fuckwit/nix-config
1
0
Fork 0
Code Issues Pull Requests 1 Actions Activity

add runner on primordial

Browse Source
This commit is contained in:
fuckwit 2025-01-09 20:23:38 +01:00
parent 1ae33bf279
commit e3b38cc453
2 changed files with 27 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
nixos/primordial/configuration.nix
View File

@ -14,6 +14,7 @@ in {
sops.secrets."keycloak_db_pw" = {};
sops.secrets."restic_mail_repository_password" = {};
sops.secrets."restic_ssh_key" = {};
sops.secrets."act-runner-token" = {};
imports = [
./mail.nix
@ -231,6 +232,26 @@ in {
lfs.enable = true;
};
gitea-actions-runner.instances = {
docker-runner = {
enable = true;
name = "primordial-docker";
url = "https://git.fuckwit.dev";
tokenFile = config.sops.secrets."act-runner-token".path;
labels = [
"nix:docker://nixos/nix:latest"
];
# hostPackages = with pkgs; [
# bash
# coreutils
# curl
# wget
# gnused
# gitMinimal
# ];
};
};
grafana = {
enable = true;
@ -297,6 +318,8 @@ in {
# };
};
virtualisation.podman.enable = true;
users.users."root".openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP8zNAXScQ4FoWNxF4+ALJXMSi3EbpqZP5pO9kfg9t8o patrick@NBG1-DC3-PC20-2017-10-24"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPflDQOANGhgtfo2psRwSFtY5ETHX/bsDmqrho3iX9jt root@arschlinux"

7
nixos/primordial/secrets.yaml
View File

@ -2,6 +2,7 @@ gitea.env: ENC[AES256_GCM,data:wkSPzLQtL3vGNIjG+jG6I3+R7wLBBdXeaCHbKxMbpVOldo8zr
keycloak_db_pw: ENC[AES256_GCM,data:1oBqzpFokAmjkT770YKYwzCllaGTprtDR9W4B/+V6ZUXPhJ1R9DNWZHqpQ==,iv:dK36GBiDj12HVjUkZqTVk/rR6s1sf6dmQTk1ZJQwi+I=,tag:6Ix9QSf+A0U82sG0z8wSmw==,type:str]
restic_mail_repository_password: ENC[AES256_GCM,data:B2XAP9tnztl/c7HB7bHywfJcwV9sLahfqCfI0TajWaWHPhRsZow4yxhn813FN4pINb5i1kYyiRG/sMXMKAFo9g==,iv:pQnVRVtuhcVtH/Kot9hcx8DSA4qlkksuUiY8HaOawfk=,tag:4lbmh8bQDSVNbI06/gNUlQ==,type:str]
restic_ssh_key: ENC[AES256_GCM,data:HpS73OEFvqSLYg8Qh1syJEjCfv5og5VxxzK2VPmAFRk5BzM4xF3Dn0cmJtQpwMMwaRGRWFdCTMrQCBWRrLgDt7wUyMpBn1HivLr4nwEOU4oDStv+1zKmrNbWLSYw3TbHoNJ2K+C46lfpV9CBdb+8dmv2vto6HoKFrOYc5/ftYd7lD9zMhueAMCc3q7aPsIFGb2TRGNz1wrF6Cn9ew1Oqh/P7xlUuIgS0kAKRrybhiIO9IUgQsTV3qqZIXogP4Yy2OLSyhbtDuvtLAncL2pJ/ZsGme47G8HoFomyqEIf0eq7YKqlpTqKPbbnxfWSlWYGg+l9OtCJOeyp5oEZ6sjPNdTUYjpcVZpHNEEa2zkaZzRj5Jo/GIiJfCu4F0kk4opbqEUTeDQHgesylxwpd/v5zaplGEqpYZ7y/DAud+YUw7XWYWjy60kjlZdkbKwrL/Cg4dxWY8Cc7v42Ve7aADgSEpEhwo5rHxM3JSVHHHunfC6y+/Qin26wQZhF1w+d8/yqSaJidx6FsDSipGCJtXa9liIG7oG2vUlmYm4rE,iv:d/AFzPAJGSGv1WzQY4+p8mImFoWKkaoMRtIBNAYiU0E=,tag:mdE/e2VX5zdrFT43NZaYNQ==,type:str]
act-runner-token: ENC[AES256_GCM,data:xPtwvTdndOEW0xb0IY1M3SRxRXFVYvHr4TXqQspHWfcS6vsvGcJ2+ppM44TTNA==,iv:dusVCV9Z5AKiK6yxa45nBLmrLc0A5ph6UQIOWEBpz/A=,tag:rjl047w0LBQUagcNuxjtBQ==,type:str]
sops:
kms: []
gcp_kms: []
@ -17,8 +18,8 @@ sops:
V1h2NGxyNVc3WnF2ZFBpQm1oK1AzeGcK4GoD2E8nwOl/WKtgMgs0Y1Q8abRX4mpy
GdHGDQUWvySCisJo4JXsooYkLjOyKvir+vcVbX4nDd4L1W2OMULkrg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-17T19:36:07Z"
mac: ENC[AES256_GCM,data:htvYIuHrOZ8jyVPVW7mVeTtf1eefwYkkZJ0l3xLFsVcCBlU3CjDgx+J9WN0kHw6TP+cP/+StYOtAthFe6UpoF8pmCvI+dKysrN6iLmqZySmh576YOY0Aq83WO4UOawZbarx8VUqTFdBrdp2bnMEjJ4bYvoTRuvAkQZocP8BK460=,iv:W8W8IZeviuUjE1Zz0x5m1/py/Zmx6rwl1ndVXfaR+DE=,tag:QXj9FZVk+H8ztI1VEFLyOQ==,type:str]
lastmodified: "2025-01-09T19:20:12Z"
mac: ENC[AES256_GCM,data:aoxhtk4086HqeHBVSg5GVSXz2q40eMJdXGwrAeVtZSHi8dhoanIqcHts2sSJkyPyjJa0ulZscDM6FUCQGucnHMetMz50DB+7AQsdQArMefQYCHQj8nnsPHEs45EXVPRwXq/dgm5dPTXi75npeZbPEm0PbDkwHOb+691SY4LqXjQ=,iv:WaenzW10mOkUlfWCpSKOYy/2Vlf/6cX75qKZ+VO10Ww=,tag:qZKJiMVbJnHRpVJabpZ9sA==,type:str]
pgp:
- created_at: "2024-01-25T11:10:44Z"
enc: |-
@ -33,4 +34,4 @@ sops:
-----END PGP MESSAGE-----
fp: 5FA64909521A5C85992F26E0F819AEFF941BB849
unencrypted_suffix: _unencrypted
version: 3.9.1
version: 3.9.2