runs-on: docker

rm runner file
explicitly specify container image
2025-07-01 13:35:26 +02:00 · 2025-07-01 13:35:26 +02:00 · 2025-07-01 13:35:26 +02:00 · 2025-07-01 13:35:26 +02:00 · 2025-07-01 13:35:26 +02:00 · 2025-07-01 13:35:26 +02:00
3 changed files with 16 additions and 24 deletions
--- a/default.nix
+++ b/default.nix
@ -58,6 +58,11 @@ in
      in
      [
        pkgs.npins
        pkgs.nil
        (pkgs.callPackage "${sources.agenix}/pkgs/agenix.nix" { })
        pkgs.openssh
        pkgs.httpie
        pkgs.jq
        pkgs.nix-unit
        test-loop
        nixops4.packages.${system}.default
--- a/flake.nix
+++ b/flake.nix
@ -11,7 +11,7 @@
    let
      sources = import ./npins;
      inherit (import sources.flake-inputs) import-flake;
-      inherit (sources) git-hooks agenix;
+      inherit (sources) git-hooks;
      # XXX(@fricklerhandwerk): this atrocity is required to splice in a foreign Nixpkgs via flake-parts
      # XXX - this is just importing a flake
      nixpkgs = import-flake { src = sources.nixpkgs; };
@ -54,7 +54,6 @@
            {
              pkgs,
              lib,
              inputs',
              ...
            }:
            {
@ -73,21 +72,6 @@
                  trim-trailing-whitespace.enable = true;
                  shellcheck.enable = true;
                };
              devShells.default = pkgs.mkShell {
                packages = [
                  pkgs.npins
                  pkgs.nil
                  (pkgs.callPackage "${agenix}/pkgs/agenix.nix" { })
                  pkgs.openssh
                  pkgs.httpie
                  pkgs.jq
                  # exposing this env var as a hack to pass info in from form
                  (inputs'.nixops4.packages.default.overrideAttrs {
                    impureEnvVars = [ "DEPLOYMENT" ];
                  })
                ];
              };
            };
        }
      );
--- a/infra/common/nixos/networking.nix
+++ b/infra/common/nixos/networking.nix
@ -21,13 +21,8 @@ in
        ## REVIEW: Do we actually need that, considering that we have static IPs?
        useDHCP = mkDefault true;
-        nameservers = [
+        ## Disable the default firewall and use nftables instead, with a custom
-          "95.215.185.6"
+        ## Procolix-made ruleset.
          "95.215.185.7"
          "2a00:51c0::5fd7:b906"
          "2a00:51c0::5fd7:b907"
        ];
        firewall.enable = false;
        nftables = {
          enable = true;
@ -44,6 +39,10 @@ in
          address = config.fediversityVm.ipv4.gateway;
          interface = config.fediversityVm.ipv4.interface;
        };
        nameservers = [
          "95.215.185.6"
          "95.215.185.7"
        ];
      })
      ## IPv6
@ -55,6 +54,10 @@ in
          address = config.fediversityVm.ipv6.gateway;
          interface = config.fediversityVm.ipv6.interface;
        };
        nameservers = [
          "2a00:51c0::5fd7:b906"
          "2a00:51c0::5fd7:b907"
        ];
      })
    ];
  };
Author	SHA1	Message	Date
Kiara Grouwstra	3747bade28	runs-on: docker	2025-07-01 13:35:26 +02:00
Kiara Grouwstra	729750366c	rm runner file	2025-07-01 13:35:26 +02:00
Kiara Grouwstra	528c6541c0	explicitly specify container image	2025-07-01 13:35:26 +02:00
Kiara Grouwstra	d1c649f539	add label for new runner	2025-07-01 13:35:26 +02:00
Kiara Grouwstra	b08c0a648e	try out existing nix container made for gitea actions	2025-07-01 13:35:26 +02:00
Nicolas “Niols” Jeannerod	b768a31b03	Switch all CI jobs to `nixos` label	2025-07-01 13:35:26 +02:00
Nicolas “Niols” Jeannerod	c1dc0fef01	Split nameservers between IPv4 and IPv6 (#420 ) Reviewed-on: Fediversity/Fediversity#420 Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io> Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com> Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>	2025-07-01 13:09:06 +02:00
Kiara Grouwstra	5a3cbe4d83	fix agenix package in shell (#422 ) as per Fediversity/Fediversity#419 (comment) Reviewed-on: Fediversity/Fediversity#422 Co-authored-by: Kiara Grouwstra <kiara@procolix.eu> Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>	2025-07-01 11:29:38 +02:00
Kiara Grouwstra	fd1d55df5f	move shell from flake	2025-07-01 10:22:58 +02:00