hosts/ude: add github-runner module

2024-02-10 20:00:54 +01:00 · 2024-02-10 20:00:54 +01:00 · d26b96d770
commit d26b96d770
parent a38d069999
4 changed files with 39 additions and 0 deletions
--- a/hosts/ude/github-runner.nix
+++ b/hosts/ude/github-runner.nix
@ -0,0 +1,27 @@
+{config, ...}: let
+  github-runner-user = "github-runner";
+in {
+  age.secrets.github-token = {
+    file = ../../secrets/github-token.age;
+    owner = github-runner-user;
+  };
+
+  services.github-runners.settei = {
+    enable = true;
+    tokenFile = config.age.secrets.github-token.path;
+    url = "https://github.com/nrabulinski/settei";
+    ephemeral = true;
+    user = github-runner-user;
+    serviceOverrides = {
+      DynamicUser = false;
+    };
+  };
+
+  users = {
+    users.${github-runner-user} = {
+      isSystemUser = true;
+      group = github-runner-user;
+    };
+    groups.${github-runner-user} = {};
+  };
+}