RGBCube/ncc
1
Fork 0
mirror of https://github.com/RGBCube/ncc synced 2025-07-28 02:27:44 +00:00
Code Issues Activity

feat: remove forgejo runners

Browse source
This commit is contained in:
RGBCube 2025-02-27 23:49:41 +03:00
parent dd4fa3b28d
commit 07537d4889
Signed by: RGBCube
SSH key fingerprint: SHA256:CzqbPcfwt+GxFYNnFVCqoN5Itn4YFrshg1TrnACpA5M
5 changed files with 4 additions and 77 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -16,7 +16,6 @@
!hosts/cube/nextcloud/
!hosts/cube/nextcloud/*.gif
!hosts/cube/grafana/
!hosts/cube/forgejo/
!hosts/disk/

57
hosts/cube/forgejo/default.nix → hosts/cube/forgejo.nix
View file

@ -1,4 +1,4 @@
{ self, config, lib, pkgs, ... }: let
{ self, config, lib, ... }: let
inherit (config.networking) domain;
inherit (lib) const enabled genAttrs head merge mkForce;
@ -10,10 +10,6 @@ in {
(self + /modules/postgresql.nix)
];
secrets.forgejoPasswordRunner = {
file = ./password.runner.age;
owner = "forgejo";
};
secrets.forgejoPasswordMail = {
file = self + /modules/mail/password.plain.age;
owner = "forgejo";
@ -22,47 +18,7 @@ in {
services.postgresql.ensure = [ "forgejo" ];
services.restic.backups = genAttrs config.services.restic.hosts <| const {
paths = [ "/var/lib/gitea-runner" "/var/lib/forgejo" ];
};
users.groups.gitea-runner = {};
users.users.gitea-runner = {
extraGroups = [ "docker" ];
group = "gitea-runner";
home = "/var/lib/gitea-runner";
isSystemUser = true;
};
services.gitea-actions-runner = {
package = pkgs.forgejo-actions-runner;
instances.runner-01 = enabled {
name = "runner-01";
url = fqdn;
labels = [
"debian-latest:docker://node:18-bullseye"
"ubuntu-latest:docker://node:18-bullseye"
"act:docker://ghcr.io/catthehacker/ubuntu:act-latest"
];
tokenFile = config.secrets.forgejoPasswordRunner.path;
settings = {
cache.enabled = true;
capacity = 4;
container.network = "host";
};
hostPackages = [
pkgs.bash
pkgs.uutils-coreutils-noprefix
pkgs.curl
pkgs.gitMinimal
pkgs.sudo
pkgs.wget
];
};
paths = [ "/var/lib/forgejo" ];
};
services.openssh.settings.AcceptEnv = mkForce "SHELLS COLOTERM GIT_PROTOCOL";
@ -82,11 +38,6 @@ in {
in {
default.APP_NAME = description;
actions = {
ENABLED = true;
DEFAULT_ACTIONS_URL = "https://${fqdn}";
};
attachment.ALLOWED_TYPES = "*/*";
cache.ENABLED = true;
@ -109,7 +60,7 @@ in {
repository = {
DEFAULT_BRANCH = "master";
DEFAULT_MERGE_STYLE = "rebase-merge";
DEFAULT_REPO_UNITS = "repo.code, repo.issues, repo.pulls, repo.actions";
DEFAULT_REPO_UNITS = "repo.code, repo.issues, repo.pulls";
DEFAULT_PUSH_CREATE_PRIVATE = false;
ENABLE_PUSH_CREATE_ORG = true;
@ -120,7 +71,7 @@ in {
"repository.upload" = {
FILE_MAX_SIZE = 100;
MAX_FILES = 10;
MAX_FILES = 10;
};
server = {

7
hosts/cube/forgejo/password.runner.age
View file

@ -1,7 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 +rZ0Tw IxxQ0LDIaHoYaQOIlf7Ehh7b0n4rqnDyyAsRxYCKMlc
D+gQhx+JcC7iHg9vbbOT1qpUxYZFFKPJO9O5m08WrKM
-> ssh-ed25519 CzqbPQ qItwt5OS63q8W6/RH/V/d8txs1cTyXEGBX0+9/skR2s
sV08BHd2Kpj7B8RzpvIGtiBrb5OULInGTVpyRX8cO5I
--- U0I6eynEz6aEw7dLFnTSrG/hJa3p4t7oYwM6Q8sUByQ
Œk!ÐxJ:_ÒÝÛ9HØô7 FBéðÅÏa@”À׺q¿æÙ<C3A6>@ÒàqŠvKKà]£šM®f?øÇûpýEH}Þv<C39E>üS:¥¹Â¥

15
hosts/cube/podman.nix
View file

@ -1,15 +0,0 @@
{ lib, ... }: let
inherit (lib) enabled;
in {
virtualisation.podman = enabled {
dockerCompat = true;
dockerSocket = enabled;
defaultNetwork.settings.dns_enabled = true;
autoPrune = enabled {
dates = "weekly";
flags = [ "--all" ];
};
};
}

1
secrets.nix
View file

@ -18,7 +18,6 @@ in {
"hosts/cube/id.age".publicKeys = [ cube ] ++ admins;
"hosts/cube/password.rgb.age".publicKeys = [ cube ] ++ admins;
"hosts/cube/forgejo/password.runner.age".publicKeys = [ cube ] ++ admins;
"hosts/cube/grafana/password.age".publicKeys = [ cube ] ++ admins;
"hosts/cube/matrix/password.secret.age".publicKeys = [ cube ] ++ admins;
"hosts/cube/nextcloud/password.age".publicKeys = [ cube ] ++ admins;