From 2448b098f27da1f3ddde44a65bd8dc13b0a78c08 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cyryl=20P=C5=82otnicki?= Date: Tue, 8 Nov 2022 16:13:33 +0000 Subject: [PATCH] add woodpecker agent --- nixos/boxes/vpsfree1/gitea.sops | 6 +++--- nixos/boxes/vpsfree1/woodpecker.nix | 15 ++++++++++++++- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/nixos/boxes/vpsfree1/gitea.sops b/nixos/boxes/vpsfree1/gitea.sops index b1a83d8f..00a6ed21 100644 --- a/nixos/boxes/vpsfree1/gitea.sops +++ b/nixos/boxes/vpsfree1/gitea.sops @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:SzT2//HVQ3rx9NTtmpD4h4H5hLuMD1MOMnmye9B+2bYuFqGfpy0IZtWFYOkeLC+GL5FBpNRDjhXI6VffE647QQhfxWkxqXfaMUQmVmhY4c4z8ZKjkUd61skh2l4JLkTBkQK27dVKDZbk9YvDB4nvpJzzhhk4TzdylljHgqTT1LIEQQ==,iv:WQgkDTBvX8fW779ZQFVGgnHyEB2OgwABS64nnf4DzRw=,tag:BkPt9Jnamcz1omHkNNMPjQ==,type:str]", + "data": "ENC[AES256_GCM,data:XmBUUnZFfIIOI9Thu5ZbBbwcr+V7Zm/jgJTeO+xNFWGzr/KETXu2MJiyDvxWF7p/xnrUjkA1TdafTaTp3E/d0LJUNMHfWhVru802RnGYR7h+uwwM3hCPgek3cV0URpu97IlyGJwt+yWdz4/tsFB8gJe/U6qWM3Yo3P6f0RLuDCQG9d0NHj0i5Xy9jBYSLyOLU/648PQFzyJNwbDGeVbhRoP1it449+xxtt6Wye6Tw0VPD6MTN1TC+l85qg==,iv:kyCXCkXmTf2bAnV/iP6DYqAYJPXcgfQGVmQDpAGc3Es=,tag:h/O4rs30XKzu/TUnQSKMcQ==,type:str]", "sops": { "kms": null, "gcp_kms": null, @@ -43,8 +43,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqMU5LQ0ZXODhOd1RGU2hy\nK1pCc2VUcTVRYXJJYSt2RmlEMGlhZ25DekIwCnZBcDVuSngwakM0NVhreGJPZDBa\nbmpwdTc2bTJCVDFyM3owek90Vmhpck0KLS0tIHR0MDBJQW8zSytrdFFzc2lDNU03\nN2d6MTdWanBNZ1JHY3RVb042U1pJUzAKMcGJye9dQ2NhFO9DqRSm2XukE+OduDEg\n55YC1x7eAzLx6GCMMaFanplp4oLQdhZRn+rPMYNsbnNY+r84MhI/JA==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2022-11-08T13:29:25Z", - "mac": "ENC[AES256_GCM,data:6zbK7/m1fkH2PZ2X7vtSxUdoqeEs7/MSTYUsbwJdgt8kg/r8eSe9s5IeKZAI3gCC10aGMaPvKf0S07WL66slzkjohDQrGp8WSQwp2jVbnz2+bCKw8jU7SWf15iQdi/YFRgMqSFUVhnbFgr81+xNe5XmgTxR95e1qSQMxHBnPASM=,iv:KguqwgOfK3lI9+mR1oQaLhgLkAFD/AJ05doGH0e06RY=,tag:6C5Fa4GDJQ7sH7Gc4lS3tA==,type:str]", + "lastmodified": "2022-11-08T13:52:31Z", + "mac": "ENC[AES256_GCM,data:BL45CVcKSb4Gb20Zo645kenNKpDVYgr7LXEnqbaWLXPAvNrlLFSJghN1e/o+Agmv/6+WM+ZT3/AOoXRBia/DvwvNKAkadwdTQieRMyRpgg6DfAYdqFhnzAeH8DtLsTvt6Jb0ZGDkRZODvKZCi8Ij43j/m5e2I94cVk94J2hUrVE=,iv:dfMnAJOoVUqbMz/iyDkddiPmUTAeWysMyf0EYsH93yo=,tag:xy/YB4J9GzNmSkWpEz6pTQ==,type:str]", "pgp": null, "unencrypted_suffix": "_unencrypted", "version": "3.7.3" diff --git a/nixos/boxes/vpsfree1/woodpecker.nix b/nixos/boxes/vpsfree1/woodpecker.nix index 003b8b16..351f6270 100644 --- a/nixos/boxes/vpsfree1/woodpecker.nix +++ b/nixos/boxes/vpsfree1/woodpecker.nix @@ -1,9 +1,10 @@ { config, pkgs, inputs, lib, ... }: let httpPort = 8000; + agentPort = 9000; domain = "ci.cyplo.dev"; path = "/var/lib/woodpecker"; -in rec { +in { imports = [ ../nginx.nix ]; systemd.services.systemd-sysctl.enable = lib.mkForce true; @@ -25,6 +26,7 @@ in rec { format = "binary"; }; + virtualisation.podman.defaultNetwork.dnsname.enable = true; virtualisation.oci-containers.containers.woodpecker-server = { image = "woodpeckerci/woodpecker-server@sha256:e6027e46a782d50790183b7274a2a2ad3a6c6fb9a645e6af81a16419613c28ea"; @@ -38,4 +40,15 @@ in rec { }; ports = [ "${toString httpPort}:${toString httpPort}" ]; }; + + virtualisation.oci-containers.containers.woodpecker-agent = { + dependsOn = [ "woodpecker-server" ]; + volumes = [ "/var/run/podman/podman.sock:/var/run/docker.sock" ]; + image = + "woodpeckerci/woodpecker-agent@sha256:9a98e25ca6fcf7c437ad355cfce53a696c55b9864399a4d456429a20bfb44545"; + environmentFiles = [ "${config.sops.secrets.gitea-env.path}" ]; + environment = { + WOODPECKER_SERVER = "woodpecker-server:${toString agentPort}"; + }; + }; }