Mirror/gitea-mirror
1
0
Fork 0
mirror of https://github.com/RayLabsHQ/gitea-mirror.git synced 2025-12-17 21:18:11 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
3993d679e668dfb24210b9152bc59fc64fd10bc7
gitea-mirror/docs/NIX_DISTRIBUTION.md
Arunavo Ray 3993d679e6 fix: replace Cachix with Magic Nix Cache in CI workflow 
- Use DeterminateSystems/nix-installer-action for Nix installation
- Use DeterminateSystems/magic-nix-cache-action for caching (free, no setup)
- Update documentation to remove Cachix references
- Add nix branch to CI triggers
2025-12-17 10:30:07 +05:30

7.4 KiB
Raw Blame History

Nix Package Distribution Guide

This guide explains how Gitea Mirror is distributed via Nix and how users can consume it.

Distribution Methods

Method 1: Direct GitHub Usage (Zero Infrastructure)

No CI, releases, or setup needed! Users can consume directly from GitHub:

# Latest from main branch
nix run --extra-experimental-features 'nix-command flakes' github:RayLabsHQ/gitea-mirror

# Pin to specific commit
nix run github:RayLabsHQ/gitea-mirror/abc123def

# Pin to git tag
nix run github:RayLabsHQ/gitea-mirror/v3.8.11

How it works:

  1. Nix fetches the repository from GitHub
  2. Nix reads flake.nix and flake.lock
  3. Nix builds the package locally on the user's machine
  4. Package is cached in /nix/store for reuse

Pros:

  • Zero infrastructure needed
  • Works immediately after pushing code
  • Users always get reproducible builds

Cons:

  • Users must build from source (slower first time)
  • Requires build dependencies (Bun, etc.)

Method 2: CI Build Caching

The GitHub Actions workflow uses Magic Nix Cache (by Determinate Systems) to cache builds:

  • Zero configuration required - no accounts or tokens needed
  • Automatic - CI workflow handles everything
  • Uses GitHub Actions cache - fast, reliable, free

How It Works:

  1. GitHub Actions builds the package on each push/PR
  2. Build artifacts are cached in GitHub Actions cache
  3. Subsequent builds reuse cached dependencies (faster CI)

Note: This caches CI builds. Users still build locally, but the flake.lock ensures reproducibility.

Method 3: nixpkgs Submission (Official Distribution)

Submit to the official Nix package repository for maximum visibility.

Process:

  1. Prepare package (already done with flake.nix)
  2. Test thoroughly
  3. Submit PR to nixpkgs: https://github.com/NixOS/nixpkgs

User Experience:

# After acceptance into nixpkgs
nix run nixpkgs#gitea-mirror

# NixOS configuration
environment.systemPackages = [ pkgs.gitea-mirror ];

Pros:

  • Maximum discoverability (official repo)
  • Trusted by Nix community
  • Included in NixOS search
  • Binary caching by cache.nixos.org

Cons:

  • Submission/review process
  • Must follow nixpkgs guidelines
  • Updates require PRs

Current Distribution Strategy

Phase 1: Direct GitHub (Immediate)

Already working! Users can:

nix run github:RayLabsHQ/gitea-mirror

Phase 2: CI Build Validation

GitHub Actions workflow validates builds on every push/PR:

  • Uses Magic Nix Cache for fast CI builds
  • Tests on both Linux and macOS
  • No setup required - works automatically

Phase 3: Version Releases (Optional)

Tag releases for version pinning:

git tag v3.8.11
git push origin v3.8.11

# Users can then pin:
nix run github:RayLabsHQ/gitea-mirror/v3.8.11

Phase 4: nixpkgs Submission (Long Term)

Once package is stable and well-tested, submit to nixpkgs.

