hosts: dmz: add gitea-runner in microvm

2023-10-16 17:05:17 +02:00 · 2023-10-16 17:05:17 +02:00 · eaf2cf1973
commit eaf2cf1973
parent 82bfe68ae4
4 changed files with 25 additions and 15 deletions
--- a/hosts/default.nix
+++ b/hosts/default.nix
@ -137,14 +137,13 @@ in

  dmz = lib.nixosSystem {                                # Desktop profile
    inherit system;
-    specialArgs = { inherit inputs usersdmz location nixos-hardware nur agenix; };
-    user = userdmz;
+    specialArgs = { inherit inputs user location nixos-hardware nur agenix; };
    modules = [
      agenix.nixosModules.default
      nur.nixosModules.nur
+      microvm.nixosModules.host;
      ./dmz
      ./configuration_server.nix
-      nixos-hardware.nixosModules.common-cpu-amd
      nixos-hardware.nixosModules.common-pc-ssd

      home-manager.nixosModules.home-manager {
--- a/hosts/dmz/hardware-configuration.nix
+++ b/hosts/dmz/hardware-configuration.nix
@ -81,8 +81,8 @@
      enable = true;
      networks = {
          "10-lan" = {
-              matchConfig.Name = "enp34s0";
-              ntp = [ "192.168.2.1" ];
+              matchConfig.Name = "enp6s18";
+              ntp = [ "192.168.101.1" ];
              domains = [ "home.opel-online.de" ];
              networkConfig = {
                DHCP = "yes";
--- a/modules/services/dmz/gitea_runner.nix
+++ b/modules/services/dmz/gitea_runner.nix
@ -9,16 +9,28 @@
    };

    services.gitea-actions-runner.instances = {
-        nixrunner-test = {
+        homerunner = {
            enable = true;
            url = "https://git.kabtop.de";
-            name = "nix_runner_test";
-            #tokenFile = "./gitea_token";
-            token = "vlUBkX5IbJKTBO3HAGqFM1fEOw2UqXpX87LcdJRY";
+            name = "Homerunner";
+            tokenFile = config.age.secrets."services/gitea/runner-token".path;
            labels = [ 
              "debian-latest:docker://node:18-bullseye"
+              "native:host"
+            ];
+            hostPackages = with pkgs; [
+              bash
+              curl
+              gitMinimal
+              coreutils
+              wget
+              gnused
            ];
        };
    };
-    system.stateVersion = "23.11";
+
+  age.secrets."services/gitea/runner-token" = {
+    file = ../../../secrets/services/gitea/runner-token.age;
+    owner = "gitea-runner";
+  };
 }
--- a/modules/services/dmz/microvm.nix
+++ b/modules/services/dmz/microvm.nix
@ -15,9 +15,8 @@ in
          config.allowUnfree = true;
        };

-        imports = [( ./gitea_runner.nix )];
-
        config = {
+          imports = [( ./gitea_runner.nix )];
          networking = {
            hostName = "${name}-runner";

@ -68,7 +67,7 @@ in
              id = "vm-${name}";
              mac = "04:00:00:00:00:01";
              macvtap = {
-                  link = "enp34s0";
+                  link = "enp6s18";
                  mode = "bridge";
              };
            } ];
@ -78,8 +77,8 @@ in
              tag = "ro-store";
              proto = "virtiofs";
            }];
-            writableStoreOverlay = "/nix/.rw-store";
-            storeOnDisk = true;
+            #writableStoreOverlay = "/nix/.rw-store";
+            #storeOnDisk = true;
          };
        system.stateVersion = "23.05";
        };