torjus/nixos-servers
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

nix-cache01: add actions runner
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Torjus Håkestad
2025-08-21 20:56:04 +02:00
parent cdf2f17e0b
commit a0e94430b4
4 changed files with 65 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/nix-cache01/default.nix
View File

@@ -3,6 +3,7 @@
imports = [ imports = [
./configuration.nix ./configuration.nix
../../services/nix-cache ../../services/nix-cache
../../services/actions-runner
./zram.nix ./zram.nix
]; ];
} }

19
secrets/nix-cache01/actions_token_1 Normal file
View File

@@ -0,0 +1,19 @@
{
"data": "ENC[AES256_GCM,data:wyvKsawEJ6/PXD1cb7yyL16k7hdzWP2KXRZKfcZUiPorNygLGMUOkbA=,iv:TfGz3IVoZQ7bwYeEo0FXh37twLaOV6VRxGOx8q4ofC8=,tag:UjnfUDp6Kb09FC3EzWWCGg==,type:str]",
"sops": {
"age": [
{
"recipient": "age1lznyk4ee7e7x8n92cq2n87kz9920473ks5u9jlhd3dczfzq4wamqept56u",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSdHozVnN0YXExTWZBbEVK\nT0FoR3NNREtHZzhseE5jb0JzNCtCSDBtT0RVCkQvVFB5aDlxbzVDVE85Q3d5TEw4\nelpuVnY1bXc4YU4vQ0RxbW15SWpwMVkKLS0tIG1HZ2NhR0plSVlZdVNZZUZydjBv\nSjEyREIrL1Z5bkpOM2ZiRnhmRlk0MVUKRowIdTtV7B+me9cdpC0Kmnz3FIQQvCt2\nxVltjChE4N954aa1j8KpXYELkr0rge2/ka9JdI54VxgrACPSbtVqGg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1a0477laj9sdh79wdas5v7hzk6au8fach74njg8epfw2rdht90qjsakkwd6",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2RlVRbGJiSjNkNXg3T3FU\nZFVzeTNSdGxSWEVzVTFDR1g5ZzI5RHZkMmhRCkZGbE1ZSTJDZ2NLZG5QU25OU3Z4\nRlYyU0N5ZTlQQmgrZ3dBVTgvYTBHR1kKLS0tIENRTmFWYzY2d2t4VTRISEtxZkNL\nZ2IzdVZWNWowZ2hlcS9xM29UaUgzcFkKMSzJh8tVqLUE8joiynqqHlZD5wMne0Ti\n/RE3d8JEwlQZnaxd8ZYfOA9CHIYhsMgWV8YG+hDR0nFPBah6sjRsrw==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-08-21T18:46:14Z",
"mac": "ENC[AES256_GCM,data:yup75WbmL/OfwmkersRp3SKIHqS+GNPe6K732BcsPevQClB+w6znRfyPS8h1xhNjsESJ7xLjlEejOXYIIJ4tnds/+siZuGrvoEHhYzrYPevgxETpk0PBc+9El/XrVXmssG+EKVTCfyhmIo1n+2WFI3NlkTy+j03pNyWIB+6/YSs=,iv:jnS/z176t7nxnhdueu7p7KLgMeMHtTpqP5uhWZaEXzw=,tag:CQFjvOg95zil/Gfj45Q+1A==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

43
services/actions-runner/default.nix Normal file
View File

@@ -0,0 +1,43 @@
{ pkgs, config }:
{
sops.secrets."cache-secret" = {
sopsFile = ../../secrets/nix-cache01/actions_token_1;
format = "binary";
};
services.gitea-actions-runner.instances = {
enable = true;
tokenFile = config.sops.secrets.cache-secret.path;
name = "actions1.home.2rjus.net";
settings = {
log = {
level = "info";
};
runner = {
file = ".runner";
capacity = 4;
timeout = "2h";
shutdown_timeout = "10m";
insecure = false;
fetch_timeout = "10s";
fetch_interval = "30s";
};
cache = {
enabled = true;
};
container = {
privileged = false;
};
};
labels = [
"homelab"
"ubuntu-latest"
];
url = "https://git.t-juice.club";
};
}

3
services/ns/zones-home-2rjus-net.conf
View File

@@ -1,7 +1,7 @@
$ORIGIN home.2rjus.net. $ORIGIN home.2rjus.net.
$TTL 1800 $TTL 1800
@ IN SOA ns1.home.2rjus.net. admin.test.2rjus.net. ( @ IN SOA ns1.home.2rjus.net. admin.test.2rjus.net. (
2062 ; serial number 2063 ; serial number
3600 ; refresh 3600 ; refresh
900 ; retry 900 ; retry
1209600 ; expire 1209600 ; expire
@@ -59,6 +59,7 @@ monitoring01 IN A 10.69.13.13
jelly01 IN A 10.69.13.14 jelly01 IN A 10.69.13.14
nix-cache01 IN A 10.69.13.15 nix-cache01 IN A 10.69.13.15
nix-cache IN CNAME nix-cache01 nix-cache IN CNAME nix-cache01
actions1 IN CNAME nix-cache01
pgdb1 IN A 10.69.13.16 pgdb1 IN A 10.69.13.16
nats1 IN A 10.69.13.17 nats1 IN A 10.69.13.17
auth01 IN A 10.69.13.18 auth01 IN A 10.69.13.18