From b19bbf6d813928550e8008e04daaf47af12036f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Schr=C3=B6ter?= Date: Sun, 19 Jan 2025 13:00:37 +0100 Subject: [PATCH 1/3] feat(forgejo): add packages to runner --- services/forgejo/runner.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/services/forgejo/runner.nix b/services/forgejo/runner.nix index 576221a..7c4ed49 100644 --- a/services/forgejo/runner.nix +++ b/services/forgejo/runner.nix @@ -18,6 +18,19 @@ in tokenFile = ""; # dynamically retrieved from Forgejo (see further below) name = config.networking.hostName; labels = [ "native:host" ]; + hostPackages = with pkgs; [ + # default + bash + coreutils + curl + gawk + gitMinimal + gnused + nodejs + wget + + nix + ]; settings = { container.network = "host"; }; From 75dc56a59c4ec33023fbd52e35ac5e3d451af7d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Schr=C3=B6ter?= Date: Sun, 19 Jan 2025 13:29:25 +0100 Subject: [PATCH 2/3] feat(forgejo): add packages to runner --- services/forgejo/runner.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/services/forgejo/runner.nix b/services/forgejo/runner.nix index 576221a..7c4ed49 100644 --- a/services/forgejo/runner.nix +++ b/services/forgejo/runner.nix @@ -18,6 +18,19 @@ in tokenFile = ""; # dynamically retrieved from Forgejo (see further below) name = config.networking.hostName; labels = [ "native:host" ]; + hostPackages = with pkgs; [ + # default + bash + coreutils + curl + gawk + gitMinimal + gnused + nodejs + wget + + nix + ]; settings = { container.network = "host"; }; From 95e12b115b7902b4cfacd7fee66ec0fe27de48b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Schr=C3=B6ter?= Date: Sun, 19 Jan 2025 13:29:47 +0100 Subject: [PATCH 3/3] fix(forgejo): add gitea-runner to Nix allowed & trusted users --- services/forgejo/runner.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/services/forgejo/runner.nix b/services/forgejo/runner.nix index 7c4ed49..0bc43fa 100644 --- a/services/forgejo/runner.nix +++ b/services/forgejo/runner.nix @@ -37,6 +37,9 @@ in }; }; + nix.settings.allowed-users = [ "gitea-runner" ]; + nix.settings.trusted-users = [ "gitea-runner" ]; + # automatically get registration token from forgejo systemd.services.forgejo.postStart = lib.mkBefore '' ${pkgs.bash}/bin/bash -c '(while ! ${pkgs.netcat-openbsd}/bin/nc -z -U ${forgejoCfg.settings.server.HTTP_ADDR}; do echo "Waiting for unix ${forgejoCfg.settings.server.HTTP_ADDR} to open..."; sleep 2; done); sleep 2'