From 002e91199bbcb591c1825f12900447f0214eb851 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Tue, 29 Apr 2025 10:21:18 +0200 Subject: [PATCH] forgejo-runner: update flake nightly --- .../{demo.yaml => nightly-update.yaml} | 10 +--- modules/nixos/nix/default.nix | 1 + secrets/secrets-loptland.yaml | 13 ++--- systems/x86_64-linux/loptland/default.nix | 55 ++++++++++--------- 4 files changed, 36 insertions(+), 43 deletions(-) rename .forgejo/workflows/{demo.yaml => nightly-update.yaml} (60%) diff --git a/.forgejo/workflows/demo.yaml b/.forgejo/workflows/nightly-update.yaml similarity index 60% rename from .forgejo/workflows/demo.yaml rename to .forgejo/workflows/nightly-update.yaml index 8282f01..0095df5 100644 --- a/.forgejo/workflows/demo.yaml +++ b/.forgejo/workflows/nightly-update.yaml @@ -1,18 +1,12 @@ -name: Gitea Actions Demo -run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀 - on: schedule: - cron: 0 3 * * * - push: jobs: - test: + UpdateFlake: runs-on: native steps: - - run: echo "🎉 The job was automatically triggered by a ${{ gitea.event_name }} event." - - run: echo "🔎 The name of your branch is ${{ gitea.ref }} and your repository is ${{ gitea.repository }}." - name: Check out repository code uses: actions/checkout@v4 - name: Update flake @@ -25,4 +19,4 @@ jobs: git config --local user.name "forgjo-actions[bot]" git commit -a -m "chore: update flake" - name: Push changes - run: git push \ No newline at end of file + run: git push diff --git a/modules/nixos/nix/default.nix b/modules/nixos/nix/default.nix index a8f80d2..64bf9dc 100644 --- a/modules/nixos/nix/default.nix +++ b/modules/nixos/nix/default.nix @@ -56,6 +56,7 @@ in users = [ "root" config.${namespace}.user.name + "gitea-runner" ] ++ optional config.services.hydra.enable "hydra hydra-www hydra-evaluator hydra-queue-runner"; in { diff --git a/secrets/secrets-loptland.yaml b/secrets/secrets-loptland.yaml index e660605..3fe852a 100644 --- a/secrets/secrets-loptland.yaml +++ b/secrets/secrets-loptland.yaml @@ -9,17 +9,13 @@ forgejo: password: ENC[AES256_GCM,data:XgQZM0MBUEELyhH7UvyyMEiUABs=,iv:m3Wzs2SAPQ2w6UC02lpTvwd83Dt0LEzqdIj65HeOrbU=,tag:3cr5dnjeyoJ4ze9RFd9K5g==,type:str] passwordHash: ENC[AES256_GCM,data:hHGJBUEtCi/gErZ5vm0gsEFqyIDNkED4scR4NAOSzbiiZAYTMg++yqf3hfjjwWV3wTPswNpzzw+gYKEH,iv:wDM5IOOamopFpMEkUit4y7LBZi8CJff3+Tc08lK4IXI=,tag:FaaaohtA+vBFwjDugoemQw==,type:str] runner: - token: ENC[AES256_GCM,data:PyJvFNtq18h3zDwBT/jDYdh7noQ1Si1gpTnVAPEbKGQFydIMk0CQWQDCjiK6xA==,iv:ceGpyyMnLrdJTPEw6ViDeZVy83dRWi6tViks6K7p1UE=,tag:zEFP/8fI9nxJdf4BmJH7Uw==,type:str] + token: ENC[AES256_GCM,data:mnKLrRPsh3l8jVOCxBrZvSoELR+Bbf8iWBbb8fFmO+0tVniV87M3/0CDneXkuA==,iv:jdySCO3mB+Kz236IBuz8SMGBI6dtFjvcaQLb0zOxW/w=,tag:h+HGLRnbDYLHrTd5dnMIYw==,type:str] netcup: