From aed54daa2b576f9d9874fd69cbd3e396bbedb2a5 Mon Sep 17 00:00:00 2001 From: Daniel Kempkens Date: Thu, 14 Sep 2023 19:39:10 +0200 Subject: [PATCH] forgejo: move runner stuff to dedicated module --- agenix/hosts/argon/config.nix | 4 ++++ agenix/hosts/argon/forgejo-actions/token.age | Bin 0 -> 490 bytes flake.lock | 12 +++++----- home/programs/nvim/plugins.nix | 6 ++--- secrets.nix | 2 ++ system/hosts/argon.nix | 4 ++++ system/hosts/tanker.nix | 3 +++ system/nixos/forgejo-runner.nix | 24 +++++++++++++++++++ system/nixos/forgejo.nix | 22 +++-------------- 9 files changed, 49 insertions(+), 28 deletions(-) create mode 100644 agenix/hosts/argon/forgejo-actions/token.age create mode 100644 system/nixos/forgejo-runner.nix diff --git a/agenix/hosts/argon/config.nix b/agenix/hosts/argon/config.nix index 35b5ef2..c8c73d3 100644 --- a/agenix/hosts/argon/config.nix +++ b/agenix/hosts/argon/config.nix @@ -18,6 +18,10 @@ file = ./adguardhome-sync/environment.age; }; + forgejo-actions-token = { + file = ./forgejo-actions/token.age; + }; + weewx-proxy-environment = { file = ./weewx-proxy/environment.age; }; diff --git a/agenix/hosts/argon/forgejo-actions/token.age b/agenix/hosts/argon/forgejo-actions/token.age new file mode 100644 index 0000000000000000000000000000000000000000..f1d53c9ca09d0f0d078cf53496ee8c90763b3b3a GIT binary patch literal 490 zcmZ9_J&%)M003Z(i@`45;^0!x!2yxd<84cFR-w=y1$t0QOW7#jTzUEK2QE4oCu7pd zI5{|I;^yY2e?S)#y-g<*osGspf@XoZb{HjQ@3Ho<^iBPSE8scTBK=Jj?{ zW-5{(n5D7FGa}`ufF!lX%;EjAa*xRWH^Q|zOp8 z03o=eq8z5}sBeushz}c8J3xDhL=S8C{xC(lfu#|>io8;9dthj$$mfm6a z4>2!u%-lhu3GUJmp1?UbRQkfSP>tB|akrQsWepw_Qg0%ov5-&Owm8B$#$XLGq9lQw z2I!bmAwqk?ajA+dqZHhXK*Jblt+@hGBKp%AsjQi*T^TO;ust zl{T?MO&ChYQmR3Lf(kwpeRt`1kPp}Ip5pUsk!+p6=Y9LLclv$x^6|xYy`N_t%{}poK;a@X5 Br^EmN literal 0 HcmV?d00001 diff --git a/flake.lock b/flake.lock index 9c441cb..0c9b192 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1694511957, - "narHash": "sha256-teCLY68npc0nuyOHYJURLuJSOME0yotJI29WXcpF1E4=", + "lastModified": 1694642855, + "narHash": "sha256-wcR5XA2EBVLqRKVGsfECgplip3TuqgYhp46yprFc6aQ=", "owner": "nix-community", "repo": "disko", - "rev": "be98cffef02e5ebf438ea80b34b86e669c48eff1", + "rev": "689873ae4f765c0c1304daf7d304fa247a22e48d", "type": "github" }, "original": { @@ -300,11 +300,11 @@ ] }, "locked": { - "lastModified": 1694585439, - "narHash": "sha256-70BlfEsdURx5f8sioj8JuM+R4/SZFyE8UYrULMknxlI=", + "lastModified": 1694642908, + "narHash": "sha256-0Opzs/56VW03COlVdoBrHJZGxQ7gzLDEWADnccC8ras=", "owner": "nix-community", "repo": "home-manager", - "rev": "a0ddf43b6268f1717afcda54133dea30435eb178", + "rev": "b62f549653e97d78392c1e282b8ca76546a86585", "type": "github" }, "original": { diff --git a/home/programs/nvim/plugins.nix b/home/programs/nvim/plugins.nix index 531d05a..ebbc47e 100644 --- a/home/programs/nvim/plugins.nix +++ b/home/programs/nvim/plugins.nix @@ -242,12 +242,12 @@ in }; nvim-lspconfig = buildVimPluginFrom2Nix { pname = "nvim-lspconfig"; - version = "2023-09-12"; + version = "2023-09-13"; src = fetchFromGitHub { owner = "neovim"; repo = "nvim-lspconfig"; - rev = "360a895125ac4f39df6aa8f763635eff07e69fff"; - sha256 = "0sy9w8bl46i9krikxkbnsryrnnccji2hrw29k3ccihnn8nrxwvsl"; + rev = "57139c690dc8d594b2f9de8d1e609f2854a4fe45"; + sha256 = "1gigd4q0vz34wrism2i9qdkn4xhnhcbmgidahm67l7g16pvh48jw"; fetchSubmodules = false; }; }; diff --git a/secrets.nix b/secrets.nix index 