Tried to add docker exec runner

2025-03-25 21:30:52 +01:00 · 2021-12-26 22:55:09 +01:00 · 2021-12-26 22:55:09 +01:00 · 1b41632c2d
commit 1b41632c2d
parent 0b006a916a
5 changed files with 73 additions and 2 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -39,3 +39,52 @@ trigger:
  - push
  - pull_request
  
+---
+kind: pipeline
+name: push flake update
+type: docker
+
+steps:
+- name: Update flake.lock
+  image: nixpkgs/nix-flakes
+  commands:
+  - nix flake update --inputs-from nixpkgs
+  - nix flake show
+  - nix flake metadata
+  - nix flake check
+  - nix flake check --show-trace
+  environment:
+    NIX_PATH: nixpkgs=channel:nixos-unstable
+
+- name: Push updated flake.lock
+  image: appleboy/drone-git-push
+  settings:
+    branch: update-flake
+    remote: git@github.com:JulienMalka/nix-config.git
+    force: true
+    commit: true
+    force: true
+    commit_message: "Updated flake.lock"
+    ssh_key:
+      from_secret: deploy_key
+
+- name: notify on failure
+  image: drillster/drone-email
+  settings:
+    username: "julien.malka@me.com"
+    from:
+      from_secret: email_from
+    host:
+      from_secret: email_host
+    password:
+      from_secret: email_password
+  when:
+    status:
+    - failure
+
+trigger:
+  branch:
+  - main
+  event:
+  - push
+  - cron
--- a/base.nix
+++ b/base.nix
@ -30,7 +30,6 @@
    rxvt_unicode
    xorg.xbacklight
    neovim
-    tinystatus
  ];

  environment.variables.EDITOR = "nvim";
--- a/modules/drone/default.nix
+++ b/modules/drone/default.nix
@ -20,6 +20,8 @@ in

      sops.secrets.drone = { };

+      virtualisation.docker.enable = true;
+
      systemd.services.drone-server = {
        wantedBy = [ "multi-user.target" ];
        serviceConfig = {
@ -72,6 +74,25 @@ in
        path = [ pkgs.nixUnstable pkgs.git pkgs.docker pkgs.docker-compose ];
      };

+      systemd.services.drone-runner-docker = {
+        description = "Drone Docker Runner";
+        startLimitIntervalSec = 5;
+        serviceConfig = {
+          EnvironmentFile = [ config.sops.secrets.drone.path ];
+          Environment = [
+            "DRONE_SERVER_HOST=${cfg.nginx.subdomain}.julienmalka.me"
+            "DRONE_SERVER_PROTO=https"
+            "CLIENT_DRONE_RPC_HOST=127.0.0.1:3030"
+          ];
+
+          ExecStart = "${pkgs.drone-runner-docker}/bin/drone-runner-docker";
+        };
+        wantedBy = [ "multi-user.target" ];
+        path = [ pkgs.nixUnstable pkgs.git pkgs.docker pkgs.docker-compose ];
+      };
+
+
+
    }

      (mkIf cfg.nginx.enable {
--- a/modules/nix/default.nix
+++ b/modules/nix/default.nix
@ -23,6 +23,7 @@ with lib;
        '';
        nixPath = [
          "nixpkgs=${inputs.nixpkgs}"
+          "nixos=${inputs.nixpkgs}"
        ];
        binaryCaches = [
          "https://bin.julienmalka.me"
--- a/users/julien.nix
+++ b/users/julien.nix
@ -4,10 +4,11 @@
  sops.secrets.user-julien-password.neededForUsers = true;


+  users.groups.docker = {};
  users.users.julien = {
    isNormalUser = true;
    home = "/home/julien";
-    extraGroups = [ "wheel" config.users.groups.keys.name]; 
+    extraGroups = [ "wheel" "docker" config.users.groups.keys.name]; 
    shell = pkgs.fish;
    passwordFile = config.sops.secrets.user-julien-password.path;
    openssh.authorizedKeys.keyFiles = [