layne, rico2: setup forgejo actions runner
This commit is contained in:
parent
d6a0b50283
commit
79efbf9ea2
8 changed files with 66 additions and 3 deletions
|
@ -2,6 +2,7 @@ _: {
|
|||
imports = [
|
||||
./alertmanager.nix
|
||||
./blocky.nix
|
||||
./forgejo-actions-runner.nix
|
||||
./grafana.nix
|
||||
../../../shared/prometheus-exporters.nix
|
||||
../../../shared/promtail.nix
|
||||
|
|
25
hosts/rico2/services/apps/forgejo-actions-runner.nix
Normal file
25
hosts/rico2/services/apps/forgejo-actions-runner.nix
Normal file
|
@ -0,0 +1,25 @@
|
|||
{ pkgs, config, ... }: {
|
||||
sops.secrets = {
|
||||
"forgejo/runner_registration_token_file" = {
|
||||
mode = "400";
|
||||
owner = config.users.users.root.name;
|
||||
group = config.users.users.root.group;
|
||||
};
|
||||
};
|
||||
services.gitea-actions-runner = {
|
||||
package = pkgs.forgejo-runner;
|
||||
instances = {
|
||||
runner-arm64 = {
|
||||
enable = true;
|
||||
name = "runner-arm64";
|
||||
labels = [
|
||||
"debian-stable:docker://debian:stable"
|
||||
"ubuntu:docker://ubuntu:latest"
|
||||
"alpine:docker://alpine:latest"
|
||||
];
|
||||
tokenFile = config.sops.secrets."forgejo/runner_registration_token_file".path;
|
||||
url = "https://forge.acomputer.lol";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -2,6 +2,7 @@ _: {
|
|||
imports = [
|
||||
./apps
|
||||
./btrfs.nix
|
||||
./podman.nix
|
||||
./ssh.nix
|
||||
../../shared/caddy.nix
|
||||
];
|
||||
|
|
5
hosts/rico2/services/podman.nix
Normal file
5
hosts/rico2/services/podman.nix
Normal file
|
@ -0,0 +1,5 @@
|
|||
_: {
|
||||
virtualisation.podman = {
|
||||
enable = true;
|
||||
};
|
||||
}
|
|
@ -1,10 +1,33 @@
|
|||
{ config, lib, ... }:
|
||||
{ pkgs, config, lib, ... }:
|
||||
let
|
||||
cfg = config.services.forgejo;
|
||||
domainName = "forge.acomputer.lol";
|
||||
in
|
||||
{
|
||||
sops.secrets = {
|
||||
"forgejo/runner_registration_token_file" = {
|
||||
mode = "400";
|
||||
owner = config.users.users.root.name;
|
||||
group = config.users.users.root.group;
|
||||
};
|
||||
};
|
||||
services = {
|
||||
gitea-actions-runner = {
|
||||
package = pkgs.forgejo-runner;
|
||||
instances = {
|
||||
runner-x86_64 = {
|
||||
enable = true;
|
||||
name = "runner-x86_64";
|
||||
labels = [
|
||||
"debian-stable:docker://debian:stable"
|
||||
"ubuntu:docker://ubuntu:latest"
|
||||
"alpine:docker://alpine:latest"
|
||||
];
|
||||
tokenFile = config.sops.secrets."forgejo/runner_registration_token_file".path;
|
||||
url = "https://forge.acomputer.lol";
|
||||
};
|
||||
