Merge pull request #451 from nix-community/update_flake_lock_action

buildbot-nix-ci[bot] · web-flow · commit ab8441b8e983 · 2025-07-31T02:52:49.000Z
flake.lock: Update
diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -19,20 +19,19 @@
   outputs =
     inputs@{ flake-parts, ... }:
     flake-parts.lib.mkFlake { inherit inputs; } {
-      imports =
-        [
-          ./examples/flake-module.nix
-          ./devShells/flake-module.nix
-          ./nixosModules/flake-module.nix
-          ./nix/flake-module.nix
-          ./checks/flake-module.nix
-          ./packages/flake-module.nix
-        ]
-        ++ inputs.nixpkgs.lib.optional (inputs.treefmt-nix ? flakeModule) ./formatter/flake-module.nix
-        ++ inputs.nixpkgs.lib.optionals (inputs.hercules-ci-effects ? flakeModule) [
-          inputs.hercules-ci-effects.flakeModule
-          ./herculesCI/flake-module.nix
-        ];
+      imports = [
+        ./examples/flake-module.nix
+        ./devShells/flake-module.nix
+        ./nixosModules/flake-module.nix
+        ./nix/flake-module.nix
+        ./checks/flake-module.nix
+        ./packages/flake-module.nix
+      ]
+      ++ inputs.nixpkgs.lib.optional (inputs.treefmt-nix ? flakeModule) ./formatter/flake-module.nix
+      ++ inputs.nixpkgs.lib.optionals (inputs.hercules-ci-effects ? flakeModule) [
+        inputs.hercules-ci-effects.flakeModule
+        ./herculesCI/flake-module.nix
+      ];
 
       systems = [
         "x86_64-linux"
diff --git a/nixosModules/master.nix b/nixosModules/master.nix
@@ -843,29 +843,30 @@ in
       path = [ pkgs.openssl ];
       serviceConfig = {
         # in master.py we read secrets from $CREDENTIALS_DIRECTORY
-        LoadCredential =
-          [ "buildbot-nix-workers:${cfg.workersFile}" ]
-          ++ lib.optionals cfg.github.enable (
-            [ "github-webhook-secret:${cfg.github.webhookSecretFile}" ]
-            ++ lib.optional (
-              cfg.github.authType ? "legacy"
-            ) "github-token:${cfg.github.authType.legacy.tokenFile}"
-            ++ lib.optional (
-              cfg.github.authType ? "app"
-            ) "github-app-secret-key:${cfg.github.authType.app.secretKeyFile}"
-          )
-          ++ lib.optional (cfg.authBackend == "gitea") "gitea-oauth-secret:${cfg.gitea.oauthSecretFile}"
-          ++ lib.optional (cfg.authBackend == "github") "github-oauth-secret:${cfg.github.oauthSecretFile}"
-          ++ lib.optionals cfg.gitea.enable [
-            "gitea-token:${cfg.gitea.tokenFile}"
-            "gitea-webhook-secret:${cfg.gitea.webhookSecretFile}"
-          ]
-          ++ lib.mapAttrsToList (
-            repoName: path: "effects-secret__${cleanUpRepoName repoName}:${path}"
-          ) cfg.effects.perRepoSecretFiles
-          ++ lib.mapAttrsToList (
-            repoName: repo: "pull-based__${cleanUpRepoName repoName}:${repo.sshPrivateKeyFile}"
-          ) (lib.filterAttrs (_: repo: repo.sshPrivateKeyFile != null) cfg.pullBased.repositories);
+        LoadCredential = [
+          "buildbot-nix-workers:${cfg.workersFile}"
+        ]
+        ++ lib.optionals cfg.github.enable (
+          [ "github-webhook-secret:${cfg.github.webhookSecretFile}" ]
+          ++ lib.optional (
+            cfg.github.authType ? "legacy"
+          ) "github-token:${cfg.github.authType.legacy.tokenFile}"
+          ++ lib.optional (
+            cfg.github.authType ? "app"
+          ) "github-app-secret-key:${cfg.github.authType.app.secretKeyFile}"
+        )
+        ++ lib.optional (cfg.authBackend == "gitea") "gitea-oauth-secret:${cfg.gitea.oauthSecretFile}"
+        ++ lib.optional (cfg.authBackend == "github") "github-oauth-secret:${cfg.github.oauthSecretFile}"
+        ++ lib.optionals cfg.gitea.enable [
+          "gitea-token:${cfg.gitea.tokenFile}"
+          "gitea-webhook-secret:${cfg.gitea.webhookSecretFile}"
+        ]
+        ++ lib.mapAttrsToList (
+          repoName: path: "effects-secret__${cleanUpRepoName repoName}:${path}"
+        ) cfg.effects.perRepoSecretFiles
+        ++ lib.mapAttrsToList (
+          repoName: repo: "pull-based__${cleanUpRepoName repoName}:${repo.sshPrivateKeyFile}"
+        ) (lib.filterAttrs (_: repo: repo.sshPrivateKeyFile != null) cfg.pullBased.repositories);
         RuntimeDirectory = "buildbot-master";
       };
     };
@@ -883,30 +884,29 @@ in
 
