swapy

2025-06-19 22:02:40 -04:00 · 2025-06-19 22:02:40 -04:00 · 2c84665e96
commit 2c84665e96
parent f401e5864d
2 changed files with 2 additions and 2 deletions
--- a/configurations/nixos/forgejo-runner-tofu/default.nix
+++ b/configurations/nixos/forgejo-runner-tofu/default.nix
@ -0,0 +1,63 @@
+{
+  lib,
+  flake,
+  modulesPath,
+  config,
+  pkgs,
+  ...
+}:
+
+let
+  inherit (flake) inputs;
+  inherit (inputs) self;
+in
+{
+  imports = [
+    self.nixosModules.default
+    "${modulesPath}/virtualisation/lxc-container.nix"
+  ];
+
+  nix.settings = {
+    allowed-users = [ "gitea-runner" ];
+    trusted-users = [ "gitea-runner" ];
+  };
+  sops.secrets.forgejo-runners-token = {
+    # owner = "gitea-runner";
+    # group = "gitea-runner";
+    mode = "0777";
+  };
+  services.gitea-actions-runner = {
+    package = pkgs.forgejo-runner;
+    instances = {
+      native = {
+        enable = true;
+        url = "https://git.skdevstudios.com";
+        name = "nix";
+        labels = [ "native:host" ];
+        tokenFile = config.sops.secrets.forgejo-runners-token.path;
+        hostPackages = with pkgs; [
+          nix
+          opentofu
+          nodejs
+          git
+          bash
+          coreutils
+          curl
+        ];
+      };
+    };
+  };
+  deploy = {
+    address = "201:ea26:66c7:657b:3599:63a6:c66c:d388";
+  };
+  services = {
+    tty-ips.enable = true;
+  };
+  networking = {
+    firewall.enable = lib.mkForce false;
+    hostName = "forgejo-runner-tofu";
+  };
+  environment.systemPackages = [
+  ];
+  system.stateVersion = "25.05";
+}