forgejo-ci-runners/agents/common.nix

56 lines
1.2 KiB
Nix

{ pkgs, ... }:
{
imports = [
../cachix.nix
];
environment.systemPackages = with pkgs; [
# vim -- added by srvos.nixosModules.server
# git -- srvos.nixosModules.server
# tmux -- srvos.nixosModules.server
cachix
lazydocker
lazygit
nodejs_20 # required by actions such as checkout
openssl
];
sops.secrets."forgejo-runner-token" = {
# configure secret for the gitea/forgejo runner.
sopsFile = ./secrets.sops.yaml;
mode = "0444";
restartUnits = [ "gitea-runner-default.service" ];
};
# Required for the gitea-runner to be able to pull images.
nix.settings.trusted-users = [ "gitea-runner" ];
users = {
groups.gitea-runner = { };
users = {
gitea-runner = {
isNormalUser = true;
extraGroups = [ "docker" ];
group = "gitea-runner";
};
jahanson = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" ];
};
};
};
virtualisation.docker.enable = true;
networking = {
# Runner communication port for cache restores.
firewall.allowedTCPPorts = [ 45315 ];
networkmanager.enable = true;
useDHCP = true;
};
system.stateVersion = "24.05";
}