add nix-ci-runner

justfile

@@ -5,36 +5,26 @@ os := os()
 default:
     just --list
 
-[private]
-check-build:
-    #!/usr/bin/env bash
-    set -euxo pipefail
-
-    # If no build, then build it!
-    if [ ! -d "build" ]; then
-        just build
-    fi
-
 # Build default project
 [group('build')]
-build *args: clean
+make *args: clean
     cmake -B build {{ args }}
     cmake --build build -j {{ num_cpus() }}
 
 # Build with all optional modules
 [group('build')]
-build-dev *args: clean
+make-dev *args: clean
     cmake -B build --preset dev-mode {{ args }}
     cmake --build build -j {{ num_cpus() }}
 
 # Build for the CI, including bench_bitcoin
 [group('ci')]
-build-ci: clean
+make-ci: clean
     cmake -B build -DBUILD_BENCH=ON
     cmake --build build -j {{ num_cpus() }}
 # Re-build current config
 [group('build')]
-rebuild:
+remake:
     cmake --build build -j {{ num_cpus() }}
 
 # Clean build dir using git clean -dfx
@@ -54,7 +44,7 @@ test-func:
 
 # Run all unit and functional tests
 [group('test')]
-test: check-build test-unit test-func
+test: make test-unit test-func
 
 # Run a single functional test (filename.py)
 [group('test')]
@@ -73,4 +63,14 @@ bench:
 
 # Run the CI workflow
 [group('ci')]
-run-ci: build-ci && bench
+run-ci: make-ci && bench
+
+# Deploy a github CI runner to a machine
+[group('runner')]
+deploy type host runner_token:
+    nix-shell -p nixos-anywhere --command "RUNNER_TOKEN={{runner_token}} nixos-anywhere --flake ./nix/ci/github-runner#{{type}} {{host}} --impure"
+
+# Deploy a github CI runner to a machine
+[group('runner')]
+rebuild type host runner_token:
+    nix-shell -p nixos-rebuild --command "RUNNER_TOKEN=ABSM563MDHA3QVTDLHI4KBDHEOEQY nixos-rebuild switch --flake ./nix/ci/github-runner#ax52 --target-host {{host}} --impure"

nix/ci/github-runner/.gitignore

@@ -0,0 +1 @@
+./hardware-configuration.nix

nix/ci/github-runner/README.md

@@ -0,0 +1,20 @@
+# NixOS benchmarking setup
+
+## Deploy
+
+To deploy to a server, either select and existing *disk-config\*.nix*, or create a new one tailored to the target host.
+This example will use a Hetzner AX52 as target, which comes with 2 SSDs located at */dev/nvme1n1* and */dev/nvme0n1*.
+
+### Load NixOS configuration
+
+```bash
+$ nix-shell -p nixos-anywhere
+[nix-shell:~]$ RUNNER_TOKEN=<github runner token> nixos-anywhere --flake .#ax52 root@<ip_address>
+```
+
+## Update
+
+```bash
+$ nix-shell -p nixos-rebuild
+[nix-shell:~]$ RUNNER_TOKEN=<github runner token> nixos-rebuild switch --flake .#ax52 --target-host root@<ip_address>
+```

nix/ci/github-runner/ax52-setup.nix

@@ -0,0 +1,6 @@
+{ modulesPath, lib, pkgs, ... }:
+{
+  system.activationScripts.setDataPermissions = ''
+    chown satoshi:users /data
+  '';
+}

nix/ci/github-runner/configuration.nix

@@ -0,0 +1,16 @@
+{ modulesPath, lib, pkgs, ... }:
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/profiles/qemu-guest.nix")
+    ./modules/users.nix
+    ./modules/security.nix
+    ./modules/packages.nix
+    ./modules/system.nix
+  ];
+
+  boot.loader.grub = {
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+  };
+}

