From 5ed5698587e1918505ebda1c4281fdfdee063aa4 Mon Sep 17 00:00:00 2001
From: Vinzenz Schroeter <vinzenz.f.s@gmail.com>
Date: Sat, 1 Feb 2025 16:06:36 +0100
Subject: [PATCH] add forgejo-runner on forgejo vm

---
 hosts/forgejo-runner-1/default.nix        |  9 ++++----
 hosts/forgejo-runner-1/forgejo-runner.nix | 28 +++++++++++++++++++++++
 2 files changed, 32 insertions(+), 5 deletions(-)
 create mode 100644 hosts/forgejo-runner-1/forgejo-runner.nix

diff --git a/hosts/forgejo-runner-1/default.nix b/hosts/forgejo-runner-1/default.nix
index 4c2666e..fb7d547 100644
--- a/hosts/forgejo-runner-1/default.nix
+++ b/hosts/forgejo-runner-1/default.nix
@@ -4,6 +4,8 @@ nixpkgs.lib.nixosSystem {
   modules = common-modules ++ [
     ./hardware.nix
     ../../users/vinzenz.nix
+    ../../modules/podman.nix
+    ./forgejo-runner.nix
     { networking.hostName = "forgejo-runner-1"; }
     {
       # uncomment for build check on non arm system (requires --impure)
@@ -11,8 +13,8 @@ nixpkgs.lib.nixosSystem {
     }
     {
       services.tailscale.useRoutingFeatures = "both";
-    }
-    {
+      system.autoUpgrade.allowReboot = true;
+
       users.users = {
         root.openssh.authorizedKeys.keys = [
           ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
@@ -21,8 +23,5 @@ nixpkgs.lib.nixosSystem {
         ];
       };
     }
-    {
-      system.autoUpgrade.allowReboot = true;
-    }
   ];
 }
diff --git a/hosts/forgejo-runner-1/forgejo-runner.nix b/hosts/forgejo-runner-1/forgejo-runner.nix
new file mode 100644
index 0000000..e9f634e
--- /dev/null
+++ b/hosts/forgejo-runner-1/forgejo-runner.nix
@@ -0,0 +1,28 @@
+{ pkgs, ... }:
+{
+  config = {
+    environment.systemPackages = with pkgs; [
+      forgejo-runner
+    ];
+
+    # https://wiki.nixos.org/wiki/Forgejo
+
+    services.gitea-actions-runner = {
+      package = pkgs.forgejo-actions-runner;
+      instances.default = {
+        enable = true;
+        name = "cccb";
+        url = "https://git.berlin.ccc.de";
+        # Obtaining the path to the runner token file may differ
+        # tokenFile should be in format TOKEN=<secret>, since it's EnvironmentFile for systemd
+        tokenFile = "/etc/forgejo-runner/registration_token";
+        labels = [
+          "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:rust-latest"
+        ];
+        settings = {
+          container.network = "bridge";
+        };
+      };
+    };
+  };
+}