59 lines
1.4 KiB
Nix
59 lines
1.4 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: {
|
|
age.secrets.woodpecker.file = ../../secrets/woodpecker.age;
|
|
|
|
services = let
|
|
port = 3007;
|
|
grpc-port = 9000;
|
|
in {
|
|
woodpecker-server = {
|
|
enable = true;
|
|
package = pkgs.unstable.woodpecker-server;
|
|
|
|
environment = {
|
|
WOODPECKER_OPEN = "true";
|
|
WOODPECKER_ORGS = "kitchen";
|
|
WOODPECKER_ADMIN = "chef";
|
|
WOODPECKER_HOST = "https://build.buffets.kitchen/";
|
|
WOODPECKER_SERVER_ADDR = ":${toString port}";
|
|
WOODPECKER_GRPC_ADDR = ":${toString port}";
|
|
|
|
WOODPECKER_FORGEJO = "true";
|
|
WOODPECKER_FORGEJO_URL = "https://buffets.kitchen/";
|
|
};
|
|
|
|
environmentFile = config.age.secrets.woodpecker.path;
|
|
};
|
|
|
|
woodpecker-agents.agents = {
|
|
podman = {
|
|
package = pkgs.unstable.woodpecker-agent;
|
|
|
|
environment = {
|
|
WOODPECKER_SERVER = "localhost:${toString grpc-port}";
|
|
WOODPECKER_BACKEND = "docker";
|
|
DOCKER_HOST = "unix:///run/podman/podman.sock";
|
|
};
|
|
|
|
environmentFile = config.age.secrets.woodpecker.path;
|
|
extraGroups = ["podman"];
|
|
};
|
|
};
|
|
|
|
nginx = {
|
|
virtualHosts."build.buffets.kitchen" = {
|
|
useACMEHost = "buffet.sh";
|
|
forceSSL = true;
|
|
|
|
locations = {
|
|
"/" = {
|
|
proxyPass = "http://localhost:${toString port}";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|