From 3cc264a857a957d2929187485997a8c77ff2783c Mon Sep 17 00:00:00 2001 From: Noah Masur <7386960+nmasur@users.noreply.github.com> Date: Sun, 16 Jul 2023 03:33:35 +0000 Subject: [PATCH] fix: register gitea runner --- modules/nixos/services/gitea-runner.nix | 21 +++++++++++++++++++-- private/gitea-runner-token.age | 12 ++++++++++++ 2 files changed, 31 insertions(+), 2 deletions(-) create mode 100644 private/gitea-runner-token.age diff --git a/modules/nixos/services/gitea-runner.nix b/modules/nixos/services/gitea-runner.nix index d168236..b03821b 100644 --- a/modules/nixos/services/gitea-runner.nix +++ b/modules/nixos/services/gitea-runner.nix @@ -10,9 +10,9 @@ enable = true; labels = [ # Provide a Debian base with NodeJS for actions - "debian-latest:docker://node:18-bullseye" + # "debian-latest:docker://node:18-bullseye" # Fake the Ubuntu name, because Node provides no Ubuntu builds - "ubuntu-latest:docker://node:18-bullseye" + # "ubuntu-latest:docker://node:18-bullseye" # Provide native execution on the host using below packages "native:host" ]; @@ -31,6 +31,23 @@ tokenFile = config.secrets.giteaRunnerToken.dest; }; + secrets.giteaRunnerToken = { + source = ../../../private/gitea-runner-token.age; # TOKEN=xyz + dest = "${config.secretsDirectory}/gitea-runner-token"; + }; + systemd.services.giteaRunnerToken-secret = { + requiredBy = [ + "gitea-runner-${ + config.services.gitea-actions-runner.instances.${config.networking.hostName}.name + }.service" + ]; + before = [ + "gitea-runner-${ + config.services.gitea-actions-runner.instances.${config.networking.hostName}.name + }.service" + ]; + }; + }; } diff --git a/private/gitea-runner-token.age b/private/gitea-runner-token.age new file mode 100644 index 0000000..3aa96b7 --- /dev/null +++ b/private/gitea-runner-token.age @@ -0,0 +1,12 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBoOVF1 +NmZocHpQQnRJcWpWUHh2bU93NkdnZWNzSlFiaHdTd24rcHpsczFRCmJaSzNkNGs1 +UDJCN2dYUVE3UTE1OU5RUWljQlN4dmxuUnpOMFYxQTdUaVEKLT4gc3NoLWVkMjU1 +MTkgWXlTVU1RIE5HdGd6aTlKM0lFUlYzT1VhS05nZ2ZxTndVZHBNQlJxYlovdXkx +ei96d2cKdzlUYVFFaEIzaS9LZmY3MzM1RmNnR0xjOEpHK1kxM0FMTWRQSlVnczVF +dwotPiBzc2gtZWQyNTUxOSBuanZYNUEgQ1lhMGQvUy9OWkRBR3BZV1pFNmNtb2pq +Y2VEUzhRWGVWUkZJY1l4RGtWdwphdFZtM0ZLZURvYVZQYjV4bWVPdWJxa3RmWmVh +SHl0T0pQWmxnVlFPR2drCi0tLSBnd2lwS3dqUk5Jelg0b3RxbFdEcnJ6ZkkvZTVN +UllBeUUyOXBxVDBKMG5BCkGo9kj9sMVhbnXVM35lGScAb8r5LH9vf5jOdhLC/Wj2 ++uA0ONIh7F2GELzf5Cw1KZJ8aHTURM2r41vZvfAQN1RwrmYOiUzlyMrvTDe78cY= +-----END AGE ENCRYPTED FILE-----