From 93aa91f307f915381a708df9f88459799cd7853c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torjus=20H=C3=A5kestad?= Date: Sun, 8 Mar 2026 23:17:27 +0100 Subject: [PATCH] nrec-nixos02: add Forgejo Actions runner with Podman Adds a container-based Forgejo Actions runner on nrec-nixos02 connecting to code.t-juice.club, using Podman for sandboxed job execution with nix, node-bookworm, and alpine labels. Co-Authored-By: Claude Opus 4.6 --- hosts/nrec-nixos02/default.nix | 1 + services/actions-runner/default.nix | 32 +++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 services/actions-runner/default.nix diff --git a/hosts/nrec-nixos02/default.nix b/hosts/nrec-nixos02/default.nix index 5e8f064..d142cfa 100644 --- a/hosts/nrec-nixos02/default.nix +++ b/hosts/nrec-nixos02/default.nix @@ -3,6 +3,7 @@ imports = [ ./configuration.nix ../../system/packages.nix + ../../services/actions-runner (modulesPath + "/profiles/qemu-guest.nix") ]; } diff --git a/services/actions-runner/default.nix b/services/actions-runner/default.nix new file mode 100644 index 0000000..50b83ee --- /dev/null +++ b/services/actions-runner/default.nix @@ -0,0 +1,32 @@ +{ config, pkgs, ... }: +{ + virtualisation.podman = { + enable = true; + dockerCompat = true; + dockerSocket.enable = true; + }; + + services.gitea-actions-runner = { + package = pkgs.forgejo-runner; + + instances.actions1 = { + enable = true; + name = config.networking.hostName; + url = "https://code.t-juice.club"; + tokenFile = "/var/lib/forgejo-runner/token"; + labels = [ + "nix:docker://nixos/nix:latest" + "node-bookworm:docker://node:lts-bookworm-slim" + "alpine:docker://alpine:latest" + ]; + settings = { + runner.capacity = 2; + cache = { + enabled = true; + dir = "/var/cache/forgejo-runner"; + }; + container.privileged = false; + }; + }; + }; +}