add krusader
This commit is contained in:
parent
6ef4d1a932
commit
7ce20c3d2c
2 changed files with 32 additions and 58 deletions
|
|
@ -1,10 +1,5 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
inputs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
{ config, pkgs, inputs, lib, ... }:
|
||||
let
|
||||
agentPort = 9000;
|
||||
domain = "ci.cyplo.dev";
|
||||
uid = 2061;
|
||||
|
|
@ -21,8 +16,7 @@
|
|||
woodpeckerNixStorePath = "/var/lib/woodpecker/nix-store";
|
||||
woodpeckerAgentContainer = {
|
||||
autoStart = true;
|
||||
forwardPorts = [
|
||||
];
|
||||
forwardPorts = [ ];
|
||||
bindMounts = {
|
||||
"${woodpeckerEnvSecretPath}" = {
|
||||
hostPath = "${woodpeckerEnvSecretPath}";
|
||||
|
|
@ -37,12 +31,7 @@
|
|||
isReadOnly = false;
|
||||
};
|
||||
};
|
||||
config = {
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
config = { config, pkgs, lib, ... }: {
|
||||
system.stateVersion = "22.11";
|
||||
users = {
|
||||
mutableUsers = false;
|
||||
|
|
@ -55,17 +44,17 @@
|
|||
};
|
||||
groups."${systemGroupName}" = {
|
||||
inherit gid;
|
||||
members = ["${systemUserName}"];
|
||||
members = [ "${systemUserName}" ];
|
||||
};
|
||||
groups."podman" = {
|
||||
gid = podmanGid;
|
||||
members = ["${systemUserName}"];
|
||||
members = [ "${systemUserName}" ];
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.woodpecker-agent = {
|
||||
enable = true;
|
||||
wantedBy = ["multi-user.target"];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
environment = {
|
||||
WOODPECKER_SERVER = "${domain}:${toString agentPort}";
|
||||
|
|
@ -74,9 +63,7 @@
|
|||
WOODPECKER_LOG_LEVEL = "debug";
|
||||
};
|
||||
serviceConfig = {
|
||||
EnvironmentFile = [
|
||||
woodpeckerEnvSecretPath
|
||||
];
|
||||
EnvironmentFile = [ woodpeckerEnvSecretPath ];
|
||||
ExecStart = "${pkgs.woodpecker-agent}/bin/woodpecker-agent";
|
||||
User = systemUserName;
|
||||
Group = systemGroupName;
|
||||
|
|
@ -85,7 +72,7 @@
|
|||
};
|
||||
};
|
||||
in {
|
||||
imports = [../nginx.nix];
|
||||
imports = [ ../nginx.nix ];
|
||||
|
||||
users = {
|
||||
users."${systemUserName}" = {
|
||||
|
|
@ -93,45 +80,39 @@ in {
|
|||
isSystemUser = true;
|
||||
isNormalUser = false;
|
||||
group = systemGroupName;
|
||||
extraGroups = ["podman"];
|
||||
extraGroups = [ "podman" ];
|
||||
};
|
||||
groups."${systemGroupName}" = {
|
||||
inherit gid;
|
||||
members = ["${systemUserName}"];
|
||||
members = [ "${systemUserName}" ];
|
||||
};
|
||||
groups."podman" = {
|
||||
gid = podmanGid;
|
||||
members = ["${systemUserName}"];
|
||||
members = [ "${systemUserName}" ];
|
||||
};
|
||||
};
|
||||
|
||||
sops.secrets."woodpecker-env" =
|
||||
{
|
||||
sopsFile = ../vpsfree1/gitea.sops;
|
||||
format = "binary";
|
||||
path = woodpeckerEnvSecretPath;
|
||||
}
|
||||
// secretSettings;
|
||||
sops.secrets."woodpecker-env" = {
|
||||
sopsFile = ../vpsfree1/gitea.sops;
|
||||
format = "binary";
|
||||
path = woodpeckerEnvSecretPath;
|
||||
} // secretSettings;
|
||||
|
||||
virtualisation.podman = {
