forked from fediversity/fediversity
Compare commits
No commits in common. "6fc1dc7b8a6b5d64a2206ce7833d5a71b8ef083b" and "9b6b1c6e9fb723ce6832552ba5cabdd95dad4082" have entirely different histories.
6fc1dc7b8a
...
9b6b1c6e9f
1 changed files with 71 additions and 96 deletions
|
|
@ -17,28 +17,12 @@
|
||||||
inherit group;
|
inherit group;
|
||||||
mode = "440";
|
mode = "440";
|
||||||
})
|
})
|
||||||
(
|
{
|
||||||
{
|
woodpecker-gitea-client = "woodpecker-server";
|
||||||
woodpecker-gitea-client = "woodpecker-server";
|
woodpecker-gitea-secret = "woodpecker-server";
|
||||||
woodpecker-gitea-secret = "woodpecker-server";
|
woodpecker-agent-exec = "woodpecker-agent-exec";
|
||||||
}
|
woodpecker-agent-container = "woodpecker-agent-docker";
|
||||||
// (
|
};
|
||||||
if config.services.woodpecker-agents.agents.exec.enable then
|
|
||||||
{
|
|
||||||
woodpecker-agent-exec = "woodpecker-agent-exec";
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{ }
|
|
||||||
)
|
|
||||||
// (
|
|
||||||
if config.services.woodpecker-agents.agents.docker.enable then
|
|
||||||
{
|
|
||||||
woodpecker-agent-container = "woodpecker-agent-docker";
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{ }
|
|
||||||
)
|
|
||||||
);
|
|
||||||
|
|
||||||
# needs `sudo generate-vars`
|
# needs `sudo generate-vars`
|
||||||
vars.settings.on-machine.enable = true;
|
vars.settings.on-machine.enable = true;
|
||||||
|
|
@ -64,13 +48,12 @@
|
||||||
|
|
||||||
vars.generators.woodpecker =
|
vars.generators.woodpecker =
|
||||||
let
|
let
|
||||||
fileNames =
|
fileNames = [
|
||||||
[
|
"woodpecker-gitea-client"
|
||||||
"woodpecker-gitea-client"
|
"woodpecker-gitea-secret"
|
||||||
"woodpecker-gitea-secret"
|
"woodpecker-agent-exec"
|
||||||
]
|
"woodpecker-agent-container"
|
||||||
++ (lib.lists.optional config.services.woodpecker-agents.agents.exec.enable "woodpecker-agent-exec")
|
];
|
||||||
++ (lib.lists.optional config.services.woodpecker-agents.agents.docker.enable "woodpecker-agent-container");
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
runtimeInputs = [
|
runtimeInputs = [
|
||||||
|
|
@ -138,64 +121,60 @@
|
||||||
WOODPECKER_GRPC_SECURE=false
|
WOODPECKER_GRPC_SECURE=false
|
||||||
'';
|
'';
|
||||||
in
|
in
|
||||||
(lib.mkMerge [
|
{
|
||||||
{
|
# https://woodpecker-ci.org/docs/administration/configuration/server
|
||||||
# https://woodpecker-ci.org/docs/administration/configuration/server
|
"woodpecker-server.conf" = {
|
||||||
"woodpecker-server.conf" = {
|
secret = true;
|
||||||
secret = true;
|
template = pkgs.writeText "woodpecker-server.conf" ''
|
||||||
template = pkgs.writeText "woodpecker-server.conf" ''
|
WOODPECKER_DATABASE_DRIVER=sqlite3
|
||||||
WOODPECKER_DATABASE_DRIVER=sqlite3
|
WOODPECKER_DISABLE_USER_AGENT_REGISTRATION=false
|
||||||
WOODPECKER_DISABLE_USER_AGENT_REGISTRATION=false
|
WOODPECKER_OPEN=false
|
||||||
WOODPECKER_OPEN=false
|
WOODPECKER_ADMIN=kiara,fricklerhandwerk,niols
|
||||||
WOODPECKER_ADMIN=kiara,fricklerhandwerk,niols
|
WOODPECKER_HOST=https://woodpecker.fediversity.eu
|
||||||
WOODPECKER_HOST=https://woodpecker.fediversity.eu
|
WOODPECKER_GITEA=true
|
||||||
WOODPECKER_GITEA=true
|
WOODPECKER_GITEA_URL=https://git.fediversity.eu
|
||||||
WOODPECKER_GITEA_URL=https://git.fediversity.eu
|
WOODPECKER_GITEA_CLIENT=${config.vars.generators.woodpecker.files.woodpecker-gitea-client.placeholder}
|
||||||
WOODPECKER_GITEA_CLIENT=${config.vars.generators.woodpecker.files.woodpecker-gitea-client.placeholder}
|
WOODPECKER_GITEA_SECRET=${config.vars.generators.woodpecker.files.woodpecker-gitea-secret.placeholder}
|
||||||
WOODPECKER_GITEA_SECRET=${config.vars.generators.woodpecker.files.woodpecker-gitea-secret.placeholder}
|
WOODPECKER_AGENT_SECRET=${config.vars.generators.woodpecker-agent-secret.files.my-secret.placeholder}
|
||||||
WOODPECKER_AGENT_SECRET=${config.vars.generators.woodpecker-agent-secret.files.my-secret.placeholder}
|
