{ pkgs, config, ... }:
{
  sops = {
    secrets = {
      "forgejo-runner" = {
        sopsFile = ../../secrets/forgejo-runner.yaml;
      };
    };
  };
  virtualisation.docker.enable = true;
  services.gitea-actions-runner = {
    package = pkgs.forgejo-actions-runner;
    instances.default = {
      enable = true;
      name = "oracle-runner1";
      url = "https://git.10110110.xyz";
      tokenFile = config.sops.secrets."forgejo-runner".path;
      labels = [
        "ubuntu-latest:docker://node:20-bullseye"
        "nix-latest:docker://nixos/nix:latest"
      ];
    };
  };
}