From 07537d48893c1f69ec64c4b7a444f1155ea93030 Mon Sep 17 00:00:00 2001
From: RGBCube <git@rgbcu.be>
Date: Thu, 27 Feb 2025 23:49:41 +0300
Subject: [PATCH] feat: remove forgejo runners

---
 .gitignore                                    |  1 -
 .../cube/{forgejo/default.nix => forgejo.nix} | 57 ++-----------------
 hosts/cube/forgejo/password.runner.age        |  7 ---
 hosts/cube/podman.nix                         | 15 -----
 secrets.nix                                   |  1 -
 5 files changed, 4 insertions(+), 77 deletions(-)
 rename hosts/cube/{forgejo/default.nix => forgejo.nix} (64%)
 delete mode 100644 hosts/cube/forgejo/password.runner.age
 delete mode 100644 hosts/cube/podman.nix

diff --git a/.gitignore b/.gitignore
index 55d9b90..d0fda9f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -16,7 +16,6 @@
 !hosts/cube/nextcloud/
 !hosts/cube/nextcloud/*.gif
 !hosts/cube/grafana/
-!hosts/cube/forgejo/
 
 !hosts/disk/
 
diff --git a/hosts/cube/forgejo/default.nix b/hosts/cube/forgejo.nix
similarity index 64%
rename from hosts/cube/forgejo/default.nix
rename to hosts/cube/forgejo.nix
index 58b165b..b01eddb 100644
--- a/hosts/cube/forgejo/default.nix
+++ b/hosts/cube/forgejo.nix
@@ -1,4 +1,4 @@
-{ self, config, lib, pkgs, ... }: let
+{ self, config, lib, ... }: let
   inherit (config.networking) domain;
   inherit (lib) const enabled genAttrs head merge mkForce;
 
@@ -10,10 +10,6 @@ in {
     (self + /modules/postgresql.nix)
   ];
 
-  secrets.forgejoPasswordRunner = {
-    file  = ./password.runner.age;
-    owner = "forgejo";
-  };
   secrets.forgejoPasswordMail = {
     file  = self + /modules/mail/password.plain.age;
     owner = "forgejo";
@@ -22,47 +18,7 @@ in {
   services.postgresql.ensure = [ "forgejo" ];
 
   services.restic.backups = genAttrs config.services.restic.hosts <| const {
-    paths = [ "/var/lib/gitea-runner"  "/var/lib/forgejo" ];
-  };
-
-  users.groups.gitea-runner = {};
-  users.users.gitea-runner  = {
-    extraGroups  = [ "docker" ];
-    group        = "gitea-runner";
-    home         = "/var/lib/gitea-runner";
-    isSystemUser = true;
-  };
-
-  services.gitea-actions-runner = {
-    package = pkgs.forgejo-actions-runner;
-
-    instances.runner-01 = enabled {
-      name = "runner-01";
-      url  = fqdn;
-
-      labels = [
-        "debian-latest:docker://node:18-bullseye"
-        "ubuntu-latest:docker://node:18-bullseye"
-        "act:docker://ghcr.io/catthehacker/ubuntu:act-latest"
-      ];
-
-      tokenFile = config.secrets.forgejoPasswordRunner.path;
-
-      settings = {
-        cache.enabled     = true;
-        capacity          = 4;
-        container.network = "host";
-      };
-
-      hostPackages = [
-        pkgs.bash
-        pkgs.uutils-coreutils-noprefix
-        pkgs.curl
-        pkgs.gitMinimal
-        pkgs.sudo
-        pkgs.wget
-      ];
-    };
+    paths = [ "/var/lib/forgejo" ];
   };
 
   services.openssh.settings.AcceptEnv = mkForce "SHELLS COLOTERM GIT_PROTOCOL";
@@ -82,11 +38,6 @@ in {
     in {
       default.APP_NAME = description;
 
-      actions = {
-        ENABLED             = true;
-        DEFAULT_ACTIONS_URL = "https://${fqdn}";
-      };
-
       attachment.ALLOWED_TYPES = "*/*";
 
       cache.ENABLED = true;
@@ -109,7 +60,7 @@ in {
       repository = {
         DEFAULT_BRANCH      = "master";
         DEFAULT_MERGE_STYLE = "rebase-merge";
-        DEFAULT_REPO_UNITS  = "repo.code, repo.issues, repo.pulls, repo.actions";
+        DEFAULT_REPO_UNITS  = "repo.code, repo.issues, repo.pulls";
 
         DEFAULT_PUSH_CREATE_PRIVATE = false;
         ENABLE_PUSH_CREATE_ORG      = true;
@@ -120,7 +71,7 @@ in {
 
       "repository.upload" = {
         FILE_MAX_SIZE = 100;
-        MAX_FILES = 10;
+        MAX_FILES     = 10;
       };
 
       server = {
diff --git a/hosts/cube/forgejo/password.runner.age b/hosts/cube/forgejo/password.runner.age
deleted file mode 100644
index 736b6b3..0000000
--- a/hosts/cube/forgejo/password.runner.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 +rZ0Tw IxxQ0LDIaHoYaQOIlf7Ehh7b0n4rqnDyyAsRxYCKMlc
-D+gQhx+JcC7iHg9vbbOT1qpUxYZFFKPJO9O5m08WrKM
--> ssh-ed25519 CzqbPQ qItwt5OS63q8W6/RH/V/d8txs1cTyXEGBX0+9/skR2s
-sV08BHd2Kpj7B8RzpvIGtiBrb5OULInGTVpyRX8cO5I
---- U0I6eynEz6aEw7dLFnTSrG/hJa3p4t7oYwM6Q8sUByQ
-Œk!ÐxJ:_ÒÝÛ9HØô7	FBé›ðÅÏa@”À×ºq¿æÙ@ÒàqŠvKKà]£šM®f?øÇûpýEH}ÞvüS:¥¹Â¥
\ No newline at end of file
diff --git a/hosts/cube/podman.nix b/hosts/cube/podman.nix
deleted file mode 100644
index a798fbc..0000000
--- a/hosts/cube/podman.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ lib, ... }: let
-  inherit (lib) enabled;
-in {
-  virtualisation.podman = enabled {
-    dockerCompat = true;
-    dockerSocket = enabled;
-
-    defaultNetwork.settings.dns_enabled = true;
-
-    autoPrune = enabled {
-      dates = "weekly";
-      flags = [ "--all" ];
-    };
-  };
-}
diff --git a/secrets.nix b/secrets.nix
index 63550be..a4249aa 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -18,7 +18,6 @@ in {
   "hosts/cube/id.age".publicKeys                      = [ cube ] ++ admins;
   "hosts/cube/password.rgb.age".publicKeys            = [ cube ] ++ admins;
 
-  "hosts/cube/forgejo/password.runner.age".publicKeys = [ cube ] ++ admins;
   "hosts/cube/grafana/password.age".publicKeys        = [ cube ] ++ admins;
   "hosts/cube/matrix/password.secret.age".publicKeys  = [ cube ] ++ admins;
   "hosts/cube/nextcloud/password.age".publicKeys      = [ cube ] ++ admins;