From cd55f504df0931c4ce8ad0d6fab570876a1bd764 Mon Sep 17 00:00:00 2001
From: Julien Malka <julien@malka.sh>
Date: Sat, 3 Aug 2024 11:06:14 +0200
Subject: [PATCH] feat: add forgejo runner on tower

---
 machines/tower/default.nix        |  1 +
 machines/tower/forgejo-runner.nix | 27 +++++++++++++++++++++++++++
 2 files changed, 28 insertions(+)
 create mode 100644 machines/tower/forgejo-runner.nix

diff --git a/machines/tower/default.nix b/machines/tower/default.nix
index 41a4d68..9945579 100644
--- a/machines/tower/default.nix
+++ b/machines/tower/default.nix
@@ -4,6 +4,7 @@
   imports = [
     ./hardware.nix
     ./home-julien.nix
+    ./forgejo-runner.nix
   ];
 
   boot.loader.grub.enable = true;
diff --git a/machines/tower/forgejo-runner.nix b/machines/tower/forgejo-runner.nix
new file mode 100644
index 0000000..6eda65a
--- /dev/null
+++ b/machines/tower/forgejo-runner.nix
@@ -0,0 +1,27 @@
+{ pkgs, config, ... }:
+{
+  age.secrets.forgejo_runners-token_file.file = ../../secrets/forgejo_runners-token_file.age;
+  nix.settings.allowed-users = [ "gitea-runner" ];
+  nix.settings.trusted-users = [ "gitea-runner" ];
+
+  services.gitea-actions-runner = {
+    package = pkgs.forgejo-runner;
+    instances = {
+      native = {
+        enable = true;
+        url = "https://git.luj.fr";
+        name = "native";
+        labels = [ "native:host" ];
+        tokenFile = config.age.secrets.forgejo_runners-token_file.path;
+        hostPackages = with pkgs; [
+          lix
+          nodejs
+          git
+          bash
+          coreutils
+          curl
+        ];
+      };
+    };
+  };
+}