From f98ba2e9e66a71b06bfde7d501e153e2d148ece1 Mon Sep 17 00:00:00 2001
From: Christoph Hollizeck <christoph.hollizeck@hey.com>
Date: Fri, 31 Oct 2025 00:45:33 +0100
Subject: [PATCH] loptland: forgejo-runner

---
 modules/server/forgejo-runner.nix | 52 +++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 modules/server/forgejo-runner.nix

diff --git a/modules/server/forgejo-runner.nix b/modules/server/forgejo-runner.nix
new file mode 100644
index 0000000..5b7dd7e
--- /dev/null
+++ b/modules/server/forgejo-runner.nix
@@ -0,0 +1,52 @@
+{
+  flake.modules.nixos.forgejo-runner =
+    { config, pkgs, ... }:
+    let
+      sopsFile = ../../secrets/secrets-loptland.yaml;
+    in
+    {
+      sops = {
+        secrets = {
+          "forgejo/runner/token" = {
+            inherit sopsFile;
+          };
+        };
+      };
+
+      services.gitea-actions-runner = {
+        package = pkgs.forgejo-actions-runner;
+        instances = {
+          native = {
+            enable = true;
+            name = "monolith";
+            url = "https://git.christophhollizeck.dev";
+            tokenFile = config.sops.secrets."forgejo/runner/token".path;
+            labels = [
+              "native:host"
+            ];
+            hostPackages = with pkgs; [
+              bash
+              coreutils
+              curl
+              gawk
+              gitMinimal
+              gnused
+              nodejs
+              wget
+              lix
+            ];
+            settings = {
+              log.level = "info";
+              runner = {
+                capacity = 1;
+                timeout = "3h";
+                shutdown_timeout = "5s";
+                fetch_timeout = "10s";
+                fetch_inteval = "5s";
+              };
+            };
+          };
+        };
+      };
+    };
+}