diff --git a/hosts/ami/forgejo-action-runner.nix b/hosts/ami/forgejo-action-runner.nix new file mode 100644 index 0000000..573b49e --- /dev/null +++ b/hosts/ami/forgejo-action-runner.nix @@ -0,0 +1,31 @@ +{ + config, + lib, + pkgs, + ... +}: let + numRunners = 2; +in { + age.secrets.kitchen-runner-token = { + file = ../../secrets/kitchen-runner-token.age; + owner = "gitea-runner"; + }; + + services.gitea-actions-runner = { + package = pkgs.forgejo-actions-runner; + + instances = lib.genAttrs (builtins.genList (n: "runner${builtins.toString n}") numRunners) (name: { + enable = true; + name = "runner"; + url = config.services.forgejo.settings.server.ROOT_URL; + tokenFile = config.age.secrets.kitchen-runner-token.path; + labels = ["docker" "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-latest"]; + settings.log.level = "warn"; + }); + }; + + virtualisation.podman = { + enable = true; + autoPrune.enable = true; + }; +} diff --git a/hosts/ami/forgejo.nix b/hosts/ami/forgejo.nix index 0a8bb30..aec1fc5 100644 --- a/hosts/ami/forgejo.nix +++ b/hosts/ami/forgejo.nix @@ -1,6 +1,10 @@ {pkgs, ...}: let port = 3000; in { + imports = [ + ./forgejo-action-runner.nix + ]; + services = { forgejo = { enable = true; diff --git a/secrets.nix b/secrets.nix index a3fa0fd..1335d0b 100644 --- a/secrets.nix +++ b/secrets.nix @@ -3,5 +3,6 @@ let in { "secrets/bitwarden.age".publicKeys = [buffet]; "secrets/borgpassword.age".publicKeys = [buffet]; + "secrets/kitchen-runner-token.age".publicKeys = [buffet]; "secrets/msmtppassword.age".publicKeys = [buffet]; } diff --git a/secrets/kitchen-runner-token.age b/secrets/kitchen-runner-token.age new file mode 100644 index 0000000..f0e3664 --- /dev/null +++ b/secrets/kitchen-runner-token.age @@ -0,0 +1,5 @@ +age-encryption.org/v1 +-> ssh-ed25519 zRvPWg L1Az4B9mJWLdXWD3wiGFMmv4dD7xqDBHKWLRHcWrVTY +u6p2pQT9YliZpLVhqXJV04EB8wk9+nUhanJAaKQku4c +--- QsdBiqGhl+3dBJ+NQhPTExPBGQPLpeng3z2Tqnv49dI +b~/Z0ߩm)=bwBzo ZaƫZjgHe9q@@hRwcM \ No newline at end of file