65 lines
1.8 KiB
Nix
65 lines
1.8 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
vars = import ../../../../vars.nix;
|
|
in {
|
|
virtualisation.arion = {
|
|
projects.git.settings = {
|
|
imports = [./arion-compose.nix];
|
|
};
|
|
};
|
|
|
|
sops.secrets."forgejo/db_password" = {
|
|
owner = vars.user;
|
|
};
|
|
sops.secrets."forgejo/db_user" = {
|
|
owner = vars.user;
|
|
};
|
|
sops.secrets."forgejo/db_database" = {
|
|
owner = vars.user;
|
|
};
|
|
sops.secrets."forgejo/runner_token" = {
|
|
owner = vars.user;
|
|
};
|
|
|
|
sops.templates."forgejo.env" = {
|
|
path = "/home/${vars.user}/.docker/git/forgejo.env";
|
|
owner = vars.user;
|
|
mode = "0775";
|
|
content = ''
|
|
GITEA__database__NAME="${config.sops.placeholder."forgejo/db_database"}"
|
|
GITEA__database__USER="${config.sops.placeholder."forgejo/db_user"}"
|
|
GITEA__database__PASSWD="${config.sops.placeholder."forgejo/db_password"}"
|
|
'';
|
|
};
|
|
|
|
sops.templates."forgejo-db.env" = {
|
|
path = "/home/${vars.user}/.docker/git/forgejo-db.env";
|
|
owner = vars.user;
|
|
mode = "0775";
|
|
content = ''
|
|
POSTGRES_DB="${config.sops.placeholder."forgejo/db_database"}"
|
|
POSTGRES_USER="${config.sops.placeholder."forgejo/db_user"}"
|
|
POSTGRES_PASSWORD="${config.sops.placeholder."forgejo/db_password"}"
|
|
'';
|
|
};
|
|
|
|
services.gitea-actions-runner = {
|
|
package = pkgs.forgejo-runner;
|
|
instances.default = {
|
|
enable = true;
|
|
name = config.networking.hostName;
|
|
url = "https://git.ghoscht.com";
|
|
# tokenFile = "/home/${vars.user}/.docker/git/forgejo-runner.env";
|
|
tokenFile = config.sops.secrets."forgejo/runner_token".path;
|
|
labels = [
|
|
"ubuntu-latest:docker://node:22-bookworm"
|
|
];
|
|
};
|
|
};
|
|
|
|
# enable cache actions https://forgejo.org/docs/latest/admin/runner-installation/
|
|
networking.firewall.trustedInterfaces = ["br-+"];
|
|
}
|