Add forgejo runner
This commit is contained in:
parent
14cbb1507e
commit
d8df732fdd
2 changed files with 28 additions and 3 deletions
|
@ -1,4 +1,8 @@
|
|||
{config, ...}: let
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
vars = import ../../../../vars.nix;
|
||||
in {
|
||||
virtualisation.arion = {
|
||||
|
@ -16,6 +20,9 @@ in {
|
|||
sops.secrets."forgejo/db_database" = {
|
||||
owner = vars.user;
|
||||
};
|
||||
sops.secrets."forgejo/runner_token" = {
|
||||
owner = vars.user;
|
||||
};
|
||||
|
||||
sops.templates."forgejo.env" = {
|
||||
path = "/home/${vars.user}/.docker/git/forgejo.env";
|
||||
|
@ -38,4 +45,21 @@ in {
|
|||
POSTGRES_PASSWORD="${config.sops.placeholder."forgejo/db_password"}"
|
||||
'';
|
||||
};
|
||||
|
||||
services.gitea-actions-runner = {
|
||||
package = pkgs.forgejo-runner;
|
||||
instances.default = {
|
||||
enable = true;
|
||||
name = config.networking.hostName;
|
||||
url = "https://git.ghoscht.com";
|
||||
# tokenFile = "/home/${vars.user}/.docker/git/forgejo-runner.env";
|
||||
tokenFile = config.sops.secrets."forgejo/runner_token".path;
|
||||
labels = [
|
||||
"ubuntu-latest:docker://node:22-bookworm"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
# enable cache actions https://forgejo.org/docs/latest/admin/runner-installation/
|
||||
networking.firewall.trustedInterfaces = ["br-+"];
|
||||
}
|
||||
|
|
|
@ -13,6 +13,7 @@ forgejo:
|
|||
db_password: ENC[AES256_GCM,data:1lpmX58=,iv:9TehYmpS3RQc0WsKVR4Tx36utL2e6avbc7BlK0+B178=,tag:xHRv+WJUch3jmRIWghjnPg==,type:str]
|
||||
db_user: ENC[AES256_GCM,data:rYxa8nU=,iv:Lijug8gqMTnMG9WQsivyrO/IbgrAyWfG7IQ99x1Q5gA=,tag:OipZUyZiMh4PLbo7KJAksQ==,type:str]
|
||||
db_database: ENC[AES256_GCM,data:br/OvQA=,iv:g2krpkX1XXXhT4FgzbeXp/MgcpHayndtBv+8dpmp03M=,tag:z5h/TSBXViFr3lNN15XFAA==,type:str]
|
||||
runner_token: ENC[AES256_GCM,data:rjgbrqLAA16dlNDn/Mh3TQ8+2mYD3Sn2502aY0PuNmINIfu9lnUCtw==,iv:FAzNa0fxlN61xrrWrbfRl6F4GHkR3bhmZEPrejTpKyU=,tag:yoOAiVCBQFuFpT+cgXPuWA==,type:str]
|
||||
navidrome:
|
||||
spotify_id: ENC[AES256_GCM,data:yTNp25CHtnFkvXhbvduVzkmenT3TjkpWR0ZhSTKOiAs=,iv:cuewBT/XfneiHUjlFCV0O/nzXHoEVO/JyfgqRACreEc=,tag:TOZ+GDqZ2SkibKhEhIcX7w==,type:str]
|
||||
spotify_secret: ENC[AES256_GCM,data:sHYYHDgW0nNP7vCk0qOZdLOyetG4XbK7NaxYSt4kr68=,iv:p0+wW287UteJfJaiajX9/XOEkkm957Rs46hYaml6Of4=,tag:SsEyVYdPpO/yv9vF7Dj+HA==,type:str]
|
||||
|
@ -83,8 +84,8 @@ sops:
|
|||
VUUxcEhvYi8zeXlCUUViUTl0eWdhcU0KXOfbnDc+zc8lnBcyEAV5EiJSjcSU6AgI
|
||||
EfeRw8qVqwChrYn1agslcNnDbE0WQsOCBuA6cE4V3kRofp9HU949ig==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-12-09T11:43:35Z"
|
||||
mac: ENC[AES256_GCM,data:y8f188EbglQgSsSxEJpVX0GhjjZ4Uw5L7pawLP8Yz3zTgRNUIPICOK3oWNjR/M6BhhqaC2cnz5g2lQDXmO1tKDQ7E8RaZeqdBY0oDB+B1C6LWHnbZiEaQvH+j0nBx191NKUcA3Z4n4Sew+lA2YiQ3lWko4j/Kn+j8pnhrfVsYW8=,iv:F1PUbgZRsf8A3Es/UA+tV92DUywnPZx5iL7iLAICfsM=,tag:K9RuhNIpSuuec/OvShyvhQ==,type:str]
|
||||
lastmodified: "2024-12-18T20:43:51Z"
|
||||
mac: ENC[AES256_GCM,data:RSaqAh5OpOK6WjJSLzi4uUSGdGphTuz8skfqY3YEb9woVNFUKgYMurISuvCTBz99qcXSZGBmbL7Ppu+cEJQGCRz6Vmtu+mql5FbP/iyEOJALMN6VuK6l84WFzzEnWnNrN49B/+aTwtwJ01DDwy6Ze9RqekEAyLjYoyc/C94TwN4=,iv:kGtHqjZNal2t6GxYAvIRVnjI2VFrMAC3K5W62Slqmnw=,tag:paPQz3LRVfizIX3YXH9uCQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
Loading…
Reference in a new issue