chore(container): update ghcr.io/open-webui/open-webui ( 2b9d2be → ea… #2793
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # yamllint disable rule:comments rule:line-length | |
| --- | |
| # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json | |
| name: nix cache | |
| 'on': | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - master | |
| paths: | |
| - '**.nix' | |
| pull_request: | |
| paths: | |
| - '**.nix' | |
| - flake.lock | |
| permissions: {} | |
| concurrency: | |
| group: nixcache | |
| jobs: | |
| lint-build-and-push: | |
| runs-on: home-ops-runner | |
| container: nixos/nix@sha256:c2f7db70a432d00c6759af108ff4fbc74a4c00e2d4517162e72338e7b9449c1f | |
| steps: | |
| - name: Build and push to cache | |
| run: |- | |
| set -e | |
| git clone "https://github.com/$REPO" repo | |
| cd repo | |
| cat assets/ca-ec384.crt >> "$NIX_SSL_CERT_FILE" | |
| cat assets/ca-rsa4096.crt >> "$NIX_SSL_CERT_FILE" | |
| nix-channel --update | |
| nix-env -iA gnused jq nh nix-output-monitor -f '<nixpkgs>' | |
| mkdir -p ~/.config/nix | |
| cat <<EOF | tee ~/.config/nix/nix.conf | |
| builders-use-substitutes = true | |
| download-buffer-size = 524288000 | |
| experimental-features = nix-command flakes | |
| substituters = https://nix.ajgon.casa/?priority=30 https://cache.nixos.org | |
| trusted-public-keys = homelab:mM9UlYU+WDQSnxRfnV0gNcE+gLD/F9nkGIz97E22VeU= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= | |
| warn-dirty = false | |
| extra-substituters = https://cache.garnix.io https://deploy-rs.cachix.org https://nix-community.cachix.org | |
| extra-trusted-public-keys = cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= deploy-rs.cachix.org-1:xfNobmiwF/vzvK1gpfediPwpdIP0rpDV2rYqx40zdSI= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= | |
| EOF | |
| nix --accept-flake-config develop -c pre-commit run -a | |
| nix --accept-flake-config run .#cache-packages | |
| env: | |
| AWS_ACCESS_KEY_ID: "${{ secrets.NIX_STORE_AWS_ACCESS_KEY_ID }}" | |
| AWS_SECRET_ACCESS_KEY: "${{ secrets.NIX_STORE_AWS_SECRET_ACCESS_KEY }}" | |
| CI: "true" | |
| NIXCACHE_PRIVATE_KEY: "${{ secrets.NIX_STORE_PRIVATE_KEY }}" | |
| NIXCACHE_PUBLIC_KEY: "${{ secrets.NIX_STORE_PUBLIC_KEY }}" | |
| REPO: "${{ github.repository }}" |