diff --git a/hosts/bekkalokk/services/gitea/ci.nix b/hosts/bekkalokk/services/gitea/ci.nix new file mode 100644 index 00000000..a31291ab --- /dev/null +++ b/hosts/bekkalokk/services/gitea/ci.nix @@ -0,0 +1,16 @@ +{ config, ... }: +{ + sops.secrets."gitea/runner-token" = { }; + + services.gitea-actions-runner.instances = { + runner1 = { + url = "https://git-runner1.pvv.ntnu.no"; + name = "git-runner1"; + labels = [ + "debian-latest:docker://node:18-bullseye" + ]; + enable = true; + tokenFile = config.sops.secrets."gitea/runner-token".path; + }; + }; +} \ No newline at end of file diff --git a/hosts/bekkalokk/services/gitea/default.nix b/hosts/bekkalokk/services/gitea/default.nix index 3090d243..fd8c8d9b 100644 --- a/hosts/bekkalokk/services/gitea/default.nix +++ b/hosts/bekkalokk/services/gitea/default.nix @@ -4,6 +4,10 @@ let domain = "git.pvv.ntnu.no"; sshPort = 2222; in { + imports = [ + ./ci.nix + ]; + sops.secrets = { "gitea/database" = { owner = "gitea"; diff --git a/secrets/bekkalokk/bekkalokk.yaml b/secrets/bekkalokk/bekkalokk.yaml index 677bd167..059fda3d 100644 --- a/secrets/bekkalokk/bekkalokk.yaml +++ b/secrets/bekkalokk/bekkalokk.yaml @@ -4,6 +4,7 @@ gitea: passwd-ssh-key: ENC[AES256_GCM,data:L0lF0wvpayss1NU9m3A45cH0bCMQzODTFVrq6EPd1JHx54wIcoaRBYLmxXKXASzBlCg9zlwXMUIk3OQcS3kdzMKL0iqcSL2iicAcKjFIHyrWLqXgwV5pRSP/tRPcVw8KW8gz0bh33EgESs5ReddZ3VZ0Cy1s2YupMRQvBXr89k1+Hv70OWB6P06hvxhv/zKcMGI1N/dWLroMgrQuT9imw4+/Q1RqwzTYeEU+eUn24AM9GjcBg4qf3OI+6g0nXUat/upIYE28iF5J3lbUSmDSmirBLc8xgHLdOyyJPTObWYWYxlSL78T7IqiMm9lI3rtBlpJDDcn/YxZpVqN5bg2154GISNK+uR0TVSLdJ+drdGHIfIX3G78XSxf2L9rbJyRn8MQlgStfdBIQicLavQKVMrmj+XQfvEMez23WbPLjH4oViBQFI+GrOHOGy/f16cz8Sn4n+69OcsOeTxs3tKYdfq6r1XLYSJ/fe/zvxBpaZiyGXljsuyEdIyBL2A8D6uSXe3Nd3/DAdBtceFfIdN1olCdutixzVWgxaJnrel161z5A/4w=,iv:Uy46yY3jFYSvpxrgCHxRMUksnWfhf5DViLMvCXVMMl4=,tag:wFEJ5+icFrOKkc56gY0A5g==,type:str] ssh-known-hosts: ENC[AES256_GCM,data:zlRLoelQeumMxGqPmgMTB69X1RVWXIs2jWwc67lk0wrdNOHUs5UzV5TUA1JnQ43RslBU92+js7DkyvE5enGzw7zZE5F1ZYdGv/eCgvkTMC9BoLfzHzP6OzayPLYEt3xJ5PRocN8JUAD55cuu4LgsuebuydHPi2oWOfpbSUBKSeCh6dvk5Pp1XRDprPS5SzGLW8Xjq98QlzmfGv50meI9CDJZVF9Wq/72gkyfgtb3YVdr,iv:AF06TBitHegfWk6w07CdkHklh4ripQCmA45vswDQgss=,tag:zKh7WVXMJN2o9ZIwIkby3Q==,type:str] import-user-env: ENC[AES256_GCM,data:vfaqjGEnUM9VtOPvBurz7nFwzGZt3L2EqijrQej4wiOcGCrRA4tN6kBV6NmhHqlFPsw=,iv:viPGkyOOacCWcgTu25da4qH7DC4wz2qdeC1W2WcMUdI=,tag:BllNqGQoaxqUo3lTz9LGnw==,type:str] + runner-token: ENC[AES256_GCM,data:jtKAyCjS4pNXHlg9Lzl69T/QaX+vEa8zwojAfXvG3FVgbOK42u2rfw==,iv:oszv09iNJArDgHN6rUfVQQRjOzxJmatXH4qD3IRObxo=,tag:rbJezwnYkQ4pG0QaT39WXA==,type:str] mediawiki: password: ENC[AES256_GCM,data:HsBuA1E7187roGnKuFPfPDYxA16GFjAUucgUtrdUFmcOzmTNiFH+NWY2ZQ==,iv:vDYUmmZftcrkDtJxNYKAJSx9j+AQcmQarC62QRHR4IM=,tag:3TKjNrGRivFWoK3djC748g==,type:str] database: ENC[AES256_GCM,data:EvVK3Mo6cZiIZS+gTxixU4r9SXN41VqwaWOtortZRNH+WPJ4xcYvzYMJNg==,iv:JtFTRLn3fzKIfgAPRqRgQjct7EdkEHtiyQKPy8/sZ2Q=,tag:nqzseG6BC0X5UNI/3kZZ3A==,type:str] @@ -42,8 +43,8 @@ sops: akVjeTNTeGorZjJQOVlMeCtPRUVYL3MK+VMvGxrbzGz4Q3sdaDDWjal+OiK+JYKX GHiMXVHQJZu/RrlxMjHKN6V3iaqxZpuvLAEJ2Lzy5EOHPtuiiRyeHQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-09-03T19:12:38Z" - mac: ENC[AES256_GCM,data:Zo6WD3n33nX7bUun9YqaidvqZjFmbIx7QTzOTGOanSbeDmrejRRdBgGMohWG07byxrdlYO6mQwBkz2xic7+Rh3k1UJ65FDNyM7EOrwuc/X7HJy2Tk9WQO0DDbwDh+OfCeLOhrpBWTlsVt9HpN6xU8xBDABVxBQzd47pm1GRs3Ig=,iv:ECl4h15AnDJPcR3eXZ/wXSTUP8QnAuYiWRWx+Ouazd4=,tag:ZkZ/kSrx/5HCDPQhCGuxLw==,type:str] + lastmodified: "2023-09-16T20:11:37Z" + mac: ENC[AES256_GCM,data:jWEx88AqdNRikXYiLK6QV8QxVLMS83zN3zwxdSlVJpkGMwYF+AYI0GhKxcMUKgme4bWohFGnsrKCNTYsDphrSMtp7qDNsI+JoOkuoYZXWPkuAd06WDp0dkXcoBicyFZN1SyrboX0PisCR1aJtk6TriNRDb2bWpX6vHs4BH2NEi8=,iv:snHYIDvjb6dtzXrPz38OXvSOMl+cl/uPvYaaGxwHUOY=,tag:Nl296rph+3ij3QMkzzpYaw==,type:str] pgp: - created_at: "2023-05-21T00:28:40Z" enc: |