ci: use forgejo runner

services/forgejo-runner: init
2025-03-19 17:40:09 +01:00 · 2025-03-19 17:31:48 +01:00
5 changed files with 64 additions and 0 deletions
--- a/.forgejo/workflows/build.yaml
+++ b/.forgejo/workflows/build.yaml
@ -0,0 +1,8 @@
+on: [push]
+
+jobs:
+  check:
+    runs-on: native
+    steps:
+      - uses: actions/checkout@v4
+      - run: nix flake check
--- a/secrets/forgejo-token.age
+++ b/secrets/forgejo-token.age
@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 rA7dkQ tnp92QTb/uXAEizZuUrnaGcJCCkCSjIcE4RiQiYVdw8
+HXsRlqJSrDYaAeYslcR+g5KIQC1SUxFp+QdSHpKT61s
+-> ssh-ed25519 IFuY+w LI7kx/XwfF0JU8tSmW75nxpeLTUkEfY8NunAZljafCc
+f+WEjASZzP9ISv+7kPIMVNgEjdHUxVnLzUkqFHo4byY
+-> ssh-ed25519 GKhvwg EZDwzHfhaY0iHHeIDvm6BIY64kPPUgKjZnNuuwwqoAw
+FvZEeIqnsFA1fQka4R7sax1O13UZWoVbksSMLP3eEaA
+--- XBBcs7w5J7w01fKGoAXVTgOffS9ajheUMz3vDsxHgTo
+¼›g´ÕöØ¤ƒRn´lè¥gÃ’ÅÁA˜*%ÇYªr¯í
9}³=L~f7„¶ZgâxŠèœ
>¦ Rë}hQ›óõz`rÅZèØñ
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -92,4 +92,9 @@ in
    keys.system.youko
    keys.other.bootstrap
  ];
+  "forgejo-token.age".publicKeys = [
+    keys.system.youko
+    keys.system.ude
+    keys.other.bootstrap
+  ];
 }
--- a/services/default.nix
+++ b/services/default.nix
@ -1,5 +1,6 @@
 {
  imports = [
    ./attic.nix
+    ./forgejo-runner.nix
  ];
 }
--- a/services/forgejo-runner.nix
+++ b/services/forgejo-runner.nix
@ -0,0 +1,41 @@
+{
+  services.forgejo-runner = {
+    hosts = [
+      "ude"
+      "youko"
+    ];
+    config =
+      { config, pkgs, ... }:
+      {
+        age.secrets.forgejo-runner-token.file = ../secrets/forgejo-token.age;
+
+        services.gitea-actions-runner = {
+          package = pkgs.forgejo-actions-runner;
+          instances.default = {
+            enable = true;
+            name = config.networking.hostName;
+            url = "https://git.rab.lol";
+            tokenFile = config.age.secrets.forgejo-runner-token.path;
+            settings = {
+              container.network = "bridge";
+            };
+            labels = [
+              "ubuntu-latest:docker://node:16-bullseye"
+              "ubuntu-22.04:docker://node:16-bullseye"
+              "ubuntu-20.04:docker://node:16-bullseye"
+              "ubuntu-18.04:docker://node:16-buster"
+              "native:host"
+              "native-${pkgs.system}:host"
+            ];
+          };
+        };
+
+        virtualisation.podman = {
+          enable = true;
+          defaultNetwork.settings.dns_enabled = true;
+        };
+
+        networking.firewall.trustedInterfaces = [ "podman+" ];
+      };
+  };
+}
Author	SHA1	Message	Date
Nikodem Rabuliński	b7ee2ec2ff	ci: use forgejo runner Some checks failed / check (push) Failing after 13s Details	2025-03-19 17:40:09 +01:00
Nikodem Rabuliński	b97f24c12c	services/forgejo-runner: init	2025-03-19 17:31:48 +01:00