Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix drone to podman and add dovecot secret

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2023-11-27 00:48:55 +01:00
parent 41c343c336
commit d1437de4b1
3 changed files with 28 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
hosts/fw.cloonar.com/modules/drone/runner.nix
View File

@@ -1,7 +1,13 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
virtualisation.docker.enable = true; virtualisation = {
podman = {
enable = true;
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
};
users.users.drone-runner = { users.users.drone-runner = {
isSystemUser = true; isSystemUser = true;
@@ -16,7 +22,7 @@
description = "Drone Runner (CI CD Service)"; description = "Drone Runner (CI CD Service)";
after = [ "network.target" ]; after = [ "network.target" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.docker ]; path = [ pkgs.podman ];
serviceConfig = { serviceConfig = {
# Type = "simple"; # Type = "simple";
@@ -25,18 +31,18 @@
Group = "drone-runner"; Group = "drone-runner";
Restart = "always"; Restart = "always";
ExecStartPre= '' ExecStartPre= ''
-${pkgs.docker}/bin/docker stop %n \ -${pkgs.podman}/bin/podman stop %n \
-${pkgs.docker}/bin/docker rm %n \ -${pkgs.podman}/bin/podman rm %n \
${pkgs.docker}/bin/docker pull drone/drone:2.20.0 ${pkgs.podman}/bin/podman pull drone/drone:2.20.0
''; '';
ExecStart= '' ExecStart= ''
${pkgs.docker}/bin/docker run --rm --name %n \ ${pkgs.podman}/bin/podman run --rm --name %n \
--volume=/var/run/docker.sock:/var/run/docker.sock \ --volume=/var/run/podman.sock:/var/run/podman.sock \
--env-file=/run/secrets/drone-runner \ --env-file=/run/secrets/drone-runner \
--env=DRONE_RPC_PROTO=https \ --env=DRONE_RPC_PROTO=https \
--env=DRONE_RPC_HOST=drone.cloonar.com \ --env=DRONE_RPC_HOST=drone.cloonar.com \
--env=DRONE_RUNNER_CAPACITY=2 \ --env=DRONE_RUNNER_CAPACITY=2 \
drone/drone-runner-docker:1.8.3 drone/drone-runner-podman:1.8.3
''; '';
}; };
}; };

18
hosts/fw.cloonar.com/modules/drone/server.nix
View File

@@ -1,7 +1,13 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
virtualisation.docker.enable = true; virtualisation = {
podman = {
enable = true;
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
};
users.users.drone-server = { users.users.drone-server = {
isSystemUser = true; isSystemUser = true;
@@ -16,7 +22,7 @@
description = "Drone Server (CI CD Service)"; description = "Drone Server (CI CD Service)";
after = [ "network.target" ]; after = [ "network.target" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.docker ]; path = [ pkgs.podman ];
serviceConfig = { serviceConfig = {
# Type = "simple"; # Type = "simple";
@@ -25,12 +31,12 @@
Group = "drone-server"; Group = "drone-server";
Restart = "always"; Restart = "always";
ExecStartPre= '' ExecStartPre= ''
-${pkgs.docker}/bin/docker stop %n \ -${pkgs.podman}/bin/podman stop %n \
-${pkgs.docker}/bin/docker rm %n \ -${pkgs.podman}/bin/podman rm %n \
${pkgs.docker}/bin/docker pull drone/drone:2.20.0 ${pkgs.podman}/bin/podman pull drone/drone:2.20.0
''; '';
ExecStart= '' ExecStart= ''
${pkgs.docker}/bin/docker run --rm --name %n \ ${pkgs.podman}/bin/podman run --rm --name %n \
--env-file=/run/secrets/drone-server \ --env-file=/run/secrets/drone-server \
--env=DRONE_AGENTS_ENABLED=true \ --env=DRONE_AGENTS_ENABLED=true \
--env=DRONE_GITEA_SERVER=https://git.cloonar.com \ --env=DRONE_GITEA_SERVER=https://git.cloonar.com \

2
hosts/mail.cloonar.com/modules/dovecot.nix
View File

@@ -232,6 +232,8 @@ in
params.dovecot2 = { }; params.dovecot2 = { };
}; };
sops.secrets.dovecot-ldap-password = { };
systemd.services.dovecot2.preStart = '' systemd.services.dovecot2.preStart = ''
sed -e "s/@ldap-password@/$(cat ${config.sops.secrets.dovecot-ldap-password.path})/" ${ldapConfig} > /run/dovecot2/ldap.conf sed -e "s/@ldap-password@/$(cat ${config.sops.secrets.dovecot-ldap-password.path})/" ${ldapConfig} > /run/dovecot2/ldap.conf
''; '';