Format
This commit is contained in:
parent
8e2718f443
commit
6c3a02220d
|
@ -1,7 +1,10 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
c3d2.hq.statistics.enable = true;
|
||||
c3d2.deployment.server = "server10";
|
||||
c3d2 = {
|
||||
deployment.server = "server10";
|
||||
hq.statistics.enable = true;
|
||||
};
|
||||
|
||||
microvm = {
|
||||
mem = 8 * 1024;
|
||||
vcpu = 8;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.services.gitea-actions;
|
||||
in {
|
||||
|
@ -6,7 +6,7 @@ in {
|
|||
|
||||
config.systemd.services = lib.genAttrs (builtins.genList (n: "gitea-runner-nix${builtins.toString n}-token") cfg.numInstances) (name: {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after =lib.optional config.services.gitea.enable "gitea.service";
|
||||
after = lib.optional config.services.gitea.enable "gitea.service";
|
||||
unitConfig.ConditionPathExists = [ "!/var/lib/gitea-registration/${name}" ];
|
||||
script = ''
|
||||
set -euo pipefail
|
||||
|
|
|
@ -3,7 +3,7 @@ let
|
|||
cfg = config.services.gitea-actions;
|
||||
storeDeps = pkgs.buildEnv {
|
||||
name = "store-deps";
|
||||
paths = ((with pkgs; [
|
||||
paths = (with pkgs; [
|
||||
bash
|
||||
cacert
|
||||
coreutils
|
||||
|
@ -16,7 +16,7 @@ let
|
|||
nix
|
||||
nodejs
|
||||
openssh
|
||||
]) ++ cfg.storeDependencies);
|
||||
]) ++ cfg.storeDependencies;
|
||||
};
|
||||
in {
|
||||
options = {
|
||||
|
@ -69,7 +69,7 @@ in {
|
|||
script = ''
|
||||
set -eu -o pipefail
|
||||
mkdir -p etc/nix
|
||||
|
||||
|
||||
# Create an unpriveleged user that we can use also without the run-as-user.sh script
|
||||
touch etc/passwd etc/group
|
||||
groupid=$(cut -d: -f3 < <(getent group gitea-actions))
|
||||
|
@ -77,36 +77,36 @@ in {
|
|||
groupadd --prefix $(pwd) --gid "$groupid" gitea-actions
|
||||
emptypassword='$y$j9T$dLJlazrLCVKcOQ/zmu60E1$bAkbdgDaiz7niknOCasvKW3Tjxeca6WA/1fNe4UpeeC'
|
||||
useradd --prefix $(pwd) -p "$emptypassword" -m -d /tmp -u "$userid" -g "$groupid" -G gitea-actions gitea-actions
|
||||
|
||||
|
||||
cat <<NIX_CONFIG > etc/nix/nix.conf
|
||||
experimental-features = nix-command flakes
|
||||
${cfg.additionalFlakeConfig}
|
||||
NIX_CONFIG
|
||||
|
||||
|
||||
cat <<NSSWITCH > etc/nsswitch.conf
|
||||
passwd: files mymachines systemd
|
||||
group: files mymachines systemd
|
||||
shadow: files
|
||||
|
||||
|
||||
hosts: files mymachines dns myhostname
|
||||
networks: files
|
||||
|
||||
|
||||
ethers: files
|
||||
services: files
|
||||
protocols: files
|
||||
rpc: files
|
||||
NSSWITCH
|
||||
|
||||
|
||||
# list the content as it will be imported into the container
|
||||
tar -cv . | tar -tvf -
|
||||
tar -cv . | podman import - gitea-runner-nix
|
||||
'';
|
||||
|
||||
path = [
|
||||
path = with pkgs; [
|
||||
config.virtualisation.podman.package
|
||||
pkgs.getent
|
||||
pkgs.gnutar
|
||||
pkgs.shadow
|
||||
getent
|
||||
gnutar
|
||||
shadow
|
||||
];
|
||||
|
||||
serviceConfig = {
|
||||
|
@ -116,7 +116,7 @@ in {
|
|||
RemainAfterExit = true;
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
users = {
|
||||
groups.gitea-actions = { };
|
||||
users.gitea-actions = {
|
||||
|
|
Loading…
Reference in New Issue