histausse/nixos-modules
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

add forgejo runner

Browse source
This commit is contained in:
Jean-Marie 'Histausse' Mineau 2024-02-12 22:49:23 +01:00
parent a8ed56ac64
commit e271cb5954
Signed by: histausse
GPG key ID: B66AEEDA9B645AD2
2 changed files with 53 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
pp-forgejo-runner.nix Normal file
View file

@ -0,0 +1,40 @@
{ config, pkgs, ... }:
with lib;
let
cfgBase = config.base;
cfg = config.services.ppForgejoRunner;
in
{
options.services.ppForgejoRunner = {
forgeUrl = mkOption {
type = types.str;
default = "git.${cfgBase.domainName}";
example = "git.example.com";
description = "The domain of the forgejo server";
};
runnerName = mkOption {
type = types.str;
default = "${cfgBase.name}.${cfgBase.domainName}";
example = "git-runner.example.com";
description = "The name of the runner";
};
tokenFile = mkOption {
type = types.str;
default = "/etc/forgejo_db_pwd";
description = "The file containing the token to access forgejo. Be sure to secure it. The content of the file must be of the form TOKEN=<token>";
};
};
config = {
virtualisation.podman.enable = true;
services.gitea-actions-runner.package = pkgs.forgejo-actions-runner;
services.gitea-actions-runner.instances."${cfg.runnerName}" = {
enable = true;
name = cfg.runnerName;
url = cfg.forgeUrl;
tokenFile = cfg.tokenFile;
labels = [
"debian:docker://debian:bookworm"
];
};
}

14
pp-forgejo.nix
View file

@ -12,7 +12,7 @@ in
example = "git.example.com"; example = "git.example.com";
description = "The domain of the server"; description = "The domain of the server";
}; };
openIdEnable = mkOption { openIdEnabled = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = "If OpenId provider is setup and should be used exclusively."; description = "If OpenId provider is setup and should be used exclusively.";
@ -35,6 +35,11 @@ in
default = "/etc/forgejo_db_pwd"; default = "/etc/forgejo_db_pwd";
description = "The file containing the database password. Be sure to secure it."; description = "The file containing the database password. Be sure to secure it.";
}; };
actionsEnabled = mkOption {
type: types.bool;
default = false;
description = "Enable the use of actions";
};
}; };
config = { config = {
@ -59,6 +64,7 @@ in
services.forgejo.settings.repository.ENABLE_PUSH_CREATE_USER = true; services.forgejo.settings.repository.ENABLE_PUSH_CREATE_USER = true;
services.forgejo.settings.repository.ENABLE_PUSH_CREATE_ORG = true; services.forgejo.settings.repository.ENABLE_PUSH_CREATE_ORG = true;
services.forgejo.settings.repository.DEFAULT_REPO_UNITS = "repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects,repo.packages,repo.actions";
# Set the permittions for the db file # Set the permittions for the db file
system.activationScripts = { system.activationScripts = {
@ -87,6 +93,12 @@ in
}; };
services.forgejo.settings.actions = lib.mkIf (cfg.actionsEnabled) {
ENABLED = true;
DEFAULT_ACTION_URL = "https://${cfg.domain}";
};
# NGINX # NGINX
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
security.acme.defaults.email = cfgBase.adminEmail; security.acme.defaults.email = cfgBase.adminEmail;