felschr/nixos-config
1
1
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

feat(home-server): add forgejo runner

Browse source
This commit is contained in:
Felix Schröter 2025-01-17 14:20:00 +01:00
parent 933d7b6994
commit 13a7c455a9
Signed by: felschr
GPG key ID: 671E39E6744C807D
3 changed files with 55 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
secrets/forgejo/runner-token.age Normal file
View file

@ -0,0 +1,8 @@
age-encryption.org/v1
-> ssh-ed25519 OAZQhA 2ptce5tD9VWD7rfhCjLZbKzznVXLHFw1L5iXbwrAyUQ
egOD0xgvKyRsezgBCmaZrft/61TtS3fh4mHWf+taNjI
-> ssh-ed25519 72ij7w mVe1vE1rQT0t21xwwrLqEytD/1dwB2gwbzuNx6z/tEQ
ZxcOXVdxpxpvvU6ozhjJ41hIncxygJcV3icGFascFpw
--- 298y2yI6JRzmJq1If1v3NMjRKlCpH2kjUqhfL47n2ag
2Ý©TwÀÆV}ü“6­´϶A=è/w <þ½Ù­éÏÍ Ö[|Fïdåˆì$e^&
ªÐ<C2AA>°HÐüöaì&„߀vÒ]

6
services/forgejo/default.nix
View file

@ -11,6 +11,8 @@ let
cfg = config.services.forgejo; cfg = config.services.forgejo;
in in
{ {
imports = [ ./runner.nix ];
age.secrets.forgejo-admin-password = { age.secrets.forgejo-admin-password = {
file = ../../secrets/forgejo/admin-password.age; file = ../../secrets/forgejo/admin-password.age;
owner = cfg.user; owner = cfg.user;
@ -34,6 +36,10 @@ in
ui = { ui = {
DEFAULT_THEME = "forgejo-dark"; DEFAULT_THEME = "forgejo-dark";
}; };
actions = {
ENABLED = true;
DEFAULT_ACTIONS_URL = "https://${domain}";
};
mailer = { mailer = {
ENABLED = true; ENABLED = true;
PROTOCOL = "sendmail"; PROTOCOL = "sendmail";

41
services/forgejo/runner.nix Normal file
View file

@ -0,0 +1,41 @@
{
config,
pkgs,
lib,
...
}:
let
forgejoCfg = config.services.forgejo;
domain = forgejoCfg.settings.server.DOMAIN;
in
{
services.gitea-actions-runner = {
package = pkgs.forgejo-runner;
instances.local = {
enable = true;
url = "https://${domain}";
tokenFile = ""; # dynamically retrieved from Forgejo (see further below)
name = config.networking.hostName;
labels = [ "native:host" ];
settings = {
container.network = "host";
};
};
};
# automatically get registration token from forgejo
systemd.services.forgejo.postStart = lib.mkBefore ''
${pkgs.bash}/bin/bash -c '(while ! ${pkgs.netcat-openbsd}/bin/nc -z -U ${forgejoCfg.settings.server.HTTP_ADDR}; do echo "Waiting for unix ${forgejoCfg.settings.server.HTTP_ADDR} to open..."; sleep 2; done); sleep 2'
actions="${lib.getExe config.services.forgejo.package} actions"
echo -n TOKEN= > /run/forgejo/forgejo-runner-token
$actions generate-runner-token >> /run/forgejo/forgejo-runner-token
'';
systemd.services.gitea-runner-local.serviceConfig = {
EnvironmentFile = [ "/run/forgejo/forgejo-runner-token" ];
};
systemd.services.gitea-runner-local.wants = [ "forgejo.service" ];
systemd.services.gitea-runner-local.after = [ "forgejo.service" ];
}