SK-Development-Studios/Nixos-Configuration
2
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feature: added signing key [deploy]
All checks were successful
/ check (push) Successful in 1m0s
Details
/ deploy (push) Successful in 1m25s
Details

Browse source
This commit is contained in:
Jermeiah S 2025-06-25 21:10:42 -04:00
parent 71c934809b
commit eaeb15df7f
No known key found for this signature in database
3 changed files with 26 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
configurations/nixos/forgejo-runner-tofu/default.nix
View file

@ -34,6 +34,10 @@ in
# group = "gitea-runner";
mode = "0777";
};
sops.secrets.forgejo-nix-key = { };
nix.settings = {
secret-key-files = config.sops.secrets.forgejo-nix-key.path;
};
services.gitea-actions-runner = {
package = pkgs.forgejo-runner;
instances = {

19
modules/nixos/common/nix.nix Normal file
View file

@ -0,0 +1,19 @@
{
lib,
config,
pkgs,
self',
...
}:
{
nix.settings = {
trusted-public-keys = [
"forgejo-runner-tofu.local:iaY0LQcytexYeZWKbV3EaoHWmvS3tThLWDUYN02T534="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
];
substituters = [
"https://cache.nixos.org/"
];
};
}

5
secrets.yaml
View file

@ -1,5 +1,6 @@
otfenv: ENC[AES256_GCM,data:vHSZN364zAhuTBii4IGbQk3bPCu7GBR7K8Z8ce3U/uIOCXNvEi3micq+AEPEooPEQkWL/eslg92uREcgo/JEMYbSuWHWLFNNehhYTeBZ+YXLwuDgJLWzaJGouktF1aF7uQDMsydaX2UjUnLQjf/VdJm3YnoJAGE3QQtbp9ehK0YiHA1hS3XMlwvNuepZfX8Hx7qZTEs6zNa3R8tZvj24jryVsGFvTN+0R1pb7YvqXeLhR3tCkm53S2IJFFXebq2EdaHNbyEIGmfcK2uhdSvpXiGI,iv:lwADUz6mA//G0/jAdAp1eRkn9RvRXXzps5r5RIpWR5A=,tag:YlNtrT4t0R6SYxIR1tRe4g==,type:str]
forgejo-runners-token: ENC[AES256_GCM,data:y6m9JciySpqJ8QOtHGoUG5McPXyZSODqRHCLVY0m+O+vfys2tvmkK3fGKtOlNA==,iv:NYbjaOkRumwJbZBPZlltIeQkaNOrUKQLmVb0uFNXX+g=,tag:f+rH81mGvS0QKrfmLoXEHQ==,type:str]
forgejo-nix-key: ENC[AES256_GCM,data:LKC8t2KSrILh0nc5xlSgQ9OuhQcc3m84fE9UJeVi1lXsv0mn+MddQw083WaDxMdlZKjbH0QclDfIkJCbHpJ/wEWVXzkVGErCJmdWeH1YEgElj5FuaFrDmbKNn8rhV7t3FYn04ni8iypLV/wPBqvVI/Yt,iv:r/SHHXjA2raRIKs/fZxJodVgMunp+RmL1SjVZOGli+E=,tag:MmBhUHCZRgSW2uhBd4o72A==,type:str]
sops:
age:
- recipient: age1ja6zky2xlptgmu04ghp30z9gcyw240p4p8jpqeznt9msmmrwjdjshl6rx3
@ -38,7 +39,7 @@ sops:
aXdJMnFId3Nnc093cVpNOGUyKzFuYlEKaszE8RHwN9EQYKemh9fVq6O/YxmC5nMM
hV6FMTuZC/pE75Zzmz8f2ZFHJrqwQB/2xgTpMiudvbQHrZRUEKMCEA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-06-19T23:51:21Z"
mac: ENC[AES256_GCM,data:gw9Z6NBqNqNRh+34pL9jis4x01AOx7+4dVQn69dciWcxSoWltfyUxj0LkthKYWSVezv4nruB3PAShNaTdn2xdmDhCoT/MuSeMa7VrnblyFzPs0yshdOoaqk8zit4pjegZCrpbUh4TYZs0Tfjhd58PoSGaCpqtESTSfR6wL76U/g=,iv:xfYQHTTSlmRavM/HR+cATIKuvEwzIoU8iHkUM0/XdDo=,tag:Ujk7J2qwd5vcxBz+Q3JDUw==,type:str]
lastmodified: "2025-06-26T00:55:16Z"
mac: ENC[AES256_GCM,data:UYsuGDLofBEMqj0qcZKmRxVDKOdaS15jzpLerSGxA5EWoqcoJohYBz1STTtobBtfnVa1UV/EOPXKqsONv2iWe4HKJh5byKwJm3Y3omGbd/8xm+o1q9EKB9CZJAHlOkBl6rgkWnlApgxpPaD1FFsAeTTwndnrTPeefBsMTs4H03w=,iv:SK5bNm5LN1xp5FJIxvaz5claDJw/MtRt+q4bSM34Eqg=,tag:mx/JkyYNKk1vkGRLtyBZwA==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2