82 lines
1.9 KiB
Nix
82 lines
1.9 KiB
Nix
{
|
|
name = "Forgejo runner";
|
|
description = ''
|
|
Forgejo actions runner
|
|
'';
|
|
|
|
nixosModule =
|
|
{
|
|
pkgs,
|
|
lib,
|
|
config,
|
|
host,
|
|
...
|
|
}:
|
|
{
|
|
options.forgejo-runner = {
|
|
url = lib.mkOption {
|
|
type = lib.types.str;
|
|
};
|
|
};
|
|
|
|
config =
|
|
let
|
|
cfg = config.forgejo-runner;
|
|
in
|
|
{
|
|
networking.firewall.allowedTCPPorts = [
|
|
39175 # Cache port
|
|
];
|
|
|
|
sops.secrets = {
|
|
"forgejo_runner/token" = {
|
|
owner = "root";
|
|
};
|
|
};
|
|
|
|
environment.persistence."/persistent" = {
|
|
directories = [
|
|
"/var/lib/private/gitea-runner"
|
|
];
|
|
};
|
|
|
|
sops.templates."forgejo_runner_token.env" = {
|
|
owner = "root";
|
|
content = ''
|
|
TOKEN=${config.sops.placeholder."forgejo_runner/token"}
|
|
'';
|
|
};
|
|
|
|
systemd.services.forgejo-secrets = {
|
|
after = [ "cephfs.mount" ];
|
|
};
|
|
|
|
services.gitea-actions-runner = {
|
|
package = pkgs.forgejo-actions-runner;
|
|
instances.default = {
|
|
enable = true;
|
|
name = "runner";
|
|
url = cfg.url;
|
|
tokenFile = config.sops.templates."forgejo_runner_token.env".path;
|
|
labels = [
|
|
"ubuntu-latest:docker://node:16-bullseye"
|
|
"ubuntu-22.04:docker://node:16-bullseye"
|
|
"ubuntu-20.04:docker://node:16-bullseye"
|
|
"ubuntu-18.04:docker://node:16-buster"
|
|
];
|
|
settings = {
|
|
cache = {
|
|
enabled = true;
|
|
host = host.ip;
|
|
port = 39175;
|
|
};
|
|
|
|
container = {
|
|
docker_host = "automount";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|