tbarnouin/nixos-hypervisor
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Agenix config for forgejo tested and working

Browse source
This commit is contained in:
Théo Barnouin 2024-10-23 13:10:45 +02:00
parent 41fb790367
commit 72bb47abe3
5 changed files with 111 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

114
flake.lock
View file

@ -1,5 +1,26 @@
{
"nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"systems": "systems"
},
"locked": {
"lastModified": 1723293904,
"narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=",
"owner": "ryantm",
"repo": "agenix",
"rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"authentik-nix": {
"inputs": {
"authentik-src": "authentik-src",
@ -7,9 +28,9 @@
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"napalm": "napalm",
"nixpkgs": "nixpkgs",
"nixpkgs": "nixpkgs_2",
"poetry2nix": "poetry2nix",
"systems": "systems"
"systems": "systems_2"
},
"locked": {
"lastModified": 1727699431,
@ -42,6 +63,28 @@
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
@ -99,7 +142,7 @@
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
"systems": "systems_3"
},
"locked": {
"lastModified": 1710146030,
@ -116,6 +159,27 @@
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
@ -208,11 +272,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1726937504,
"narHash": "sha256-bvGoiQBvponpZh8ClUcmJ6QnsNKw0EMrCQJARK3bI1c=",
"lastModified": 1703013332,
"narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9357f4f23713673f310988025d9dc261c20e70c6",
"rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6",
"type": "github"
},
"original": {
@ -235,6 +299,22 @@
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1726937504,
"narHash": "sha256-bvGoiQBvponpZh8ClUcmJ6QnsNKw0EMrCQJARK3bI1c=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9357f4f23713673f310988025d9dc261c20e70c6",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1728740863,
"narHash": "sha256-u+rxA79a0lyhG+u+oPBRtTDtzz8kvkc9a6SWSt9ekVc=",
@ -283,10 +363,11 @@
},
"root": {
"inputs": {
"agenix": "agenix",
"authentik-nix": "authentik-nix",
"home-manager": "home-manager",
"home-manager": "home-manager_2",
"microvm": "microvm",
"nixpkgs": "nixpkgs_2"
"nixpkgs": "nixpkgs_3"
}
},
"spectrum": {
@ -306,6 +387,21 @@
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
@ -320,7 +416,7 @@
"type": "github"
}
},
"systems_2": {
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",

4
flake.nix
View file

@ -10,9 +10,10 @@
microvm.url = "github:astro/microvm.nix";
microvm.inputs.nixpkgs.follows = "nixpkgs";
authentik-nix.url = "github:nix-community/authentik-nix";
agenix.url = "github:ryantm/agenix";
};
outputs = inputs@{ self, nixpkgs, home-manager, microvm, ... }:
outputs = inputs@{ self, nixpkgs, home-manager, microvm, agenix, ... }:
let
system = "x86_64-linux";
username = "tbarnouin";
@ -114,6 +115,7 @@
forgejo-runner = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
agenix.nixosModules.default
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
"${inputs.self}/services"
{

BIN
secrets/forgejo-runner-token.age
View file

Binary file not shown.

6
services/forgejo-runner/default.nix
View file

@ -7,8 +7,8 @@ in
enable = lib.mkEnableOption "Enable Forgejo service";
};
config = lib.mkIf cfg.enable {
age.secrets.forgejo-runner-token.file = ./secrets/forgejo-runner-token.age
services.forgejo-actions-runner = {
age.secrets.forgejo-runner-token.file = ./secrets/forgejo-runner-token.age;
services.gitea-actions-runner = {
package = pkgs.forgejo-actions-runner;
instances.default = {
enable = true;
@ -16,7 +16,7 @@ in
url = "https://git.le43.eu";
tokenFile = config.age.secrets.forgejo-runner-token.path;
labels = [
"ubuntu-latest:docker://node:16-bullseye"
"native:host"
];
};
};

BIN
services/forgejo-runner/secrets/forgejo-runner-token.age Normal file
View file

Binary file not shown.