From 5a1a843ecdcb492f045f93e121691e74b9743d37 Mon Sep 17 00:00:00 2001
From: Noah Masur <7386960+nmasur@users.noreply.github.com>
Date: Mon, 10 Jul 2023 16:00:48 -0600
Subject: [PATCH] enable gitea actions and runner

---
 hosts/flame/default.nix                 |  2 ++
 modules/nixos/services/default.nix      |  1 +
 modules/nixos/services/gitea-runner.nix | 36 +++++++++++++++++++++++++
 modules/nixos/services/gitea.nix        |  1 +
 4 files changed, 40 insertions(+)
 create mode 100644 modules/nixos/services/gitea-runner.nix

diff --git a/hosts/flame/default.nix b/hosts/flame/default.nix
index 99bc6eb..b2dae92 100644
--- a/hosts/flame/default.nix
+++ b/hosts/flame/default.nix
@@ -62,6 +62,8 @@ inputs.nixpkgs.lib.nixosSystem {
           "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK/6oyVqjFGX3Uvrc3VS8J9sphxzAnRzKC85xgkHfYgR3TK6qBGXzHrknEj21xeZrr3G2y1UsGzphWJd9ZfIcdA= open-ssh-ca@cloudflareaccess.org";
       };
 
+      giteaRunner.enable = true;
+
       # Nextcloud backup config
       backup.s3 = {
         endpoint = "s3.us-west-002.backblazeb2.com";
diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix
index 1ca9753..a64590f 100644
--- a/modules/nixos/services/default.nix
+++ b/modules/nixos/services/default.nix
@@ -7,6 +7,7 @@
     ./calibre.nix
     ./cloudflare-tunnel.nix
     ./cloudflare.nix
+    ./gitea-runner.nix
     ./gitea.nix
     ./gnupg.nix
     ./grafana.nix
diff --git a/modules/nixos/services/gitea-runner.nix b/modules/nixos/services/gitea-runner.nix
new file mode 100644
index 0000000..d168236
--- /dev/null
+++ b/modules/nixos/services/gitea-runner.nix
@@ -0,0 +1,36 @@
+{ config, pkgs, lib, ... }:
+
+{
+  options.giteaRunner.enable =
+    lib.mkEnableOption "Enable Gitea Actions runner.";
+
+  config = lib.mkIf config.giteaRunner.enable {
+
+    services.gitea-actions-runner.instances.${config.networking.hostName} = {
+      enable = true;
+      labels = [
+        # Provide a Debian base with NodeJS for actions
+        "debian-latest:docker://node:18-bullseye"
+        # Fake the Ubuntu name, because Node provides no Ubuntu builds
+        "ubuntu-latest:docker://node:18-bullseye"
+        # Provide native execution on the host using below packages
+        "native:host"
+      ];
+      hostPackages = with pkgs; [
+        bash
+        coreutils
+        curl
+        gawk
+        gitMinimal
+        gnused
+        nodejs
+        wget
+      ];
+      name = config.networking.hostName;
+      url = "https://${config.hostnames.git}";
+      tokenFile = config.secrets.giteaRunnerToken.dest;
+    };
+
+  };
+
+}
diff --git a/modules/nixos/services/gitea.nix b/modules/nixos/services/gitea.nix
index 3998aa3..dd5ec38 100644
--- a/modules/nixos/services/gitea.nix
+++ b/modules/nixos/services/gitea.nix
@@ -8,6 +8,7 @@ in {
     services.gitea = {
       database.type = "sqlite3";
       settings = {
+        actions.ENABLED = true;
         repository = {
           DEFAULT_PUSH_CREATE_PRIVATE = true;
           DISABLE_HTTP_GIT = false;