# SPDX-FileCopyrightText: 2024 Tom Hubrecht # # SPDX-License-Identifier: EUPL-1.2 { sources ? import ./npins, pkgs ? import sources.nixpkgs { }, }: let nix-reuse = import sources.nix-reuse { inherit pkgs; }; nix-hooks = import sources.git-hooks; nix-actions = import sources.nix-actions { inherit pkgs; }; # Hooks definition reuse = nix-reuse.install { defaultLicense = "EUPL-1.2"; defaultCopyright = "La Délégation Générale Numérique "; downloadLicenses = true; generatedPaths = [ "**/.envrc" ".forgejo/workflows/*" ".gitignore" "REUSE.toml" "npins/*" "package.json" "package-lock.json" "shell.nix" "src/_data/*.json" "src/assets/css/dgnum.css" ]; annotations = [ # Bulma source { path = "src/assets/scss/bulma/**"; license = "MIT"; copyright = "2023 Jeremy Thomas"; } # Content files { path = "src/**.md"; license = "CC-BY-4.0"; } # Reserved files { path = [ "src/_uploads/**" ]; license = "LicenseRef-Reserved"; } ]; }; git-hooks = nix-hooks.run { src = ./.; hooks = { reuse = { enable = true; package = pkgs.reuse; stages = [ "pre-push" ]; }; commitizen.enable = true; }; }; workflows = nix-actions.install { src = ./.; workflows = { deploy-dgnum = { name = "Deploy dgnum.eu"; on.push.branches = [ "main" ]; jobs.deploy = { runs-on = "nix"; steps = [ (nix-actions.steps.checkout { path = "dgnum.eu"; }) { name = "Build the website"; run = "nix-build dgnum.eu"; } { name = "Update the website on codeberg"; run = # bash '' export HOME="$GITHUB_WORKSPACE" echo "[+] Using SSH_DEPLOY_KEY" # Setup deploy key DEPLOY_KEY_FILE="$HOME/.ssh/deploy_key" mkdir .ssh echo "$SSH_DEPLOY_KEY" > "$DEPLOY_KEY_FILE" chmod 600 "$DEPLOY_KEY_FILE" # Setup known hosts KNOWN_HOSTS_FILE="$HOME/.ssh/known_hosts" ssh-keyscan -H codeberg.org > "$KNOWN_HOSTS_FILE" export GIT_SSH_COMMAND="ssh -i $DEPLOY_KEY_FILE -o UserKnownHostsFile=$KNOWN_HOSTS_FILE" GIT_CMD_REPOSITORY="git@codeberg.org:DGNum/$GIT_REPOSITORY.git" echo "[+] Cloning remote repository" git clone --single-branch --depth 1 --branch main "$GIT_CMD_REPOSITORY" "$GIT_REPOSITORY" echo "[+] Updating assets" rm -r "$GIT_REPOSITORY"/* # Update assets cp -R --no-preserve=mode,ownership,timestamps result/* "$GIT_REPOSITORY/" cd "$GIT_REPOSITORY" echo "[+] Adding .domains file" cat << EOL > .domains dgnum.eu dev.dgnum.eu EOL echo "[+] Creating commit" ORIGIN_COMMIT="https://$GIT_ORIGIN_SERVER/$GITHUB_REPOSITORY/commit/$GITHUB_SHA" git add . .domains git diff-index --quiet HEAD || git commit --message "Automatic pages update from $ORIGIN_COMMIT" echo "[+] Pushing update" git push "$GIT_CMD_REPOSITORY" --set-upstream main ''; env = { SSH_DEPLOY_KEY = nix-actions.lib.secret "SSH_DEPLOY_KEY"; GIT_REPOSITORY = "pages"; GIT_ORIGIN_SERVER = "git.dgnum.eu"; GIT_AUTHOR_NAME = "Forgejo Action"; GIT_AUTHOR_EMAIL = "automated-update@dgnum.eu"; GIT_COMMITTER_NAME = "Forgejo Action"; GIT_COMMITTER_EMAIL = "automated-update@dgnum.eu"; }; } ]; }; }; }; }; in (pkgs.callPackage ./package.nix { }) // { devShell = pkgs.mkShell { name = "dgnum-eu.dev"; shellHook = builtins.concatStringsSep "\n" [ git-hooks.shellHook reuse.shellHook workflows.shellHook ]; packages = [ pkgs.nodejs pkgs.sass ] ++ git-hooks.enabledPackages; }; }