kiara/Fediversity
1
0
Fork 0
forked from fediversity/fediversity
Code Pull requests Activity

Compare commits

base: kiara:fcc16e60752565d3acf3019fb1b7885096430aaf
Branches Tags
kiara:main
kiara:use-data-model
kiara:expose-deployment-type
kiara:expose-basic-model-check
kiara:check-rm-dead-imports
kiara:model-test-nixos
kiara:un-read-only
kiara:fix-recursive-caller-tf-proxmox
kiara:revert-inline-call
kiara:uncall-package
kiara:inline-template
kiara:centralize-tf-providers
kiara:netbox-assign
kiara:unname-config
kiara:unflake-tests
kiara:tf-conversion
kiara:centralize-tf
kiara:test-utils
kiara:octodns
kiara:simplify-eval-opt
kiara:read-only-outputs
kiara:function-test
kiara:checks-rm-effect-pkgs
kiara:with-env
kiara:netbox-unpass-system
kiara:upstream-type-fileset
kiara:rm-checks-nix-path
kiara:netbox
kiara:split-ci-checks
kiara:cancel-old-ci-checks
kiara:nix-gc
kiara:rm-label-boot
kiara:attic
kiara:factor-out-tf-http-backend-settings
kiara:revert-forgejo-queue
kiara:forgejo-queue-channel
kiara:rm-fedi200
kiara:pure
kiara:cd-which
kiara:forgejo-timeout
kiara:rm-updater
kiara:proxmox-overlay
kiara:rm-flake-parts
kiara:factor-out-tf-run
kiara:data-model-tf-proxmox
kiara:minimal-targets
kiara:mv-acme
kiara:spaced-ssh-opts
kiara:unverbose-tf
kiara:rename-caller
kiara:un-options
kiara:rename-pve
kiara:split-data-models
kiara:factor-out-utils
kiara:upstreamed-python-packages
kiara:upstream-nimbolus
kiara:rm-acme
kiara:factor-out-tf-env
kiara:propagate-http-backend-config
kiara:un-intersection
kiara:terraform-backend
kiara:factor-out-tf-setup
kiara:mv-timeout
kiara:bash-proxmox-specify-node
kiara:bash-proxmox-experimental
kiara:reusable-nixos-template
kiara:skip-path-from-root
kiara:tests-thru-flake
kiara:factor-out-nixos-conf
kiara:fix-provision-proxmox
kiara:document-function
kiara:peertube-credentials
kiara:data-model-name
kiara:allow-empty-password
kiara:panel-add-git
kiara:dedupe-tests
kiara:break-down-nix-flake-check
kiara:fix-formatting
kiara:deployment-path
kiara:data-model-tf-test
kiara:data-model-test-deployment-plain
kiara:fix-data-model
kiara:data-model-factor-out-wrapper
kiara:mv-submodule
kiara:data-model-tf-template
kiara:data-model-ssh-template
kiara:proxmox-test
kiara:data-model-add-classes
kiara:data-model-refactor-deployments
kiara:data-model-test-shb
kiara:data-model-check-inputs
kiara:data-model-deployment-types
kiara:data-model-type-nixos-module
kiara:fix-env-apply-call
kiara:woodpecker
kiara:attic-infra
kiara:ci-manual-trigger
kiara:reflexive-function
kiara:data-model-modular-function-application
kiara:data-model-test-tf
kiara:data-model-tf
kiara:attic-woodpecker
kiara:infra-tf
kiara:tofu
kiara:upstream-python-packages
kiara:random-hostname
kiara:repro-data-model-deployment-recursion
kiara:data-model-test-deployment
kiara:unwire-module-functions
kiara:repro-broken-module-function-input-check
kiara:data-model-fix-root-class
kiara:data-model-classes
kiara:fricklerhandwerk-data-model-as-diagram
kiara:repro-username-type-error
kiara:fix-submodule-type
kiara:data-model-deployment-nixos
kiara:data-model-repro-default-issue
kiara:data-model-import-issue-nixops4-nixos
kiara:data-model-mock-nixops4deployment
kiara:data-model-rm-arg
kiara:data-model-as-diagram
kiara:data-model-hack-arg
kiara:data-model-mock-deployment
kiara:npins-verbose
kiara:verbose-updater
kiara:ci-in-nix-docker
kiara:test-pixelfed
kiara:note-scope-secrets
kiara:use-application-model
kiara:icewind
kiara:ci-container
kiara:access-cache-from-runner
kiara:kiara
kiara:attic-extra-dependencies
kiara:icewind-container
kiara:application-config-type-check-attempts
kiara:data-model-revamp
kiara:rm-flake-shell
kiara:use-revamped-data-model
kiara:data-model-runtime-environment
kiara:data-model-deployment-test
kiara:forgejo-ci-vpn
kiara:data-model-migration
kiara:domain-data-model
kiara:data-model-deployment
kiara:data-model-runtime-configuration
kiara:nix-path-for-runner
kiara:destructure-packages
kiara:ignore-tf
kiara:model-application
kiara:rm-sample-secret
kiara:purge-double-hash
kiara:simplify-binpath
kiara:configurable-flake
kiara:check-runner-ip
kiara:check-runner-cpu
kiara:tofu-test
kiara:proxmox
kiara:some-regressions
kiara:de-flake
kiara:kill-disko
kiara:depends_on
kiara:sectarian
kiara:bulma
kiara:tofu-mv-key
kiara:terraform-nixos
kiara:nix-path
kiara:tf
kiara:bash-deploy
kiara:generate-module-options-rebase
kiara:deploy-button-online
kiara:rm-enable-field
kiara:online-manage-py
kiara:stitching
kiara:stitch
kiara:add-missing-migration
kiara:revert-versioned-forms
kiara:form
kiara:form-wip
kiara:auth
fediversity:main
