{ lib, pkgs, config, sources, ... }: { _class = "nixos"; imports = with sources; [ (import "${home-manager}/nixos") "${vars}/options.nix" "${vars}/backends/on-machine.nix" ]; services.gitea-actions-runner = { package = pkgs.forgejo-actions-runner; instances.default = { enable = true; name = config.networking.fqdn; url = "https://git.fediversity.eu"; tokenFile = config.age.secrets.forgejo-runner-token.path; settings = { log.level = "info"; runner = { file = ".runner"; # Take only 1 job at a time to avoid clashing NixOS tests, see #362 capacity = 1; timeout = "3h"; insecure = false; fetch_timeout = "5s"; fetch_interval = "2s"; }; }; ## This runner supports Docker (with a default Ubuntu image) and native ## modes. In native mode, it contains a few default packages. labels = [ "docker:docker://node:16-bullseye" "native:host" ]; hostPackages = with pkgs; [ bash git nix nodejs ]; }; }; ## For the Docker mode of the runner. virtualisation.docker.enable = true; vars.settings.on-machine.enable = true; vars.generators."templates" = rec { dependencies = [ "attic" ]; runtimeInputs = [ pkgs.coreutils pkgs.gnused ]; script = lib.concatStringsSep "\n" ( lib.mapAttrsToList (template: _: '' cp "$templates/${template}" "$out/${template}" echo "filling placeholders in template ${template}..." sed -i "s/${placeholder}/$(cat "${config.age.secrets.wiki-password.path}")/g" "$out/${template}" '') files ); files."attic.toml" = { secret = true; template = pkgs.writeText "attic.toml" '' default-server = "fediversity" [servers.fediversity] endpoint = "http://localhost:8080" token = "${config.vars.generators.attic.files.token.placeholder}" ''; }; }; home-manager = { users.gitea-runner.home = { stateVersion = "25.05"; file.".config/attic/config.toml".source = config.vars.generators."templates".files."attic.toml".path; }; }; }