26 lines
752 B
Nix
26 lines
752 B
Nix
|
{ config, pkgs, ... }:
|
||
|
{
|
||
|
networking.firewall.trustedInterfaces = [ "podman+" ];
|
||
|
|
||
|
virtualisation.podman = {
|
||
|
enable = true;
|
||
|
dockerSocket.enable = true;
|
||
|
defaultNetwork.settings = {
|
||
|
dns_enabled = true;
|
||
|
ipv6_enabled = true;
|
||
|
};
|
||
|
};
|
||
|
|
||
|
services.gitea-actions-runner = {
|
||
|
package = pkgs.unstable.forgejo-runner;
|
||
|
instances.main = {
|
||
|
enable = true;
|
||
|
name = "main";
|
||
|
url = config.services.forgejo.settings.server.ROOT_URL;
|
||
|
tokenFile = config.age.secrets."services/forgejo/runner-token".path;
|
||
|
labels = [ "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-latest" ];
|
||
|
settings.container.options = "--add-host=${config.services.forgejo.settings.server.DOMAIN}:host-gateway";
|
||
|
};
|
||
|
};
|
||
|
}
|