fediversity:ci/pixelfed
fediversity:pixelfed-ci
...
compare: kiara:d60089b2b31bb0112e056ad434cfd051973b6122
Branches Tags
kiara:use-data-model
kiara:expose-deployment-type
kiara:expose-basic-model-check
kiara:check-rm-dead-imports
kiara:model-test-nixos
kiara:un-read-only
kiara:fix-recursive-caller-tf-proxmox
kiara:revert-inline-call
kiara:uncall-package
kiara:inline-template
kiara:centralize-tf-providers
kiara:netbox-assign
kiara:unname-config
kiara:unflake-tests
kiara:tf-conversion
kiara:centralize-tf
kiara:test-utils
kiara:octodns
kiara:simplify-eval-opt
kiara:read-only-outputs
kiara:function-test
kiara:checks-rm-effect-pkgs
kiara:with-env
kiara:netbox-unpass-system
kiara:upstream-type-fileset
kiara:rm-checks-nix-path
kiara:netbox
kiara:split-ci-checks
kiara:cancel-old-ci-checks
kiara:nix-gc
kiara:rm-label-boot
kiara:attic
kiara:factor-out-tf-http-backend-settings
kiara:revert-forgejo-queue
kiara:forgejo-queue-channel
kiara:rm-fedi200
kiara:pure
kiara:cd-which
kiara:forgejo-timeout
kiara:rm-updater
kiara:proxmox-overlay
kiara:rm-flake-parts
kiara:factor-out-tf-run
kiara:data-model-tf-proxmox
kiara:minimal-targets
kiara:mv-acme
kiara:spaced-ssh-opts
kiara:unverbose-tf
kiara:rename-caller
kiara:un-options
kiara:rename-pve
kiara:split-data-models
kiara:factor-out-utils
kiara:upstreamed-python-packages
kiara:upstream-nimbolus
kiara:rm-acme
kiara:factor-out-tf-env
kiara:propagate-http-backend-config
kiara:un-intersection
kiara:terraform-backend
kiara:factor-out-tf-setup
kiara:mv-timeout
kiara:bash-proxmox-specify-node
kiara:bash-proxmox-experimental
kiara:reusable-nixos-template
kiara:skip-path-from-root
kiara:tests-thru-flake
kiara:factor-out-nixos-conf
kiara:fix-provision-proxmox
kiara:document-function
kiara:peertube-credentials
kiara:data-model-name
kiara:allow-empty-password
kiara:panel-add-git
kiara:dedupe-tests
kiara:break-down-nix-flake-check
kiara:fix-formatting
kiara:deployment-path
kiara:data-model-tf-test
kiara:data-model-test-deployment-plain
kiara:fix-data-model
kiara:data-model-factor-out-wrapper
kiara:mv-submodule
kiara:data-model-tf-template
kiara:data-model-ssh-template
kiara:proxmox-test
kiara:data-model-add-classes
kiara:data-model-refactor-deployments
kiara:data-model-test-shb
kiara:data-model-check-inputs
kiara:data-model-deployment-types
kiara:data-model-type-nixos-module
kiara:fix-env-apply-call
kiara:woodpecker
kiara:attic-infra
kiara:ci-manual-trigger
kiara:reflexive-function
kiara:data-model-modular-function-application
kiara:data-model-test-tf
kiara:data-model-tf
kiara:attic-woodpecker
kiara:infra-tf
kiara:tofu
kiara:upstream-python-packages
kiara:random-hostname
kiara:repro-data-model-deployment-recursion
kiara:data-model-test-deployment
kiara:unwire-module-functions
kiara:repro-broken-module-function-input-check
kiara:data-model-fix-root-class
kiara:data-model-classes
kiara:fricklerhandwerk-data-model-as-diagram
kiara:repro-username-type-error
kiara:fix-submodule-type
kiara:data-model-deployment-nixos
kiara:data-model-repro-default-issue
kiara:data-model-import-issue-nixops4-nixos
kiara:data-model-mock-nixops4deployment
kiara:data-model-rm-arg
kiara:data-model-as-diagram
kiara:data-model-hack-arg
kiara:data-model-mock-deployment
kiara:npins-verbose
kiara:verbose-updater
kiara:ci-in-nix-docker
kiara:main
kiara:test-pixelfed
kiara:note-scope-secrets
kiara:use-application-model
kiara:icewind
kiara:ci-container
kiara:access-cache-from-runner
kiara:kiara
kiara:attic-extra-dependencies
kiara:icewind-container
kiara:application-config-type-check-attempts
kiara:data-model-revamp
kiara:rm-flake-shell
kiara:use-revamped-data-model
kiara:data-model-runtime-environment
kiara:data-model-deployment-test
kiara:forgejo-ci-vpn
kiara:data-model-migration
kiara:domain-data-model
kiara:data-model-deployment
kiara:data-model-runtime-configuration
kiara:nix-path-for-runner
kiara:destructure-packages
kiara:ignore-tf
kiara:model-application
kiara:rm-sample-secret
kiara:purge-double-hash
kiara:simplify-binpath
kiara:configurable-flake
kiara:check-runner-ip
kiara:check-runner-cpu
kiara:tofu-test
kiara:proxmox
kiara:some-regressions
kiara:de-flake
kiara:kill-disko
kiara:depends_on
kiara:sectarian
kiara:bulma
kiara:tofu-mv-key
kiara:terraform-nixos
kiara:nix-path
kiara:tf
kiara:bash-deploy
kiara:generate-module-options-rebase
kiara:deploy-button-online
kiara:rm-enable-field
kiara:online-manage-py
kiara:stitching
kiara:stitch
kiara:add-missing-migration
kiara:revert-versioned-forms
kiara:form
kiara:form-wip
kiara:auth
fediversity:main
fediversity:ci/pixelfed
fediversity:pixelfed-ci

