "iso-${{ steps.get-date.outputs.date }}" + tag_name: "iso-${{ steps.get-date.outputs.date }}" + files: | + *.iso + checksums.txt + body: | + # Weekly Iso Releases + + > ${{ steps.get-date.outputs.date }} + + Weekly automated ISO releases for my Portable NixOS workstation. The ISO images avaible are as follows: + + * **messier**: Graphical installation media \ No newline at end of file diff --git a/modules/roles/server/services/lldap.nix b/modules/roles/server/services/lldap.nix index 96825b0c..e561cb7e 100755 --- a/modules/roles/server/services/lldap.nix +++ b/modules/roles/server/services/lldap.nix @@ -18,7 +18,7 @@ in { settings = { http_url = "https://${domain}"; # the url of the ldap server ldap_base_dn = "dc=xilain,dc=dev"; # the root of the ldap directory tree - # key_file = secrets.lldap_private_key.path; + key_file = secrets.lldap_private_key.path; }; environment = { LLDAP_JWT_SECRET_FILE = secrets.lldap_jwt_secret.path;