lyes/nixfiles
1
0
Fork 0
Code Issues Pull requests Activity Actions

Adding a forgejo runner

Browse source
This commit is contained in:
Lyes Saadi 2025-12-18 01:00:23 +01:00
parent 1a09ffa481
commit 748796b11e
Signed by: lyes
GPG key ID: 55A1D803917CF39A
6 changed files with 68 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

48
flake.lock generated
View file

@ -68,11 +68,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1764627417, "lastModified": 1765794845,
"narHash": "sha256-D6xc3Rl8Ab6wucJWdvjNsGYGSxNjQHzRc2EZ6eeQ6l4=", "narHash": "sha256-YD5QWlGnusNbZCqR3pxG8tRxx9yUXayLZfAJRWspq2s=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "5a88a6eceb8fd732b983e72b732f6f4b8269bef3", "rev": "7194cfe5b7a3660726b0fe7296070eaef601cae9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -173,11 +173,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1765202646, "lastModified": 1765860045,
"narHash": "sha256-Cgceqa+xPgI8JiS1fMaviGw4dthTeW2RqE6RUR4OcS8=", "narHash": "sha256-7Lxp/PfOy4h3QIDtmWG/EgycaswqRSkDX4DGtet14NE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "caa47b637d877124ac891a64abc14de09fce1675", "rev": "09de9577d47d8bffb11c449b6a3d24e32ac16c99",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -195,11 +195,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1762964643, "lastModified": 1765682243,
"narHash": "sha256-RYHN8O/Aja59XDji6WSJZPkJpYVUfpSkyH+PEupBJqM=", "narHash": "sha256-yeCxFV/905Wr91yKt5zrVvK6O2CVXWRMSrxqlAZnLp0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "827f2a23373a774a8805f84ca5344654c31f354b", "rev": "58bf3ecb2d0bba7bdf363fc8a6c4d49b4d509d03",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -295,11 +295,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1764939437, "lastModified": 1765687488,
"narHash": "sha256-4TLFHUwXraw9Df5mXC/vCrJgb50CRr3CzUzF0Mn3CII=", "narHash": "sha256-7YAJ6xgBAQ/Nr+7MI13Tui1ULflgAdKh63m1tfYV7+M=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "00d2457e2f608b4be6fe8b470b0a36816324b0ae", "rev": "d02bcc33948ca19b0aaa0213fe987ceec1f4ebe1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -311,11 +311,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1764950072, "lastModified": 1765779637,
"narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=", "narHash": "sha256-KJ2wa/BLSrTqDjbfyNx70ov/HdgNBCBBSQP3BIzKnv4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "f61125a668a320878494449750330ca58b78c557", "rev": "1306659b587dc277866c7b69eb97e5f07864d8c4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -327,11 +327,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1764950072, "lastModified": 1765779637,
"narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=", "narHash": "sha256-KJ2wa/BLSrTqDjbfyNx70ov/HdgNBCBBSQP3BIzKnv4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "f61125a668a320878494449750330ca58b78c557", "rev": "1306659b587dc277866c7b69eb97e5f07864d8c4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -343,11 +343,11 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1762977756, "lastModified": 1765472234,
"narHash": "sha256-4PqRErxfe+2toFJFgcRKZ0UI9NSIOJa+7RXVtBhy4KE=", "narHash": "sha256-9VvC20PJPsleGMewwcWYKGzDIyjckEz8uWmT0vCDYK0=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "c5ae371f1a6a7fd27823bc500d9390b38c05fa55", "rev": "2fbfb1d73d239d2402a8fe03963e37aab15abe8b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -410,11 +410,11 @@
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {
"lastModified": 1765175766, "lastModified": 1765946036,
"narHash": "sha256-M4zs4bVUv0UNuVGspwwlcGs5FpCDt52LQBA5a9nj5Lg=", "narHash": "sha256-R/qaIkzqm00qBMr8onM6ZZFX49lvsQLZ79adVubqjts=",
"owner": "0xc000022070", "owner": "0xc000022070",
"repo": "zen-browser-flake", "repo": "zen-browser-flake",
"rev": "5126a8426773dc213a8c0f0d646aca116194dab6", "rev": "7db019a64483743a8d92319baafbbe71b687d0a1",
"type": "github" "type": "github"
}, },
"original": { "original": {

