38 lines
1.1 KiB
Nix
38 lines
1.1 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
{
|
|
# Trust podman interfaces so containers can reach the runner's cache service.
|
|
# "podman+" is a wildcard matching any interface starting with "podman".
|
|
networking.firewall.trustedInterfaces = [ "podman+" ];
|
|
|
|
virtualisation.podman = {
|
|
enable = true;
|
|
dockerCompat = true;
|
|
dockerSocket.enable = true;
|
|
};
|
|
|
|
services.gitea-actions-runner = {
|
|
package = pkgs.forgejo-runner;
|
|
|
|
instances.actions1 = {
|
|
enable = true;
|
|
name = config.networking.hostName;
|
|
url = "https://code.t-juice.club";
|
|
tokenFile = lib.mkDefault "/var/lib/forgejo-runner/token";
|
|
labels = [
|
|
"nix:docker://code.t-juice.club/torjus/runner-images/nix:latest"
|
|
"node-bookworm:docker://node:lts-bookworm-slim"
|
|
"alpine:docker://alpine:latest"
|
|
"golang:docker://code.t-juice.club/torjus/runner-images/golang:latest"
|
|
];
|
|
settings = {
|
|
runner.capacity = lib.mkDefault 2;
|
|
cache = {
|
|
enabled = true;
|
|
dir = "/var/lib/gitea-runner/actions1/cache";
|
|
};
|
|
container.privileged = false;
|
|
};
|
|
};
|
|
};
|
|
}
|