91 lines
No EOL
1.8 KiB
Nix
91 lines
No EOL
1.8 KiB
Nix
{ pkgs, config, lib, ... }:
|
|
|
|
let
|
|
in {
|
|
environment.systemPackages = with pkgs; [
|
|
vim
|
|
# zig broken on darwin
|
|
#ncdu
|
|
git
|
|
tmux
|
|
cachix
|
|
direnv
|
|
lazydocker
|
|
lazygit
|
|
];
|
|
|
|
sops.secrets."forgejo-runner-token" = {
|
|
# configure secret for forwarding rules
|
|
sopsFile = ./secrets.sops.yaml;
|
|
mode = "0444";
|
|
restartUnits = [ "gitea-runner-default.service" ];
|
|
};
|
|
|
|
|
|
virtualisation.docker.enable = true;
|
|
|
|
users.users.gitea-runner.group = "gitea-runner";
|
|
users.groups.gitea-runner = {};
|
|
users.users.gitea-runner.extraGroups = [ "docker" ];
|
|
users.users.gitea-runner.isNormalUser = true;
|
|
|
|
# Runner communication port for cache restores.
|
|
networking.firewall.allowedTCPPorts = [ 45315 ];
|
|
|
|
services.gitea-actions-runner = {
|
|
package = pkgs.forgejo-actions-runner;
|
|
instances.default = {
|
|
enable = true;
|
|
name = "monolith";
|
|
url = "https://git.hsn.dev";
|
|
# Obtaining the path to the runner token file may differ
|
|
tokenFile = config.sops.secrets.forgejo-runner-token.path;
|
|
labels = [
|
|
"docker:docker://node:20-bullseye"
|
|
"aarch64"
|
|
"linux"
|
|
"pc"
|
|
## optionally provide native execution on the host:
|
|
# "native:host"
|
|
];
|
|
};
|
|
};
|
|
system.stateVersion = "24.05";
|
|
}
|
|
|
|
# extraPackages = with pkgs; [
|
|
# # custom
|
|
# cachix
|
|
# tmate
|
|
# jq
|
|
# # nixos
|
|
# docker
|
|
# openssh
|
|
# coreutils-full
|
|
# bashInteractive # bash with ncurses support
|
|
# bzip2
|
|
# cpio
|
|
# curl
|
|
# diffutils
|
|
# findutils
|
|
# gawk
|
|
# stdenv.cc.libc
|
|
# getent
|
|
# getconf
|
|
# gnugrep
|
|
# gnupatch
|
|
# gnused
|
|
# gnutar
|
|
# gzip
|
|
# xz
|
|
# less
|
|
# ncurses
|
|
# netcat
|
|
# mkpasswd
|
|
# procps
|
|
# time
|
|
# zstd
|
|
# util-linux
|
|
# which
|
|
# nixos-rebuild
|
|
# ]; |