nix on git yippee

2025-05-30 01:51:13 -04:00 · 2025-05-30 01:51:13 -04:00 · 981186a787
commit 981186a787
17 changed files with 579 additions and 0 deletions
--- a/services/forgejo.nix
+++ b/services/forgejo.nix
@ -0,0 +1,29 @@
+{lib, pkgs, config, ...}:
+
+let
+  cfg = config.services.forgejo;
+  srv = cfg.settings.server;
+in
+{
+  services.forgejo = {
+    enable = true;
+    database = {
+      type = "sqlite3";
+      path = "/var/lib/forgejo/forgejo.db";
+    };
+    lfs.enable = true;
+    settings = {
+      server = {
+        domain = "git.nekomimi.pet";
+        ROOT_URL = "https://git.nekomimi.pet";
+        LANDING_PAGE = "explore";
+        HTTP_PORT = 5000;
+      };
+      # service.DISABLE_REGISTRATION = true; 
+      actions = {
+        ENABLED = true;
+        DEFAULT_ACTIONS_URL = "github";
+      };
+    };
+  };
+}
--- a/services/garage.nix
+++ b/services/garage.nix
@ -0,0 +1,32 @@
+{ config, lib, pkgs, ... }:
+
+{
+  services.garage = {
+    enable = true;
+    package = pkgs.garage;
+    settings = {
+      metadata_dir = "/garage/metadata";
+      data_dir = "/garage/data";
+      db_engine = "lmdb";
+      replication_mode = "none";
+      rpc_bind_addr = "[::]:3901";
+      rpc_public_addr = "[::]:3901";
+      rpc_secret_file = config.age.secrets."garage-rpc-secret".path;
+      s3_api = {
+        s3_region = "garage";
+        api_bind_addr = "[::]:3900";
+        root_domain = ".s3.nekomimi.pet";
+      };
+      s3_web = {
+        bind_addr = "[::]:3902";
+        root_domain = ".web.nekomimi.pet";
+        index = "index.html";
+      };
+      admin = {
+        api_bind_addr = "[::]:3903";
+        admin_token_file = config.age.secrets."garage-admin-token".path;
+        metrics_token_file = config.age.secrets."garage-metrics-token".path;
+      };
+    };
+  };
+}
--- a/services/github-runners.nix
+++ b/services/github-runners.nix
@ -0,0 +1,35 @@
+{ lib, pkgs, ... }:
+
+let extraPackages = 
+  let gtar = pkgs.runCommandNoCC "gtar" { } ''
+    mkdir -p $out/bin
+    ln -s ${lib.getExe pkgs.gnutar} $out/bin/gtar
+  '';
+  in
+  with pkgs; [
+    nix
+    nixci
+    cachix
+    coreutils
+    which
+    jq
+    gtar
+    docker
+    curl
+  ];
+
+in
+{
+  services.github-runners = {
+    simplelink = {
+      enable     = true;
+      name       = "simplelink";
+      url        = "https://github.com/waveringana/simplelink";
+      token  = config.age.secrets."build-token".path;
+      user = "regent";
+      group = "docker";
+      extraPackages = extraPackages;
+     };
+  };
+}
+