forked from DGNum/dgnum.eu
168 lines
4.4 KiB
Nix
168 lines
4.4 KiB
Nix
# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
|
|
#
|
|
# SPDX-License-Identifier: EUPL-1.2
|
|
|
|
{
|
|
sources ? import ./npins,
|
|
pkgs ? import sources.nixpkgs { },
|
|
}:
|
|
|
|
let
|
|
nix-reuse = import sources.nix-reuse { inherit pkgs; };
|
|
nix-hooks = import sources.git-hooks;
|
|
nix-actions = import sources.nix-actions { inherit pkgs; };
|
|
|
|
# Hooks definition
|
|
reuse = nix-reuse.install {
|
|
defaultLicense = "EUPL-1.2";
|
|
defaultCopyright = "La Délégation Générale Numérique <contact@dgnum.eu>";
|
|
|
|
downloadLicenses = true;
|
|
generatedPaths = [
|
|
"**/.envrc"
|
|
".forgejo/workflows/*"
|
|
".gitignore"
|
|
"REUSE.toml"
|
|
"npins/*"
|
|
"package.json"
|
|
"package-lock.json"
|
|
"shell.nix"
|
|
"src/_data/*.json"
|
|
"src/assets/css/dgnum.css"
|
|
];
|
|
|
|
annotations = [
|
|
# Bulma source
|
|
{
|
|
path = "src/assets/scss/bulma/**";
|
|
license = "MIT";
|
|
copyright = "2023 Jeremy Thomas";
|
|
}
|
|
|
|
# Content files
|
|
{
|
|
path = "src/**.md";
|
|
license = "CC-BY-4.0";
|
|
}
|
|
|
|
# Reserved files
|
|
{
|
|
path = [
|
|
"src/_uploads/**"
|
|
];
|
|
license = "LicenseRef-Reserved";
|
|
}
|
|
];
|
|
};
|
|
|
|
git-hooks = nix-hooks.run {
|
|
src = ./.;
|
|
|
|
hooks = {
|
|
reuse = {
|
|
enable = true;
|
|
package = pkgs.reuse;
|
|
stages = [ "pre-push" ];
|
|
};
|
|
|
|
commitizen.enable = true;
|
|
};
|
|
};
|
|
|
|
workflows = nix-actions.install {
|
|
src = ./.;
|
|
|
|
workflows = {
|
|
deploy-dgnum = {
|
|
name = "Deploy dgnum.eu";
|
|
on.push.branches = [ "main" ];
|
|
|
|
jobs.deploy = {
|
|
runs-on = "nix";
|
|
steps = [
|
|
(nix-actions.steps.checkout { path = "dgnum.eu"; })
|
|
|
|
{
|
|
name = "Build the website";
|
|
run = "nix-build dgnum.eu";
|
|
}
|
|
|
|
{
|
|
name = "Update the website on codeberg";
|
|
run = # bash
|
|
''
|
|
export HOME="$GITHUB_WORKSPACE"
|
|
echo "[+] Using SSH_DEPLOY_KEY"
|
|
|
|
# Setup deploy key
|
|
DEPLOY_KEY_FILE="$HOME/.ssh/deploy_key"
|
|
mkdir .ssh
|
|
echo "$SSH_DEPLOY_KEY" > "$DEPLOY_KEY_FILE"
|
|
chmod 600 "$DEPLOY_KEY_FILE"
|
|
|
|
# Setup known hosts
|
|
KNOWN_HOSTS_FILE="$HOME/.ssh/known_hosts"
|
|
ssh-keyscan -H codeberg.org > "$KNOWN_HOSTS_FILE"
|
|
|
|
export GIT_SSH_COMMAND="ssh -i $DEPLOY_KEY_FILE -o UserKnownHostsFile=$KNOWN_HOSTS_FILE"
|
|
GIT_CMD_REPOSITORY="git@codeberg.org:DGNum/$GIT_REPOSITORY.git"
|
|
|
|
echo "[+] Cloning remote repository"
|
|
git clone --single-branch --depth 1 --branch main "$GIT_CMD_REPOSITORY" "$GIT_REPOSITORY"
|
|
|
|
echo "[+] Updating assets"
|
|
rm -r "$GIT_REPOSITORY"/*
|
|
|
|
# Update assets
|
|
cp -R --no-preserve=mode,ownership,timestamps result/* "$GIT_REPOSITORY/"
|
|
cd "$GIT_REPOSITORY"
|
|
|
|
echo "[+] Adding .domains file"
|
|
cat << EOL > .domains
|
|
dgnum.eu
|
|
dev.dgnum.eu
|
|
EOL
|
|
|
|
echo "[+] Creating commit"
|
|
ORIGIN_COMMIT="https://$GIT_ORIGIN_SERVER/$GITHUB_REPOSITORY/commit/$GITHUB_SHA"
|
|
git add . .domains
|
|
git diff-index --quiet HEAD || git commit --message "Automatic pages update from $ORIGIN_COMMIT"
|
|
|
|
echo "[+] Pushing update"
|
|
git push "$GIT_CMD_REPOSITORY" --set-upstream main
|
|
'';
|
|
|
|
env = {
|
|
SSH_DEPLOY_KEY = nix-actions.lib.secret "SSH_DEPLOY_KEY";
|
|
GIT_REPOSITORY = "pages";
|
|
GIT_ORIGIN_SERVER = "git.dgnum.eu";
|
|
GIT_AUTHOR_NAME = "Forgejo Action";
|
|
GIT_AUTHOR_EMAIL = "automated-update@dgnum.eu";
|
|
GIT_COMMITTER_NAME = "Forgejo Action";
|
|
GIT_COMMITTER_EMAIL = "automated-update@dgnum.eu";
|
|
};
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
in
|
|
|
|
(pkgs.callPackage ./package.nix { })
|
|
// {
|
|
devShell = pkgs.mkShell {
|
|
name = "dgnum-eu.dev";
|
|
|
|
shellHook = builtins.concatStringsSep "\n" [
|
|
git-hooks.shellHook
|
|
reuse.shellHook
|
|
workflows.shellHook
|
|
];
|
|
|
|
packages = [
|
|
pkgs.nodejs
|
|
pkgs.sass
|
|
] ++ git-hooks.enabledPackages;
|
|
};
|
|
}
|