phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 05:36:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add gitlab-runner

Browse source
This commit is contained in:
Paul-Henri Froidmont 2022-07-19 08:54:18 +02:00
parent 0b484ab7a7
commit ed63967bcd
Signed by: phfroidmont
GPG key ID: BE948AFD7E7873BE
3 changed files with 83 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

77
modules/gitlab-runner.nix Normal file
View file

@ -0,0 +1,77 @@
{ config, lib, pkgs, ... }:
{
sops.secrets = {
runnerRegistrationConfig = {
owner = config.users.users.gitlab-runner.name;
key = "gitlab/runner_registration_config";
};
};
users.groups.gitlab-runner = { };
users.users.gitlab-runner = {
isSystemUser = true;
group = config.users.groups.gitlab-runner.name;
};
containers.gitlab-runner = {
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.100.1";
localAddress = "192.168.100.2";
bindMounts = {
"${config.sops.secrets.runnerRegistrationConfig.path}" = {
hostPath = config.sops.secrets.runnerRegistrationConfig.path;
};
};
config =
let
hostConfig = config;
in
args@{ config, ... }: {
nix = {
package = pkgs.nixUnstable;
extraOptions = ''
experimental-features = nix-command flakes
'';
};
environment.systemPackages = with pkgs; [
git
htop
nload
];
users.groups.gitlab-runner = { };
users.users.gitlab-runner = {
isSystemUser = true;
group = config.users.groups.gitlab-runner.name;
};
services = {
openssh.enable = true;
gitlab-runner = {
enable = true;
services = {
shell = {
registrationConfigFile = hostConfig.sops.secrets.runnerRegistrationConfig.path;
executor = "shell";
tagList = [ "nix" ];
};
};
};
};
systemd.services.gitlab-runner.serviceConfig = {
DynamicUser = lib.mkForce false;
User = config.users.users.gitlab-runner.name;
Group = config.users.groups.gitlab-runner.name;
};
system.stateVersion = "22.05";
};
};
}