diff --git a/.forgejo/workflows/update-flake-lock.yml b/.forgejo/workflows/update-flake-lock.yml
index 9ab14c07..c14e895b 100644
--- a/.forgejo/workflows/update-flake-lock.yml
+++ b/.forgejo/workflows/update-flake-lock.yml
@@ -20,6 +20,8 @@ jobs:
uses: actions/nix-installer-action@main
- name: Update flake.lock
run: nix flake update
+ - name: Check flake
+ uses: actions/flake-checker-action@main
- name: Send Notification
uses: actions/gotify-action@master
if: always()
@@ -32,31 +34,3 @@ jobs:
Repo: ${{ github.repository }}
Status: ${{ job.status }}
Commit: ${{ github.sha }}
- check:
- runs-on: forgejo
- container:
- image: git.sysctl.io/albert/actions-images/node:latest
- steps:
- - name: Add Gotify to Hosts
- run: echo "100.64.0.5 gotify.sysctl.io" >> /etc/hosts
- - name: Setup Node
- uses: actions/setup-node@v4
- - name: Checkout repository
- uses: actions/checkout@v4
- - name: Install Nix
- uses: actions/nix-installer-action@main
- - name: Check flake.lock
- run: nix flake check
- - name: Send Notification
- uses: actions/gotify-action@master
- if: always()
- with:
- gotify_api_base: ${{ secrets.GOTIFY_URL }}
- gotify_app_token: ${{ secrets.GOTIFY_TOKEN }}
- notification_title: |
- ${{ github.workflow }}: ${{ job.status }}
- notification_message: |
- Repo: ${{ github.repository }}
- Status: ${{ job.status }}
- Commit: ${{ github.sha }}
-
diff --git a/.forgejo/workflows/update-steamdeck.yml b/.forgejo/workflows/update-steamdeck.yml
index 3459d031..9eb0a0ef 100644
--- a/.forgejo/workflows/update-steamdeck.yml
+++ b/.forgejo/workflows/update-steamdeck.yml
@@ -1,82 +1,40 @@
+
# yamllint disable rule:line-length rule:truthy
---
-name: Cron - Update Steam Deck
-run-name: ${{ github.actor }} - update-steamdeck.albert.hs.net
+name: update-steamdeck
on:
+ workflow_dispatch: # allows manual triggering
schedule:
- - cron: '0 2 * * 1'
- # “At 02:00 Monday"
- workflow_dispatch:
-
+ - cron: '0 0 * * 0' # runs weekly on Sunday at 00:00
jobs:
- deploy-rs:
+ update:
runs-on: forgejo
container:
- image: git.sysctl.io/albert/actions-container-images/headscale-runner:latest
- options: --mount type=bind,src=/dev/net/tun,dst=/dev/net/tun --privileged
+ image: git.sysctl.io/albert/actions-images/node:latest
steps:
- - name: "Install SSH Keys"
- run: |
- echo "${{ secrets.SSH_PUBLIC_KEY }}" > /root/.ssh/id_ed25519.pub
- echo "${{ secrets.SSH_PRIVATE_KEY }}" > /root/.ssh/id_ed25519
- chmod 700 /root/.ssh
- chmod 600 /root/.ssh/id_ed25519
- chmod 644 /root/.ssh/id_ed25519.pub
- cat /etc/hosts.template > /etc/hosts
-
- - name: "Connect to Headscale"
- run: |
- set -x
- sudo tailscaled --cleanup
- sudo tailscaled --no-logs-no-support --state=mem: 2> ~/tailscaled.log &
- sudo tailscale up \
- --login-server=https://headscale.sysctl.io \
- --accept-routes \
- --accept-dns \
- --authkey ${{ secrets.TAILSCALE_KEY }} \
- --hostname forgejo-runner \
- --advertise-tags "tag:forgejo,tag:container,tag:ephemeral"
-
- - name: "nixos-version (Pre)"
- run: |
- ssh -q -A -o StrictHostKeyChecking=no albert@steamdeck.albert.hs.net \
- "
- nixos-version
- "
-
- - name: "SSH and Deploy"
- run: |
- ssh -o StrictHostKeyChecking=no albert@steamdeck.albert.hs.net \
- "
- set -x
- source ~/.config/fish/config.fish
- cd /etc/nixos/git
- git pull
- sudo nixos-rebuild switch --flake /etc/nixos/git
- home-manager switch -b backup --flake /etc/nixos/git
- "
-
- - name: "nixos-version (Post)"
- run: |
- ssh -q -A -o StrictHostKeyChecking=no albert@steamdeck.albert.hs.net \
- "
- nixos-version
- "
- tailscale down
-
- - if: success()
- uses: https://git.sysctl.io/actions/gotify-action@master
+ - name: Add Gotify to Hosts
+ run: echo "100.64.0.5 gotify.sysctl.io" >> /etc/hosts
+ - name: Set up SSH Keys
+ run: echo "${{ secrets.SSH_PRIVATE_KEY }}" > /root/.ssh/id_ed25519
+ - name: Setup Node
+ uses: actions/setup-node@v4
+ - name: Update Repository
+ run: ssh -q -A albert@steamdeck.albert.hs.net "git -C /etc/nixos/git pull"
+ - run: ssh -qA -o StrictHostKeyChecking=no albert@steamdeck.albert.hs.net "nixos-version"
+ - name: Update NixOS
+ run: ssh -qA -o StrictHostKeyChecking=no albert@steamdeck.albert.hs.net "sudo nixos-rebuild switch --flake /etc/nixos/git"
+ - name: Update Home Manager
+ run: ssh -qA -o StrictHostKeyChecking=no albert@steamdeck.albert.hs.net "home-manager switch -b backup --flake /etc/nixos/git"
+ - run: ssh -qA -o StrictHostKeyChecking=no albert@steamdeck.albert.hs.net "nixos-version"
+ - name: Send Notification
+ uses: actions/gotify-action@master
+ if: always()
with:
- gotify_api_base: '${{ secrets.GOTIFY_URL }}'
- gotify_app_token: '${{ secrets.GOTIFY_TOKEN }}'
- notification_title: '[ ${{ github.repository }}: ${{ github.workflow }} ] Steam Deck Updated'
- notification_message: 'Deployment completed successfully.'
- name: "Send Notification - Success"
- - if: failure()
- uses: https://git.sysctl.io/actions/gotify-action@master
- with:
- gotify_api_base: '${{ secrets.GOTIFY_URL }}'
- gotify_app_token: '${{ secrets.GOTIFY_TOKEN }}'
- notification_title: '[ ${{ github.repository }}: ${{ github.workflow }} ] Deployment Failed'
- notification_message: 'Your deployment has failed. Check Forgejo.'
- name: "Send Notification - Failure"
+ gotify_api_base: ${{ secrets.GOTIFY_URL }}
+ gotify_app_token: ${{ secrets.GOTIFY_TOKEN }}
+ notification_title: |
+ ${{ github.workflow }}: ${{ job.status }}
+ notification_message: |
+ Repo: ${{ github.repository }}
+ Status: ${{ job.status }}
+ Commit: ${{ github.sha }}