8 commits
fcc16e6075 ... d60089b2b3

Author SHA1 Message Date
kiara
d60089b2b3
settle for garage 1 for now over breaking changes 2025-07-20 23:51:04 +02:00
Kiara Grouwstra
f7d23a2414
try garage 2, given 0.9's EOL 2025-07-20 23:51:04 +02:00
Kiara Grouwstra
523c46c28e
update agenix, see https://github.com/ryantm/agenix/issues/331 2025-07-20 23:51:04 +02:00
Kiara Grouwstra
e17de777cc
use upstream versions of python packages 2025-07-20 23:51:04 +02:00
Kiara Grouwstra
765183cd0d fix typo in users (#475) 
Reviewed-on: Fediversity/Fediversity#475
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
 2025-07-17 19:02:14 +02:00
Kiara Grouwstra
6cf1d87f0b get parity in authorized keys between procolix and root for nixops4 ssh to non-VMs (#474) 
Reviewed-on: Fediversity/Fediversity#474
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
 2025-07-17 18:59:31 +02:00
Kiara Grouwstra
8253288f8a remove pixelfed from CI until fixed (#472) 
this test is still borked as per #33.
the intent would be to get this test on a feature branch pertaining to that issue - the point being we should be able to rely on CI's boolean result for detecting (newly induced) regressions.

