diff --git a/configurations/nixos/forgejo-runner-tofu/default.nix b/configurations/nixos/forgejo-runner-tofu/default.nix index 886b1c4..c61909a 100644 --- a/configurations/nixos/forgejo-runner-tofu/default.nix +++ b/configurations/nixos/forgejo-runner-tofu/default.nix @@ -30,8 +30,8 @@ in ]; }; sops.secrets.forgejo-runners-token = { - # owner = "gitea-runner"; - # group = "gitea-runner"; + owner = "gitea-runner"; + group = "gitea-runner"; mode = "0777"; }; services.gitea-actions-runner = { @@ -41,10 +41,7 @@ in enable = true; url = "https://git.skdevstudios.com"; name = "nix"; - labels = [ - "native:host" - "nix" - ]; + labels = [ "native:host" ]; tokenFile = config.sops.secrets.forgejo-runners-token.path; hostPackages = with pkgs; [ nix diff --git a/flake.lock b/flake.lock index 5d35504..f7d1885 100644 --- a/flake.lock +++ b/flake.lock @@ -353,8 +353,7 @@ "nixos-generators": "nixos-generators", "nixos-unified": "nixos-unified", "nixpkgs": "nixpkgs_3", - "sops-nix": "sops-nix", - "terranix": "terranix" + "sops-nix": "sops-nix" } }, "sops-nix": { @@ -389,45 +388,6 @@ "type": "github" } }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "terranix": { - "inputs": { - "flake-parts": [ - "flake-parts" - ], - "nixpkgs": [ - "nixpkgs" - ], - "systems": "systems_2" - }, - "locked": { - "lastModified": 1747080393, - "owner": "typedrat", - "repo": "terranix", - "rev": "61c3bfe7b3884a84e9411046d53970d8f969a9b6", - "type": "github" - }, - "original": { - "owner": "typedrat", - "ref": "expose-config", - "repo": "terranix", - "type": "github" - } - }, "treefmt-nix": { "inputs": { "nixpkgs": [ diff --git a/flake.nix b/flake.nix index 31fb475..9567577 100644 --- a/flake.nix +++ b/flake.nix @@ -10,13 +10,6 @@ disko.url = "https://flakehub.com/f/nix-community/disko/1.12.0.tar.gz"; deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; - terranix = { - url = "github:typedrat/terranix/expose-config"; - inputs = { - nixpkgs.follows = "nixpkgs"; - flake-parts.follows = "flake-parts"; - }; - }; nix-index-database.url = "github:nix-community/nix-index-database"; nix-index-database.inputs.nixpkgs.follows = "nixpkgs"; nixos-anywhere.url = "github:nix-community/nixos-anywhere/1.10.0"; diff --git a/modules/flake/deploy.nix b/modules/flake/deploy.nix index d5f1f3e..3333eb7 100644 --- a/modules/flake/deploy.nix +++ b/modules/flake/deploy.nix @@ -53,7 +53,7 @@ in autoRollback = false; magicRollback = true; user = "root"; - remoteBuild = true; + # remoteBuild = true; nodes = lib.mapAttrs genNode deployableNodes; }; } diff --git a/modules/flake/terranix.nix b/modules/flake/terranix.nix deleted file mode 100644 index d2e6863..0000000 --- a/modules/flake/terranix.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ - inputs, - ... -}: -{ - imports = [ - inputs.terranix.flakeModule - ]; - perSystem = - { pkgs, ... }: - let - package = pkgs.opentofu.withPlugins (p: [ - p.external - p.local - p.null - p.tls - p.incus - ]); - in - { - terranix = { - terranixConfigurations = { - tnix = { - terraformWrapper = { - inherit package; - }; - workdir = "terraform"; - modules = [ - # ../terranix/default.nix - ]; - }; - }; - }; - }; -} diff --git a/modules/flake/toplevel.nix b/modules/flake/toplevel.nix index 4e288fc..f8c0704 100644 --- a/modules/flake/toplevel.nix +++ b/modules/flake/toplevel.nix @@ -6,13 +6,11 @@ inputs.nixos-unified.flakeModules.default inputs.nixos-unified.flakeModules.autoWire ]; - perSystem = - { self', pkgs, ... }: - { - # For 'nix fmt' - formatter = pkgs.nixpkgs-fmt; + perSystem = { self', pkgs, ... }: { + # For 'nix fmt' + formatter = pkgs.nixpkgs-fmt; - # Enables 'nix run' to activate. - packages.default = self'.packages.activate; - }; + # Enables 'nix run' to activate. + packages.default = self'.packages.activate; + }; } diff --git a/modules/terranix/default.nix b/modules/terranix/default.nix deleted file mode 100644 index 61875a4..0000000 --- a/modules/terranix/default.nix +++ /dev/null @@ -1,101 +0,0 @@ -{ config, lib, ... }: -{ - - terraform = { - cloud = { - hostname = "tofu.skdevstudios.com"; - organization = "skdevs"; - workspaces.name = "dev"; - }; - required_providers.incus = { - source = "lxc/incus"; - version = "0.3.1"; - }; - }; - variable = { - incus_token.type = "string"; - }; - - provider = { - incus = { - generate_client_certificates = true; - accept_remote_certificate = true; - remote = { - default = true; - name = "tofu-prod"; - scheme = "https"; - address = "olympus.tailfc9f5.ts.net"; - token = lib.tfRef "var.incus_token"; - }; - }; - }; - resource = { - incus_profile.d = { - name = "d"; - config = { - "limits.cpu" = "2"; - "security.nesting" = "true"; - "boot.autostart" = "true"; - "security.privileged" = "false"; - "security.syscalls.intercept.mount" = "false"; - }; - device = [ - { - name = "eth0"; - type = "nic"; - properties = { - network = "incusbr0"; - }; - } - { - name = "root"; - type = "disk"; - properties = { - pool = "default"; - path = "/"; - }; - } - ]; - }; - - incus_instance.observer-tofu = { - name = "observer-tofu"; - image = "images:nixos/25.05/amd64"; - profiles = [ "\${incus_profile.d.name}" ]; - config = { - "limits.cpu" = "1"; - "limits.memory" = "1GiB"; - }; - device = [ - { - name = "http"; - type = "proxy"; - properties = { - listen = "tcp:0.0.0.0:8889"; - connect = "tcp:127.0.0.1:3001"; - }; - } - ]; - }; - - incus_instance.forgejo-runner-tofu = { - name = "forgejo-runner-tofu"; - image = "images:nixos/25.05/amd64"; - profiles = [ "\${incus_profile.d.name}" ]; - config = { - "limits.cpu" = "6"; - "limits.memory" = "8GiB"; - }; - }; - - incus_instance.base-tofu = { - name = "base-tofu"; - image = "images:nixos/25.05/amd64"; - profiles = [ "\${incus_profile.d.name}" ]; - config = { - "limits.cpu" = "1"; - "limits.memory" = "1GiB"; - }; - }; - }; -}