44 lines
1.1 KiB
Nix
44 lines
1.1 KiB
Nix
{ pkgs, config, ... }:
|
|
{
|
|
imports = [
|
|
./common.nix
|
|
];
|
|
|
|
# Generic x86 VM
|
|
services.gitea-actions-runner = {
|
|
package = pkgs.forgejo-actions-runner;
|
|
instances.default = {
|
|
enable = true;
|
|
name = "fj-x86_64";
|
|
url = "https://git.hsn.dev";
|
|
# Obtaining the path to the runner token file may differ
|
|
tokenFile = config.sops.secrets.forgejo-runner-token.path;
|
|
labels = [
|
|
"docker" # this is essentially the same as the below tag
|
|
"docker-x86_64:docker://node:20-bullseye"
|
|
"x86_64"
|
|
"linux"
|
|
"remote"
|
|
];
|
|
};
|
|
};
|
|
|
|
sops.secrets."forgejo-runner-token" = {
|
|
# configure secret for the gitea/forgejo runner.
|
|
sopsFile = ./secrets.sops.yaml;
|
|
mode = "0444";
|
|
restartUnits = [ "gitea-runner-default.service" ];
|
|
};
|
|
|
|
sops.secrets."cachix/agent_auth_tokens/fj-x86_64" = {
|
|
# configure secret for cachix deploy agent.
|
|
sopsFile = ./secrets.sops.yaml;
|
|
mode = "0444";
|
|
restartUnits = [ "cachix-agent.service" ];
|
|
};
|
|
|
|
services.cachix-agent = {
|
|
enable = true;
|
|
credentialsFile = config.sops.secrets."cachix/agent_auth_tokens/fj-x86_64".path;
|
|
};
|
|
}
|