Alo/alo-cluster
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
ed2c899915aa1c2e29bf9efe5e4f744ea15b03b7
alo-cluster/nix-runner/flake.nix
Petru Paler c548ead4f7 Add CI/CD infrastructure for animaltrack 
New services:
- animaltrack.hcl: Python app with health checks and auto_revert
- act-runner.hcl: Gitea Actions runner on Nomad

New infrastructure:
- nix-runner/: Custom Nix Docker image for CI with modern Nix,
  local cache (c3), and bundled tools (skopeo, jq, etc.)

Modified:
- gitea.hcl: Enable Gitea Actions

The CI workflow (in animaltrack repo) builds Docker images with Nix,
pushes to Gitea registry, and triggers Nomad deployments with
automatic rollback on health check failure.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-05 07:17:31 +00:00

59 lines
2.0 KiB
Nix
Raw Blame History

# ABOUTME: Flake to build a custom Nix Docker image for Gitea Actions.
# ABOUTME: Includes coreutils (/bin/sleep), modern Nix with flakes, and CI tools.
{
description = "Nix runner image for Gitea Actions";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, nixpkgs, flake-utils }:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = import nixpkgs { inherit system; };
in {
packages.default = pkgs.dockerTools.buildImage {
name = "gitea.v.paler.net/ppetru/nix-runner";
tag = "v4";
copyToRoot = pkgs.buildEnv {
name = "image-root";
paths = with pkgs; [
# Core utilities (provides /bin/sleep that act_runner needs)
coreutils-full
bash
# Nix itself
nix
# For actions that need node
nodejs_20
# Common CI tools
git
curl
jq
skopeo
# CA certificates for HTTPS
cacert
];
pathsToLink = [ "/bin" "/etc" ];
};
# Create temp directories without runAsRoot (which needs KVM)
extraCommands = ''
mkdir -p -m 1777 tmp
mkdir -p -m 1777 var/tmp
'';
config = {
Env = [
"NIX_PAGER=cat"
"USER=root"
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
"NIX_SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
"NIX_CONFIG=experimental-features = nix-command flakes\nsandbox = false\nbuild-users-group =\nsubstituters = http://c3.mule-stork.ts.net:8501 https://cache.nixos.org\ntrusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= c3:sI3l1RN80xdehzXLA8u2P6352B0SyRPs2XiYy/YWYro="
];
};
};
});
}
Reference in New Issue View Git Blame Copy Permalink