From f9bda612518d4b9b70eea1e9fb25694a309be260 Mon Sep 17 00:00:00 2001
From: notohh <github@notohh.dev>
Date: Tue, 23 Jan 2024 20:30:59 -0500
Subject: [PATCH 1/6] ci: test deployment

---
 .woodpecker/deploy.yml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 .woodpecker/deploy.yml

diff --git a/.woodpecker/deploy.yml b/.woodpecker/deploy.yml
new file mode 100644
index 0000000..b27014c
--- /dev/null
+++ b/.woodpecker/deploy.yml
@@ -0,0 +1,28 @@
+when:
+  - branch: ci-test
+  - event: [push]
+  
+steps:
+  attic-push:
+    image: git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic
+    settings:
+      binary_cache: https://cache.flake.sh/kyasshu/
+      binary_cache_public_key: kyasshu:g1heIgCgG7M4San6nRsz/omcVQ1GTc7+zKKm3L9Co7o=
+      binary_cache_token:
+        from_secret: kyasshu_access_token
+      script: |
+       attic login kyasshu $PLUGIN_BINARY_CACHE_TOKEN
+       attic watch-store kyasshu
+  deploy:
+    image: nixos/nix
+    commands: |
+       echo 'experimental-features = flakes nix-command' >> /etc/nix/nix.conf
+       echo "access-tokens = github.com=$${GH_PAT}" >> /etc/nix/nix.conf
+       echo 'builders-use-substitutes = true' >> /etc/nix/nix.conf
+       echo 'substituters = https://cache.flake.sh/kyasshu https://hyprland.cachix.org https://cache.nixos.org https://nix-gaming.cachix.org https://anyrun.cachix.org https://viperml.cachix.org https://nix-community.cachix.org https://cache.nixos.org/' >> /etc/nix/nix.conf
+       echo 'trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= kyasshu:g1heIgCgG7M4San6nRsz/omcVQ1GTc7+zKKm3L9Co7o= hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4= anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s= viperml.cachix.org-1:qZhKBMTfmcLL+OG6fj/hzsMEedgKvZVFRRAhq7j8Vh8= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=' >> /etc/nix/nix.conf
+       mkdir -p .ssh && cd .ssh
+       echo "$${SSH_KEY}" > forgejo
+       chmod 400 forgejo
+       nix run github:serokell/deploy-rs -- --ssh-opts="-i forgejo -o StrictHostKeyChecking=no" --skip-checks --targets .#arashi .#kariru .#sakura .#sora .#yuki .#haru .#kaze
+    secrets: [ssh_key, gh_pat]

From adb642e0b6618a703a1cabe80bdffcfea487941f Mon Sep 17 00:00:00 2001
From: notohh <github@notohh.dev>
Date: Tue, 23 Jan 2024 20:38:31 -0500
Subject: [PATCH 2/6] ci: update deploy

---
 .woodpecker/deploy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.woodpecker/deploy.yml b/.woodpecker/deploy.yml
index b27014c..a41748d 100644
--- a/.woodpecker/deploy.yml
+++ b/.woodpecker/deploy.yml
@@ -6,7 +6,7 @@ steps:
   attic-push:
     image: git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic
     settings:
-      binary_cache: https://cache.flake.sh/kyasshu/
+      binary_cache: https://cache.flake.sh/
       binary_cache_public_key: kyasshu:g1heIgCgG7M4San6nRsz/omcVQ1GTc7+zKKm3L9Co7o=
       binary_cache_token:
         from_secret: kyasshu_access_token

From 320b666060228b2ba392e37c2103468a03f219a0 Mon Sep 17 00:00:00 2001
From: notohh <github@notohh.dev>
Date: Tue, 23 Jan 2024 20:40:09 -0500
Subject: [PATCH 3/6] ci: dont watch store for now

---
 .woodpecker/deploy.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.woodpecker/deploy.yml b/.woodpecker/deploy.yml
index a41748d..e5b72c0 100644
--- a/.woodpecker/deploy.yml
+++ b/.woodpecker/deploy.yml
@@ -12,7 +12,6 @@ steps:
         from_secret: kyasshu_access_token
       script: |
        attic login kyasshu $PLUGIN_BINARY_CACHE_TOKEN
-       attic watch-store kyasshu
   deploy:
     image: nixos/nix
     commands: |

