feat: fw update gitea to use a docker image with puppeteer, webp and avif deps

hosts/fw/modules/gitea-runner-image-README.md

@@ -0,0 +1,44 @@
+# Gitea Runner Docker Image
+
+This directory contains the Dockerfile for the custom Gitea Actions runner image that includes additional dependencies needed for CI workflows.
+
+## Included Tools
+
+- **Base**: `shivammathur/node:latest` (includes Node.js and common development tools)
+- **Chrome dependencies**: Full Puppeteer/Chromium dependencies for headless browser testing
+- **webp**: WebP image format tools (`cwebp`, `dwebp`)
+- **libavif-bin**: AVIF image format tools (`avifenc`, `avifdec`)
+
+## Building the Image
+
+```bash
+cd hosts/fw/modules
+docker build -f gitea-runner.Dockerfile -t git.cloonar.com/infrastructure/gitea-runner:latest .
+```
+
+## Pushing to Registry
+
+First, authenticate with your Gitea container registry:
+
+```bash
+docker login git.cloonar.com
+```
+
+Then push the image:
+
+```bash
+docker push git.cloonar.com/infrastructure/gitea-runner:latest
+```
+
+## Using the Image
+
+The image is already configured in `gitea-vm.nix` and will be used automatically by the Gitea Actions runners for jobs labeled with `ubuntu-latest`.
+
+## Updating the Image
+
+When you need to add new dependencies:
+
+1. Edit `gitea-runner.Dockerfile`
+2. Rebuild the image with the commands above
+3. Push to the registry
+4. Restart the runner VMs: `systemctl restart microvm@git-runner-1.service microvm@git-runner-2.service`

hosts/fw/modules/gitea-runner.Dockerfile

@@ -0,0 +1,47 @@
+FROM shivammathur/node:latest
+
+# Install Chrome dependencies for Puppeteer
+RUN apt-get update && apt-get install -y \
+    ca-certificates \
+    fonts-liberation \
+    libappindicator3-1 \
+    libasound2t64 \
+    libatk-bridge2.0-0 \
+    libatk1.0-0 \
+    libc6 \
+    libcairo2 \
+    libcups2 \
+    libdbus-1-3 \
+    libexpat1 \
+    libfontconfig1 \
+    libgbm1 \
+    libgcc-s1 \
+    libglib2.0-0 \
+    libgtk-3-0 \
+    libnspr4 \
+    libnss3 \
+    libpango-1.0-0 \
+    libpangocairo-1.0-0 \
+    libstdc++6 \
+    libx11-6 \
+    libx11-xcb1 \
+    libxcb1 \
+    libxcomposite1 \
+    libxcursor1 \
+    libxdamage1 \
+    libxext6 \
+    libxfixes3 \
+    libxi6 \
+    libxrandr2 \
+    libxrender1 \
+    libxss1 \
+    libxtst6 \
+    lsb-release \
+    wget \
+    xdg-utils \
+    webp \
+    libavif-bin \
+    && rm -rf /var/lib/apt/lists/*
+
+# Verify installations
+RUN cwebp -version && avifenc --version

hosts/fw/modules/gitea-vm.nix

@@ -55,7 +55,8 @@ in {
         name = runner;
         tokenFile = "/run/secrets/gitea-runner-token";
         labels = [
-          "ubuntu-latest:docker://shivammathur/node:latest"
+          # "ubuntu-latest:docker://shivammathur/node:latest"
+          "ubuntu-latest:docker://git.cloonar.com/infrastructure/gitea-runner:latest"
         ];
         settings = {
           container = {

hosts/fw/modules/gitea.nix

@@ -70,6 +70,9 @@ in
         sslCertificateKey = "/var/lib/acme/gitea/key.pem";
         sslTrustedCertificate = "/var/lib/acme/gitea/chain.pem";
         forceSSL = true;
+        extraConfig = ''
+          client_max_body_size 2048M;
+        '';
         locations."/" = {
           proxyPass = "http://localhost:3001/";
         };
@@ -109,6 +112,12 @@ in
             USER           = "gitea@cloonar.com";
           };
           actions.ENABLED=true;
+          attachment = {
+            MAX_SIZE = 2048;  # 2GB in MB for general attachments
+          };
+          packages = {
+            ENABLED = true;
+          };
         };
       };