fix forgejo url

add forgejo runner
2025-08-06 20:14:10 +02:00 · 2025-08-06 20:12:52 +02:00
8 changed files with 140 additions and 5 deletions
--- a/flake.lock
+++ b/flake.lock
@ -1,6 +1,86 @@
 {
  "nodes": {
    "agenix": {
      "inputs": {
        "darwin": "darwin",
        "home-manager": "home-manager",
        "nixpkgs": "nixpkgs",
        "systems": "systems"
      },
      "locked": {
        "lastModified": 1754433428,
        "narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=",
        "owner": "ryantm",
        "repo": "agenix",
        "rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d",
        "type": "github"
      },
      "original": {
        "owner": "ryantm",
        "repo": "agenix",
        "type": "github"
      }
    },
    "darwin": {
      "inputs": {
        "nixpkgs": [
          "agenix",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1744478979,
        "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
        "owner": "lnl7",
        "repo": "nix-darwin",
        "rev": "43975d782b418ebf4969e9ccba82466728c2851b",
        "type": "github"
      },
      "original": {
        "owner": "lnl7",
        "ref": "master",
        "repo": "nix-darwin",
        "type": "github"
      }
    },
    "home-manager": {
      "inputs": {
        "nixpkgs": [
          "agenix",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1745494811,
        "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
        "owner": "nix-community",
        "repo": "home-manager",
        "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "repo": "home-manager",
        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1754028485,
        "narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "59e69648d345d6e8fef86158c555730fa12af9de",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-25.05",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1753345091,
        "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=",
@ -18,7 +98,23 @@
    },
    "root": {
      "inputs": {
-        "nixpkgs": "nixpkgs"
+        "agenix": "agenix",
        "nixpkgs": "nixpkgs_2"
      }
    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    }
  },
--- a/flake.nix
+++ b/flake.nix
@ -3,9 +3,11 @@
  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
    agenix.url = "github:ryantm/agenix";
  };
-  outputs = { self, nixpkgs }@inputs:
+  outputs = { self, nixpkgs, agenix }@inputs:
    let
      system = "x86_64-linux";
    in
@ -18,6 +20,7 @@
          modules = [
            ./hosts/physique/hyponix
            ./modules
            agenix.nixosModules.default
          ];
        };
      };
@ -25,7 +28,6 @@
      devShells.x86_64-linux.default =
        let pkgs = import nixpkgs { inherit system; };
-        in pkgs.callPackage ./tools/devshell.nix { };
+        in pkgs.callPackage ./tools/devshell.nix { agenix = agenix; };
    };
 }
--- a/hosts/physique/hyponix/services/default.nix
+++ b/hosts/physique/hyponix/services/default.nix
@ -3,6 +3,7 @@
  imports = [
    ./fail2ban.nix
    ./forgejo.nix
    ./forgejo-runner.nix
  ];
  services.caddy = {
--- a/hosts/physique/hyponix/services/forgejo-runner.nix
+++ b/hosts/physique/hyponix/services/forgejo-runner.nix
@ -0,0 +1,18 @@
 {pkgs, config,...}:
 {
  age.secrets.forgejo-runner-token-1 = {
    file = ../../../../secrets/services/forgejo/forgejo-runner-token-1.age;
  };
  services.gitea = {
    package = pkgs.forgejo-runner;
    instances.default = {
      enable = true;
      name = "runner-1";
      url = "https://git.v2.${config.networking.domain}";
      tokenFile = config.age.secrets.forgejo-runner-token-1.path;      
    };
  };
 }
--- a/hosts/physique/hyponix/services/forgejo.nix
+++ b/hosts/physique/hyponix/services/forgejo.nix
@ -9,6 +9,7 @@ in
    settings = {
      server = {
        DOMAIN = domain;
        ROOT_URL = "https://${domain}";
      };
    };
  };
--- a/secrets.nix
+++ b/secrets.nix
@ -0,0 +1,16 @@
 let
  # user
  lzebulon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKCR6uatrqbCViftPwQ17JNVN8KBC02sPAOu+uRKGhLR lzebulon@archframe";
  # server
  hyponix = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEjC/mgb1mf/F1RPaUECNbW0cK4kPQaJ47eKVybZhqf root@hyponix";
 in
 let
  admins = [ lzebulon ];
  physiques = [ hyponix ];
  servers = hyponix;
 in
 {
  "secrets/services/forgejo/forgejo-runner-token-1.age".publicKeys = admins ++ [ hyponix ];
 }
--- a/secrets/services/forgejo/forgejo-runner-token-1.age
+++ b/secrets/services/forgejo/forgejo-runner-token-1.age
--- a/tools/devshell.nix
+++ b/tools/devshell.nix
@ -1,5 +1,5 @@
 { pkgs
-,
+, agenix
 }:
 pkgs.mkShell {
@ -8,6 +8,7 @@ pkgs.mkShell {
  packages = with pkgs; [
    nil
    nixpkgs-fmt
    agenix.packages.${system}.default
  ];
  shellHook = ''
Author	SHA1	Message	Date
Lzebulon	73a9afa9a2	fix forgejo url	2025-08-06 20:14:10 +02:00
Lzebulon	b49363f299	add forgejo runner	2025-08-06 20:12:52 +02:00