actions-runner: add Forgejo runner to nix-cache02 with Vault token

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 00:41:24 +01:00
parent ff5f166855
commit 117e54a849
5 changed files with 34 additions and 3 deletions
--- a/hosts/nix-cache02/actions-runner.nix
+++ b/hosts/nix-cache02/actions-runner.nix
@@ -0,0 +1,16 @@
+{ ... }:
+{
+  # Fetch runner token from Vault
+  vault.secrets.forgejo-runner-token = {
+    secretPath = "hosts/nix-cache02/forgejo-runner-token";
+    extractKey = "token";
+    mode = "0444";
+    services = [ "gitea-runner-actions1" ];
+  };
+
+  # Override token source and runner capacity
+  services.gitea-actions-runner.instances.actions1 = {
+    tokenFile = "/run/secrets/forgejo-runner-token";
+    settings.runner.capacity = 4;
+  };
+}
--- a/hosts/nix-cache02/default.nix
+++ b/hosts/nix-cache02/default.nix
@@ -3,6 +3,8 @@
    ./configuration.nix
    ./builder.nix
    ./scheduler.nix
+    ./actions-runner.nix
    ../../services/nix-cache
+    ../../services/actions-runner
  ];
 }