Reviewed-on: Fediversity/Fediversity#472
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
 2025-07-17 15:25:17 +02:00
Kiara Grouwstra
67f50f08de enable continuous deployment (#471) 
closes #177

Reviewed-on: Fediversity/Fediversity#471
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
 2025-07-17 10:01:51 +02:00
7 changed files with 14 additions and 92 deletions
Show stats Expand all files Collapse all files

2
.forgejo/workflows/cd.yaml
View file

@ -4,7 +4,7 @@ on:
workflow_dispatch: # allows manual triggering
push:
branches:
# - main
- main
jobs:
deploy:

6
.forgejo/workflows/ci.yaml
View file

@ -27,12 +27,6 @@ jobs:
- uses: actions/checkout@v4
- run: nix build .#checks.x86_64-linux.test-mastodon-service -L
check-pixelfed:
runs-on: native
steps:
- uses: actions/checkout@v4
- run: nix build .#checks.x86_64-linux.test-pixelfed-garage-service -L
check-peertube:
runs-on: native
steps:

6
infra/common/nixos/users.nix
View file

@ -1,7 +1,13 @@
{
config,
...
}:
{
_class = "nixos";
users.users = {
root.openssh.authorizedKeys.keys = config.users.users.procolix.openssh.authorizedKeys.keys;
procolix = {
isNormalUser = true;
extraGroups = [ "wheel" ];

12
npins/sources.json
View file

@ -9,9 +9,9 @@
},
"branch": "main",
"submodules": false,
"revision": "e600439ec4c273cf11e06fe4d9d906fb98fa097c",
"url": "https://github.com/ryantm/agenix/archive/e600439ec4c273cf11e06fe4d9d906fb98fa097c.tar.gz",
"hash": "006ngydiykjgqs85cl19h9klq8kaqm5zs0ng51dnwy7nzgqxzsdr"
"revision": "531beac616433bac6f9e2a19feb8e99a22a66baf",
"url": "https://github.com/ryantm/agenix/archive/531beac616433bac6f9e2a19feb8e99a22a66baf.tar.gz",
"hash": "103slb8xy5sb68zxjjbb9d0svq8xz751a7yrg6vrz5rh4374bzgl"
},
"clan-core": {
"type": "Git",
@ -147,9 +147,9 @@
},
"branch": "nixpkgs-unstable",
"submodules": false,
"revision": "f33a4d26226c05d501b9d4d3e5e60a3a59991921",
"url": "https://github.com/nixos/nixpkgs/archive/f33a4d26226c05d501b9d4d3e5e60a3a59991921.tar.gz",
"hash": "1b6dm1sn0bdpcsmxna0zzspjaixa2dald08005fry5jrbjvwafdj"
"revision": "fa64ec5c1ca6f17746f3defedb988b9248e97616",
"url": "https://github.com/nixos/nixpkgs/archive/fa64ec5c1ca6f17746f3defedb988b9248e97616.tar.gz",
"hash": "0mvbhxikfjxasgbz9gbq4bnck9sa6kfrmy06w6j14qk1kdpbhl09"
}
},
"version": 5

36
panel/nix/python-packages/django-pydantic-field/default.nix
View file

@ -1,36 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
django,
pydantic,
setuptools,
}:
buildPythonPackage rec {
_class = "package";
pname = "django-pydantic-field";
version = "v0.3.12";
pyproject = true;
src = fetchFromGitHub {
owner = "surenkov";
repo = pname;
rev = version;
hash = "sha256-rlnS67OGljWD8Sbyutb43txAH0jA2+8ju1ntSEP3whM=";
};
nativeBuildInputs = [ setuptools ];
propagatedBuildInputs = [
django
pydantic
];
meta = with lib; {
description = "";
homepage = "https://github.com/${src.owner}/${pname}";
license = licenses.mit;
};
}

42
panel/nix/python-packages/drf-pydantic/default.nix
View file

@ -1,42 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
django,
pydantic,
hatchling,
djangorestframework,
}:
buildPythonPackage rec {
_class = "package";
pname = "drf-pydantic";
version = "v2.7.1";
pyproject = true;
src = fetchFromGitHub {
owner = "georgebv";
repo = pname;
rev = version;
hash = "sha256-ABtSoxj/+HHq4hj4Yb6bEiyOl00TCO/9tvBzhv6afxM=";
};
nativeBuildInputs = [
setuptools
hatchling
];
propagatedBuildInputs = [
django
pydantic
djangorestframework
];
meta = with lib; {
description = "";
homepage = "https://github.com/${src.owner}/${pname}";
license = licenses.mit;
};
}

2
services/fediversity/garage/default.nix
View file

@ -118,7 +118,7 @@ in
services.garage = {
enable = true;
package = pkgs.garage_0_9;
package = pkgs.garage_1;
settings = {
replication_mode = "none";
# TODO: use a secret file