add guix installer workflow

1 files changed, 79 insertions, 0 deletions

diff --git a/.forgejo/workflows/installer.yaml b/.forgejo/workflows/installer.yaml
new file mode 100644
index 0000000..8bd1044
--- /dev/null
+++ b/.forgejo/workflows/installer.yaml
@@ -0,0 +1,79 @@
+# title: install
+# desc: generate a guix installer image
+# adapted from https://github.com/SystemCrafters/guix-installer/
+
+name: installer
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build:
+    runs-on: docker
+
+    container:
+      image: alpine:3.21
+      options: "--privileged" # needed for guix
+
+    steps:
+      - name: Install dependencies
+        run: |
+          apk add --no-cache git nodejs util-linux
+
+      - name: Git checkout
+        uses: actions/checkout@v4
+
+      - name: Guix cache
+        uses: actions/cache/restore@v4
+        with:
+          path: ~/.cache/guix
+          key: guix-cache-${{ github.sha }}
+          restore-keys: |
+            guix-cache-
+
+      - name: Install guix
+        run: |
+          SUBSTITUTE_URLS="https://ci.guix.gnu.org https://bordeaux.guix.gnu.org https://substitutes.nonguix.org https://substitutes.freya.cat"
+
+          apk add --no-cache guix openrc udev-init-scripts-openrc sed
+          sed -i 's/#rc_sys=""/rc_sys="docker"/' /etc/rc.conf
+
+          cat <<EOF > /etc/init.d/guix-daemon
+          #!/sbin/openrc-run
+          start(){ guix-daemon --build-users-group=guixbuild --substitute-urls="$SUBSTITUTE_URLS" & }
+          EOF
+          chmod +x /etc/init.d/guix-daemon
+
+          rc-update add guix-daemon
+          openrc boot
+
+      - name: Set environment
+        run: |
+          echo "GUIX_RETRY_NO_PROMPT=yes" >> $GITHUB_ENV
+          echo "GUIX_RETRY_NO_TTY=yes" >> $GITHUB_ENV
+
+      - name: Setup channels
+        run: |
+          guix archive --authorize < ./files/keys/nonguix.pub
+          guix archive --authorize < ./files/keys/sakura.pub
+          ./scripts/guix-retry guix pull -C ./channels.scm
+
+      - name: Build ISO
+        run: |
+          GUIX_PROFILE="/root/.config/guix/current"
+          . "$GUIX_PROFILE/etc/profile"
+          ./scripts/build-installer
+
+      - name: Guix cache save
+        uses: actions/cache/save@v4
+        with:
+          path: ~/.cache/guix
+          key: guix-cache-${{ github.sha }}
+
+      - name: Save artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: installer
+          path: guix-installer-*.iso