customer_number: ENC[AES256_GCM,data:9+QboNg1,iv:Tg9ylJUM8L/kzqFmk2uIsD9noqnp5wIxr5GVXMsZwB8=,tag:2qRggSIkPHuCQYDWCfka5Q==,type:str] api: key: ENC[AES256_GCM,data:eYTKtJSSXmZfkRjlj65OHi99mpD3Iom8dPc8v34pwJIQSBbxVaqdgb7Gqzhse1c9L+U=,iv:9gmsBwlJ+NQIGY5NBA6Fi/1EQium2pcfQkF7x/fHyFU=,tag:v25eeqT6/WEMG9za7LVWAg==,type:str] password: ENC[AES256_GCM,data:VTW4XGDg19AbE4EM6kS0u89Sz6718vHXvZZmQlkhGJe/4/LQJHmF1FetAClxkLZ9Za0=,iv:sWHvjHEsMXBbtFmkEdAOeSlQ6VTabRJ28kH3iP3GDaY=,tag:5k6NXFXwXHorUGKe+sAbbg==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] age: - recipient: age1amdd4hu6k0czf3mtlhd03yj3yzkdaynl7q5fdlqmjzpe9pwgxfjs3j0c85 enc: | @@ -39,8 +35,7 @@ sops: UllqSDR1YWl6aU1jSnY2WE9oczg5Q28KfN15tFxXHrJmOHySK+cyLi2bFqArg244 bNTYyuBUtBW1Y/EuNpbyLjSNQpKZWFz7grE64uxrNQHP865N3wv0gg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-28T08:37:33Z" - mac: ENC[AES256_GCM,data:S2UcgNVmk+BSHaUVodsDHjwCIB5cAIfv+tb8mhTh9hktZBFxfQsRgrH+dFlpe7FmbWRBF8XnOIlsf74ytamfmGVEqBfyLA8gzdiAt9oFmOVdCFGf29IaSQjk8nehaYBPM5CJ35ihhzw8yC6S3JmgGuGuzmtDtJq61Zp68WQ5tow=,iv:KKo65bjuNuvzclAFALEGdKn134TxBhDjyjbX3ULEuV8=,tag:odGFLbfijulc9/hmjrPRxQ==,type:str] - pgp: [] + lastmodified: "2025-04-29T06:50:56Z" + mac: ENC[AES256_GCM,data:wFf/x2YFqxlojui67t5wsY6mfJMcyNnI3TnQhDKE8KCdqUrUeZCPLr7dkpyAyxP0bI5Y8ynvOpEps56YvPFfZX+RQ3r/1Qp5w/TisLSLdu6CrMHARW0qMZz7MBf6K1HyBKUQJPIVljaOtsgWwzsoy6zx3C9G3WRVI9yWXa+luAo=,iv:3fLNP7lsqvQPFoQWOXV/6bjSjC+DpPP86gjWlKlLysk=,tag:eP/5d87Wmfd6Bk1KyFi9zQ==,type:str] unencrypted_suffix: _unencrypted - version: 3.9.2 + version: 3.10.2 diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix index 7bde9df..61ec1cf 100644 --- a/systems/x86_64-linux/loptland/default.nix +++ b/systems/x86_64-linux/loptland/default.nix @@ -190,32 +190,35 @@ in services.gitea-actions-runner = { package = pkgs.forgejo-actions-runner; - instances.default = { - enable = true; - name = "monolith"; - url = "https://git.${domainName}"; - tokenFile = config.sops.secrets."forgejo/runner/token".path; - labels = [ - "native:host" - ]; - hostPackages = with pkgs; [ - bash - coreutils - curl - gawk - gitMinimal - gnused - nodejs - wget - ]; - settings = { - log.level = "info"; - runner = { - capacity = 1; - timeout = "3h"; - shutdown_timeout = "3s"; - fetch_timeout = "5s"; - fetch_inteval = "2s"; + instances = { + native = { + enable = true; + name = "monolith"; + url = "https://git.${domainName}"; + tokenFile = config.sops.secrets."forgejo/runner/token".path; + labels = [ + "native:host" + ]; + hostPackages = with pkgs; [ + bash + coreutils + curl + gawk + gitMinimal + gnused + nodejs + wget + lix + ]; + settings = { + log.level = "info"; + runner = { + capacity = 1; + timeout = "3h"; + shutdown_timeout = "5s"; + fetch_timeout = "10s"; + fetch_inteval = "5s"; + }; }; }; };