wow

.forgejo/workflows/main.yml

@@ -4,34 +4,69 @@ on:
   push:
     branches:
       - main
-  # pull_request:
+  pull_request:
 
 jobs:
+  check:
+    runs-on: x86_64
+    steps:
+      - uses: actions/checkout@v4
+      - name: Check flake
+        run: |
+          source /etc/bashrc
+          nix flake check
+
   list-packages:
     runs-on: x86_64
     outputs:
       packages: ${{ steps.set-matrix.outputs.packages }}
     steps:
       - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
       - id: set-matrix
         run: |
           source /etc/bashrc
-          PACKAGES=$(nix flake show --json | nix run nixpkgs#jq -- -c '.packages."x86_64-linux" | keys')
+          ALL_PACKAGES=$(nix flake show --json | nix run nixpkgs#jq -- -r '.packages."x86_64-linux" | keys[]')
-          echo "packages=$PACKAGES" >> $GITHUB_OUTPUT
           
-  # check:
+          if [ "${{ github.event_name }}" == "pull_request" ]; then
-  #   runs-on: x86_64
+            echo "Detecting changed packages for PR..."
-  #   steps:
+            BASE_REF="${{ github.base_ref }}"
-  #     - name: Checkout code
+            # Ensure the base branch is available for diffing
-  #       uses: actions/checkout@v4
+            git fetch origin "$BASE_REF" --depth=1
-  #     - name: Check flake
+            CHANGED_FILES=$(git diff --name-only "origin/$BASE_REF"...HEAD)
-  #       run: |
+            
-  #         source /etc/bashrc
+            if echo "$CHANGED_FILES" | grep -qE 'flake.nix|flake.lock'; then
-  #         nix flake check
+              echo "Flake files changed, building all packages."
+              SELECTED_PACKAGES=$(echo "$ALL_PACKAGES" | nix run nixpkgs#jq -- -R . | nix run nixpkgs#jq -- -s -c .)
+            else
+              # Extract package names from pkgs/<name>/
+              CHANGED_PKGS=$(echo "$CHANGED_FILES" | grep '^pkgs/' | cut -d'/' -f2 | sort -u || true)
+              
+              FINAL_PKGS=()
+              for pkg in $CHANGED_PKGS; do
+                if echo "$ALL_PACKAGES" | grep -q "^$pkg$"; then
+                  FINAL_PKGS+=("$pkg")
+                fi
+              done
+              
+              if [ ${#FINAL_PKGS[@]} -eq 0 ]; then
+                SELECTED_PACKAGES="[]"
+              else
+                SELECTED_PACKAGES=$(printf '%s\n' "${FINAL_PKGS[@]}" | nix run nixpkgs#jq -- -R . | nix run nixpkgs#jq -- -s -c .)
+              fi
+            fi
+          else
+            echo "Push event, listing all packages."
+            SELECTED_PACKAGES=$(echo "$ALL_PACKAGES" | nix run nixpkgs#jq -- -R . | nix run nixpkgs#jq -- -s -c .)
+          fi
+          
+          echo "packages=$SELECTED_PACKAGES" >> $GITHUB_OUTPUT
 
   build:
-    needs: list-packages
+    needs: [check, list-packages]
     runs-on: x86_64
+    if: ${{ fromJson(needs.list-packages.outputs.packages)[0] != null }}
     strategy:
       fail-fast: false
       matrix:
@@ -47,7 +82,7 @@ jobs:
           nix build .#${{ matrix.package }}
 
       - name: Cache & Push to Attic
-        if: success()
+        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
         env:
           ATTIC_SERVER: ${{ secrets.ATTIC_SERVER }}
           ATTIC_TOKEN: ${{ secrets.ATTIC_TOKEN }}

