hosts: dmz: get gitea runner working

modules/services/dmz/gitea_runner.nix

@@ -9,7 +9,8 @@
       };
       containers.containersConf.settings = {
         # podman seems to not work with systemd-resolved
-        containers.dns_servers = [ "8.8.8.8" "8.8.4.4" ];
+        containers.dns_servers = [ "192.168.101.1" ];
+        #containers.dns_servers = [ "8.8.8.8" "8.8.4.4" ];
       };
     };
 
@@ -38,6 +39,17 @@
               nodejs
               wget
             ];
+            settings = {
+             # container.options = "-e NIX_BUILD_SHELL=/bin/bash -e PAGER=cat -e PATH=/bin -e SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt --device /dev/kvm -v /nix:/nix -v ${storeDeps}/bin:/bin -v ${storeDeps}/etc/ssl:/etc/ssl --user nixuser --device=/dev/kvm";
+               # the default network that also respects our dns server settings
+              container.network = "host";
+              container.privileged = false;
+             # container.valid_volumes = [
+             #   "/nix"
+             #   "${storeDeps}/bin"
+             #   "${storeDeps}/etc/ssl"
+             # ];
+            };
         };
     };
 

modules/services/dmz/microvm.nix

@@ -71,7 +71,18 @@ in
 
           fileSystems."/persist".neededForBoot = lib.mkForce true;
 
-          environment.persistence."/persist" = {
+          environment = {
+            systemPackages = with pkgs; [           # Default packages install system-wide
+               bash
+               coreutils
+               curl
+               gawk
+               gitMinimal
+               gnused
+               nodejs
+               wget
+            ];
+            persistence."/persist" = {
               directories = [
                 "/var/log"
                 "/var/lib/private"
@@ -80,6 +91,7 @@ in
               files = [
                 "/etc/machine-id"
               ];
+            };
           };
 
           microvm = {