diff --git a/.github/workflows/niveum.yml b/.github/workflows/niveum.yml index f1622b95..f4f89684 100644 --- a/.github/workflows/niveum.yml +++ b/.github/workflows/niveum.yml @@ -10,10 +10,25 @@ jobs: system: [makanek,manakish,kabsa,zaatar,ful] steps: - uses: actions/checkout@v2 - - uses: cachix/install-nix-action@v16 - - name: Install nixos-rebuild - run: GC_DONT_GC=1 nix-env -i nixos-rebuild -f '' + - name: Install QEMU (ARM) + run: sudo apt-get install -y qemu-user-static + if: ${{ matrix.system == 'ful' }} + - name: Install Nix (ARM) + uses: cachix/install-nix-action@v16 + if: ${{ matrix.system == 'ful' }} + with: + extra_nix_config: | + system = aarch64-linux + - name: Install Nix (x86_64) + uses: cachix/install-nix-action@v16 + if: ${{ matrix.system != 'ful' }} - run: | rm -rf secrets mkdir secrets - - run: GC_DONT_GC=1 nixos-rebuild dry-build --flake .#{{matrix.system}} + cat secrets.txt | while read -r path; do echo dummy > $path; done + find + - run: | + set -x + nix run nixpkgs#nixos-rebuild -- dry-build --flake .#${{matrix.system}} | tee 2>&1 >foo.log + wc foo.log + find $(grep -o '/nix/store/.*-source/secrets' foo.log) diff --git a/secrets.txt b/secrets.txt new file mode 100644 index 00000000..5efa8384 --- /dev/null +++ b/secrets.txt @@ -0,0 +1,63 @@ +secrets/di-fm-key.age +secrets/email-password-meinhark.age +secrets/kabsa-retiolum-privateKey-ed25519.age +secrets/makanek-specus-privateKey.age +secrets/manakish-retiolum-privateKey-rsa.age +secrets/kfm-password.age +secrets/email-password-fysi.age +secrets/github-token-i3status-rust.age +secrets/nextcloud-password-admin.age +secrets/zaatar-retiolum-privateKey-ed25519.age +secrets/manakish-syncthing-cert.age +secrets/telegram-token-betacode.age +secrets/tabula-retiolum-privateKey-rsa.age +secrets/zaatar-ympd-basicAuth.age +secrets/zaatar-moodle-dl-basicAuth.age +secrets/mega-password.age +secrets/telegram-token-reverse.age +secrets/email-password-meinhaki.age +secrets/spotify-password.age +secrets/telegram-token-kmein.age +secrets/maxmind-license-key.age +secrets/makanek-retiolum-privateKey-rsa.age +secrets/spotify-username.age +secrets/onlyoffice-jwt-key.age +secrets/miniflux-credentials.age +secrets/email-password-fsklassp.age +secrets/kabsa-retiolum-privateKey-rsa.age +secrets/traadfri-key.age +secrets/tahina-retiolum-privateKey-rsa.age +secrets/makanek-retiolum-privateKey-ed25519.age +secrets/zaatar-retiolum-privateKey-rsa.age +secrets/kabsa-specus-privateKey.age +secrets/nextcloud-password-kieran.age +secrets/ful-root.age +secrets/manakish-syncthing-key.age +secrets/.git +secrets/email-password-dslalewa.age +secrets/zaatar-moodle-dl-tokens.json.age +secrets/tabula-retiolum-privateKey-ed25519.age +secrets/tahina-retiolum-privateKey-ed25519.age +secrets/cifs-credentials-hu-berlin.age +secrets/kabsa-syncthing-key.age +secrets/ful-retiolum-privateKey-rsa.age +secrets/ful-retiolum-privateKey-ed25519.age +secrets/zaatar-syncthing-key.age +secrets/openweathermap-api-key.age +secrets/secrets.nix +secrets/email-password-cock.age +secrets/telegram-token-nachtischsatan.age +secrets/kabsa-syncthing-cert.age +secrets/grafana-password-admin.age +secrets/email-password-posteo.age +secrets/manakish-retiolum-privateKey-ed25519.age +secrets/restic.age +secrets/home-assistant-token.age +secrets/zaatar-syncthing-cert.age +secrets/nextcloud-password-database.age +secrets/telegram-token-menstruation.age +secrets/alertmanager-token-reporters.age +secrets/ful-specus-privateKey.age +secrets/nextcloud-password-fysi.age +secrets/weechat-sec.conf.age +secrets/telegram-token-proverb.age