nix/ci/github-runner/disks/disk-config-ax52.nix

@@ -0,0 +1,76 @@
+{ lib, ... }:
+{
+  disko.devices = {
+    disk.disk1 = {
+      device = lib.mkDefault "/dev/nvme1n1";
+      type = "disk";
+      content = {
+        type = "gpt";
+        partitions = {
+          boot = {
+            name = "boot";
+            size = "1M";
+            type = "EF02";
+          };
+          esp = {
+            name = "ESP";
+            size = "500M";
+            type = "EF00";
+            content = {
+              type = "filesystem";
+              format = "vfat";
+              mountpoint = "/boot";
+            };
+          };
+          root = {
+            name = "root";
+            size = "100%";
+            content = {
+              type = "lvm_pv";
+              vg = "pool";
+            };
+          };
+        };
+      };
+    };
+    disk.disk2 = {
+      device = lib.mkDefault "/dev/nvme0n1";
+      type = "disk";
+      content = {
+        type = "gpt";
+        partitions = {
+          data = {
+            name = "data";
+            size = "100%";
+            content = {
+              type = "filesystem";
+              format = "ext4";
+              mountpoint = "/data";
+              mountOptions = [
+                "defaults"
+              ];
+            };
+          };
+        };
+      };
+    };
+    lvm_vg = {
+      pool = {
+        type = "lvm_vg";
+        lvs = {
+          root = {
+            size = "100%FREE";
+            content = {
+              type = "filesystem";
+              format = "ext4";
+              mountpoint = "/";
+              mountOptions = [
+                "defaults"
+              ];
+            };
+          };
+        };
+      };
+    };
+  };
+}

nix/ci/github-runner/disks/disk-config.nix

@@ -0,0 +1,56 @@
+# Example to create a bios compatible gpt partition
+{ lib, ... }:
+{
+  disko.devices = {
+    disk.disk1 = {
+      device = lib.mkDefault "/dev/sda";
+      type = "disk";
+      content = {
+        type = "gpt";
+        partitions = {
+          boot = {
+            name = "boot";
+            size = "1M";
+            type = "EF02";
+          };
+          esp = {
+            name = "ESP";
+            size = "500M";
+            type = "EF00";
+            content = {
+              type = "filesystem";
+              format = "vfat";
+              mountpoint = "/boot";
+            };
+          };
+          root = {
+            name = "root";
+            size = "100%";
+            content = {
+              type = "lvm_pv";
+              vg = "pool";
+            };
+          };
+        };
+      };
+    };
+    lvm_vg = {
+      pool = {
+        type = "lvm_vg";
+        lvs = {
+          root = {
+            size = "100%FREE";
+            content = {
+              type = "filesystem";
+              format = "ext4";
+              mountpoint = "/";
+              mountOptions = [
+                "defaults"
+              ];
+            };
+          };
+        };
+      };
+    };
+  };
+}

nix/ci/github-runner/flake.nix

@@ -0,0 +1,37 @@
+{
+  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+  inputs.disko.url = "github:nix-community/disko";
+  inputs.disko.inputs.nixpkgs.follows = "nixpkgs";
+  inputs.home-manager.url = "github:nix-community/home-manager";
+  inputs.home-manager.inputs.nixpkgs.follows = "nixpkgs";
+
+  outputs = { nixpkgs, disko, home-manager, ... }: {
+    formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
+    nixosConfigurations = {
+      # Generic configuration
+      generic = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules = [
+          disko.nixosModules.disko
+          home-manager.nixosModules.home-manager
+          ./configuration.nix
+          ./hardware-configuration.nix
+          ./nix-channel-setup.nix
+        ];
+      };
+
+      # Hetzner AX52 specific configuration
+      ax52 = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules = [
+          disko.nixosModules.disko
+          home-manager.nixosModules.home-manager
+          ./configuration.nix
+          ./disks/disk-config-ax52.nix
+          ./nix-channel-setup.nix
+          ./ax52-setup.nix
+        ];
+      };
+    };
+  };
+}

nix/ci/github-runner/hardware-configuration.nix

@@ -0,0 +1 @@
+throw "Have you forgotten to run nixos-anywhere with `--generate-hardware-config nixos-generate-config ./hardware-configuration.nix`?"

nix/ci/github-runner/modules/packages.nix

@@ -0,0 +1,32 @@
+{ config, lib, pkgs, ... }:
+{
+  environment.systemPackages = with pkgs; [
+    # Development tools
+    bash
+    coreutils
+    docker
+    findutils
+    git
+    gnugrep
+    gnused
+    gnutar
+    podman
+    python3
+
+    # Shell utilities
+    bat
+    curl
+    eza
+    fd
+    just
+    mosh
+    neovim
+    ripgrep
+    tmux
+
+    # System tools
+    ccache
+    magic-wormhole
+    time
+  ];
+}