58 lines
1.6 KiB
Nix
58 lines
1.6 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
|
|
let
|
|
forgejoCfg = config.services.forgejo;
|
|
domain = forgejoCfg.settings.server.DOMAIN;
|
|
in
|
|
{
|
|
services.gitea-actions-runner = {
|
|
package = pkgs.forgejo-runner;
|
|
instances.local = {
|
|
enable = true;
|
|
url = "https://${domain}";
|
|
tokenFile = ""; # dynamically retrieved from Forgejo (see further below)
|
|
name = config.networking.hostName;
|
|
labels = [ "native:host" ];
|
|
hostPackages = with pkgs; [
|
|
# default
|
|
bash
|
|
coreutils
|
|
curl
|
|
gawk
|
|
gitMinimal
|
|
gnused
|
|
nodejs
|
|
wget
|
|
|
|
nix
|
|
];
|
|
settings = {
|
|
container.network = "host";
|
|
};
|
|
};
|
|
};
|
|
|
|
nix.settings.allowed-users = [ "gitea-runner" ];
|
|
nix.settings.trusted-users = [ "gitea-runner" ];
|
|
|
|
# automatically get registration token from forgejo
|
|
systemd.services.forgejo.postStart = lib.mkBefore ''
|
|
${pkgs.bash}/bin/bash -c '(while ! ${pkgs.netcat-openbsd}/bin/nc -z -U ${forgejoCfg.settings.server.HTTP_ADDR}; do echo "Waiting for unix ${forgejoCfg.settings.server.HTTP_ADDR} to open..."; sleep 2; done); sleep 2'
|
|
actions="${lib.getExe config.services.forgejo.package} actions"
|
|
echo -n TOKEN= > /run/forgejo/forgejo-runner-token
|
|
$actions generate-runner-token >> /run/forgejo/forgejo-runner-token
|
|
'';
|
|
|
|
systemd.services.gitea-runner-local.serviceConfig = {
|
|
EnvironmentFile = [ "/run/forgejo/forgejo-runner-token" ];
|
|
};
|
|
|
|
systemd.services.gitea-runner-local.wants = [ "forgejo.service" ];
|
|
systemd.services.gitea-runner-local.after = [ "forgejo.service" ];
|
|
}
|