1
hosts/zora/default.nix
View file

@ -23,6 +23,7 @@
../../modules/server/kalif ../../modules/server/kalif
../../modules/server/maistro ../../modules/server/maistro
../../modules/server/biggoron ../../modules/server/biggoron
../../modules/server/biggoron/runner.nix
# disko.nixosModules.disko # disko.nixosModules.disko
agenix.nixosModules.default agenix.nixosModules.default

30
modules/server/biggoron/runner.nix Normal file
View file

@ -0,0 +1,30 @@
{ pkgs, config, ... }: {
virtualisation.podman.enable = true;
services.gitea-actions-runner = {
package = pkgs.forgejo-runner;
instances.default = {
enable = true;
name = "ptigoron";
url = "https://git.lyes.eu";
# Obtaining the path to the runner token file may differ
# tokenFile should be in format TOKEN=<secret>, since it's EnvironmentFile for systemd
tokenFile = config.age.secrets.ptigoron-token.path;
labels = [
"fedora-rawhide:docker://quay.io/fedora/fedora:rawhide"
"fedora-latest:docker://quay.io/fedora/fedora:latest"
"ubuntu-rolling:docker://ubuntu:rolling"
"ubuntu-latest:docker://ubuntu:latest"
"nixos-latest:docker://nixos/nix"
## optionally provide native execution on the host:
# "native:host"
];
};
};
age.secrets.ptigoron-token = {
file = ../../../secrets/zora/services/ptigoron-token.age;
owner = "gitea-runner";
group = "gitea-runner";
};
}

1
secrets.nix
View file

@ -21,4 +21,5 @@ in
"secrets/zora/services/kalif-conf.age".publicKeys = all; "secrets/zora/services/kalif-conf.age".publicKeys = all;
"secrets/zora/services/biggoron-db-pass.age".publicKeys = all; "secrets/zora/services/biggoron-db-pass.age".publicKeys = all;
"secrets/zora/services/biggoron-admin-pass.age".publicKeys = all; "secrets/zora/services/biggoron-admin-pass.age".publicKeys = all;
"secrets/zora/services/ptigoron-token.age".publicKeys = all;
} }

8
secrets/zora/services/ptigoron-token.age Normal file
View file

@ -0,0 +1,8 @@
age-encryption.org/v1
-> ssh-ed25519 whuRpQ iTmQuwMm3HQfhqD/taD2jXfQZVcBAPefjiUag5gs1y8
gHM6s6IvgYLUHWh9pzzaOGkHUX+QMP/atYYuSV/xXkw
-> ssh-ed25519 TFqgIg RuRYXNFQnTEHapB08/hj30v3B7BV9pHNNCvWW5ntgm8
l0JibkKAQI/T2pjuseDKziL8bGZlkU5FTH/2O5xkWNw
--- 6PtJOPY+HFbWpyOXT57T635wAobrg3IoWxz6gIm7OMM
<EFBFBD>gMˆ~ê(‚ÊÊû3ð fzãnS]ðögí1%¾<12>\5å´ áø
æÇWdl®œuÊ<C38A>¯ziÕŠÓŠæ¬}€

6
users/lyes/desktop/packages.nix
View file

@ -42,6 +42,7 @@ in {
# Image # Image
gimp gimp
inkscape inkscape
pixieditor
# Video # Video
mpv mpv
@ -100,6 +101,7 @@ in {
gcc gcc
rustup rustup
python3 python3
zola
ocaml ocaml
ocamlPackages.ocaml-lsp ocamlPackages.ocaml-lsp
ocamlPackages.ocamlformat ocamlPackages.ocamlformat
@ -127,14 +129,14 @@ in {
coqPackages.metarocq-utils coqPackages.metarocq-utils
coqPackages.metarocq-template-rocq coqPackages.metarocq-template-rocq
coqPackages.vscoq-language-server coqPackages.vscoq-language-server
numworks-udev-rules
zola
# Why3 # Why3
why3 why3
alt-ergo alt-ergo
cvc4 cvc4
cvc5 cvc5
z3 z3
# CryptoVerif
cryptoverif
# Containers & VMs # Containers & VMs
toolbox toolbox