From 93aa91f307f915381a708df9f88459799cd7853c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torjus=20H=C3=A5kestad?= Date: Sun, 8 Mar 2026 23:17:27 +0100 Subject: [PATCH 1/2] nrec-nixos02: add Forgejo Actions runner with Podman Adds a container-based Forgejo Actions runner on nrec-nixos02 connecting to code.t-juice.club, using Podman for sandboxed job execution with nix, node-bookworm, and alpine labels. Co-Authored-By: Claude Opus 4.6 --- hosts/nrec-nixos02/default.nix | 1 + services/actions-runner/default.nix | 32 +++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 services/actions-runner/default.nix diff --git a/hosts/nrec-nixos02/default.nix b/hosts/nrec-nixos02/default.nix index 5e8f064..d142cfa 100644 --- a/hosts/nrec-nixos02/default.nix +++ b/hosts/nrec-nixos02/default.nix @@ -3,6 +3,7 @@ imports = [ ./configuration.nix ../../system/packages.nix + ../../services/actions-runner (modulesPath + "/profiles/qemu-guest.nix") ]; } diff --git a/services/actions-runner/default.nix b/services/actions-runner/default.nix new file mode 100644 index 0000000..50b83ee --- /dev/null +++ b/services/actions-runner/default.nix @@ -0,0 +1,32 @@ +{ config, pkgs, ... }: +{ + virtualisation.podman = { + enable = true; + dockerCompat = true; + dockerSocket.enable = true; + }; + + services.gitea-actions-runner = { + package = pkgs.forgejo-runner; + + instances.actions1 = { + enable = true; + name = config.networking.hostName; + url = "https://code.t-juice.club"; + tokenFile = "/var/lib/forgejo-runner/token"; + labels = [ + "nix:docker://nixos/nix:latest" + "node-bookworm:docker://node:lts-bookworm-slim" + "alpine:docker://alpine:latest" + ]; + settings = { + runner.capacity = 2; + cache = { + enabled = true; + dir = "/var/cache/forgejo-runner"; + }; + container.privileged = false; + }; + }; + }; +} -- 2.49.1 From 8c909837ab6ad5c6640ea1e9bdabe435235f58c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torjus=20H=C3=A5kestad?= Date: Sun, 8 Mar 2026 23:21:03 +0100 Subject: [PATCH 2/2] workflows: remove flake-check and flake-update Removing to rewrite with improvements. Co-Authored-By: Claude Opus 4.6 --- .github/workflows/flake-check.yaml | 14 -------------- .github/workflows/flake-update.yaml | 27 --------------------------- 2 files changed, 41 deletions(-) delete mode 100644 .github/workflows/flake-check.yaml delete mode 100644 .github/workflows/flake-update.yaml diff --git a/.github/workflows/flake-check.yaml b/.github/workflows/flake-check.yaml deleted file mode 100644 index 93c4acb..0000000 --- a/.github/workflows/flake-check.yaml +++ /dev/null @@ -1,14 +0,0 @@ -name: Run nix flake check -on: - push: - pull_request: - -jobs: - flake-check: - runs-on: ubuntu-latest - container: - image: ghcr.io/catthehacker/ubuntu:runner-latest - steps: - - uses: actions/checkout@v3 - - uses: cachix/install-nix-action@v27 - - run: nix flake check diff --git a/.github/workflows/flake-update.yaml b/.github/workflows/flake-update.yaml deleted file mode 100644 index a9521c0..0000000 --- a/.github/workflows/flake-update.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -name: Periodic flake update -on: # yamllint disable-line rule:truthy - schedule: - - cron: "0 0 * * *" - -permissions: - contents: write - -jobs: - flake-update: - runs-on: ubuntu-latest - container: - image: ghcr.io/catthehacker/ubuntu:runner-latest - steps: - - uses: actions/checkout@v3 - with: - ref: master - - uses: cachix/install-nix-action@v27 - - name: configure git - run: | - git config --global user.name 'torjus-bot' - git config --global user.email 'torjus-bot@git.t-juice.club' - - name: flake update - run: nix flake update --commit-lock-file - - name: push - run: git push -- 2.49.1