From 3cc264a857a957d2929187485997a8c77ff2783c Mon Sep 17 00:00:00 2001
From: Noah Masur <7386960+nmasur@users.noreply.github.com>
Date: Sun, 16 Jul 2023 03:33:35 +0000
Subject: [PATCH] fix: register gitea runner

---
 modules/nixos/services/gitea-runner.nix | 21 +++++++++++++++++++--
 private/gitea-runner-token.age          | 12 ++++++++++++
 2 files changed, 31 insertions(+), 2 deletions(-)
 create mode 100644 private/gitea-runner-token.age

diff --git a/modules/nixos/services/gitea-runner.nix b/modules/nixos/services/gitea-runner.nix
index d168236..b03821b 100644
--- a/modules/nixos/services/gitea-runner.nix
+++ b/modules/nixos/services/gitea-runner.nix
@@ -10,9 +10,9 @@
       enable = true;
       labels = [
         # Provide a Debian base with NodeJS for actions
-        "debian-latest:docker://node:18-bullseye"
+        # "debian-latest:docker://node:18-bullseye"
         # Fake the Ubuntu name, because Node provides no Ubuntu builds
-        "ubuntu-latest:docker://node:18-bullseye"
+        # "ubuntu-latest:docker://node:18-bullseye"
         # Provide native execution on the host using below packages
         "native:host"
       ];
@@ -31,6 +31,23 @@
       tokenFile = config.secrets.giteaRunnerToken.dest;
     };
 
+    secrets.giteaRunnerToken = {
+      source = ../../../private/gitea-runner-token.age; # TOKEN=xyz
+      dest = "${config.secretsDirectory}/gitea-runner-token";
+    };
+    systemd.services.giteaRunnerToken-secret = {
+      requiredBy = [
+        "gitea-runner-${
+          config.services.gitea-actions-runner.instances.${config.networking.hostName}.name
+        }.service"
+      ];
+      before = [
+        "gitea-runner-${
+          config.services.gitea-actions-runner.instances.${config.networking.hostName}.name
+        }.service"
+      ];
+    };
+
   };
 
 }
diff --git a/private/gitea-runner-token.age b/private/gitea-runner-token.age
new file mode 100644
index 0000000..3aa96b7
--- /dev/null
+++ b/private/gitea-runner-token.age
@@ -0,0 +1,12 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBoOVF1
+NmZocHpQQnRJcWpWUHh2bU93NkdnZWNzSlFiaHdTd24rcHpsczFRCmJaSzNkNGs1
+UDJCN2dYUVE3UTE1OU5RUWljQlN4dmxuUnpOMFYxQTdUaVEKLT4gc3NoLWVkMjU1
+MTkgWXlTVU1RIE5HdGd6aTlKM0lFUlYzT1VhS05nZ2ZxTndVZHBNQlJxYlovdXkx
+ei96d2cKdzlUYVFFaEIzaS9LZmY3MzM1RmNnR0xjOEpHK1kxM0FMTWRQSlVnczVF
+dwotPiBzc2gtZWQyNTUxOSBuanZYNUEgQ1lhMGQvUy9OWkRBR3BZV1pFNmNtb2pq
+Y2VEUzhRWGVWUkZJY1l4RGtWdwphdFZtM0ZLZURvYVZQYjV4bWVPdWJxa3RmWmVh
+SHl0T0pQWmxnVlFPR2drCi0tLSBnd2lwS3dqUk5Jelg0b3RxbFdEcnJ6ZkkvZTVN
+UllBeUUyOXBxVDBKMG5BCkGo9kj9sMVhbnXVM35lGScAb8r5LH9vf5jOdhLC/Wj2
++uA0ONIh7F2GELzf5Cw1KZJ8aHTURM2r41vZvfAQN1RwrmYOiUzlyMrvTDe78cY=
+-----END AGE ENCRYPTED FILE-----