Richie/dotfiles
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

updated nix builders

Browse Source
This commit is contained in:
Richie Cahill
2026-04-30 11:47:46 -04:00
parent 9dabb9dc07
commit 1b53167b53
3 changed files with 22 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files
systems/jeeves/runners/default.nix
+1 -14
View File
@@ -1,20 +1,7 @@
{ pkgs, ... }: { ... }:
{ {
imports = [ ./nix_builder.nix ]; imports = [ ./nix_builder.nix ];
users = {
users.github-runners = {
shell = pkgs.bash;
isSystemUser = true;
group = "github-runners";
uid = 601;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA/S8i+BNX/12JNKg+5EKGX7Aqimt5KM+ve3wt/SyWuO github-runners" # cspell:disable-line
];
};
groups.github-runners.gid = 601;
};
services.nix_builder.containers = { services.nix_builder.containers = {
nix-builder-00.enable = true; nix-builder-00.enable = true;
nix-builder-01.enable = true; nix-builder-01.enable = true;
systems/jeeves/runners/nix_builder.nix
+17 -29
View File
@@ -23,12 +23,12 @@ in
types.submodule ( types.submodule (
{ name, ... }: { name, ... }:
{ {
options.enable = mkEnableOption "GitHub runner container"; options.enable = mkEnableOption "Gitea runner container";
} }
) )
); );
default = { }; default = { };
description = "GitHub runner container configurations"; description = "Gitea runner container configurations";
}; };
}; };
@@ -43,7 +43,7 @@ in
bindMounts = { bindMounts = {
storage = { storage = {
hostPath = "/zfs/media/github-runners/${name}"; hostPath = "/zfs/media/github-runners/${name}";
mountPoint = "/zfs/media/github-runners/${name}"; mountPoint = "/var/lib/gitea-runner/${name}";
isReadOnly = false; isReadOnly = false;
}; };
host-nix = { host-nix = {
@@ -51,9 +51,9 @@ in
hostPath = "/nix/var/nix/daemon-socket"; hostPath = "/nix/var/nix/daemon-socket";
isReadOnly = false; isReadOnly = false;
}; };
pat = { token = {
hostPath = "${vars.secrets}/services/github-runners/runner_pat"; hostPath = "${vars.secrets}/services/gitea-runners/registration-token";
mountPoint = "${vars.secrets}/services/github-runners/runner_pat"; mountPoint = "${vars.secrets}/services/gitea-runners/registration-token";
isReadOnly = true; isReadOnly = true;
}; };
}; };
@@ -92,43 +92,31 @@ in
"nix-command" "nix-command"
]; ];
sandbox = true; sandbox = true;
allowed-users = [ "github-runners" ]; allowed-users = [ "gitea-runner" ];
trusted-users = [ trusted-users = [
"root" "root"
"github-runners" "gitea-runner"
]; ];
}; };
nixpkgs = { nixpkgs = {
overlays = builtins.attrValues outputs.overlays; overlays = builtins.attrValues outputs.overlays;
config.allowUnfree = true; config.allowUnfree = true;
}; };
services.github-runners.${name} = { services.gitea-actions-runner.instances.${name} = {
enable = true; enable = true;
replace = true; name = "jeeves-${name}";
workDir = "/zfs/media/github-runners/${name}"; url = "https://gitea.tmmworkshop.com";
url = "https://github.com/RichieCahill/dotfiles"; labels = [
extraLabels = [ "nixos" ]; "self-hosted:host"
tokenFile = "${vars.secrets}/services/github-runners/runner_pat"; "nixos:host"
user = "github-runners"; ];
group = "github-runners"; tokenFile = "${vars.secrets}/services/gitea-runners/registration-token";
extraPackages = with pkgs; [ hostPackages = with pkgs; [
gitMinimal
gh
nixfmt
nixos-rebuild nixos-rebuild
treefmt treefmt
my_python my_python
]; ];
}; };
users = {
users.github-runners = {
shell = pkgs.bash;
isSystemUser = true;
group = "github-runners";
uid = 601;
};
groups.github-runners.gid = 601;
};
system.stateVersion = "24.05"; system.stateVersion = "24.05";
}; };
} }
systems/jeeves/services/gitea.nix
+4
View File
@@ -21,6 +21,10 @@ in
createDatabase = false; createDatabase = false;
}; };
settings = { settings = {
actions = {
ENABLED = true;
DEFAULT_ACTIONS_URL = "github";
};
service.DISABLE_REGISTRATION = true; service.DISABLE_REGISTRATION = true;
server = { server = {
DOMAIN = "tmmworkshop.com"; DOMAIN = "tmmworkshop.com";