Daholli/nixos-config
1
0
Fork 0
Code Issues 5 Pull requests Actions Packages Releases Activity

loptland: add forgejorunner

Browse source
This commit is contained in:
Christoph Hollizeck 2024-12-28 07:41:28 +01:00
parent b91d90c2fe
commit 8c3dbb4fe9
Signed by: Daholli
GPG key ID: 249300664F2AF2C7
2 changed files with 26 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
secrets/secrets-loptland.yaml
View file

@ -8,6 +8,8 @@ forgejo:
mail: mail:
password: ENC[AES256_GCM,data:XgQZM0MBUEELyhH7UvyyMEiUABs=,iv:m3Wzs2SAPQ2w6UC02lpTvwd83Dt0LEzqdIj65HeOrbU=,tag:3cr5dnjeyoJ4ze9RFd9K5g==,type:str] password: ENC[AES256_GCM,data:XgQZM0MBUEELyhH7UvyyMEiUABs=,iv:m3Wzs2SAPQ2w6UC02lpTvwd83Dt0LEzqdIj65HeOrbU=,tag:3cr5dnjeyoJ4ze9RFd9K5g==,type:str]
passwordHash: ENC[AES256_GCM,data:hHGJBUEtCi/gErZ5vm0gsEFqyIDNkED4scR4NAOSzbiiZAYTMg++yqf3hfjjwWV3wTPswNpzzw+gYKEH,iv:wDM5IOOamopFpMEkUit4y7LBZi8CJff3+Tc08lK4IXI=,tag:FaaaohtA+vBFwjDugoemQw==,type:str] passwordHash: ENC[AES256_GCM,data:hHGJBUEtCi/gErZ5vm0gsEFqyIDNkED4scR4NAOSzbiiZAYTMg++yqf3hfjjwWV3wTPswNpzzw+gYKEH,iv:wDM5IOOamopFpMEkUit4y7LBZi8CJff3+Tc08lK4IXI=,tag:FaaaohtA+vBFwjDugoemQw==,type:str]
runner:
token: ENC[AES256_GCM,data:+k8qoQl3RTu1psulBKwQzvljsP0t2t/NvhXjsSgVD/lR2TQ/T5JMRA==,iv:buKtUUPTGqnfezHYEOnbgsdBMQiY3GA3Tg/VParjBwI=,tag:Z8GtHRye3vBZxlpetWik6Q==,type:str]
netcup: netcup:
customer_number: ENC[AES256_GCM,data:9+QboNg1,iv:Tg9ylJUM8L/kzqFmk2uIsD9noqnp5wIxr5GVXMsZwB8=,tag:2qRggSIkPHuCQYDWCfka5Q==,type:str] customer_number: ENC[AES256_GCM,data:9+QboNg1,iv:Tg9ylJUM8L/kzqFmk2uIsD9noqnp5wIxr5GVXMsZwB8=,tag:2qRggSIkPHuCQYDWCfka5Q==,type:str]
api: api:
@ -37,8 +39,8 @@ sops:
UllqSDR1YWl6aU1jSnY2WE9oczg5Q28KfN15tFxXHrJmOHySK+cyLi2bFqArg244 UllqSDR1YWl6aU1jSnY2WE9oczg5Q28KfN15tFxXHrJmOHySK+cyLi2bFqArg244
bNTYyuBUtBW1Y/EuNpbyLjSNQpKZWFz7grE64uxrNQHP865N3wv0gg== bNTYyuBUtBW1Y/EuNpbyLjSNQpKZWFz7grE64uxrNQHP865N3wv0gg==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-12-03T13:46:57Z" lastmodified: "2024-12-28T06:45:43Z"
mac: ENC[AES256_GCM,data:5o/0aL6x4Kc+IwKL4sIZ4gyG4IXZqvL6TqZFnp3GNGjazRyUKvEbTbKTj96C7W1ci+JUv73mO/0IGjPxY/Bbsv06clKxSX40XbSvWVxSOfQp1qfiQaDxswcF+7yw5vA6wsOfZnYCWeyzJHuBD8OvTE+xXE8bNil5q2ZY5OXX7nk=,iv:aR7um7d9fjJxetxj8a0LrK9zs8tAWiSvKMenYBCMWpc=,tag:Zvj+ZiM5uV5HFVwu6ZAd2A==,type:str] mac: ENC[AES256_GCM,data:lCnyuIftA7P8MXVLUm6+bXyi0dsv6W5587Veni857TXrWbTqJBkNpkY13PFdK+WH3wUptDp87NTzREkei4A2yFaUYddUpzhTSSh0HwRvOCKLPk45E5lUjJ9mYHBEXG1ZNUptcoeJIai8FOuQGA0pXrlXHsBEC164ECI6NfiCBzU=,iv:dNs6QD4agMhX0gE/4QK8W2/3f14ppaTP7Ce19TDJ4DQ=,tag:DhisJ9f56Ipb/XCLR7CAFg==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.1 version: 3.9.2

21
systems/x86_64-linux/loptland/default.nix
View file

@ -32,6 +32,9 @@ in
"forgejo/mail/passwordHash" = { "forgejo/mail/passwordHash" = {
inherit sopsFile; inherit sopsFile;
}; };
"forgejo/runner/token" = {
inherit sopsFile;
};
}; };
}; };
@ -118,6 +121,24 @@ in
certificateScheme = "acme-nginx"; certificateScheme = "acme-nginx";
}; };
services.gitea-actions-runner = {
package = pkgs.forgejo-actions-runner;
instances.default = {
enable = true;
name = "monolith";
url = "https://git.${domainName}.com";
tokenFile = config.sops.secrets."forgejo/runner/token".path;
labels = [
"ubuntu-latest:docker://node:16-bullseye"
"ubuntu-22.04:docker://node:16-bullseye"
"ubuntu-20.04:docker://node:16-bullseye"
"ubuntu-18.04:docker://node:16-buster"
## optionally provide native execution on the host:
# "native:host"
];
};
};
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
forgejoPort forgejoPort
80 80