.forgejo/workflows/update-flake.yml

@@ -0,0 +1,62 @@
+name: Update Flake Lock
+
+on:
+  schedule:
+    - cron: '0 4 * * *'
+  workflow_dispatch:
+
+jobs:
+  update:
+    runs-on: x86_64
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Update flake.lock
+        id: update
+        run: |
+          source /etc/bashrc
+          
+          nix flake update
+          
+          if git diff --quiet flake.lock; then
+            echo "No changes to flake.lock"
+            echo "updated=false" >> $GITHUB_OUTPUT
+          else
+            echo "flake.lock updated"
+            echo "updated=true" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Create Pull Request
+        if: steps.update.outputs.updated == 'true'
+        env:
+          API_FORGEJO_TOKEN: ${{ secrets.API_FORGEJO_TOKEN }}
+        run: |
+          source /etc/bashrc
+          
+          DATE=$(date +%Y-%m-%d)
+          BRANCH="update/flake-lock-${DATE}"
+          
+          git config user.name "mizuki"
+          git config user.email "akiyama@mizuki.guru"
+          
+          git checkout -b "$BRANCH"
+          git add flake.lock
+          git commit -m "flake.lock: update ${DATE}"
+          
+          REPO_URL=$(git remote get-url origin | sed 's|https://||')
+          git push -f "https://oauth2:${API_FORGEJO_TOKEN}@${REPO_URL}" "$BRANCH"
+          
+          FORGEJO_HOST=$(echo "$REPO_URL" | cut -d'/' -f1)
+          REPO_PATH=$(echo "$REPO_URL" | cut -d'/' -f2-)
+          
+          curl -fsSL -X POST \
+            -H "Authorization: token ${API_FORGEJO_TOKEN}" \
+            -H "Content-Type: application/json" \
+            "https://${FORGEJO_HOST}/api/v1/repos/${REPO_PATH}/pulls" \
+            -d "{
+              \"title\": \"flake.lock: update ${DATE}\",
+              \"head\": \"${BRANCH}\",
+              \"base\": \"main\",
+              \"body\": \"Automated flake.lock update generated by Forgejo Actions.\"
+            }"

.forgejo/workflows/update-vscode-insiders.yml

@@ -0,0 +1,93 @@
+name: Update VSCode Insiders
+
+on:
+  schedule:
+    - cron: '0 0 * * *'
+  workflow_dispatch:
+
+jobs:
+  update:
+    runs-on: x86_64
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Check for new vscode-insiderss release
+        id: check
+        run: |
+          source /etc/bashrc
+
+          CURRENT_VERSION=$(grep 'version = ' pkgs/vscode-insiders/default.nix | head -1 | grep -oP '"[^"]+"' | tr -d '"')
+          echo "Current version: $CURRENT_VERSION"
+
+          LATEST_VERSION=$(curl -fsSL https://update.code.visualstudio.com/api/releases/insider | nix run nixpkgs#jq -- -r '.[0]')
+          echo "Latest version: $LATEST_VERSION"
+
+          if [ "$CURRENT_VERSION" = "$LATEST_VERSION" ]; then
+            echo "Already up to date."
+            echo "updated=false" >> $GITHUB_OUTPUT
+            exit 0
+          fi
+
+          echo "New version found: $LATEST_VERSION"
+          echo "latest_version=$LATEST_VERSION" >> $GITHUB_OUTPUT
+          echo "updated=true" >> $GITHUB_OUTPUT
+
+      - name: Update version and sha256
+        if: steps.check.outputs.updated == 'true'
+        id: update
+        run: |
+          source /etc/bashrc
+
+          LATEST="${{ steps.check.outputs.latest_version }}"
+          URL="https://code.visualstudio.com/sha/download?build=insider&os=linux-x64"
+
+          echo "Fetching new sha256 for VSCode Insiders..."
+          NEW_SHA256=$(nix-prefetch-url --type sha256 "$URL" 2>/dev/null | tail -1)
+          NEW_SHA256_SRI=$(nix hash convert --hash-algo sha256 --to sri "$NEW_SHA256")
+          echo "New sha256 (SRI): $NEW_SHA256_SRI"
+
+          sed -i "s|version = \".*\";|version = \"${LATEST}\";|" pkgs/vscode-insiders/default.nix
+          sed -i "s|sha256 = \"sha256-.*\";|sha256 = \"${NEW_SHA256_SRI}\";|" pkgs/vscode-insiders/default.nix
+
+          echo "new_sha256=$NEW_SHA256_SRI" >> $GITHUB_OUTPUT
+
+      - name: Verify build
+        if: steps.check.outputs.updated == 'true'
+        run: |
+          source /etc/bashrc
+          NIXPKGS_ALLOW_UNFREE=1 nix build .#vscode-insiderss
+
+      - name: Create Pull Request
+        if: steps.check.outputs.updated == 'true'
+        env:
+          API_FORGEJO_TOKEN: ${{ secrets.API_FORGEJO_TOKEN }}
+        run: |
+          source /etc/bashrc
+
+          LATEST="${{ steps.check.outputs.latest_version }}"
+          BRANCH="update/vscode-insiders-${LATEST}"
+
+          git config user.name "mizuki"
+          git config user.email "akiyama@mizuki.guru"
+
+          git checkout -b "$BRANCH"
+          git add pkgs/vscode-insiders/default.nix
+          git commit -m "pkgs/vscode-insiders: update to ${LATEST}"
+
+          REPO_URL=$(git remote get-url origin | sed 's|https://||')
+          git push "https://oauth2:${API_FORGEJO_TOKEN}@${REPO_URL}" "$BRANCH"
+
+          FORGEJO_HOST=$(echo "$REPO_URL" | cut -d'/' -f1)
+          REPO_PATH=$(echo "$REPO_URL" | cut -d'/' -f2-)
+          
+          curl -fsSL -X POST \
+            -H "Authorization: token ${API_FORGEJO_TOKEN}" \
+            -H "Content-Type: application/json" \
+            "https://${FORGEJO_HOST}/api/v1/repos/${REPO_PATH}/pulls" \
+            -d "{
+              \"title\": \"pkgs/vscode-insiders: update to ${LATEST}\",
+              \"head\": \"${BRANCH}\",
+              \"base\": \"main\",
+              \"body\": \"Automated update of VSCode Insiders to version \`${LATEST}\`.\n\nNew SRI Hash: \`${{ steps.update.outputs.new_sha256 }}\`\"
+            }"

