From 6c3a02220d5a9572ef467d34e70591e1d34b5a1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sat, 13 Apr 2024 15:14:17 +0200 Subject: [PATCH] Format --- hosts/mastodon/default.nix | 7 +++++-- modules/gitea-actions-registrar.nix | 4 ++-- modules/gitea-actions-runner.nix | 26 +++++++++++++------------- 3 files changed, 20 insertions(+), 17 deletions(-) diff --git a/hosts/mastodon/default.nix b/hosts/mastodon/default.nix index f430b09d..2fda38b2 100644 --- a/hosts/mastodon/default.nix +++ b/hosts/mastodon/default.nix @@ -1,7 +1,10 @@ { config, lib, pkgs, ... }: { - c3d2.hq.statistics.enable = true; - c3d2.deployment.server = "server10"; + c3d2 = { + deployment.server = "server10"; + hq.statistics.enable = true; + }; + microvm = { mem = 8 * 1024; vcpu = 8; diff --git a/modules/gitea-actions-registrar.nix b/modules/gitea-actions-registrar.nix index d47dd5cb..4f81df06 100644 --- a/modules/gitea-actions-registrar.nix +++ b/modules/gitea-actions-registrar.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ config, lib, ... }: let cfg = config.services.gitea-actions; in { @@ -6,7 +6,7 @@ in { config.systemd.services = lib.genAttrs (builtins.genList (n: "gitea-runner-nix${builtins.toString n}-token") cfg.numInstances) (name: { wantedBy = [ "multi-user.target" ]; - after =lib.optional config.services.gitea.enable "gitea.service"; + after = lib.optional config.services.gitea.enable "gitea.service"; unitConfig.ConditionPathExists = [ "!/var/lib/gitea-registration/${name}" ]; script = '' set -euo pipefail diff --git a/modules/gitea-actions-runner.nix b/modules/gitea-actions-runner.nix index 56693a7b..4d00bb30 100644 --- a/modules/gitea-actions-runner.nix +++ b/modules/gitea-actions-runner.nix @@ -3,7 +3,7 @@ let cfg = config.services.gitea-actions; storeDeps = pkgs.buildEnv { name = "store-deps"; - paths = ((with pkgs; [ + paths = (with pkgs; [ bash cacert coreutils @@ -16,7 +16,7 @@ let nix nodejs openssh - ]) ++ cfg.storeDependencies); + ]) ++ cfg.storeDependencies; }; in { options = { @@ -69,7 +69,7 @@ in { script = '' set -eu -o pipefail mkdir -p etc/nix - + # Create an unpriveleged user that we can use also without the run-as-user.sh script touch etc/passwd etc/group groupid=$(cut -d: -f3 < <(getent group gitea-actions)) @@ -77,36 +77,36 @@ in { groupadd --prefix $(pwd) --gid "$groupid" gitea-actions emptypassword='$y$j9T$dLJlazrLCVKcOQ/zmu60E1$bAkbdgDaiz7niknOCasvKW3Tjxeca6WA/1fNe4UpeeC' useradd --prefix $(pwd) -p "$emptypassword" -m -d /tmp -u "$userid" -g "$groupid" -G gitea-actions gitea-actions - + cat < etc/nix/nix.conf experimental-features = nix-command flakes ${cfg.additionalFlakeConfig} NIX_CONFIG - + cat < etc/nsswitch.conf passwd: files mymachines systemd group: files mymachines systemd shadow: files - + hosts: files mymachines dns myhostname networks: files - + ethers: files services: files protocols: files rpc: files NSSWITCH - + # list the content as it will be imported into the container tar -cv . | tar -tvf - tar -cv . | podman import - gitea-runner-nix ''; - path = [ + path = with pkgs; [ config.virtualisation.podman.package - pkgs.getent - pkgs.gnutar - pkgs.shadow + getent + gnutar + shadow ]; serviceConfig = { @@ -116,7 +116,7 @@ in { RemainAfterExit = true; }; }; - + users = { groups.gitea-actions = { }; users.gitea-actions = {