     services.nginx.enable = true;
     services.nginx.virtualHosts.${cfg.domain} = {
-      locations =
-        {
-          "/".proxyPass = "http://127.0.0.1:${builtins.toString backendPort}/";
-          "/sse" = {
-            proxyPass = "http://127.0.0.1:${builtins.toString backendPort}/sse";
-            # proxy buffering will prevent sse to work
-            extraConfig = "proxy_buffering off;";
-          };
-          "/ws" = {
-            proxyPass = "http://127.0.0.1:${builtins.toString backendPort}/ws";
-            proxyWebsockets = true;
-            # raise the proxy timeout for the websocket
-            extraConfig = "proxy_read_timeout 6000s;";
-          };
-        }
-        // lib.optionalAttrs (cfg.outputsPath != null) {
-          "/nix-outputs/" = {
-            alias = cfg.outputsPath;
-            extraConfig = ''
-              charset utf-8;
-              autoindex on;
-            '';
-          };
+      locations = {
+        "/".proxyPass = "http://127.0.0.1:${builtins.toString backendPort}/";
+        "/sse" = {
+          proxyPass = "http://127.0.0.1:${builtins.toString backendPort}/sse";
+          # proxy buffering will prevent sse to work
+          extraConfig = "proxy_buffering off;";
         };
+        "/ws" = {
+          proxyPass = "http://127.0.0.1:${builtins.toString backendPort}/ws";
+          proxyWebsockets = true;
+          # raise the proxy timeout for the websocket
+          extraConfig = "proxy_read_timeout 6000s;";
+        };
+      }
+      // lib.optionalAttrs (cfg.outputsPath != null) {
+        "/nix-outputs/" = {
+          alias = cfg.outputsPath;
+          extraConfig = ''
+            charset utf-8;
+            autoindex on;
+          '';
+        };
+      };
     };
 
     systemd.tmpfiles.rules =
diff --git a/packages/flake-module.nix b/packages/flake-module.nix
@@ -7,26 +7,25 @@
       ...
     }:
     {
-      packages =
-        {
-          # useful for checking what buildbot version is used.
-          buildbot = pkgs.callPackage ./buildbot.nix { };
-          buildbot-dev = pkgs.python3.pkgs.callPackage ./buildbot-dev.nix {
-            inherit (self'.packages)
-              buildbot-gitea
-              buildbot-effects
-              buildbot-nix
-              buildbot
-              ;
-            inherit (pkgs) buildbot-worker buildbot-plugins;
-          };
-          buildbot-nix = pkgs.python3.pkgs.callPackage ./buildbot-nix.nix { };
-          buildbot-gitea = pkgs.python3.pkgs.callPackage ./buildbot-gitea.nix {
-            buildbot = pkgs.buildbot;
-          };
-        }
-        // lib.optionalAttrs pkgs.stdenv.isLinux {
-          buildbot-effects = pkgs.python3.pkgs.callPackage ./buildbot-effects.nix { };
+      packages = {
+        # useful for checking what buildbot version is used.
+        buildbot = pkgs.callPackage ./buildbot.nix { };
+        buildbot-dev = pkgs.python3.pkgs.callPackage ./buildbot-dev.nix {
+          inherit (self'.packages)
+            buildbot-gitea
+            buildbot-effects
+            buildbot-nix
+            buildbot
+            ;
+          inherit (pkgs) buildbot-worker buildbot-plugins;
         };
+        buildbot-nix = pkgs.python3.pkgs.callPackage ./buildbot-nix.nix { };
+        buildbot-gitea = pkgs.python3.pkgs.callPackage ./buildbot-gitea.nix {
+          buildbot = pkgs.buildbot;
+        };
+      }
+      // lib.optionalAttrs pkgs.stdenv.isLinux {
+        buildbot-effects = pkgs.python3.pkgs.callPackage ./buildbot-effects.nix { };
+      };
     };
 }
