oysteikt/nix-dotfiles
oysteikt
/
nix-dotfiles
2
1
Fork 0
Code Issues Pull Requests Activity

tsuki/gitea-runners: init

This commit is contained in:
Oystein Kristoffer Tveit 2024-06-09 15:25:47 +02:00
parent 4af33b066d
commit 37a43a2bd9
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
3 changed files with 36 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/tsuki/configuration.nix
View File

@ -8,6 +8,7 @@
./services/atuin.nix ./services/atuin.nix
./services/borg.nix ./services/borg.nix
./services/gitea ./services/gitea
./services/gitea-runners.nix
./services/grafana ./services/grafana
./services/headscale.nix ./services/headscale.nix
./services/hedgedoc.nix ./services/hedgedoc.nix

29
hosts/tsuki/services/gitea-runners.nix Normal file
View File

@ -0,0 +1,29 @@
{ config, pkgs, lib, ... }:
{
virtualisation.podman.enable = true;
virtualisation.podman.autoPrune.enable = true;
networking.firewall.interfaces."podman+".allowedUDPPorts = [ 53 5353 ];
sops.secrets."gitea/runners/ping".restartUnits = [ "gitea-runner-ping.service" ];
sops.secrets."gitea/runners/pong".restartUnits = [ "gitea-runner-pong.service" ];
services.gitea-actions-runner.instances = let
mkRunner = name: {
${name} = {
enable = true;
name = "git-runner-${name}";
url = "https://git.pvv.ntnu.no";
labels = [
"debian-latest:docker://node:latest"
"ubuntu-latest:docker://node:latest"
"debian-latest-personal:docker://node:latest"
"ubuntu-latest-personal:docker://node:latest"
];
tokenFile = config.sops.secrets."gitea/runners/${name}".path;
};
};
in lib.foldl (a: b: a // b) { } [
(mkRunner "ping")
(mkRunner "pong")
];
}

8
secrets/default.yaml
View File

@ -1,6 +1,10 @@
github: github:
tokens: tokens:
prometheus_exporter: ENC[AES256_GCM,data:Uybn/X2kgRKrtoLfgOYU/vR9PS/9JTX4MVuXJBCq2ZH5O2O1W5wfUg==,iv:8Q/kKd3r6G70wU4eLtqpf1obWeErNv5mNrpOQxB6tl8=,tag:PrCMzieirVaCbUT94iVKbg==,type:str] prometheus_exporter: ENC[AES256_GCM,data:Uybn/X2kgRKrtoLfgOYU/vR9PS/9JTX4MVuXJBCq2ZH5O2O1W5wfUg==,iv:8Q/kKd3r6G70wU4eLtqpf1obWeErNv5mNrpOQxB6tl8=,tag:PrCMzieirVaCbUT94iVKbg==,type:str]
gitea:
runners:
ping: ENC[AES256_GCM,data:DRyw59+KE0n/qEr+Az7r8ulZr3dk1u6hVT1SVqKywW4DgtUr1eLj7DGOXvHxug==,iv:W49dNY/V+6KPuQeN5rdWw6Ed+w/oOy9ey+hRRz7Oxdc=,tag:ILzIKgvLs+8RVpHsSuMHrA==,type:str]
pong: ENC[AES256_GCM,data:VwpNj/FRSkc5/s6aZPaiBwIaj9VBfp6wcnDFkWmTWC6xRWevMUYKv3jHPhD/ZA==,iv:0uVgjmrF4jIa+Eg3Gofb+2eFa1MdZHb9eR4BcWBpkeQ=,tag:YsXjKqeksU9JcXl+5REXFQ==,type:str]
jupyter: jupyter:
password: ENC[AES256_GCM,data:mm0EHzhK9AqErfsoWWJ5+3ym+VXgEcZ+qadTy3f+NtA=,iv:ntGxklA5oDbGbo3j3ffbAvzGE4c9Ay/SfCWdA6bqzP4=,tag:KG1luMcSjBFm0LVKnoTvGA==,type:str] password: ENC[AES256_GCM,data:mm0EHzhK9AqErfsoWWJ5+3ym+VXgEcZ+qadTy3f+NtA=,iv:ntGxklA5oDbGbo3j3ffbAvzGE4c9Ay/SfCWdA6bqzP4=,tag:KG1luMcSjBFm0LVKnoTvGA==,type:str]
grafana: grafana:
@ -70,8 +74,8 @@ sops:
cElPYm5qK2lkTWZ1UGd6TU1NV2h4OTgK8Ecv58Ybnc6iYMjtSKTT1fYbNf4yyFgX cElPYm5qK2lkTWZ1UGd6TU1NV2h4OTgK8Ecv58Ybnc6iYMjtSKTT1fYbNf4yyFgX
rjQ2sU8Rqc04MqixnAkF2zSDaaJ0vqwf22MvbO3bYhpqOHwiTMbRLg== rjQ2sU8Rqc04MqixnAkF2zSDaaJ0vqwf22MvbO3bYhpqOHwiTMbRLg==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-01-23T05:31:44Z" lastmodified: "2024-04-29T23:29:34Z"
mac: ENC[AES256_GCM,data:BmSIU2VYYhetuQ5ooBr8y+YSTJnUoglGaVfOzW+Hx+qNDDR+PHHoOSHnciuQonMjQz1KX4lBmxAYKyeOi7ZjyZe7kYYPMcOkHZjYk+GihXJ2ncCnK+dyoPVMGfe2oR38cnilI8YcczuQDGLfkuBT08lSbzV+LMtTQXBQoOlgmM0=,iv:2Uflf2ShABEImYjqRQ5piuB5Y5kJ7IIME/8zdmewgBI=,tag:thuF8OWuAs5t8mNpKmVK7w==,type:str] mac: ENC[AES256_GCM,data:LWQjZvheJai3q8ASsN4l3LlbKjWB8/4z4si74D/aly6UIoUEJ8ALsUvWCWb64UCGHOfUfXjFPs5NaoTXcbXpATrl3tN0/hur6fdrHc4n96TpFGTtEj5Dy+SsNg2+oMJV3r5XAMIPhlDD9ZhUb2kyhhema063V3oY1ni7e5d/Kxg=,iv:hzH/JDU5WN5haGpv41jnziPZuXS/CQyGFq4N6Zcg55I=,tag:Q9ujo2azvDyyyTHNnLHQgw==,type:str]
pgp: pgp:
- created_at: "2023-05-08T00:49:52Z" - created_at: "2023-05-08T00:49:52Z"
enc: | enc: |