working forgejo-runner

This commit is contained in:
Ingolf Wagner 2024-07-19 21:33:09 +02:00
parent f4093bbd03
commit 69d687ead8
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
3 changed files with 67 additions and 5 deletions

View file

@ -4,9 +4,4 @@ jobs:
runs-on: native runs-on: native
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- run: echo $PATH
- run: export PATH=$PATH:/run/current-system/sw/bin
- run: echo $PATH
- run: echo $PWD
- run: ls -la
- run: nix flake check - run: nix flake check

View file

@ -9,6 +9,7 @@
../../modules ../../modules
./service-forgejo.nix ./service-forgejo.nix
./service-forgejo-runner.nix
./service-hedgedoc.nix ./service-hedgedoc.nix
./service-photoprism.nix ./service-photoprism.nix
./service-taskserver.nix ./service-taskserver.nix

View file

@ -0,0 +1,66 @@
{ config, lib, pkgs, utils, ... }:
let inherit (utils) escapeSystemdPath;
in
{
virtualisation = {
# docker.enable = true;
podman.enable = true;
};
#nix.settings.trusted-users = [ "root" "gitea-runner"];
nix.settings.allowed-users = [ "*" "gitea-runner" ];
users.users.gitea-runner = {
isSystemUser = true;
group = "gitea-runner";
};
users.groups.gitea-runner = { };
clanCore.facts.services.gitea-runner = {
secret."gitea-runner.token" = { };
generator = {
prompt = "please enter your gitea-runner password";
path = with pkgs; [ coreutils ];
script = ''
echo "$prompt_value" > "$secrets"/gitea-runner.token
'';
};
};
systemd.services."gitea-runner-${escapeSystemdPath "git.ingolf-wagner.de"}" = {
serviceConfig = {
DynamicUser = lib.mkForce false;
};
};
services.gitea-actions-runner = {
package = pkgs.forgejo-runner;
instances."git.ingolf-wagner.de" = {
enable = true;
hostPackages = [
pkgs.bash
pkgs.coreutils
pkgs.curl
pkgs.gawk
pkgs.gitMinimal
pkgs.gnused
pkgs.nodejs
pkgs.wget
pkgs.nix
];
url = "https://git.ingolf-wagner.de";
tokenFile = config.clanCore.facts.services.gitea-runner.secret."gitea-runner.token".path;
name = "fick_deine_mudda";
labels = [
# provide a debian base with nodejs for actions
#"debian-latest:docker://node:18-bullseye"
# fake the ubuntu name, because node provides no ubuntu builds
#"ubuntu-latest:docker://node:18-bullseye"
# provide native execution on the host
"native:host"
];
};
};
}