name: Deploy Website on: push: branches: ["main"] concurrency: group: main cancel-in-progress: true jobs: build: runs-on: nix-flakes steps: - name: Set up packages run: | echo "extra-substituters = https://builder.naxdy.org/attic" >> /etc/nix/nix.conf echo "extra-trusted-public-keys = attic:05LdE8Nav5Qd1E+KOJqSwdr+WE1z8AUmSb3oKL7s8dk=" >> /etc/nix/nix.conf nix profile install nixpkgs#nodejs "github:zhaofengli/attic?ref=6eabc3f02fae3683bffab483e614bebfcd476b21" echo "PATH=/nix/var/nix/profiles/per-user/root/profile/bin:$PATH" >> "$GITHUB_ENV" - name: Set up attic binary cache run: | attic login "${{ vars.PUBLIC_BINARY_CACHE_NAME }}" "${{ vars.BINARY_CACHE_URL }}" "${{ secrets.PUBLIC_BINARY_CACHE_AUTH_KEY }}" attic use "${{ vars.PUBLIC_BINARY_CACHE_NAME }}" - uses: actions/checkout@v4 - name: Build Website run: | nix build .# --print-build-logs - name: Push derivations to binary cache run: | cd /nix/store attic push "${{ vars.PUBLIC_BINARY_CACHE_NAME }}" $(ls /nix/store --ignore='*.drv' --ignore='*fake_nixpkgs*') deploy: needs: [build] runs-on: nix-flakes steps: - name: Set up packages run: | echo "extra-substituters = https://builder.naxdy.org/attic" >> /etc/nix/nix.conf echo "extra-trusted-public-keys = attic:05LdE8Nav5Qd1E+KOJqSwdr+WE1z8AUmSb3oKL7s8dk=" >> /etc/nix/nix.conf nix profile install nixpkgs#nodejs "github:zhaofengli/attic?ref=6eabc3f02fae3683bffab483e614bebfcd476b21" echo "PATH=/nix/var/nix/profiles/per-user/root/profile/bin:$PATH" >> "$GITHUB_ENV" - name: Prepare SSH key run: | mkdir -p ~/.ssh ssh-keyscan git.naxdy.org >> ~/.ssh/known_hosts echo "${{ secrets.DEPLOY_PRIVATE_KEY }}" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 - name: Checkout Infrastructure Repo run: | git clone gitea@git.naxdy.org:NaxdyOrg/Infrastructure.git $GITHUB_WORKSPACE git config user.name forgejo-actions git config user.email noreply@forgejo.org - name: Deploy Website run: | nix flake lock --update-input naxgcc-doc git add . git commit -m "naxgcc-doc: update to rev ${{ env.GITHUB_SHA }}" git push