.github/workflows/deploy.yaml at main · dunkirk.sh/dots

dunkirk.sh / dots

Kieran's opinionated (and probably slightly dumb) nix config

dots / .github / workflows / deploy.yaml

at main 1.2 kB view raw

 1name: Deploy NixOS Configurations
 2
 3on:
 4  push:
 5    branches:
 6      - main
 7  workflow_dispatch:
 8
 9jobs:
10  deploy:
11    runs-on: ubuntu-latest
12    steps:
13      - uses: actions/checkout@v4
14      
15      - name: Install Nix
16        uses: DeterminateSystems/determinate-nix-action@main
17        with:
18          extra-conf: |
19            extra-platforms = aarch64-linux
20      
21      - name: Set up QEMU
22        uses: docker/setup-qemu-action@v3
23        with:
24          platforms: arm64
25      
26      - name: Setup Tailscale
27        uses: tailscale/github-action@v3
28        with:
29          oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
30          oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
31          tags: tag:deploy
32          use-cache: "true"
33      
34      - name: Configure SSH
35        run: |
36          mkdir -p ~/.ssh
37          echo "StrictHostKeyChecking accept-new" >> ~/.ssh/config
38      
39      - name: Deploy all configurations
40        run: |
41          nix run github:serokell/deploy-rs -- \
42            --skip-checks \
43            --remote-build \
44            --ssh-user kierank \
45            --ssh-opts="-o StrictHostKeyChecking=accept-new" \
46            .