Compare commits
2 commits
5729a3d1e3
...
b7d1252ef8
Author | SHA1 | Date | |
---|---|---|---|
b7d1252ef8 | |||
90618b06a2 |
2 changed files with 18 additions and 4 deletions
|
@ -14,12 +14,19 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
sops.secrets."forgejo-runner-token" = {
|
sops.secrets."forgejo-runner-token" = {
|
||||||
# configure secret for forwarding rules
|
# configure secret for the gitea/forgejo runner.
|
||||||
sopsFile = ./secrets.sops.yaml;
|
sopsFile = ./secrets.sops.yaml;
|
||||||
mode = "0444";
|
mode = "0444";
|
||||||
restartUnits = [ "gitea-runner-default.service" ];
|
restartUnits = [ "gitea-runner-default.service" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
sops.secrets."cachix/agent_auth_tokens/fj-shadowfax-x86_64" = {
|
||||||
|
# configure secret for cachix deploy agent.
|
||||||
|
sopsFile = ./secrets.sops.yaml;
|
||||||
|
mode = "0444";
|
||||||
|
restartUnits = [ "cachix-agent.service" ];
|
||||||
|
};
|
||||||
|
|
||||||
nix.settings.trusted-users = [ "gitea-runner" ];
|
nix.settings.trusted-users = [ "gitea-runner" ];
|
||||||
users.users.jahanson = {
|
users.users.jahanson = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
|
@ -55,5 +62,11 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.cachix-agent = {
|
||||||
|
enable = true;
|
||||||
|
credentialsFile = config.sops.secrets."cachix/agent_auth_tokens/fj-shadowfax-x86_64".path;
|
||||||
|
};
|
||||||
|
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
}
|
}
|
|
@ -1,6 +1,7 @@
|
||||||
forgejo-runner-token: ENC[AES256_GCM,data:Sp9rTX+D+PA2kyYpYJLwkXVlmhmAedbQf0r5RGZYaLcWIK8GfWXJkBt/oYMgmQ==,iv:u16wUSl+gbmI+oWB1xfmvhiRP4TxThH6VI5hKhAMOf0=,tag:BcetaNT41N4TWQViRLe5pw==,type:str]
|
forgejo-runner-token: ENC[AES256_GCM,data:Sp9rTX+D+PA2kyYpYJLwkXVlmhmAedbQf0r5RGZYaLcWIK8GfWXJkBt/oYMgmQ==,iv:u16wUSl+gbmI+oWB1xfmvhiRP4TxThH6VI5hKhAMOf0=,tag:BcetaNT41N4TWQViRLe5pw==,type:str]
|
||||||
cachix:
|
cachix:
|
||||||
auth_token: ENC[AES256_GCM,data:n3jORLJwIJ75SASbvsx12SNpVoF4NDtUZ/bPqpmByhzES8WbALVrfpZU98IHntb5UmnyEJjwTy3wjkrdEbMcOIuDvZudh8DLtLWKIvD0Dke0cNlxAY8s/eIsH9Xt6sDctiD23u1hyhugCFC6RJ6VjEGBRWEyISz04tY1xhoBiT11kAG5hj6a9ThTBcF4adqMNm5QFIc=,iv:mQsMX+Z0lT3Dm7Z9DytQtulV88GqChOo3G4y5bZ4NlM=,tag:gyKt0Ojp2c8B0Nr1vILvaw==,type:str]
|
agent_auth_tokens:
|
||||||
|
fj-shadowfax-x86_64: ENC[AES256_GCM,data:zRVf/3VNeQUb029ZMOeQfWMHQvhoMCI3YiNOEZNQ65yXot+J729FInt1IK/MLH9Q3caOE5UXnZ5p9j114c9FlxXDk50PqFGzw6mTLcOzgpKcM5gIjyNZMXdh+sb1sZRUFpeHf/XuGVil9SxlAW09YyP2rsgSYgM7b6YqKe8BvowU6jJ9iGtKdFus9aC0UztC4YUnxHfBjFypGoWwgbODRTd7p1yrSM4I,iv:T18tNm/imVbdN/7y4ejwyFsVnGix1q0xm/Z92yOkzIw=,tag:FCoR3LBO8P+EzPnghFkOCw==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -43,8 +44,8 @@ sops:
|
||||||
TC9NN3NwNXFPM0RMbmk3NkZBWkpvdUkKvvcdKDCEIo6763hjv5Qlb782jfrDN6wh
|
TC9NN3NwNXFPM0RMbmk3NkZBWkpvdUkKvvcdKDCEIo6763hjv5Qlb782jfrDN6wh
|
||||||
lFfbRNuM9p6KjEIcD4wGcGCngPz3L5BtKqyOpCz62apiJk2fo+ztrA==
|
lFfbRNuM9p6KjEIcD4wGcGCngPz3L5BtKqyOpCz62apiJk2fo+ztrA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-05-26T17:18:50Z"
|
lastmodified: "2024-06-18T22:46:02Z"
|
||||||
mac: ENC[AES256_GCM,data:oNN2RMBxnz3I+A7eg7+DT5NY3Cfd3GUcuG6DLmecc2NDCHJJY9Lh0A4GzcvsJu9X/gq7damHScei1cIxQhmV321y204EOJIbrj7JIp+wgwGhFHj/25/CXaSSM8KK+x3sXGUL2GKm64RMrZUdYqIu7X8sWig43dQTaxIARydRs5k=,iv:4i2w/OyEU0Qz6nobu4/H7MXWFb0piOnefEEtTXTRKPg=,tag:htpF2Ny+Pu0/mTL74asLKw==,type:str]
|
mac: ENC[AES256_GCM,data:MQaw97FRt83O7VocQywJPXuOtmJl0txwlOiUL5OsMw6huuxyeOpoNBJEoBaEImMWfOYwXh/OjrFVNV64+LEFPtG9op9R72yQZPJJiSly8IDsC61lZSqSKAevSo6b7fGdQn97AdCMRDnHBdfQuwRXLCMK3t24mnD8TJjrgVhXvAE=,iv:GbCl5s5af3/EZr/s3P5ZfRZGxFYW+4luUeLbyDt10WY=,tag:DyiFwppDpD9cpLA56Df16A==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
Loading…
Reference in a new issue