WOODPECKER_GRPC_SECRET=${config.vars.generators.woodpecker-rpc-secret.files.rpc-secret.placeholder}
|
||||||
WOODPECKER_GRPC_SECRET=${config.vars.generators.woodpecker-rpc-secret.files.rpc-secret.placeholder}
|
WOODPECKER_LOG_LEVEL=info
|
||||||
WOODPECKER_LOG_LEVEL=info
|
WOODPECKER_DEFAULT_CLONE_PLUGIN=docker.io/woodpeckerci/plugin-git
|
||||||
WOODPECKER_DEFAULT_CLONE_PLUGIN=docker.io/woodpeckerci/plugin-git
|
WOODPECKER_SERVER_ADDR=:8000
|
||||||
WOODPECKER_SERVER_ADDR=:8000
|
WOODPECKER_GRPC_ADDR=:9000
|
||||||
WOODPECKER_GRPC_ADDR=:9000
|
'';
|
||||||
'';
|
};
|
||||||
};
|
|
||||||
}
|
# https://woodpecker-ci.org/docs/administration/configuration/backends/local#environment-variables
|
||||||
(lib.mkIf config.services.woodpecker-agents.agents.exec.enable {
|
"woodpecker-agent-exec.conf" = {
|
||||||
# https://woodpecker-ci.org/docs/administration/configuration/backends/local#environment-variables
|
secret = true;
|
||||||
"woodpecker-agent-exec.conf" = {
|
template = pkgs.writeText "woodpecker-agent-exec.conf" (
|
||||||
secret = true;
|
lib.concatStringsSep "\n" [
|
||||||
template = pkgs.writeText "woodpecker-agent-exec.conf" (
|
shared
|
||||||
lib.concatStringsSep "\n" [
|
''
|
||||||
shared
|
WOODPECKER_AGENT_SECRET=${config.vars.generators.woodpecker.files.woodpecker-agent-exec.placeholder}
|
||||||
''
|
WOODPECKER_BACKEND=local
|
||||||
WOODPECKER_AGENT_SECRET=${config.vars.generators.woodpecker.files.woodpecker-agent-exec.placeholder}
|
WOODPECKER_AGENT_LABELS=type=local
|
||||||
WOODPECKER_BACKEND=local
|
''
|
||||||
WOODPECKER_AGENT_LABELS=type=local
|
]
|
||||||
''
|
);
|
||||||
]
|
};
|
||||||
);
|
|
||||||
};
|
# https://woodpecker-ci.org/docs/administration/configuration/backends/docker#environment-variables
|
||||||
})
|
"woodpecker-agent-podman.conf" = {
|
||||||
(lib.mkIf config.services.woodpecker-agents.agents.docker.enable {
|
secret = true;
|
||||||
# https://woodpecker-ci.org/docs/administration/configuration/backends/docker#environment-variables
|
template = pkgs.writeText "woodpecker-agent-podman.conf" (
|
||||||
"woodpecker-agent-podman.conf" = {
|
lib.concatStringsSep "\n" [
|
||||||
secret = true;
|
shared
|
||||||
template = pkgs.writeText "woodpecker-agent-podman.conf" (
|
''
|
||||||
lib.concatStringsSep "\n" [
|
WOODPECKER_AGENT_SECRET=${config.vars.generators.woodpecker.files.woodpecker-agent-container.placeholder}
|
||||||
shared
|
WOODPECKER_BACKEND=docker
|
||||||
''
|
WOODPECKER_AGENT_LABELS=type=docker
|
||||||
WOODPECKER_AGENT_SECRET=${config.vars.generators.woodpecker.files.woodpecker-agent-container.placeholder}
|
DOCKER_HOST=unix:///run/podman/podman.sock
|
||||||
WOODPECKER_BACKEND=docker
|
''
|
||||||
WOODPECKER_AGENT_LABELS=type=docker
|
]
|
||||||
DOCKER_HOST=unix:///run/podman/podman.sock
|
);
|
||||||
''
|
};
|
||||||
]
|
};
|
||||||
);
|
|
||||||
};
|
|
||||||
})
|
|
||||||
]);
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# enable git-lfs
|
# enable git-lfs
|
||||||
|
|
@ -228,7 +207,7 @@
|
||||||
# https://woodpecker-ci.org/docs/administration/configuration/agent
|
# https://woodpecker-ci.org/docs/administration/configuration/agent
|
||||||
woodpecker-agents.agents = {
|
woodpecker-agents.agents = {
|
||||||
exec = {
|
exec = {
|
||||||
# enable = true;
|
enable = true;
|
||||||
path = with pkgs; [
|
path = with pkgs; [
|
||||||
git
|
git
|
||||||
git-lfs
|
git-lfs
|
||||||
|
|
@ -274,13 +253,9 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services = {
|
systemd.services.woodpecker-agent-docker = {
|
||||||
woodpecker-agent-docker = lib.mkIf config.services.woodpecker-agents.agents.docker.enable {
|
wants = [ "podman.socket" ];
|
||||||
wants = [ "podman.socket" ];
|
after = [ "podman.socket" ];
|
||||||
after = [ "podman.socket" ];
|
serviceConfig.SupplementaryGroups = [ "podman" ];
|
||||||
serviceConfig = {
|
|
||||||
SupplementaryGroups = [ "podman" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue