ci

2026-06-03 10:04:07 +02:00 · 2025-08-06 21:29:39 +02:00 · 2025-08-06 21:29:39 +02:00 · b241199af9
commit b241199af9
parent 6020b05e5c
7 changed files with 84 additions and 77 deletions
--- a/.forgejo/workflows/ci.yml
+++ b/.forgejo/workflows/ci.yml
@ -0,0 +1,16 @@
+name: "CI"
+on:
+  pull_request:
+  push:
+
+jobs:
+  checks:
+    runs-on: nix
+    steps:
+      - uses: actions/checkout@v4
+      - uses: https://codeberg.org/icewind/attic-action@v1
+        with:
+          name: link
+          instance: https://cache.icewind.link
+          authToken: "${{ secrets.ATTIC_TOKEN }}"
+      - run: nix flake check --keep-going
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -1,16 +0,0 @@
-on: [push, pull_request]
-
-name: CI
-
-jobs:
-  check:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: cachix/install-nix-action@v27
-      - uses: icewind1991/attic-action@v1
-        with:
-          name: ci
-          instance: https://cache.icewind.me
-          authToken: "${{ secrets.ATTIC_TOKEN }}"
-      - run: nix flake check --keep-going
--- a/README.md
+++ b/README.md
@ -7,22 +7,26 @@ Automatically spawn and destroy a tf2 server on a schedule
 - Copy `config.sample.toml` to `config.toml` and edit accordingly
 - Start `dispenser config.toml` as a system service

-When the configured start schedule is reached it will create a new cloud server, update the dyndns (optional)
-and install a tf2 server.
-This server is then destroyed when the stop schedule is reached.
+When the configured start schedule is reached it will create a new cloud server,
+update the dyndns (optional) and install a tf2 server. This server is then
+destroyed when the stop schedule is reached.

-As a failsafe against unexpected costs or destroying the wrong server, this program will not spawn any server
-if it already detects a running one, and it will only destroy a server that was created by the program.
+As a failsafe against unexpected costs or destroying the wrong server, this
+program will not spawn any server if it already detects a running one, and it
+will only destroy a server that was created by the program.

-This does mean that if the program is (re-)started while a server is already active, the program will not
-start and destroy any server because it can't be sure it should control the running server.
-You'll need to manually destroy the existing server in that case.
+This does mean that if the program is (re-)started while a server is already
+active, the program will not start and destroy any server because it can't be
+sure it should control the running server. You'll need to manually destroy the
+existing server in that case.

-You can overwrite this behavior by setting `manage_existing = true` in your `config.toml`,
+You can overwrite this behavior by setting `manage_existing = true` in your
+`config.toml`,

 ## Manual usage

-Instead of managing the servers on a schedule with a background server you can also manually manage the server.
+Instead of managing the servers on a schedule with a background server you can
+also manually manage the server.

 ### List running servers

@ -36,7 +40,8 @@ dispenser config.toml list
 dispenser config.toml start
 ```

-Note that this will not start an additional server is a server is already running
+Note that this will not start an additional server is a server is already
+running

 ### Stop a running server

@ -46,11 +51,13 @@ dispenser config.toml stop

 ## Dealing with secrets

-If you want to store your config file in version control but don't want to store your secrets there,
-you can choose to load the secrets from other files by specifying the secret as an absolute path.
+If you want to store your config file in version control but don't want to store
+your secrets there, you can choose to load the secrets from other files by
+specifying the secret as an absolute path.

-This can be done for the following config options:
-`server.demostf_key`, `server.logstf_key`, `vultr.api_key`, `digitalocean.api_key` and `dyndns.password`.
+This can be done for the following config options: `server.demostf_key`,
+`server.logstf_key`, `vultr.api_key`, `digitalocean.api_key` and
+`dyndns.password`.

 ## TODO

--- a/flake.nix
+++ b/flake.nix
@ -10,17 +10,18 @@
      inputs.flakelight.follows = "flakelight";
    };
  };
-  outputs = { mill-scale, ... }: mill-scale ./. {
-    nixosModules = { outputs, ... }: {
-      default =
-        { pkgs
-        , config
-        , lib
-        , ...
+  outputs = {mill-scale, ...}:
+    mill-scale ./. {
+      nixosModules = {outputs, ...}: {
+        default = {
+          pkgs,
+          config,
+          lib,
+          ...
        }: {
-          imports = [ ./nix/module.nix ];
+          imports = [./nix/module.nix];
          config = {
-            nixpkgs.overlays = [ outputs.overlays.default ];
+            nixpkgs.overlays = [outputs.overlays.default];
            services.dispenser.package = lib.mkDefault pkgs.dispenser;
          };
        };
--- a/nix/module.nix
+++ b/nix/module.nix
@ -1,17 +1,17 @@
-{ config
-, lib
-, pkgs
-, ...
+{
+  config,
+  lib,
+  pkgs,
+  ...
 }:
 with lib; let
  cfg = config.services.dispenser;
-  format = pkgs.formats.toml { };
+  format = pkgs.formats.toml {};
  configFile = format.generate "dispenser.toml" (filterAttrs (n: v: v != null) {
    inherit (cfg) server vultr dyndns schedule;
    digital_ocean = cfg.digitalocean;
  });
-in
-{
+in {
  options.services.dispenser = {
    enable = mkEnableOption "Enables the dispenser service";

@ -168,7 +168,7 @@ in

  config = mkIf cfg.enable {
    systemd.services.dispenser = {
-      wantedBy = [ "multi-user.target" ];
+      wantedBy = ["multi-user.target"];

      serviceConfig = {
        ExecStart = "${cfg.package}/bin/dispenser ${configFile}";
@ -193,7 +193,7 @@ in
        RestrictAddressFamilies = "AF_INET AF_INET6";
        RestrictRealtime = true;
        ProtectProc = "noaccess";
-        SystemCallFilter = [ "@system-service" "~@resources" "~@privileged" ];
+        SystemCallFilter = ["@system-service" "~@resources" "~@privileged"];
        IPAddressDeny = "localhost link-local multicast";
      };
    };
@ -201,7 +201,7 @@ in
    environment.systemPackages = [
      (pkgs.writeShellApplication {
        name = "dispenser-cli";
-        runtimeInputs = [ cfg.package ];
+        runtimeInputs = [cfg.package];

        text = ''
          ${cfg.package}/bin/dispenser ${configFile} "$@"
--- a/nix/overlay.nix
+++ b/nix/overlay.nix
@ -1,3 +1,3 @@
 final: prev: {
-  dispenser = final.callPackage ./package.nix { };
+  dispenser = final.callPackage ./package.nix {};
 }
--- a/nix/package.nix
+++ b/nix/package.nix
@ -1,18 +1,17 @@
-{ stdenv
-, rustPlatform
-, libsodium
-, pkg-config
-, lib
-, rust-bin
-,
-}:
-let
+{
+  stdenv,
+  rustPlatform,
+  libsodium,
+  pkg-config,
+  lib,
+  rust-bin,
+}: let
  inherit (lib.sources) sourceByRegex;
  inherit (builtins) fromTOML readFile;
-  src = sourceByRegex ../. [ "Cargo.*" "(src)(/.*)?" ];
+  src = sourceByRegex ../. ["Cargo.*" "(src)(/.*)?"];
  cargoPackage = (fromTOML (readFile ../Cargo.toml)).package;
 in
-rustPlatform.buildRustPackage rec {
+  rustPlatform.buildRustPackage rec {
    pname = cargoPackage.name;
    inherit (cargoPackage) version;

@ -31,4 +30,4 @@ rustPlatform.buildRustPackage rec {
    cargoLock = {
      lockFile = ../Cargo.lock;
    };
-}
+  }