52 lines
1.2 KiB
Nix
52 lines
1.2 KiB
Nix
|
{ config, lib, ... }:
|
||
|
|
{
|
||
|
|
age.secrets.giteaRunnerToken.file = ../../secrets/gitea-runner-token.age;
|
||
|
|
|
||
|
|
services.gitea = {
|
||
|
|
enable = true;
|
||
|
|
appName = "Gitea in the jungle";
|
||
|
|
|
||
|
|
settings = {
|
||
|
|
server = {
|
||
|
|
ROOT_URL = "https://jungle.bsc.es/git/";
|
||
|
|
LOCAL_ROOT_URL = "https://jungle.bsc.es/git/";
|
||
|
|
LANDING_PAGE = "explore";
|
||
|
|
};
|
||
|
|
metrics.ENABLED = true;
|
||
|
|
service.REGISTER_MANUAL_CONFIRM = true;
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
services.gitea-actions-runner.instances = {
|
||
|
|
runrun = {
|
||
|
|
enable = true;
|
||
|
|
name = "runrun";
|
||
|
|
url = "https://jungle.bsc.es/git/";
|
||
|
|
tokenFile = config.age.secrets.giteaRunnerToken.path;
|
||
|
|
labels = [ "native:host" ];
|
||
|
|
settings.runner.capacity = 8;
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
systemd.services.gitea-runner-runrun = {
|
||
|
|
path = [ "/run/current-system/sw" ];
|
||
|
|
serviceConfig = {
|
||
|
|
# DynamicUser doesn't work well with SSH
|
||
|
|
DynamicUser = lib.mkForce false;
|
||
|
|
User = "gitea-runner";
|
||
|
|
Group = "gitea-runner";
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
users.users.gitea-runner = {
|
||
|
|
isSystemUser = true;
|
||
|
|
home = "/var/lib/gitea-runner";
|
||
|
|
description = "Gitea Runner";
|
||
|
|
group = "gitea-runner";
|
||
|
|
extraGroups = [ "docker" ];
|
||
|
|
createHome = true;
|
||
|
|
};
|
||
|
|
users.groups.gitea-runner = {};
|
||
|
|
}
|
||
|
|
|