Joseph Hanson
80405241c6
Some checks failed
Build on PR / nix-build (fj-shadowfax-01, native-x86_64, x86_64-linux) (pull_request) Has been cancelled
Build on PR / nix-build (fj-hetzner-aarch64-01, native-aarch64, aarch64-linux) (pull_request) Has been cancelled
Deploy on PR Merge / if_merged (fj-hetzner-aarch64-01, native-aarch64, aarch64-linux) (pull_request) Successful in 1m4s
Deploy on PR Merge / if_merged (fj-shadowfax-01, native-x86_64, x86_64-linux) (pull_request) Has been cancelled
36 lines
922 B
Nix
36 lines
922 B
Nix
{ pkgs, config, ... }:
|
|
{
|
|
imports = [
|
|
./common.nix
|
|
];
|
|
|
|
services.gitea-actions-runner = {
|
|
package = pkgs.forgejo-actions-runner;
|
|
instances.default = {
|
|
enable = true;
|
|
name = "fj-hetzner-aarch64";
|
|
url = "https://git.hsn.dev";
|
|
# Obtaining the path to the runner token file may differ
|
|
tokenFile = config.sops.secrets.forgejo-runner-token.path;
|
|
labels = [
|
|
"aarch64"
|
|
"linux"
|
|
"pc"
|
|
"docker-aarch64:docker://node:20-bullseye"
|
|
"native-aarch64:host"
|
|
];
|
|
};
|
|
};
|
|
|
|
sops.secrets."cachix/agent_auth_tokens/fj-hetzner-aarch64" = {
|
|
# configure secret for cachix deploy agent.
|
|
sopsFile = ./secrets.sops.yaml;
|
|
mode = "0444";
|
|
restartUnits = [ "cachix-agent.service" ];
|
|
};
|
|
|
|
services.cachix-agent = {
|
|
enable = true;
|
|
credentialsFile = config.sops.secrets."cachix/agent_auth_tokens/fj-hetzner-aarch64".path;
|
|
};
|
|
}
|