779a44f..755d8d9 100644 --- a/secrets.nix +++ b/secrets.nix @@ -87,6 +87,8 @@ in "agenix/hosts/argon/acme/credentials.age".publicKeys = argon; + "agenix/hosts/argon/forgejo-actions/token.age".publicKeys = argon; + "agenix/hosts/argon/tailscale/authkey.age".publicKeys = argon; "agenix/hosts/argon/adguardhome-sync/environment.age".publicKeys = argon; diff --git a/system/hosts/argon.nix b/system/hosts/argon.nix index 873ed32..630e1cd 100644 --- a/system/hosts/argon.nix +++ b/system/hosts/argon.nix @@ -22,6 +22,8 @@ in ../nixos/attic.nix + (import ../nixos/forgejo-runner.nix (args // { name = "argon"; tag = "ubuntu-latest-arm64"; })) + ../nixos/tailscale.nix ../nixos/unbound.nix @@ -45,12 +47,14 @@ in substituters = [ "https://attic.cache.daniel.sx/nifoc-systems" + "https://attic.cache.daniel.sx/nifoc-ci" "https://nifoc.cachix.org" "https://nix-community.cachix.org" ]; trusted-public-keys = [ "nifoc-systems:eDDqVP5BFR6/1KvXbF9oUL8JahDdmbrsYtxlQ57LOTU=" + "nifoc-ci:JpD9zqVQi8JuS7B8htPDOQZh08rhInMnGFS9RVhiuwk=" "nifoc.cachix.org-1:ymuftq7RgN/lf/iWXFK8gpwDSAGFaGBeliWe9u6q8II=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; diff --git a/system/hosts/tanker.nix b/system/hosts/tanker.nix index 7881f4f..ae453ed 100644 --- a/system/hosts/tanker.nix +++ b/system/hosts/tanker.nix @@ -33,6 +33,7 @@ in ../nixos/fedifetcher.nix ../nixos/forgejo.nix + (import ../nixos/forgejo-runner.nix (args // { name = "tanker"; tag = "ubuntu-latest-amd64"; })) (import ../nixos/home-proxy.nix (args // { inherit secret; })) @@ -72,12 +73,14 @@ in substituters = [ "https://attic.cache.daniel.sx/nifoc-systems" + "https://attic.cache.daniel.sx/nifoc-ci" "https://nifoc.cachix.org" "https://nix-community.cachix.org" ]; trusted-public-keys = [ "nifoc-systems:eDDqVP5BFR6/1KvXbF9oUL8JahDdmbrsYtxlQ57LOTU=" + "nifoc-ci:JpD9zqVQi8JuS7B8htPDOQZh08rhInMnGFS9RVhiuwk=" "nifoc.cachix.org-1:ymuftq7RgN/lf/iWXFK8gpwDSAGFaGBeliWe9u6q8II=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; diff --git a/system/nixos/forgejo-runner.nix b/system/nixos/forgejo-runner.nix new file mode 100644 index 0000000..006db67 --- /dev/null +++ b/system/nixos/forgejo-runner.nix @@ -0,0 +1,24 @@ +{ pkgs, config, name, tag, ... }: + +let + forgejoUrl = "https://git.kempkens.io"; +in +{ + services.gitea-actions-runner = { + package = pkgs.forgejo-actions-runner; + + instances = { + tanker = { + enable = true; + url = forgejoUrl; + + inherit name; + tokenFile = config.age.secrets.forgejo-actions-token.path; + + labels = [ + "${tag}:docker://ghcr.io/catthehacker/ubuntu:act-latest" + ]; + }; + }; + }; +} diff --git a/system/nixos/forgejo.nix b/system/nixos/forgejo.nix index 9424c1c..93b8922 100644 --- a/system/nixos/forgejo.nix +++ b/system/nixos/forgejo.nix @@ -1,4 +1,4 @@ -{ pkgs, config, ... }: +{ pkgs, ... }: let fqdn = "git.kempkens.io"; @@ -24,6 +24,7 @@ in PROTOCOL = "http+unix"; DOMAIN = fqdn; ROOT_URL = "https://${fqdn}/"; + LANDING_PAGE = "explore"; }; service = { @@ -48,24 +49,7 @@ in other = { SHOW_FOOTER_VERSION = false; - }; - }; - }; - - gitea-actions-runner = { - package = pkgs.forgejo-actions-runner; - - instances = { - tanker = { - enable = true; - url = "https://${fqdn}"; - - name = "tanker"; - tokenFile = config.age.secrets.forgejo-actions-token.path; - - labels = [ - "ubuntu-latest-amd64:docker://ghcr.io/catthehacker/ubuntu:act-latest" - ]; + SHOW_FOOTER_TEMPLATE_LOAD_TIME = false; }; }; };