DerGrumpf/cyper-nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Compare commits

base: DerGrumpf/cyper-nix:iso-20260623-101451
Branches Tags
DerGrumpf/cyper-nix:main
DerGrumpf/cyper-nix:iso-20260623-101451 DerGrumpf/cyper-nix:iso-20260623-092727 DerGrumpf/cyper-nix:iso-20260623-003446
...
compare: DerGrumpf/cyper-nix:main
Branches Tags
DerGrumpf/cyper-nix:main
DerGrumpf/cyper-nix:iso-20260623-101451 DerGrumpf/cyper-nix:iso-20260623-092727 DerGrumpf/cyper-nix:iso-20260623-003446

10 Commits
iso-20260623-101451 ... main

Author SHA1 Message Date
DerGrumpf ecfccf757e Add cowsay to test deploy
CI / check (push) Successful in 3m57s
Details
2026-06-23 12:29:46 +02:00
DerGrumpf 46c32ada33 Fix Deploy workflow
CI / check (push) Successful in 3m50s
Details
2026-06-23 12:22:19 +02:00
DerGrumpf fd6e4e37e1 Fix Deploy workflow
CI / check (push) Successful in 4m26s
Details
2026-06-23 12:13:24 +02:00
DerGrumpf cf0364d37e Fix Deploy workflow
CI / check (push) Successful in 3m51s
Details
2026-06-23 12:03:24 +02:00
DerGrumpf fc4fba565d Fix Deploy workflow
CI / check (push) Successful in 4m17s
Details
2026-06-23 11:54:44 +02:00
DerGrumpf b4ee759957 Added openssh for deploy
CI / check (push) Successful in 3m53s
Details
2026-06-23 11:22:28 +02:00
DerGrumpf b2d1876d7e Added deploy workflow
CI / check (push) Successful in 4m25s
Details
2026-06-23 11:15:29 +02:00
DerGrumpf 72235282af Merge branch 'main' of ssh://git.cyperpunk.de:12222/DerGrumpf/cyper-nix
CI / check (push) Successful in 3m58s
Details
2026-06-23 10:33:24 +02:00
DerGrumpf 065567d44a Enabled doas 2026-06-23 10:33:18 +02:00
DerGrumpf 811546a64c Increased Nginx upload limit
CI / check (push) Successful in 4m1s
Details
2026-06-23 10:32:52 +02:00
5 changed files with 78 additions and 4 deletions
Expand all files Collapse all files
.gitea/workflows/deploy.yml
+59
View File
@@ -0,0 +1,59 @@
name: Deploy
on:
workflow_run:
workflows: ["CI"]
types:
- completed
branches: ["main"]
jobs:
deploy:
runs-on: nix
if: ${{ github.event.workflow_run.conclusion == 'success' }}
env:
NIXPKGS_ALLOW_UNFREE: "1"
HOME: /var/lib/gitea-runner
NIX_SSHOPTS: "-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /var/lib/gitea-runner/.ssh/id_ed25519"
steps:
- name: Checkout
run: git clone https://git.cyperpunk.de/DerGrumpf/cyper-nix.git .
- name: Setup SSH key
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
- name: Deploy cyper-controller
run: |
nixos-rebuild switch --flake .#cyper-controller \
--target-host phil@192.168.2.2 \
--elevate=sudo
- name: Deploy cyper-desktop
continue-on-error: true
run: |
nixos-rebuild switch --flake .#cyper-desktop \
--target-host phil@192.168.2.40 \
--elevate=sudo
- name: Deploy cyper-proxy
run: |
nixos-rebuild switch --flake .#cyper-proxy \
--target-host phil@proxy.cyperpunk.de \
--elevate=sudo
- name: Deploy cyper-node-1
continue-on-error: true
run: |
nixos-rebuild switch --flake .#cyper-node-1 \
--target-host phil@192.168.2.30 \
--elevate=sudo
- name: Deploy cyper-node-2
continue-on-error: true
run: |
nixos-rebuild switch --flake .#cyper-node-2 \
--target-host phil@192.168.2.31 \
--elevate=sudo
home/packages.nix
+1
View File
@@ -38,6 +38,7 @@
nix-index nix-index
ncdu ncdu
tty-solitaire tty-solitaire
cowsay
] ]
++ lib.optionals (!pkgs.stdenv.isDarwin) [ ++ lib.optionals (!pkgs.stdenv.isDarwin) [
# dev tools # dev tools
nixos/roles/gitea.nix
+8
View File
@@ -221,7 +221,15 @@ in
nodejs nodejs
wget wget
nix nix
openssh
nixos-rebuild
]; ];
settings = {
runner.env_vars = {
PATH = "/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin";
};
};
}; };
}; };
nixos/roles/nginx.nix
+1 -1
View File
@@ -64,7 +64,7 @@ in
# controller services (proxied to upstream tailscale node) # controller services (proxied to upstream tailscale node)
"git.cyperpunk.de" = (mkProxy 9000) // { "git.cyperpunk.de" = (mkProxy 9000) // {
extraConfig = '' extraConfig = ''
client_max_body_size 500m; client_max_body_size 8192m;
''; '';
}; };
"search.cyperpunk.de" = mkProxy 11080; "search.cyperpunk.de" = mkProxy 11080;
nixos/ssh.nix
+9 -3
View File
@@ -10,8 +10,14 @@
}; };
users.users.${primaryUser}.openssh.authorizedKeys.keyFiles = [ ../secrets/ssh-key ]; users.users.${primaryUser}.openssh.authorizedKeys.keyFiles = [ ../secrets/ssh-key ];
programs.ssh.startAgent = true; programs.ssh.startAgent = true;
security.doas = { security = {
enable = true; sudo = {
wheelNeedsPassword = false; enable = true;
wheelNeedsPassword = false;
};
doas = {
enable = true;
wheelNeedsPassword = false;
};
}; };
} }