From f65d24bf1e29aad3bbdaea6cbb0ba7edc3db8010 Mon Sep 17 00:00:00 2001
From: dadada <dadada@dadada.li>
Date: Sat, 8 Oct 2022 17:48:24 +0200
Subject: [PATCH] set up gihubstatus

---
 nixos/pruflas/configuration.nix        | 13 +++++++++++++
 secrets/hydra-github-authorization.age | 10 ++++++++++
 secrets/secrets.nix                    |  1 +
 3 files changed, 24 insertions(+)
 create mode 100644 secrets/hydra-github-authorization.age
diff --git a/nixos/pruflas/configuration.nix b/nixos/pruflas/configuration.nix
index 2d570df..554bc5a 100644
--- a/nixos/pruflas/configuration.nix
+++ b/nixos/pruflas/configuration.nix
@@ -9,6 +9,7 @@ let
   wg0PrivKey = "${config.networking.hostName}-wg0-key";
   wgHydraPrivKey = "${config.networking.hostName}-wg-hydra-key";
   wg0PresharedKey = "${config.networking.hostName}-wg0-preshared-key";
+  hydraGitHubAuth = "hydra-github-authorization";
 in
 {
   imports = [ ./hardware-configuration.nix ];
@@ -17,6 +18,8 @@ in
 
   services.logind.lidSwitch = "ignore";
 
+  age.secrets.${hydraGitHubAuth}.file = "${secretsPath}/${hydraGitHubAuth}.age";
+
   services.hydra = {
     enable = true;
     package = pkgs.hydra-unstable;
@@ -26,6 +29,16 @@ in
     useSubstitutes = true;
     port = 3000;
     listenHost = "10.3.3.3";
+    extraConfig = ''
+      Include ${config.age.secrets."${hydraGitHubAuth}".path}
+
+      <githubstatus>
+        jobs = nix-config:nix-config.*
+        inputs = nix-config
+        excludeBuildFromContext = 1
+        useShortContext = 1
+      </githubstatus>
+    '';
   };
 
   nix.buildMachines = [
diff --git a/secrets/hydra-github-authorization.age b/secrets/hydra-github-authorization.age
new file mode 100644
index 0000000..ceeadef
--- /dev/null
+++ b/secrets/hydra-github-authorization.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 IXCPDQ FIIoY8iq2Eg0Vw/SNSeBWDOwbecffHz11T0SlhRTMjo
+5bFPVivYR720P43uQ/c+y4TUX2iSnhoPcaIsgB6hePk
+-> ssh-ed25519 Otklkw od+LuwSv3xq+Z9Y8HSWXoJ5Zv07uzwRnBUPZErzha3c
+Qr+4ofsEnP0TwCc+j7S1Rtu/X8Gq30eYnkJFzDFv194
+-> K\f7-grease -3R #
+DmUr0gWgtRXwnabANCq+pgjmNoAkmPlghI5Y308SR7DQtNGdyZpuSQdZ7xF4PYGS
+c7UBBjPRBW0
+--- fswZzO7E/Hwsb1lH4bbgvPaVCQzHfsdz1tLDuyBzLm8
+3GoPöØÌAóözuÎ(Ð)’#EMÿ9=a•]·¶|—c3ä[“œ‡aÞÕ“ÃèuG#‰™wn ¤«é-ò½\QÎ1C:˜sÛ*Ò¨§8ÿËïÌºuwÍ$ØñaqQSç…O:>ÔsˆÉ¨ÐØzñÑåÂOíÈñMÂk¥}^
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index b13b73d..d10ec43 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -16,6 +16,7 @@ in
   "pruflas-wg0-key.age".publicKeys = [ systems.pruflas dadada ];
   "pruflas-wg0-preshared-key.age".publicKeys = [ systems.pruflas dadada ];
   "pruflas-wg-hydra-key.age".publicKeys = [ systems.pruflas dadada ];
+  "hydra-github-authorization.age".publicKeys = [ systems.pruflas dadada ];
 } //
 backupSecrets "gorgon" //
 backupSecrets "ifrit" //
