feat: add 2 podman runners for forgejo

2024-05-07 20:31:54 +02:00 · 2024-05-07 20:31:54 +02:00 · efe1591076
commit efe1591076
parent 4f4f196b96
4 changed files with 41 additions and 0 deletions
--- a/hosts/ami/forgejo-action-runner.nix
+++ b/hosts/ami/forgejo-action-runner.nix
@ -0,0 +1,31 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  numRunners = 2;
+in {
+  age.secrets.kitchen-runner-token = {
+    file = ../../secrets/kitchen-runner-token.age;
+    owner = "gitea-runner";
+  };
+
+  services.gitea-actions-runner = {
+    package = pkgs.forgejo-actions-runner;
+
+    instances = lib.genAttrs (builtins.genList (n: "runner${builtins.toString n}") numRunners) (name: {
+      enable = true;
+      name = "runner";
+      url = config.services.forgejo.settings.server.ROOT_URL;
+      tokenFile = config.age.secrets.kitchen-runner-token.path;
+      labels = ["docker" "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-latest"];
+      settings.log.level = "warn";
+    });
+  };
+
+  virtualisation.podman = {
+    enable = true;
+    autoPrune.enable = true;
+  };
+}
--- a/hosts/ami/forgejo.nix
+++ b/hosts/ami/forgejo.nix
@ -1,6 +1,10 @@
 {pkgs, ...}: let
  port = 3000;
 in {
+  imports = [
+    ./forgejo-action-runner.nix
+  ];
+
  services = {
    forgejo = {
      enable = true;
--- a/secrets.nix
+++ b/secrets.nix
@ -3,5 +3,6 @@ let
 in {
  "secrets/bitwarden.age".publicKeys = [buffet];
  "secrets/borgpassword.age".publicKeys = [buffet];
+  "secrets/kitchen-runner-token.age".publicKeys = [buffet];
  "secrets/msmtppassword.age".publicKeys = [buffet];
 }
--- a/secrets/kitchen-runner-token.age
+++ b/secrets/kitchen-runner-token.age
@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> ssh-ed25519 zRvPWg L1Az4B9mJWLdXWD3wiGFMmv4dD7xqDBHKWLRHcWrVTY
+u6p2pQT9YliZpLVhqXJV04EB8wk9+nUhanJAaKQku4c
+--- QsdBiqGhl+3dBJ+NQhPTExPBGQPLpeng3z2Tqnv49dI
+Îb~‘<1A>/½Z‘á0éß©°m)°=™bwBôzï°o¦€ñ	¹ÅZ‡®aÆ«ï<C2AB>ZjðgHÕùÅe9†q@@°h˜RÈêwcM