add CI images to repo

nixos/consensus/configuration.nix

@@ -22,7 +22,7 @@
     docker-compose
     tmux
   ];
-  system-net.openssh.ports = [2022];
+  machine.net.openssh.ports = [2022];
   systemd.services.k3s = {
     preStart = ''
       until ${pkgs.tailscale}/bin/tailscale status; do
@@ -107,7 +107,7 @@
       ];
     };
   };
-  system-sys = {
+  machine.sys = {
     zram = false;
     swapSize = 16;
   };

nixos/modules/net.nix

@@ -1,6 +1,6 @@
 { host, pkgs, config, lib, ...}:
-let cfg = config.system-net; in {
-  options.system-net = {
+let cfg = config.machine.net; in {
+  options.machine.net = {
     enable = lib.mkOption {
       type = lib.types.bool;
       default = true;

nixos/modules/nix.nix

@@ -1,6 +1,6 @@
 { host, pkgs, config, lib, ...}:
-let cfg = config.system-nix; in {
-  options.system-nix = {
+let cfg = config.machine.nix; in {
+  options.machine.nix = {
     enable = lib.mkOption {
       type = lib.types.bool;
       default = true;

nixos/modules/pkgs.nix

@@ -1,6 +1,6 @@
 { pkgs, config, lib, ...}:
-let cfg = config.system-pkgs; in {
-  options.system-pkgs = {
+let cfg = config.machine.pkgs; in {
+  options.machine.pkgs = {
     enable = lib.mkOption {
       type = lib.types.bool;
       default = true;

nixos/modules/system.nix

@@ -5,10 +5,10 @@
   ...
 }:
 let
-  cfg = config.system-sys;
+  cfg = config.machine.sys;
 in
 {
-  options.system-sys = {
+  options.machine.sys = {
     enable = lib.mkOption {
       type = lib.types.bool;
       default = true;

nixos/oracle/configuration.nix

@@ -8,7 +8,7 @@
     "net.ipv4.ip_forward" = 1;
     "net.ipv6.conf.all.forwarding" = 1;
   };
-  system-net.openssh.ports = [22 2022];
+  machine.net.openssh.ports = [22 2022];
   networking = {
     hostId = "00238132";
     firewall = {

nixos/t14/configuration.nix

@@ -83,10 +83,10 @@ in
       ];
     };
   };
-  system-net.nfs = true;
-  system-sys.zram = true;
-  system-sys.swap = false;
-  system-sys.documentation = true;
+  machine.net.nfs = true;
+  machine.sys.zram = true;
+  machine.sys.swap = false;
+  machine.sys.documentation = true;
   hardware = {
     graphics = {
       enable = true;

nixos/zen/configuration.nix

@@ -1,4 +1,9 @@
-{ host, config, pkgs, ... }:
+{
+  host,
+  config,
+  pkgs,
+  ...
+}:
 {
   imports = [
     ./hardware-configuration.nix
@@ -11,27 +16,42 @@
       sopsFile = ../../secrets/forgejo-runner.yaml;
     };
   };
-  system-sys.zram = false;
+  machine.sys.zram = false;
   networking = {
     hostId = "81238132";
     firewall = {
       allowedTCPPorts = [
         22
         10250
-        25565 #mc
-        25566 #mc
+        25565 # mc
+        25566 # mc
       ];
+      interfaces."podman+" = {
+        allowedTCPPorts = [ 33393 ];
+      };
     };
   };
-  virtualisation.docker = {
+  virtualisation.podman = {
     enable = true;
-    extraOptions = "--dns 1.1.1.1";
   };
   services.gitea-actions-runner = {
     package = pkgs.forgejo-runner;
     instances.default = {
       enable = true;
       name = host.hostName;
+      settings = {
+        runner = {
+          capacity = 3;
+        };
+        cache = {
+          enable = true;
+          host = "host.containers.internal";
+          port = 33393;
+        };
+        container = {
+          force_pull = true;
+        };
+      };
       url = "https://git.10110110.xyz";
       tokenFile = config.sops.secrets.forgejo-runner.path;
       labels = [