jana/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: jana:c0870ccac328449be4cde667c927ae69729ff933
Branches Tags
jana:main
jana:workflows
..
compare: jana:bc9e9f02eb757bfd24acbfee7bac954d9beca99a
Branches Tags
jana:main
jana:workflows

1 commit
c0870ccac3 ... bc9e9f02eb

Author SHA1 Message Date
Jana Dönszelmann
bc9e9f02eb
retry
Some checks are pending
/ lint (push) Waiting to run
Details
2025-08-20 11:57:58 +02:00
3 changed files with 49 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/deploy.yml vendored
View file

@ -1,7 +1,7 @@
on: on:
push: push:
branches: branches:
- master - main
jobs: jobs:
build: build:
runs-on: nixos-latest runs-on: nixos-latest

34
fili/services/forgejo.nix
View file

@ -79,18 +79,48 @@ in
mailerPasswordFile = config.sops.secrets.forgejo.path; mailerPasswordFile = config.sops.secrets.forgejo.path;
}; };
users.groups.forgejo-runner = { };
users.users.forgejo-runner = {
isSystemUser = true;
group = "forgejo-runner";
};
sops.secrets.forgejo-runner = {
sopsFile = ../../secrets/forgejo-runner.yaml;
format = "yaml";
key = "token";
};
services.gitea-actions-runner = { services.gitea-actions-runner = {
package = pkgs.forgejo-runner; package = pkgs.forgejo-runner;
instances.fili = { instances.fili = {
enable = true; enable = true;
name = "forgejo-runner-01"; name = "forgejo-runner-01";
token = "SutcrCJ3ULoE5LBj9Tm8zkvTRDEJCpbvpe7FEJHC"; tokenFile = config.sops.secrets.forgejo-runner.path;
url = "https://git.donsz.nl/"; url = "https://git.donsz.nl/";
labels = [ labels = [
"nixos-latest:docker://nixos/nix" "nix:host"
"docker:docker://node:16-bullseye"
"ubuntu-latest:docker://node:16-bullseye"
]; ];
settings = { }; settings = { };
hostPackages = with pkgs; [
# default ones
bash
coreutils
curl
gawk
gitMinimal
gnused
nodejs
wget
# used in deployments
lix
openssh
];
}; };
}; };

16
secrets/forgejo-runner.yaml Normal file
View file

@ -0,0 +1,16 @@
token: ENC[AES256_GCM,data:QKJOB1yt7GJgJ4YIpptcMywGHFzF7FbZ86Yj587jgTO1elalkJG5Tg==,iv:F5/7z0KMAKnAfz9GU8csNcKavmaP8kI67bdrBNJcSso=,tag:ztDHSDO80NGqfZ9h+F5s5g==,type:str]
sops:
age:
- recipient: age1ygkcl4ss92z5ptzt3w5g4n98qx2c4kagyssm96m5z4c7t299c5wszjchxw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZTEkxK1VPRTNJSE92YWpO
NFJ0cUxHZW9RekFJbEVjcEdFVUJvWWJERUUwClBvU3dhQ29mNXpTQlVFZDg1dHNT
NFptZ3ZXWlZvZ3psMWI1d0twQUg5aVUKLS0tIG9sU0NGSUY5ek1ZK1plZDJMcHlj
UG03bnlmb0xLNmRvVjczRnMwVUtMQkEK9wRT5YByZf1Fj6eYHmiHQJpbcH+al3yA
PC0SiWgl2yNWkonrzoa97ehL64ugdH+HfJboKNGvViiHdIElnHZwrQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-20T09:53:17Z"
mac: ENC[AES256_GCM,data:L1wpGzIbHWV/3uv3Xspnxv7QU+WPB7X7DCAKtDXXp6+l81oYQjkj0LXu792dj1IDYuezE6IW4GUb5ptuBiLHRlPrY/TaTCRnkiMfXYjwoOAhoAYufHhUnGsSH3M/YOnLrN3fi1m2yhHBJwUFFDfoqN/5RTzCn4wbEgXg4t4hsQA=,iv:nsqyQthQm5mi5/5LPV8nwACeij48GAdX0Q0nsnYJYYg=,tag:k7q2COG5AYGQCJ9ly5y5AA==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2