Update Forgejo workflows

2025-02-02 17:10:49 -08:00 · 2025-02-02 17:10:49 -08:00 · 41429ea6c9
commit 41429ea6c9
parent 94abb4af38
5 changed files with 29 additions and 35 deletions
--- a/nixos/common/services/forgejo-runner.nix
+++ b/nixos/common/services/forgejo-runner.nix
@ -1,37 +1,28 @@
-{ pkgs, config, hostname, ... }: {
+{ pkgs, hostname, ... }: {

-    # Set up the secret for the password:
-    sops.secrets."services/forgejo_token" = {
-        owner = "root";
-        mode = "0444"; # gitea-actions-runner uses "DynamicUser"
-        sopsFile = ../../../secrets/secrets.yaml;
-        restartUnits = [ "gitea-actions-runner-${hostname}.service" ];
-    };
-
-    services.gitea-actions-runner = {
-        package = pkgs.gitea-actions-runner;
-        instances."${hostname}" = {
-            enable = true;
-            name = "${hostname}";
-            labels = [ "self-hosted:host://-self-hosted" ];
-            url = "https://git.sysctl.io";
-            tokenFile = /run/secrets/services/forgejo_token;
-            hostPackages = with pkgs; [
-                # Default
-                bash
-                coreutils
-                curl
-                gawk
-                gitMinimal
-                gnused
-                nodejs
-                wget
-
-                # Extras
-                sudo
-                tailscale
-                fish
-            ];
-        };
+  # Set up the secret for the password:
+  sops.secrets."services/forgejo_token" = {
+    owner = "root";
+    mode = "0444"; # gitea-actions-runner uses "DynamicUser"
+    sopsFile = ../../../secrets/secrets.yaml;
+    restartUnits = [ "gitea-actions-runner-${hostname}.service" ];
+  };
+
+  services.gitea-actions-runner = {
+    package = pkgs.forgejo-actions-runner;
+    instances."${hostname}" = {
+      enable = true;
+      name = "${hostname}";
+      labels = [ 
+        "nix:host://self-hosted"
+        "${hostname}:host://self-hosted"
+        "self-hosted:host://self-hosted" 
+        "alpine:docker://alpine:edge"
+        "ubuntu:docker://ubuntu:latest"
+      ];
+      url = "https://git.sysctl.io";
+      tokenFile = /run/secrets/services/forgejo_token;
+      hostPackages = with pkgs; [ bash git nix nodejs ];
    };
+  };
 }
--- a/nixos/hosts/framework-server/default.nix
+++ b/nixos/hosts/framework-server/default.nix
@ -9,6 +9,7 @@
    ../../common/modules/ssh-luks.nix
    ../../common/services/docker.nix
    ../../common/services/tailscale-autoconnect.nix
+    ../../common/services/forgejo-runner.nix
    # Disabling -- I don't know why but this all of a sudden breaks Headscale.  
    # Sep 12 2024
    # ../../common/modules/fail2ban/traefik.nix
--- a/nixos/hosts/framework16/default.nix
+++ b/nixos/hosts/framework16/default.nix
@ -15,6 +15,7 @@
    ../../common/services/syncthing.nix
    ../../common/services/ollama.nix
    # ../../common/services/tabby.nix
+    ../../common/services/forgejo-runner.nix
  ];

  nixpkgs.config.rocmSupport = true;
--- a/nixos/hosts/nuc-server/default.nix
+++ b/nixos/hosts/nuc-server/default.nix
@ -15,6 +15,7 @@ in {
    ./mounts.nix
    ./cron.nix
    ./firewall.nix
+    ../../common/services/forgejo-runner.nix
  ];

  boot.kernelParams = [ "ip=${ipAddress}::${gateway}:255.255.255.0:${hostname}:${netDev}:none" ];
--- a/nixos/hosts/warsaw-ovh-01/default.nix
+++ b/nixos/hosts/warsaw-ovh-01/default.nix
@ -5,7 +5,7 @@
    ../../common/modules/builder.nix
    ../../common/services/docker.nix
    ../../common/services/tailscale-autoconnect.nix
-    # ../../common/modules/fail2ban/traefik.nix
+    ../../common/services/forgejo-runner.nix

    # Copy from framework-server 
    ../framework-server/cron.nix