flake.lock

@@ -2,11 +2,11 @@
   "nodes": {
     "nixpkgs": {
       "locked": {
-        "lastModified": 1776877367,
+        "lastModified": 1777954456,
-        "narHash": "sha256-EHq1/OX139R1RvBzOJ0aMRT3xnWyqtHBRUBuO1gFzjI=",
+        "narHash": "sha256-hGdgeU2Nk87RAuZyYjyDjFL6LK7dAZN5RE9+hrDTkDU=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "0726a0ecb6d4e08f6adced58726b95db924cef57",
+        "rev": "549bd84d6279f9852cae6225e372cc67fb91a4c1",
         "type": "github"
       },
       "original": {

flake.nix

@@ -8,16 +8,22 @@
   outputs = { self, nixpkgs }:
   let
     system = "x86_64-linux";
+    
+    # Overlay 정의
     overlay = final: prev: {
-      # waterfox = final.callPackage ./pkgs/waterfox/default.nix { };
-      # another = final.callPackage ./pkgs/another/default.nix { };
       waterfox-bin = final.callPackage ./pkgs/waterfox-bin/default.nix { };
-      xcursor-mizuki = final.callPackage ./pkgs/xcursor-mizuki/default.nix { stdenv = final.stdenv; };
+      xcursor-mizuki = final.callPackage ./pkgs/xcursor-mizuki/default.nix { };
-      pjsk-cursor = final.callPackage ./pkgs/pjsk-cursor/default.nix { stdenv = final.stdenv; };
+      pjsk-cursor = final.callPackage ./pkgs/pjsk-cursor/default.nix { };
       helium = final.callPackage ./pkgs/helium/default.nix { };
       helium-sync = final.callPackage ./pkgs/helium-sync/default.nix { };
+      vscode-insiders = final.callPackage ./pkgs/vscode-insiders/default.nix { };
+    };
+
+    pkgs = import nixpkgs {
+      inherit system;
+      overlays = [ overlay ];
+      config.allowUnfree = true;
     };
-    pkgs = nixpkgs.legacyPackages.${system}.extend overlay;
   in {
     overlays.default = overlay;
 
@@ -25,8 +31,15 @@
     homeManagerModules.helium-sync = import ./modules/helium-sync-hm.nix;
 
     packages.${system} = {
-      inherit (pkgs) waterfox-bin xcursor-mizuki pjsk-cursor helium helium-sync;
+      inherit (pkgs) 
-      # default = pkgs.waterfox-bin;
+        waterfox-bin 
+        xcursor-mizuki 
+        pjsk-cursor 
+        helium 
+        helium-sync 
+        vscode-insiders;
+      
+      default = pkgs.helium; # 예시로 하나를 기본값으로 지정
     };
   };
 }

pkgs/vscode-insiders/default.nix

@@ -0,0 +1,22 @@
+{ pkgs }:
+
+let
+  src = fetchTarball {
+    url = "https://code.visualstudio.com/sha/download?build=insider&os=linux-x64";
+    sha256 = "0cq5p2r949k1nskfacz2j0m9zyg116zpzc8csmxb1q51p7znixkc"; 
+  };
+in
+(pkgs.vscode.override {
+  isInsiders = true;
+}).overrideAttrs (oldAttrs: {
+  pname = "vscode-insiders";
+  version = "latest";
+  isInsiders = true;
+  inherit src;
+
+  buildInputs = oldAttrs.buildInputs ++ [ pkgs.krb5 pkgs.libsoup_3 pkgs.webkitgtk_4_1 ];
+
+  meta = oldAttrs.meta // {
+    mainProgram = "code-insiders";
+  };
+})