oracle2

2025-09-27 12:14:40 -05:00 · 2025-09-27 12:14:40 -05:00 · 1e236f8f71
commit 1e236f8f71
parent fc85515fb8
10 changed files with 157 additions and 26 deletions
--- a/nixos/default.nix
+++ b/nixos/default.nix
@ -41,7 +41,7 @@ in
      ./consensus/configuration.nix
    ];
  };
-  oracle = inputs.nixpkgs.lib.nixosSystem {
+  oracle1 = inputs.nixpkgs.lib.nixosSystem {
    inherit pkgs;
    specialArgs = {
      inherit inputs system attrs;
@ -52,6 +52,21 @@ in
    };
    modules = defaultModules ++ [
      ./oracle/configuration.nix
+      ./oracle/forgejo.nix
+    ];
+  };
+  oracle2 = inputs.nixpkgs.lib.nixosSystem {
+    inherit pkgs;
+    specialArgs = {
+      inherit inputs system attrs;
+      host = {
+        hostName = "oracle2";
+        inherit (attrs) username;
+      };
+    };
+    modules = defaultModules ++ [
+      ./oracle/configuration.nix
+      ./oracle/forgejo-runner.nix
    ];
  };
 }
--- a/nixos/oracle/configuration.nix
+++ b/nixos/oracle/configuration.nix
@ -1,8 +1,7 @@
-{ ... }:
+{ host, ... }:
 {
  imports = [
    ./hardware-configuration.nix
-    ./forgejo.nix
  ];
  boot.tmp.cleanOnBoot = true;
  boot.kernel.sysctl = {
@ -60,7 +59,7 @@
  networking = {
    domain = "";
    hostId = "81238132";
-    hostName = "oracle1";
+    hostName = host.hostName;
    firewall = {
      enable = true;
      allowedTCPPorts = [
--- a/nixos/oracle/forgejo-runner.nix
+++ b/nixos/oracle/forgejo-runner.nix
@ -0,0 +1,24 @@
+{ pkgs, config, ... }:
+{
+  sops = {
+    secrets = {
+      "forgejo-runner" = {
+        sopsFile = ../../secrets/forgejo-runner.yaml;
+      };
+    };
+  };
+  virtualisation.docker.enable = true;
+  services.gitea-actions-runner = {
+    package = pkgs.forgejo-actions-runner;
+    instances.default = {
+      enable = true;
+      name = "oracle-runner1";
+      url = "https://git.10110110.xyz";
+      tokenFile = config.sops.secrets."forgejo-runner".path;
+      labels = [
+        "ubuntu-latest:docker://node:20-bullseye"
+        "nix-latest:docker://nixos/nix:latest"
+      ];
+    };
+  };
+}
--- a/nixos/oracle/forgejo.nix
+++ b/nixos/oracle/forgejo.nix
@ -39,6 +39,10 @@ in
    database.type = "sqlite3";
    dump.enable = true;
    settings = {
+      DEFAULT = {
+        APP_NAME = "git.10110110.xyz";
+        APP_SLOGAN = "No rice, no life.";
+      };
      server = {
        DOMAIN = "git.10110110.xyz";
        # You need to specify this to remove the port from URLs in the web UI.
@ -46,6 +50,10 @@ in
        HTTP_PORT = 3000;
      };
      service.DISABLE_REGISTRATION = true;
+      oauth2_client = {
+        ENABLE_AUTO_REGISTRATION = true;
+        UPDATE_AVATAR = true;
+      };
      session.COOKIE_SECURE = true;
      actions = {
        ENABLED = true;