From 92bb8de47e2dae8cd3bf1d01135e03f8fd0d33f6 Mon Sep 17 00:00:00 2001
From: notohh <github@notohh.dev>
Date: Tue, 23 Jan 2024 21:01:06 -0500
Subject: [PATCH 4/6] ci: remove kariru from deploy for now

---
 .woodpecker/deploy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.woodpecker/deploy.yml b/.woodpecker/deploy.yml
index e5b72c0..3d37be1 100644
--- a/.woodpecker/deploy.yml
+++ b/.woodpecker/deploy.yml
@@ -23,5 +23,5 @@ steps:
        mkdir -p .ssh && cd .ssh
        echo "$${SSH_KEY}" > forgejo
        chmod 400 forgejo
-       nix run github:serokell/deploy-rs -- --ssh-opts="-i forgejo -o StrictHostKeyChecking=no" --skip-checks --targets .#arashi .#kariru .#sakura .#sora .#yuki .#haru .#kaze
+       nix run github:serokell/deploy-rs -- --ssh-opts="-i forgejo -o StrictHostKeyChecking=no" --skip-checks --targets .#arashi .#sakura .#sora .#yuki .#haru .#kaze
     secrets: [ssh_key, gh_pat]

From c93be9948515667e59d7ec310e0fa49f85d75745 Mon Sep 17 00:00:00 2001
From: notohh <github@notohh.dev>
Date: Tue, 23 Jan 2024 21:25:10 -0500
Subject: [PATCH 5/6] traefik: init woodpecker

---
 hosts/sora/services/traefik.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/hosts/sora/services/traefik.nix b/hosts/sora/services/traefik.nix
index 3db6187..b4fc21d 100644
--- a/hosts/sora/services/traefik.nix
+++ b/hosts/sora/services/traefik.nix
@@ -153,6 +153,13 @@
             tls.certresolver = "production";
             middlewares = "cors-allow-all";
           };
+          woodpecker = {
+            rule = "Host(`ci.flake.sh`)";
+            entrypoints = ["websecure"];
+            service = "woodpecker";
+            tls.domains = [{main = "*.flake.sh";}];
+            tls.certresolver = "production";
+          };
         };
         services = {
           forgejo.loadBalancer = {
@@ -173,6 +180,7 @@
           ntfy-sh.loadBalancer.servers = [{url = "http://100.104.42.96:8090";}];
           attic.loadBalancer.servers = [{url = "http://100.104.42.96:8200";}];
           minio.loadBalancer.servers = [{url = "http://100.69.79.81:9005";}];
+          woodpecker.loadBalancer.servers = [{url = "http://100.82.146.40:8200";}];
         };
       };
     };

From caf3664288d1d043167d9e4d6cbafddddf77a2f5 Mon Sep 17 00:00:00 2001
From: notohh <github@notohh.dev>
Date: Tue, 23 Jan 2024 21:32:50 -0500
Subject: [PATCH 6/6] ci: init deploy

---
 .woodpecker/deploy.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.woodpecker/deploy.yml b/.woodpecker/deploy.yml
index 3d37be1..ab636c6 100644
--- a/.woodpecker/deploy.yml
+++ b/.woodpecker/deploy.yml
@@ -1,6 +1,6 @@
 when:
-  - branch: ci-test
-  - event: [push]
+  - branch: flake-lock-update
+  - event: [pull_request]
   
 steps:
   attic-push:
@@ -23,5 +23,5 @@ steps:
        mkdir -p .ssh && cd .ssh
        echo "$${SSH_KEY}" > forgejo
        chmod 400 forgejo
-       nix run github:serokell/deploy-rs -- --ssh-opts="-i forgejo -o StrictHostKeyChecking=no" --skip-checks --targets .#arashi .#sakura .#sora .#yuki .#haru .#kaze
+       nix run github:serokell/deploy-rs -- --ssh-opts="-i forgejo -o StrictHostKeyChecking=no" --skip-checks --targets .#arashi .#kariru .#sakura .#sora .#yuki .#haru .#kaze
     secrets: [ssh_key, gh_pat]