113 lines
2.8 KiB
Nix
113 lines
2.8 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
|
|
{
|
|
# Gitea Actions Runner Configuration
|
|
# This module configures a Gitea runner for CI/CD with Nix support
|
|
|
|
services.gitea-actions-runner = {
|
|
package = pkgs.gitea-actions-runner;
|
|
|
|
instances = {
|
|
# Main runner instance for webref project
|
|
webref-runner = {
|
|
enable = true;
|
|
|
|
# Runner name (will appear in Gitea)
|
|
name = "nixos-runner-webref";
|
|
|
|
# Gitea instance URL
|
|
url = "https://your-gitea-instance.com";
|
|
|
|
# Runner token - Generate this from Gitea:
|
|
# Settings -> Actions -> Runners -> Create New Runner
|
|
# Store the token in a file and reference it here
|
|
tokenFile = "/var/secrets/gitea-runner-token";
|
|
|
|
# Labels define what jobs this runner can handle
|
|
# Format: "label:docker_image" or just "label" for host execution
|
|
labels = [
|
|
# Native execution with Nix
|
|
"nix:native"
|
|
|
|
# Ubuntu-like for compatibility
|
|
"ubuntu-latest:docker://node:20-bookworm"
|
|
|
|
# Specific for this project
|
|
"webref:native"
|
|
];
|
|
|
|
# Host packages available to the runner
|
|
hostPackages = with pkgs; [
|
|
# Essential tools
|
|
bash
|
|
coreutils
|
|
curl
|
|
git
|
|
nix
|
|
|
|
# Project-specific
|
|
nodejs
|
|
python3
|
|
postgresql
|
|
|
|
# Binary cache
|
|
attic-client
|
|
|
|
# Container runtime (optional)
|
|
docker
|
|
docker-compose
|
|
];
|
|
};
|
|
};
|
|
};
|
|
|
|
# Enable Docker for service containers (PostgreSQL, MinIO, etc.)
|
|
virtualisation.docker = {
|
|
enable = true;
|
|
autoPrune.enable = true;
|
|
autoPrune.dates = "weekly";
|
|
};
|
|
|
|
# Ensure the runner user has access to Docker
|
|
users.users.gitea-runner = {
|
|
isSystemUser = true;
|
|
group = "gitea-runner";
|
|
extraGroups = [ "docker" ];
|
|
};
|
|
|
|
users.groups.gitea-runner = {};
|
|
|
|
# Allow runner to use Nix
|
|
nix.settings = {
|
|
allowed-users = [ "gitea-runner" ];
|
|
trusted-users = [ "gitea-runner" ];
|
|
|
|
# Enable flakes for the runner
|
|
experimental-features = [ "nix-command" "flakes" ];
|
|
|
|
# Optimize for CI performance
|
|
max-jobs = "auto";
|
|
cores = 0; # Use all available cores
|
|
};
|
|
|
|
# Network access for downloading packages
|
|
networking.firewall = {
|
|
# If your runner needs to expose ports, configure them here
|
|
# allowedTCPPorts = [ ];
|
|
};
|
|
|
|
# Systemd service optimizations
|
|
systemd.services."gitea-runner-webref-runner" = {
|
|
serviceConfig = {
|
|
# Resource limits (adjust based on your hardware)
|
|
MemoryMax = "8G";
|
|
CPUQuota = "400%"; # 4 cores
|
|
|
|
# Restart policy
|
|
Restart = "always";
|
|
RestartSec = "10s";
|
|
};
|
|
};
|
|
}
|
|
|