forgejo: move runner stuff to dedicated module
This commit is contained in:
parent
c0e392ae2a
commit
aed54daa2b
9 changed files with 49 additions and 28 deletions
|
@ -18,6 +18,10 @@
|
||||||
file = ./adguardhome-sync/environment.age;
|
file = ./adguardhome-sync/environment.age;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
forgejo-actions-token = {
|
||||||
|
file = ./forgejo-actions/token.age;
|
||||||
|
};
|
||||||
|
|
||||||
weewx-proxy-environment = {
|
weewx-proxy-environment = {
|
||||||
file = ./weewx-proxy/environment.age;
|
file = ./weewx-proxy/environment.age;
|
||||||
};
|
};
|
||||||
|
|
BIN
agenix/hosts/argon/forgejo-actions/token.age
Normal file
BIN
agenix/hosts/argon/forgejo-actions/token.age
Normal file
Binary file not shown.
12
flake.lock
12
flake.lock
|
@ -109,11 +109,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1694511957,
|
"lastModified": 1694642855,
|
||||||
"narHash": "sha256-teCLY68npc0nuyOHYJURLuJSOME0yotJI29WXcpF1E4=",
|
"narHash": "sha256-wcR5XA2EBVLqRKVGsfECgplip3TuqgYhp46yprFc6aQ=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "disko",
|
"repo": "disko",
|
||||||
"rev": "be98cffef02e5ebf438ea80b34b86e669c48eff1",
|
"rev": "689873ae4f765c0c1304daf7d304fa247a22e48d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -300,11 +300,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1694585439,
|
"lastModified": 1694642908,
|
||||||
"narHash": "sha256-70BlfEsdURx5f8sioj8JuM+R4/SZFyE8UYrULMknxlI=",
|
"narHash": "sha256-0Opzs/56VW03COlVdoBrHJZGxQ7gzLDEWADnccC8ras=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "a0ddf43b6268f1717afcda54133dea30435eb178",
|
"rev": "b62f549653e97d78392c1e282b8ca76546a86585",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -242,12 +242,12 @@ in
|
||||||
};
|
};
|
||||||
nvim-lspconfig = buildVimPluginFrom2Nix {
|
nvim-lspconfig = buildVimPluginFrom2Nix {
|
||||||
pname = "nvim-lspconfig";
|
pname = "nvim-lspconfig";
|
||||||
version = "2023-09-12";
|
version = "2023-09-13";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "neovim";
|
owner = "neovim";
|
||||||
repo = "nvim-lspconfig";
|
repo = "nvim-lspconfig";
|
||||||
rev = "360a895125ac4f39df6aa8f763635eff07e69fff";
|
rev = "57139c690dc8d594b2f9de8d1e609f2854a4fe45";
|
||||||
sha256 = "0sy9w8bl46i9krikxkbnsryrnnccji2hrw29k3ccihnn8nrxwvsl";
|
sha256 = "1gigd4q0vz34wrism2i9qdkn4xhnhcbmgidahm67l7g16pvh48jw";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -87,6 +87,8 @@ in
|
||||||
|
|
||||||
"agenix/hosts/argon/acme/credentials.age".publicKeys = argon;
|
"agenix/hosts/argon/acme/credentials.age".publicKeys = argon;
|
||||||
|
|
||||||
|
"agenix/hosts/argon/forgejo-actions/token.age".publicKeys = argon;
|
||||||
|
|
||||||
"agenix/hosts/argon/tailscale/authkey.age".publicKeys = argon;
|
"agenix/hosts/argon/tailscale/authkey.age".publicKeys = argon;
|
||||||
|
|
||||||
"agenix/hosts/argon/adguardhome-sync/environment.age".publicKeys = argon;
|
"agenix/hosts/argon/adguardhome-sync/environment.age".publicKeys = argon;
|
||||||
|
|
|
@ -22,6 +22,8 @@ in
|
||||||
|
|
||||||
../nixos/attic.nix
|
../nixos/attic.nix
|
||||||
|
|
||||||
|
(import ../nixos/forgejo-runner.nix (args // { name = "argon"; tag = "ubuntu-latest-arm64"; }))
|
||||||
|
|
||||||
../nixos/tailscale.nix
|
../nixos/tailscale.nix
|
||||||
|
|
||||||
../nixos/unbound.nix
|
../nixos/unbound.nix
|
||||||
|
@ -45,12 +47,14 @@ in
|
||||||
|
|
||||||
substituters = [
|
substituters = [
|
||||||
"https://attic.cache.daniel.sx/nifoc-systems"
|
"https://attic.cache.daniel.sx/nifoc-systems"
|
||||||
|
"https://attic.cache.daniel.sx/nifoc-ci"
|
||||||
"https://nifoc.cachix.org"
|
"https://nifoc.cachix.org"
|
||||||
"https://nix-community.cachix.org"
|
"https://nix-community.cachix.org"
|
||||||
