diff --git a/.gitea/workflows/analysis.yml b/.gitea/workflows/analysis.yml index 43e6db8..74772a9 100644 --- a/.gitea/workflows/analysis.yml +++ b/.gitea/workflows/analysis.yml @@ -1,13 +1,14 @@ on: [push] -name: Lint Nix code + jobs: - statix: - name: Lint code - runs-on: ubuntu-latest + build: + name: Build Nix targets + runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.1.0 - - uses: cachix/install-nix-action@v18 - - uses: cachix/cachix-action@v12 + - uses: actions/checkout@v4 + - uses: http://github.com/cachix/install-nix-action@v18 + - uses: http://github.com/cachix/cachix-action@v12 with: name: statix - - uses: https://github.com/jocelynthode/statix-action@master + - name: Check Nix flake inputs + uses: http://github.com/DeterminateSystems/flake-checker-action@main diff --git a/modules/gitea/thea/virtualisation.nix b/modules/gitea/thea/virtualisation.nix index ba7940d..d86eec8 100644 --- a/modules/gitea/thea/virtualisation.nix +++ b/modules/gitea/thea/virtualisation.nix @@ -1,15 +1,10 @@ -{nodes, ...}: { +{nodes, pkgs, ...}: { systemd.sockets.podman.socketConfig.Symlinks = [ "/run/docker.sock" ]; virtualisation = { containers = { enable = true; - # storage.settings = { - # storage = { - # driver = "btrfs"; - # }; - # }; }; podman = { enable = true; @@ -20,16 +15,31 @@ }; }; - virtualisation.oci-containers.containers = { + virtualisation.oci-containers.containers = let + runner_config = pkgs.writeTextFile { + name = "config.yml"; + text = '' + container: + network: "bridge" + ''; + }; + in { gitea-runner = { image = "gitea/act_runner@sha256:8477d5b61b655caad4449888bae39f1f34bebd27db56cb15a62dccb3dcf3a944"; autoStart = true; + + # capabilities = { + # NET_RAW = true; + # }; + environment = { GITEA_INSTANCE_URL = nodes.sin.config.services.gitea.settings.server.ROOT_URL; GITEA_RUNNER_REGISTRATION_TOKEN = "uEDPBW6Z9oItAKRtloVwis0LkPbD4OmV2w5esOhW"; + CONFIG_FILE = "/config.yml"; }; volumes = [ "/var/run/docker.sock:/var/run/docker.sock" + "${runner_config}:/config.yml:ro" ]; }; };