change gitea runner
This commit is contained in:
@@ -123,60 +123,50 @@ in
|
||||
owner = "gitea-runner";
|
||||
};
|
||||
|
||||
containers.git-runner = {
|
||||
autoStart = true;
|
||||
ephemeral = false; # because of ssh key
|
||||
macvlans = [ "vserver" ];
|
||||
bindMounts = {
|
||||
"/run/secrets/gitea-runner-token" = {
|
||||
hostPath = config.sops.secrets.gitea-runner-token.path;
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/run/podman/podman.sock" = {
|
||||
hostPath = "/run/podman/podman.sock";
|
||||
isReadOnly = false;
|
||||
};
|
||||
};
|
||||
config = { lib, config, pkgs, ... }: {
|
||||
networking = {
|
||||
hostName = "git-runner";
|
||||
nameservers = [ "10.42.97.10" ];
|
||||
interfaces.mv-vserver = {
|
||||
useDHCP = true;
|
||||
};
|
||||
firewall = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
virtualisation.podman.enable = true;
|
||||
|
||||
services.gitea-actions-runner.instances.main = {
|
||||
enable = true;
|
||||
url = "https://git.cloonar.com";
|
||||
name = "main";
|
||||
tokenFile = "/run/secrets/gitea-runner-token";
|
||||
labels = [
|
||||
"ubuntu-latest:docker://node:18-bullseye"
|
||||
"native:host"
|
||||
];
|
||||
hostPackages = with pkgs; [
|
||||
bash
|
||||
coreutils
|
||||
curl
|
||||
gawk
|
||||
gitMinimal
|
||||
gnused
|
||||
nodejs
|
||||
wget
|
||||
];
|
||||
};
|
||||
|
||||
users.groups.podman.gid = cids.gids.podman;
|
||||
users.users.gitea-runner = runner-user;
|
||||
users.groups.gitea-runner = runner-group;
|
||||
|
||||
system.stateVersion = "23.05";
|
||||
};
|
||||
services.gitea-actions-runner.instances.main = {
|
||||
enable = true;
|
||||
url = "https://git.cloonar.com";
|
||||
name = "main";
|
||||
tokenFile = "/run/secrets/gitea-runner-token";
|
||||
labels = [
|
||||
"ubuntu-latest:docker://node:18-bullseye"
|
||||
];
|
||||
};
|
||||
|
||||
# containers.git-runner = {
|
||||
# autoStart = true;
|
||||
# ephemeral = false; # because of ssh key
|
||||
# macvlans = [ "vserver" ];
|
||||
# bindMounts = {
|
||||
# "/run/secrets/gitea-runner-token" = {
|
||||
# hostPath = config.sops.secrets.gitea-runner-token.path;
|
||||
# isReadOnly = true;
|
||||
# };
|
||||
# "/run/podman/podman.sock" = {
|
||||
# hostPath = "/run/podman/podman.sock";
|
||||
# isReadOnly = false;
|
||||
# };
|
||||
# };
|
||||
# config = { lib, config, pkgs, ... }: {
|
||||
# networking = {
|
||||
# hostName = "git-runner";
|
||||
# nameservers = [ "10.42.97.10" ];
|
||||
# interfaces.mv-vserver = {
|
||||
# useDHCP = true;
|
||||
# };
|
||||
# firewall = {
|
||||
# enable = true;
|
||||
# };
|
||||
# };
|
||||
#
|
||||
# virtualisation.podman.enable = true;
|
||||
#
|
||||
#
|
||||
# users.groups.podman.gid = cids.gids.podman;
|
||||
# users.users.gitea-runner = runner-user;
|
||||
# users.groups.gitea-runner = runner-group;
|
||||
#
|
||||
# system.stateVersion = "23.05";
|
||||
# };
|
||||
# };
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user