nixos-config/machines/ci-runner/configuration.nix

80 lines
1.6 KiB
Nix
Raw Normal View History

2024-07-19 11:50:11 +02:00
# SPDX-FileCopyrightText: 2024 Simon Bruder <simon@sbruder.de>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
2024-08-03 11:06:41 +02:00
{ config, lib, pkgs, ... }:
let
instances = {
personal = {
url = "https://git.sbruder.de";
};
codeberg = {
url = "https://codeberg.org";
};
};
in
2024-07-19 11:50:11 +02:00
{
imports = [
./hardware-configuration.nix
../../modules
];
sbruder = {
full = false;
};
networking.hostName = "ci-runner";
system.stateVersion = "24.05";
2024-08-03 11:06:41 +02:00
sops.secrets = lib.mapAttrs'
(name: _: lib.nameValuePair "forgejo-runner-token-${name}" {
sopsFile = ./secrets.yaml;
})
instances;
2024-07-19 11:50:11 +02:00
services.gitea-actions-runner = {
package = pkgs.forgejo-runner;
2024-08-03 11:06:41 +02:00
instances = lib.mapAttrs
(name: cfg: {
inherit (cfg) url;
2024-07-19 11:50:11 +02:00
enable = true;
name = "koyomi-vm";
2024-08-03 11:06:41 +02:00
tokenFile = config.sops.secrets."forgejo-runner-token-${name}".path;
2024-07-19 11:50:11 +02:00
labels = [
"nix:host"
];
settings = {
log.level = "warn"; # seems to have little effect
runner = {
capacity = 4;
timeout = "1h";
};
};
hostPackages = with pkgs; [
bash
coreutils
git
git-lfs
nix
nodejs
podman
];
2024-08-03 11:06:41 +02:00
})
instances;
2024-07-19 11:50:11 +02:00
};
virtualisation = {
podman = {
enable = true;
defaultNetwork.settings = {
ipv6_enabled = true;
};
};
containers.containersConf.settings = {
engine.cgroup_manager = "cgroupfs"; # systemd does not work for system user
};
};
}