This will avoid me having to run "deploy" myself on my laptop. All I will need to do is push a commit and it will self-deploy.
47 lines
967 B
Nix
47 lines
967 B
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
service_configs,
|
|
...
|
|
}:
|
|
{
|
|
services.gitea-actions-runner.instances.muffin = {
|
|
enable = true;
|
|
name = "muffin";
|
|
url = config.services.gitea.settings.server.ROOT_URL;
|
|
tokenFile = config.age.secrets.gitea-runner-token.path;
|
|
labels = [ "nix:host" ];
|
|
hostPackages = with pkgs; [
|
|
bash
|
|
coreutils
|
|
curl
|
|
gawk
|
|
git
|
|
git-crypt
|
|
gnugrep
|
|
gnused
|
|
jq
|
|
nix
|
|
nodejs
|
|
openssh
|
|
];
|
|
settings = {
|
|
runner = {
|
|
capacity = 1;
|
|
timeout = "3h";
|
|
};
|
|
};
|
|
};
|
|
|
|
# Override DynamicUser to use our static gitea-runner user
|
|
systemd.services."gitea-runner-muffin" = {
|
|
serviceConfig = {
|
|
DynamicUser = lib.mkForce false;
|
|
User = "gitea-runner";
|
|
Group = "gitea-runner";
|
|
};
|
|
environment.GIT_SSH_COMMAND = "ssh -i /run/agenix/ci-deploy-key -o StrictHostKeyChecking=yes -o UserKnownHostsFile=/etc/ci-known-hosts";
|
|
};
|
|
}
|