forked from colonelpanic/dotfiles
[NixOS] Add separate gitea-runner configuration
This commit is contained in:
parent
f85d2f4a6d
commit
21505f23f3
@ -13,6 +13,7 @@
|
|||||||
./games.nix
|
./games.nix
|
||||||
./git-sync.nix
|
./git-sync.nix
|
||||||
./gitea.nix
|
./gitea.nix
|
||||||
|
./gitea-runner.nix
|
||||||
./imalison.nix
|
./imalison.nix
|
||||||
./internet-computer.nix
|
./internet-computer.nix
|
||||||
./kat.nix
|
./kat.nix
|
||||||
|
50
nixos/gitea-runner.nix
Normal file
50
nixos/gitea-runner.nix
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
{ pkgs, config, makeEnable, ... }:
|
||||||
|
makeEnable config "modules.gitea-runner" false {
|
||||||
|
age.secrets.gitea-runner-token = {
|
||||||
|
file = ./secrets/gitea-runner-token.${config.networking.hostName}.age;
|
||||||
|
owner = "gitea";
|
||||||
|
group = "docker";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.gitea-actions-runner.instances.nix =
|
||||||
|
let gitea-runner-directory = "/var/lib/gitea-runner";
|
||||||
|
in {
|
||||||
|
settings = {
|
||||||
|
cache = {
|
||||||
|
enabled = true;
|
||||||
|
};
|
||||||
|
container = {
|
||||||
|
workdir_parent = "${gitea-runner-directory}/workspace";
|
||||||
|
};
|
||||||
|
host = {
|
||||||
|
workdir_parent = "${gitea-runner-directory}/action-cache-dir";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
hostPackages = with pkgs; [
|
||||||
|
bash
|
||||||
|
coreutils
|
||||||
|
curl
|
||||||
|
gawk
|
||||||
|
git-lfs
|
||||||
|
nixFlakes
|
||||||
|
gitFull
|
||||||
|
gnused
|
||||||
|
nodejs
|
||||||
|
wget
|
||||||
|
];
|
||||||
|
enable = true;
|
||||||
|
name = config.networking.hostName;
|
||||||
|
url = "http://1896Folsom.duckdns.org:3000";
|
||||||
|
tokenFile = config.age.secrets.gitea-runner-token.path;
|
||||||
|
labels = [
|
||||||
|
"nixos-${pkgs.system}:host"
|
||||||
|
"nix:docker://localhost:5921/nix-runner"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.gitea-runner-nix.environment =
|
||||||
|
let gitea-runner-directory = "/var/lib/gitea-runner"; in {
|
||||||
|
XDG_CONFIG_HOME = gitea-runner-directory;
|
||||||
|
XDG_CACHE_HOME = "${gitea-runner-directory}/.cache";
|
||||||
|
};
|
||||||
|
}
|
@ -1,6 +1,5 @@
|
|||||||
{ config, makeEnable, ... }:
|
{ config, makeEnable, ... }:
|
||||||
makeEnable config "modules.gitea" false {
|
makeEnable config "modules.gitea" false {
|
||||||
age.secrets."gitea-runner-token".file = ./secrets/gitea-runner-token.age;
|
|
||||||
|
|
||||||
services.gitea = {
|
services.gitea = {
|
||||||
enable = true;
|
enable = true;
|
||||||
@ -10,11 +9,4 @@ makeEnable config "modules.gitea" false {
|
|||||||
SSH_PORT = 1123;
|
SSH_PORT = 1123;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.gitea-actions-runner.instances-nix-runner = {
|
|
||||||
enable = true;
|
|
||||||
url = config.services.gitea.settings.server.ROOT_URL;
|
|
||||||
tokenFile = config.age.secrets.gitea-runner-token.path;
|
|
||||||
labels = [ "nixos:host" ];
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
@ -9,6 +9,7 @@
|
|||||||
# Needed for now because monitors have different refresh rates
|
# Needed for now because monitors have different refresh rates
|
||||||
modules.xmonad.picom.vSync.enable = false;
|
modules.xmonad.picom.vSync.enable = false;
|
||||||
modules.cache-server.enable = true;
|
modules.cache-server.enable = true;
|
||||||
|
modules.gitea-runner.enable = true;
|
||||||
|
|
||||||
boot.loader.systemd-boot.configurationLimit = 5;
|
boot.loader.systemd-boot.configurationLimit = 5;
|
||||||
|
|
||||||
|
BIN
nixos/secrets/gitea-runner-token.ryzen-shine.age
Normal file
BIN
nixos/secrets/gitea-runner-token.ryzen-shine.age
Normal file
Binary file not shown.
@ -5,4 +5,5 @@ in
|
|||||||
"gpg-passphrase.age".publicKeys = keys.agenixKeys;
|
"gpg-passphrase.age".publicKeys = keys.agenixKeys;
|
||||||
"cache-priv-key.pem.age".publicKeys = keys.agenixKeys;
|
"cache-priv-key.pem.age".publicKeys = keys.agenixKeys;
|
||||||
"gitea-runner-token.age".publicKeys = keys.agenixKeys;
|
"gitea-runner-token.age".publicKeys = keys.agenixKeys;
|
||||||
|
"gitea-runner-token.ryzen-shine.age".publicKeys = keys.agenixKeys;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user