];
|
];
|
||||||
|
|
||||||
trusted-public-keys = [
|
trusted-public-keys = [
|
||||||
"nifoc-systems:eDDqVP5BFR6/1KvXbF9oUL8JahDdmbrsYtxlQ57LOTU="
|
"nifoc-systems:eDDqVP5BFR6/1KvXbF9oUL8JahDdmbrsYtxlQ57LOTU="
|
||||||
|
"nifoc-ci:JpD9zqVQi8JuS7B8htPDOQZh08rhInMnGFS9RVhiuwk="
|
||||||
"nifoc.cachix.org-1:ymuftq7RgN/lf/iWXFK8gpwDSAGFaGBeliWe9u6q8II="
|
"nifoc.cachix.org-1:ymuftq7RgN/lf/iWXFK8gpwDSAGFaGBeliWe9u6q8II="
|
||||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||||
];
|
];
|
||||||
|
|
|
@ -33,6 +33,7 @@ in
|
||||||
../nixos/fedifetcher.nix
|
../nixos/fedifetcher.nix
|
||||||
|
|
||||||
../nixos/forgejo.nix
|
../nixos/forgejo.nix
|
||||||
|
(import ../nixos/forgejo-runner.nix (args // { name = "tanker"; tag = "ubuntu-latest-amd64"; }))
|
||||||
|
|
||||||
(import ../nixos/home-proxy.nix (args // { inherit secret; }))
|
(import ../nixos/home-proxy.nix (args // { inherit secret; }))
|
||||||
|
|
||||||
|
@ -72,12 +73,14 @@ in
|
||||||
|
|
||||||
substituters = [
|
substituters = [
|
||||||
"https://attic.cache.daniel.sx/nifoc-systems"
|
"https://attic.cache.daniel.sx/nifoc-systems"
|
||||||
|
"https://attic.cache.daniel.sx/nifoc-ci"
|
||||||
"https://nifoc.cachix.org"
|
"https://nifoc.cachix.org"
|
||||||
"https://nix-community.cachix.org"
|
"https://nix-community.cachix.org"
|
||||||
];
|
];
|
||||||
|
|
||||||
trusted-public-keys = [
|
trusted-public-keys = [
|
||||||
"nifoc-systems:eDDqVP5BFR6/1KvXbF9oUL8JahDdmbrsYtxlQ57LOTU="
|
"nifoc-systems:eDDqVP5BFR6/1KvXbF9oUL8JahDdmbrsYtxlQ57LOTU="
|
||||||
|
"nifoc-ci:JpD9zqVQi8JuS7B8htPDOQZh08rhInMnGFS9RVhiuwk="
|
||||||
"nifoc.cachix.org-1:ymuftq7RgN/lf/iWXFK8gpwDSAGFaGBeliWe9u6q8II="
|
"nifoc.cachix.org-1:ymuftq7RgN/lf/iWXFK8gpwDSAGFaGBeliWe9u6q8II="
|
||||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||||
];
|
];
|
||||||
|
|
24
system/nixos/forgejo-runner.nix
Normal file
24
system/nixos/forgejo-runner.nix
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
{ pkgs, config, name, tag, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
forgejoUrl = "https://git.kempkens.io";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
services.gitea-actions-runner = {
|
||||||
|
package = pkgs.forgejo-actions-runner;
|
||||||
|
|
||||||
|
instances = {
|
||||||
|
tanker = {
|
||||||
|
enable = true;
|
||||||
|
url = forgejoUrl;
|
||||||
|
|
||||||
|
inherit name;
|
||||||
|
tokenFile = config.age.secrets.forgejo-actions-token.path;
|
||||||
|
|
||||||
|
labels = [
|
||||||
|
"${tag}:docker://ghcr.io/catthehacker/ubuntu:act-latest"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
{ pkgs, config, ... }:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
fqdn = "git.kempkens.io";
|
fqdn = "git.kempkens.io";
|
||||||
|
@ -24,6 +24,7 @@ in
|
||||||
PROTOCOL = "http+unix";
|
PROTOCOL = "http+unix";
|
||||||
DOMAIN = fqdn;
|
DOMAIN = fqdn;
|
||||||
ROOT_URL = "https://${fqdn}/";
|
ROOT_URL = "https://${fqdn}/";
|
||||||
|
LANDING_PAGE = "explore";
|
||||||
};
|
};
|
||||||
|
|
||||||
service = {
|
service = {
|
||||||
|
@ -48,24 +49,7 @@ in
|
||||||
|
|
||||||
other = {
|
other = {
|
||||||
SHOW_FOOTER_VERSION = false;
|
SHOW_FOOTER_VERSION = false;
|
||||||
};
|
SHOW_FOOTER_TEMPLATE_LOAD_TIME = false;
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
gitea-actions-runner = {
|
|
||||||
package = pkgs.forgejo-actions-runner;
|
|
||||||
|
|
||||||
instances = {
|
|
||||||
tanker = {
|
|
||||||
enable = true;
|
|
||||||
url = "https://${fqdn}";
|
|
||||||
|
|
||||||
name = "tanker";
|
|
||||||
tokenFile = config.age.secrets.forgejo-actions-token.path;
|
|
||||||
|
|
||||||
labels = [
|
|
||||||
"ubuntu-latest-amd64:docker://ghcr.io/catthehacker/ubuntu:act-latest"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue