feat: remove forgejo runners

.gitignore

@@ -16,7 +16,6 @@
 !hosts/cube/nextcloud/
 !hosts/cube/nextcloud/*.gif
 !hosts/cube/grafana/
-!hosts/cube/forgejo/
 
 !hosts/disk/
 

hosts/cube/forgejo.nix

@@ -1,4 +1,4 @@
-{ self, config, lib, pkgs, ... }: let
+{ self, config, lib, ... }: let
   inherit (config.networking) domain;
   inherit (lib) const enabled genAttrs head merge mkForce;
 
@@ -10,10 +10,6 @@ in {
     (self + /modules/postgresql.nix)
   ];
 
-  secrets.forgejoPasswordRunner = {
-    file  = ./password.runner.age;
-    owner = "forgejo";
-  };
   secrets.forgejoPasswordMail = {
     file  = self + /modules/mail/password.plain.age;
     owner = "forgejo";
@@ -22,47 +18,7 @@ in {
   services.postgresql.ensure = [ "forgejo" ];
 
   services.restic.backups = genAttrs config.services.restic.hosts <| const {
-    paths = [ "/var/lib/gitea-runner"  "/var/lib/forgejo" ];
+    paths = [ "/var/lib/forgejo" ];
-  };
-
-  users.groups.gitea-runner = {};
-  users.users.gitea-runner  = {
-    extraGroups  = [ "docker" ];
-    group        = "gitea-runner";
-    home         = "/var/lib/gitea-runner";
-    isSystemUser = true;
-  };
-
-  services.gitea-actions-runner = {
-    package = pkgs.forgejo-actions-runner;
-
-    instances.runner-01 = enabled {
-      name = "runner-01";
-      url  = fqdn;
-
-      labels = [
-        "debian-latest:docker://node:18-bullseye"
-        "ubuntu-latest:docker://node:18-bullseye"
-        "act:docker://ghcr.io/catthehacker/ubuntu:act-latest"
-      ];
-
-      tokenFile = config.secrets.forgejoPasswordRunner.path;
-
-      settings = {
-        cache.enabled     = true;
-        capacity          = 4;
-        container.network = "host";
-      };
-
-      hostPackages = [
-        pkgs.bash
-        pkgs.uutils-coreutils-noprefix
-        pkgs.curl
-        pkgs.gitMinimal
-        pkgs.sudo
-        pkgs.wget
-      ];
-    };
   };
 
   services.openssh.settings.AcceptEnv = mkForce "SHELLS COLOTERM GIT_PROTOCOL";
@@ -82,11 +38,6 @@ in {
     in {
       default.APP_NAME = description;
 
-      actions = {
-        ENABLED             = true;
-        DEFAULT_ACTIONS_URL = "https://${fqdn}";
-      };
-
       attachment.ALLOWED_TYPES = "*/*";
 
       cache.ENABLED = true;
@@ -109,7 +60,7 @@ in {
       repository = {
         DEFAULT_BRANCH      = "master";
         DEFAULT_MERGE_STYLE = "rebase-merge";
-        DEFAULT_REPO_UNITS  = "repo.code, repo.issues, repo.pulls, repo.actions";
+        DEFAULT_REPO_UNITS  = "repo.code, repo.issues, repo.pulls";
 
         DEFAULT_PUSH_CREATE_PRIVATE = false;
         ENABLE_PUSH_CREATE_ORG      = true;

hosts/cube/forgejo/password.runner.age

@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 +rZ0Tw IxxQ0LDIaHoYaQOIlf7Ehh7b0n4rqnDyyAsRxYCKMlc
-D+gQhx+JcC7iHg9vbbOT1qpUxYZFFKPJO9O5m08WrKM
--> ssh-ed25519 CzqbPQ qItwt5OS63q8W6/RH/V/d8txs1cTyXEGBX0+9/skR2s
-sV08BHd2Kpj7B8RzpvIGtiBrb5OULInGTVpyRX8cO5I
---- U0I6eynEz6aEw7dLFnTSrG/hJa3p4t7oYwM6Q8sUByQ
-Œk!ÐxJ:_ÒÝÛ9HØô7	FBé›ðÅÏa@”À׺q¿æÙ<C3A6>@ÒàqŠvKKà]£šM®f?øÇûpýEH}Þv<C39E>üS:¥¹Â¥

hosts/cube/podman.nix

@@ -1,15 +0,0 @@
-{ lib, ... }: let
-  inherit (lib) enabled;
-in {
-  virtualisation.podman = enabled {
-    dockerCompat = true;
-    dockerSocket = enabled;
-
-    defaultNetwork.settings.dns_enabled = true;
-
-    autoPrune = enabled {
-      dates = "weekly";
-      flags = [ "--all" ];
-    };
-  };
-}

secrets.nix

@@ -18,7 +18,6 @@ in {
   "hosts/cube/id.age".publicKeys                      = [ cube ] ++ admins;
   "hosts/cube/password.rgb.age".publicKeys            = [ cube ] ++ admins;
 
-  "hosts/cube/forgejo/password.runner.age".publicKeys = [ cube ] ++ admins;
   "hosts/cube/grafana/password.age".publicKeys        = [ cube ] ++ admins;
   "hosts/cube/matrix/password.secret.age".publicKeys  = [ cube ] ++ admins;
   "hosts/cube/nextcloud/password.age".publicKeys      = [ cube ] ++ admins;