From 21ecad4db0c1656f63404f7852ddd39da9cf081c Mon Sep 17 00:00:00 2001 From: Kabbone Date: Sat, 13 Apr 2024 11:45:52 +0200 Subject: [PATCH] hosts: dmz: get gitea runner working --- modules/services/dmz/gitea_runner.nix | 14 +++++++++++++- modules/services/dmz/microvm.nix | 14 +++++++++++++- 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/modules/services/dmz/gitea_runner.nix b/modules/services/dmz/gitea_runner.nix index cf2869b..bd3a8ce 100644 --- a/modules/services/dmz/gitea_runner.nix +++ b/modules/services/dmz/gitea_runner.nix @@ -9,7 +9,8 @@ }; containers.containersConf.settings = { # podman seems to not work with systemd-resolved - containers.dns_servers = [ "8.8.8.8" "8.8.4.4" ]; + containers.dns_servers = [ "192.168.101.1" ]; + #containers.dns_servers = [ "8.8.8.8" "8.8.4.4" ]; }; }; @@ -38,6 +39,17 @@ nodejs wget ]; + settings = { + # container.options = "-e NIX_BUILD_SHELL=/bin/bash -e PAGER=cat -e PATH=/bin -e SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt --device /dev/kvm -v /nix:/nix -v ${storeDeps}/bin:/bin -v ${storeDeps}/etc/ssl:/etc/ssl --user nixuser --device=/dev/kvm"; + # the default network that also respects our dns server settings + container.network = "host"; + container.privileged = false; + # container.valid_volumes = [ + # "/nix" + # "${storeDeps}/bin" + # "${storeDeps}/etc/ssl" + # ]; + }; }; }; diff --git a/modules/services/dmz/microvm.nix b/modules/services/dmz/microvm.nix index fc1d39c..08ad4db 100644 --- a/modules/services/dmz/microvm.nix +++ b/modules/services/dmz/microvm.nix @@ -71,7 +71,18 @@ in fileSystems."/persist".neededForBoot = lib.mkForce true; - environment.persistence."/persist" = { + environment = { + systemPackages = with pkgs; [ # Default packages install system-wide + bash + coreutils + curl + gawk + gitMinimal + gnused + nodejs + wget + ]; + persistence."/persist" = { directories = [ "/var/log" "/var/lib/private" @@ -80,6 +91,7 @@ in files = [ "/etc/machine-id" ]; + }; }; microvm = {