harivansh-afk/nix
1
1
Fork 0
mirror of https://github.com/harivansh-afk/nix.git synced 2026-04-20 01:00:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
nix/hosts/netty/forgejo-runner.nix
Harivansh Rathi 0aab0a4d61
Some checks failed
quality / changes (push) Successful in 2s
Details
quality / Flake Check (push) Failing after 1s
Details
quality / Nix Format Check (push) Failing after 1s
Details
quality / Deploy netty (push) Has been skipped
Details
ci: drop darwin shims, rebuild locally on netty runner 
- remove macOS-era `sudo mkdir /Users/rathi/...` shim steps from flake-check
  and nix-format (Linux runner, paths don't exist, gitea-runner has no sudo)
- deploy-netty now runs `sudo nixos-rebuild switch --flake .#netty` directly
  on the runner (it *is* netty), no SSH, no `just switch-netty`
- grant gitea-runner NOPASSWD sudo for nixos-rebuild only
- apply current nixfmt to home/scripts.nix, hermes-gateway.nix, devshells.nix

Made-with: Cursor
2026-04-18 22:33:25 -04:00

98 lines
2.1 KiB
Nix
Raw Blame History

{
pkgs,
lib,
...
}:
let
cacheRoot = "/var/cache/forgejo-runner";
in
{
security.sudo.extraRules = [
{
users = [ "gitea-runner" ];
commands = [
{
command = "/run/current-system/sw/bin/nixos-rebuild";
options = [
"NOPASSWD"
"SETENV"
];
}
];
}
];
systemd.tmpfiles.rules = [
"d ${cacheRoot} 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/cargo 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/npm 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/pip 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/pre-commit 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/rustup 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/uv 0750 gitea-runner gitea-runner -"
"d ${cacheRoot}/actcache 0750 gitea-runner gitea-runner -"
];
services.gitea-actions-runner = {
package = pkgs.forgejo-runner;
instances.netty = {
enable = true;
name = "netty";
url = "https://git.harivan.sh";
tokenFile = "/etc/forgejo-runner/token";
labels = [
"native:host"
"ubuntu-latest:docker://node:20-bookworm"
];
hostPackages = with pkgs; [
bash
coreutils
curl
fd
gh
git
gnumake
gnused
gawk
jq
nodejs_22
pkg-config
pnpm
python3
python3Packages.pip
ripgrep
rustup
stdenv.cc
unzip
uv
wget
xz
zip
];
settings = {
log.level = "info";
runner = {
capacity = 2;
timeout = "3h";
envs = {
CARGO_HOME = "${cacheRoot}/cargo";
PIP_CACHE_DIR = "${cacheRoot}/pip";
PRE_COMMIT_HOME = "${cacheRoot}/pre-commit";
RUSTUP_HOME = "${cacheRoot}/rustup";
UV_CACHE_DIR = "${cacheRoot}/uv";
npm_config_cache = "${cacheRoot}/npm";
};
};
cache = {
enabled = true;
dir = "${cacheRoot}/actcache";
};
};
};
};
}
Reference in a new issue View git blame Copy permalink