From d76a7b146bcdd34da9de4bd0a3a027208a109455 Mon Sep 17 00:00:00 2001 From: zackartz Date: Fri, 31 May 2024 14:41:47 -0400 Subject: [PATCH] add github_runner --- flake.lock | 20 ++++++------ modules/nixos/services/gh/default.nix | 32 +++++++++++++++++++ .../nixos/services/gh/sec/github_runner.age | 13 ++++++++ systems/x86_64-linux/pluto/default.nix | 4 +++ 4 files changed, 59 insertions(+), 10 deletions(-) create mode 100644 modules/nixos/services/gh/default.nix create mode 100644 modules/nixos/services/gh/sec/github_runner.age diff --git a/flake.lock b/flake.lock index c8822ee..8f18a2d 100644 --- a/flake.lock +++ b/flake.lock @@ -886,11 +886,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1717086148, - "narHash": "sha256-rZyQv0MdYX+tYoGhc5mV4iZb+kGqA93+k3R1BIRiwXk=", + "lastModified": 1717171539, + "narHash": "sha256-Sr7x7scl6VGOD/+74wyZaKF2asiidkG/9+Me5vmEy84=", "owner": "nix-community", "repo": "neovim-nightly-overlay", - "rev": "fe31f9e863e643327e8a5fffa0f4aae9288fd048", + "rev": "8d9517ad34e62b04744f1586838d4565939172b4", "type": "github" }, "original": { @@ -1179,11 +1179,11 @@ "systems": "systems_10" }, "locked": { - "lastModified": 1715054505, - "narHash": "sha256-0A5f0NgIqdUuGejpPGcAPc7gRr0cFP+gzq9DAzdJsPs=", + "lastModified": 1717172081, + "narHash": "sha256-tjpxhEr67pK7xE70gbNlMCbo9BCiJVkurTu+VsVYQz8=", "ref": "refs/heads/main", - "rev": "0776e48962c7775c156f4419e0156b33f265dfc1", - "revCount": 6, + "rev": "26484d6b46369590be8d341688feb5af2377b5de", + "revCount": 10, "type": "git", "url": "https://git.zackster.zip/zack/resume" }, @@ -1580,11 +1580,11 @@ ] }, "locked": { - "lastModified": 1717093735, - "narHash": "sha256-cah3EMtjmNvFCm9vbtNRyVsGpGjVzd5wF4JYG1TebuA=", + "lastModified": 1717171161, + "narHash": "sha256-lSb3GoBbXh8nAb6ICA/Nf3Y2rTJ+0HfxKyC9KxAx38I=", "owner": "Alexays", "repo": "Waybar", - "rev": "1a1a61e917af09ae4e505b61aa8f0e2da7a649ef", + "rev": "7163752aa07f145e5951e2388b7693e19fc5d446", "type": "github" }, "original": { diff --git a/modules/nixos/services/gh/default.nix b/modules/nixos/services/gh/default.nix new file mode 100644 index 0000000..3f72118 --- /dev/null +++ b/modules/nixos/services/gh/default.nix @@ -0,0 +1,32 @@ +{ + lib, + config, + pkgs, + ... +}: +with lib; +with lib.custom; let + cfg = config.services.gh; + + sec = config.age.secrets; + group = config.services.github-runner.runnerGroup; +in { + options.services.gh = with types; { + enable = mkBoolOpt false "Enable GitHub Actions Runner"; + }; + + config = mkIf cfg.enable { + age.secrets = { + github_runner = { + file = ./sec/github_runner.age; + group = group; + }; + }; + + services.github-runner = { + enable = true; + url = "https://github.com/zackartz/nixos-dots"; + tokenFile = sec.github_runner.path; + }; + }; +} diff --git a/modules/nixos/services/gh/sec/github_runner.age b/modules/nixos/services/gh/sec/github_runner.age new file mode 100644 index 0000000..68c2896 --- /dev/null +++ b/modules/nixos/services/gh/sec/github_runner.age @@ -0,0 +1,13 @@ +age-encryption.org/v1 +-> ssh-ed25519 gWMdNg EjRmNXb7lLQoFA5ZlfiSLzzsyl9xSfjBNbPQeG/fmzY +FdDaNGIdsjaQ/h923KRxoC+JmBPA7bi3PuOGANuvXk4 +-> ssh-ed25519 s+NXzQ PtVzYsZZVonwo+xJNOxWCygAKGdbzuW1BkiOEh4KoAk +hIgkkB0zsqsLEPL9xv2otggJAKYB/hRppi9TnZRojGQ +-> ssh-ed25519 yEtzbQ S3/WmecK9Z17ucdNAh0di0QSINm9PAB8I9aciWUG2hM +6dSviN+EM8cse082IKzj672kgxt4zVk9sAUjm7Y3CGw +-> ssh-ed25519 RMNffg 6vLt65MrQj4aTXqf2LEemKJM9bkXceSMUbvZyXlkjRw +AnreGe1tkddCE2uIClEXyM+pZVFx5I1fLqFLTUTkqr8 +--- ls56auZRJT5kOLrV1jItAxsMBtFw/mR/okAFHeStSa0 +d~ +U;6"=}҄=ȴֱ HP\Pi9 +vϛ^ \ No newline at end of file diff --git a/systems/x86_64-linux/pluto/default.nix b/systems/x86_64-linux/pluto/default.nix index b8f4832..63edd9e 100644 --- a/systems/x86_64-linux/pluto/default.nix +++ b/systems/x86_64-linux/pluto/default.nix @@ -22,6 +22,10 @@ networking.hostName = "pluto"; # Define your hostname. services.web.nginx.enable = true; + services.github-runner = { + enable = true; + url = "https://github.com/zackartz/nixos-dots"; + }; sites = { cv.enable = true; gitlab.enable = true;