# SPDX-FileCopyrightText: 2024 Simon Bruder <simon@sbruder.de>
#
# SPDX-License-Identifier: AGPL-3.0-or-later

{ config, pkgs, ... }:

{
  imports = [
    ./hardware-configuration.nix
    ../../modules
  ];

  sbruder = {
    full = false;
  };

  networking.hostName = "ci-runner";

  system.stateVersion = "24.05";

  sops.secrets.forgejo-runner-token-personal = {
    sopsFile = ./secrets.yaml;
  };

  services.gitea-actions-runner = {
    package = pkgs.forgejo-runner;
    instances = {
      personal = {
        enable = true;
        name = "koyomi-vm";
        url = "https://git.sbruder.de";
        tokenFile = config.sops.secrets.forgejo-runner-token-personal.path;
        labels = [
          "nix:host"
        ];
        settings = {
          log.level = "warn"; # seems to have little effect
          runner = {
            capacity = 4;
            timeout = "1h";
          };
        };
        hostPackages = with pkgs; [
          bash
          coreutils
          git
          git-lfs
          nix
          nodejs
          podman
        ];
      };
    };
  };

  virtualisation = {
    podman = {
      enable = true;
      defaultNetwork.settings = {
        ipv6_enabled = true;
      };
    };
    containers.containersConf.settings = {
      engine.cgroup_manager = "cgroupfs"; # systemd does not work for system user
    };
  };
}