# SPDX-FileCopyrightText: 2024 Simon Bruder <simon@sbruder.de>
#
# SPDX-License-Identifier: AGPL-3.0-or-later

{ config, lib, pkgs, ... }:
let
  instances = {
    personal = {
      url = "https://git.sbruder.de";
    };
    codeberg = {
      url = "https://codeberg.org";
    };
  };
in
{
  imports = [
    ./hardware-configuration.nix
    ../../modules
  ];

  sbruder = {
    full = false;
  };

  networking.hostName = "ci-runner";

  system.stateVersion = "24.05";

  sops.secrets = lib.mapAttrs'
    (name: _: lib.nameValuePair "forgejo-runner-token-${name}" {
      sopsFile = ./secrets.yaml;
    })
    instances;

  services.gitea-actions-runner = {
    package = pkgs.forgejo-runner;
    instances = lib.mapAttrs
      (name: cfg: {
        inherit (cfg) url;

        enable = true;
        name = "koyomi-vm";
        tokenFile = config.sops.secrets."forgejo-runner-token-${name}".path;
        labels = [
          "nix:host"
        ];
        settings = {
          log.level = "warn"; # seems to have little effect
          runner = {
            capacity = 4;
            timeout = "1h";
          };
        };
        hostPackages = with pkgs; [
          bash
          coreutils
          git
          git-lfs
          nix
          nodejs
          podman
        ];
      })
      instances;
  };

  virtualisation = {
    podman = {
      enable = true;
      defaultNetwork.settings = {
        ipv6_enabled = true;
      };
    };
    containers.containersConf.settings = {
      engine.cgroup_manager = "cgroupfs"; # systemd does not work for system user
    };
  };
}