Add reusable CI/CD workflow and documentation
- .gitea/workflows/deploy-nomad.yaml: Shared workflow for build/push/deploy - docs/CICD_SETUP.md: Guide for adding CI/CD to new services - nix-runner/README.md: Document the custom Nix runner image Services can now use a 10-line workflow that calls the shared one: uses: ppetru/alo-cluster/.gitea/workflows/deploy-nomad.yaml@master 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
100
nix-runner/README.md
Normal file
100
nix-runner/README.md
Normal file
@@ -0,0 +1,100 @@
|
||||
# Nix Runner for Gitea Actions
|
||||
|
||||
Custom Docker image for running Nix builds in CI.
|
||||
|
||||
## What's Included
|
||||
|
||||
- **Nix** with flakes enabled (`experimental-features = nix-command flakes`)
|
||||
- **Node.js 20** for JavaScript-based GitHub Actions
|
||||
- **Tools**: git, curl, jq, skopeo, bash, coreutils
|
||||
- **Binary caches**:
|
||||
- `c3.mule-stork.ts.net:8501` (local cache proxy)
|
||||
- `cache.nixos.org` (official)
|
||||
|
||||
## Usage
|
||||
|
||||
In your workflow:
|
||||
|
||||
```yaml
|
||||
jobs:
|
||||
build:
|
||||
runs-on: nix
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- run: nix build .#myPackage
|
||||
```
|
||||
|
||||
The `nix` label is configured in `services/act-runner.hcl`.
|
||||
|
||||
## Current Version
|
||||
|
||||
**Tag**: `v4`
|
||||
**Image**: `gitea.v.paler.net/ppetru/nix-runner:v4`
|
||||
|
||||
## Updating the Runner
|
||||
|
||||
### 1. Edit `flake.nix`
|
||||
|
||||
Make your changes, then bump the tag:
|
||||
|
||||
```nix
|
||||
tag = "v5"; # was v4
|
||||
```
|
||||
|
||||
### 2. Build
|
||||
|
||||
```bash
|
||||
cd nix-runner
|
||||
nix build
|
||||
```
|
||||
|
||||
### 3. Push to Registry
|
||||
|
||||
```bash
|
||||
skopeo copy --dest-authfile ~/.docker/config.json \
|
||||
docker-archive:result \
|
||||
docker://gitea.v.paler.net/ppetru/nix-runner:v5
|
||||
```
|
||||
|
||||
### 4. Update act-runner
|
||||
|
||||
Edit `services/act-runner.hcl`:
|
||||
|
||||
```hcl
|
||||
GITEA_RUNNER_LABELS = "ubuntu-latest:docker://node:20-bookworm,nix:docker://gitea.v.paler.net/ppetru/nix-runner:v5"
|
||||
```
|
||||
|
||||
### 5. Re-register Runner
|
||||
|
||||
```bash
|
||||
sudo rm /data/services/act-runner/.runner
|
||||
nomad run services/act-runner.hcl
|
||||
```
|
||||
|
||||
The runner will re-register with the new labels.
|
||||
|
||||
## Configuration
|
||||
|
||||
The image uses `NIX_CONFIG` environment variable for Nix settings:
|
||||
|
||||
```
|
||||
experimental-features = nix-command flakes
|
||||
sandbox = false
|
||||
build-users-group =
|
||||
substituters = http://c3.mule-stork.ts.net:8501 https://cache.nixos.org
|
||||
trusted-public-keys = cache.nixos.org-1:... c3:...
|
||||
```
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
### Build fails with `build-users-group` error
|
||||
|
||||
The image runs as root without the nixbld group. This is handled by `build-users-group =` in NIX_CONFIG.
|
||||
|
||||
### Can't fetch from cache
|
||||
|
||||
Check that the runner container can reach `c3.mule-stork.ts.net:8501` (Tailscale network).
|
||||
|
||||
### Missing tool
|
||||
|
||||
Add it to `paths` in `flake.nix` and rebuild/push a new version.
|
||||
Reference in New Issue
Block a user