};
|
||||
};
|
||||
forgejo = {
|
||||
enable = true;
|
||||
stateDir = "/mnt/data/Forgejo";
|
||||
|
|
|
@ -2,6 +2,7 @@ _: {
|
|||
imports = [
|
||||
./apps
|
||||
./btrfs.nix
|
||||
./podman.nix
|
||||
./ssh.nix
|
||||
../../shared/caddy.nix
|
||||
];
|
||||
|
|
5
hosts/wynne/services/podman.nix
Normal file
5
hosts/wynne/services/podman.nix
Normal file
|
@ -0,0 +1,5 @@
|
|||
_: {
|
||||
virtualisation.podman = {
|
||||
enable = true;
|
||||
};
|
||||
}
|
|
@ -24,6 +24,8 @@ matrix:
|
|||
syncv3_secret: ENC[AES256_GCM,data:05lLSSolNO55VjJQL3nLNGo2jiZUZht2FKNvc2O2dCccSfglrwm6J5Guzns9ZlT8X9j74lvlWlbM6Q==,iv:1zARbgZ9GJV1UMJ+WjFPNYPqhRjGVj4iLYMpfsRjrko=,tag:fQ9Vg1xD1k2eYlEbtF6q8A==,type:str]
|
||||
caddy:
|
||||
env_file: ENC[AES256_GCM,data:PKtILX7o0D3rj78JXIXad9UcQz0ZiihXK1nY/kb08fh3i54hYrFyJyGt04b9mAufxTnhDV4=,iv:I/EtxopCFmRxgsGJIcFDufTiM1JyPPoIQkgKIDiCP24=,tag:5QlGMp839p9RYKB09tr61A==,type:str]
|
||||
forgejo:
|
||||
runner_registration_token_file: ENC[AES256_GCM,data:1ycTh6FxUXGyreaJThZpYfwdy8wQj9cN3znIGmhgr04Pvmew7wxHJZ27i9Xp8g==,iv:8O5I8oQW10dgLOXJOvv3bMis6tHPxgxrie+5AmnHy38=,tag:CCYJLXEeSLVoTgTc2U48Zw==,type:str]
|
||||
proton:
|
||||
layne: ENC[AES256_GCM,data:wAY2uoxjM1ubHzvwBfsgQzx+OLsno4Q/gP5XPiDPHwWy3IbmU14EhSH942mdjixRlHK2/T3l3NYqFSOm//8Ri9+GyfmJBcIKY/A8vgui0DbkGOb5+h7AKDoCwyUrredtCtFSWk5Hahl19BnJtoLEzmOjbF6su7P2PgAdpxlkWiiyR3ZVSC+PD/2KjdkgNSEXV8V7fxTSaiMqAYXiIqe33Kx5gKIVHPuHf8qrnKYQ92q2BUolpXpcg24FlbavjgmkTI3wCw9V/o/zo5lJnCzi8TSdVelJ5fOKDUA+8FemJcquYQ==,iv:dsbKPzNUAYnH1yaflxEAoKaTj+QtflkMdqAQqQQi418=,tag:jsSTKjmk6nTUfUAxcTsMtA==,type:str]
|
||||
sops:
|
||||
|
@ -95,8 +97,8 @@ sops:
|
|||
YzdpTitkMHh6VUFtV2FodVF6OWJkTU0KBjC+esgHZ8hTWXwZ+cy4++jLP+gsruHM
|
||||
fmRDhvQu0MNHkjQ8q4VmwRVl10uc8CyTDFTuyDoAhvmnzXHtrg1wpA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-10-28T11:23:04Z"
|
||||
mac: ENC[AES256_GCM,data:J2PFw2F3K7QqCL509L+D9YTSiWKafuWbKymfpGXLc4gkkqvu2Uk15pL5mcqgxz39plZ/hxKQDAtqDRaBXgrpGuyLftd4xrGs8O6BZUQygU5YTNiaF7LHbSFhu3XuwSm0PkV3fpee8GUvwF51lPly5aZIIFhIfALJSeilScEH7qs=,iv:ufwva8whVXQytx9Yb8HOpoHkSRm6xkA6qeBoniu6aAQ=,tag:fd9A5cnyxR3e8hsSeHYbfw==,type:str]
|
||||
lastmodified: "2024-10-29T14:26:09Z"
|
||||
mac: ENC[AES256_GCM,data:IXvQiON8db7pP+Bxsu1EkjxbM7keSXco02my0awn0fhU9/MRYWsCp44Fu6+9jXjDPdfK7duWTJv+o0+K+sMxb6p4CtCDqIhy7h5W3og+sltiVN78Qxi5tuXvgiP/maZtJWnfT96jiMftAfxMha9pMpdeJ4NMPF7snHAgc6dRzVg=,iv:vMkSiF8jzNFeLEsbM4ctkB1DXXMwbb7vZEJr4+Buhkw=,tag:TV1vAQRMcdNhTkL1Chdf1Q==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.1
|
||||
|
|
Loading…
Reference in a new issue