|
||||
enable = true;
|
||||
};
|
||||
virtualisation.podman = { enable = true; };
|
||||
systemd.services.woodpecker-make-path = {
|
||||
script = ''
|
||||
mkdir -p ${woodpeckerNixStorePath}
|
||||
chown -R ${systemUserName}:${systemGroupName} ${woodpeckerNixStorePath}
|
||||
'';
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
};
|
||||
serviceConfig = { Type = "oneshot"; };
|
||||
};
|
||||
|
||||
containers.woodpecker-agent1 = woodpeckerAgentContainer;
|
||||
containers.woodpecker-agent2 = woodpeckerAgentContainer;
|
||||
containers.woodpecker-agent3 = woodpeckerAgentContainer;
|
||||
containers.woodpecker-agent4 = woodpeckerAgentContainer;
|
||||
systemd.services."container@woodpecker-agent1".requires = ["woodpecker-make-path.service"];
|
||||
systemd.services."container@woodpecker-agent2".requires = ["woodpecker-make-path.service"];
|
||||
systemd.services."container@woodpecker-agent3".requires = ["woodpecker-make-path.service"];
|
||||
systemd.services."container@woodpecker-agent4".requires = ["woodpecker-make-path.service"];
|
||||
systemd.services."container@woodpecker-agent1".requires =
|
||||
[ "woodpecker-make-path.service" ];
|
||||
systemd.services."container@woodpecker-agent2".requires =
|
||||
[ "woodpecker-make-path.service" ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,18 +1,12 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
discord,
|
||||
inputs,
|
||||
nixpkgs-nixos-stable-and-unfree,
|
||||
nixpkgs-nixos-unstable-and-unfree,
|
||||
...
|
||||
}: let
|
||||
{ config, pkgs, discord, inputs, nixpkgs-nixos-stable-and-unfree
|
||||
, nixpkgs-nixos-unstable-and-unfree, ... }:
|
||||
let
|
||||
unstable = inputs.nixpkgs-nixos-unstable.legacyPackages.${pkgs.system};
|
||||
nixpkgs-master = inputs.nixpkgs-master.legacyPackages.${pkgs.system};
|
||||
in {
|
||||
security.chromiumSuidSandbox.enable = true;
|
||||
|
||||
home-manager.users.cyryl = {...}: {
|
||||
home-manager.users.cyryl = { ... }: {
|
||||
gtk = {
|
||||
enable = true;
|
||||
iconTheme = {
|
||||
|
|
@ -27,13 +21,13 @@ in {
|
|||
style.package = pkgs.adwaita-qt;
|
||||
};
|
||||
|
||||
imports = [];
|
||||
imports = [ ];
|
||||
|
||||
programs.chromium.enable = true;
|
||||
programs.firefox.enable = true;
|
||||
home.packages = with pkgs;
|
||||
with pkgs.gnome3;
|
||||
with pkgs.python38Packages;
|
||||
with pkgs.gnome3;
|
||||
with pkgs.python38Packages;
|
||||
[
|
||||
anarchism
|
||||
calibre
|
||||
|
|
@ -51,6 +45,7 @@ in {
|
|||
gnome-screenshot
|
||||
gparted
|
||||
inkscape
|
||||
krusader
|
||||
libreoffice
|
||||
mindforger
|
||||
modem-manager-gui
|
||||
|
|
@ -81,9 +76,7 @@ in {
|
|||
yubikey-manager-qt
|
||||
yubikey-personalization
|
||||
yubikey-personalization-gui
|
||||
]
|
||||
++ [unstable.gnucash unstable.thunderbird]
|
||||
++ [
|
||||
] ++ [ unstable.gnucash unstable.thunderbird ] ++ [
|
||||
nixpkgs-nixos-stable-and-unfree.discord
|
||||
nixpkgs-nixos-unstable-and-unfree.hopper
|
||||
];
|
||||
|
|
|
|||
Loading…
Reference in a new issue