User Documentation

For Users: How to Install

Add this to your docs/NIX_DEPLOYMENT.md:

Option 1: Direct Install (No Configuration)

# Run immediately
nix run --extra-experimental-features 'nix-command flakes' github:RayLabsHQ/gitea-mirror

# Install to profile
nix profile install --extra-experimental-features 'nix-command flakes' github:RayLabsHQ/gitea-mirror

Option 2: Pin to Specific Version

# Pin to git tag
nix run github:RayLabsHQ/gitea-mirror/v3.8.11

# Pin to commit
nix run github:RayLabsHQ/gitea-mirror/abc123def

# Lock in flake.nix
inputs.gitea-mirror.url = "github:RayLabsHQ/gitea-mirror/v3.8.11";

Option 3: NixOS Configuration

{
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
    gitea-mirror.url = "github:RayLabsHQ/gitea-mirror";
    # Or pin to version:
    # gitea-mirror.url = "github:RayLabsHQ/gitea-mirror/v3.8.11";
  };

  outputs = { nixpkgs, gitea-mirror, ... }: {
    nixosConfigurations.your-host = nixpkgs.lib.nixosSystem {
      modules = [
        gitea-mirror.nixosModules.default
        {
          services.gitea-mirror = {
            enable = true;
            betterAuthUrl = "https://mirror.example.com";
            openFirewall = true;
          };
        }
      ];
    };
  };
}

Maintaining the Distribution

Releasing New Versions

# 1. Update version in package.json
vim package.json  # Update version field

# 2. Update flake.nix version (line 17)
vim flake.nix  # Update version = "X.Y.Z";

# 3. Commit changes
git add package.json flake.nix
git commit -m "chore: bump version to vX.Y.Z"

# 4. Create git tag
git tag vX.Y.Z
git push origin main
git push origin vX.Y.Z

# 5. GitHub Actions builds and caches automatically

Users can then pin to the new version:

nix run github:RayLabsHQ/gitea-mirror/vX.Y.Z

Updating Flake Lock

The flake.lock file pins all dependencies. Update it periodically:

# Update all inputs
nix flake update

# Update specific input
nix flake lock --update-input nixpkgs

# Test after update
nix build
nix flake check

# Commit the updated lock file
git add flake.lock
git commit -m "chore: update flake dependencies"
git push

Troubleshooting Distribution Issues

Users Report Build Failures

  1. Check GitHub Actions: Ensure CI is passing
  2. Test locally: nix flake check
  3. Check flake.lock: May need update if dependencies changed

CI Cache Not Working

  1. Check workflow logs: Review GitHub Actions for errors
  2. Clear cache: GitHub Actions → Caches → Delete relevant cache
  3. Verify flake.lock: May need nix flake update if dependencies changed

Version Pinning Not Working

# Verify tag exists
git tag -l

# Ensure tag is pushed
git ls-remote --tags origin

# Test specific tag
nix run github:RayLabsHQ/gitea-mirror/v3.8.11

Advanced: Custom Binary Cache

If you prefer self-hosting instead of Cachix:

Option 1: S3-Compatible Storage

# Generate signing key
nix-store --generate-binary-cache-key cache.example.com cache-priv-key.pem cache-pub-key.pem

# Push to S3
nix copy --to s3://my-nix-cache?region=us-east-1 $(nix-build)

Users configure:

substituters = https://my-bucket.s3.amazonaws.com/nix-cache
trusted-public-keys = cache.example.com:BASE64_PUBLIC_KEY

Option 2: Self-Hosted Nix Store

Run nix-serve on your server:

# On server
nix-serve -p 8080

# Behind nginx/caddy
proxy_pass http://localhost:8080;

Users configure:

substituters = https://cache.example.com
trusted-public-keys = YOUR_KEY

Comparison: Distribution Methods

Method Setup Time User Speed Cost Discoverability
Direct GitHub 0 min Slow (build) Free Low
nixpkgs Hours/days Fast (binary) Free High
Self-hosted cache 30+ min Fast (binary) Server cost Low

Current approach: Direct GitHub consumption with CI validation using Magic Nix Cache. Users build locally (reproducible via flake.lock). Consider nixpkgs submission for maximum reach once the package is mature.

Resources