nemo: deploy woodpecker agent

2024-10-19 11:06:43 +02:00 · 2024-10-19 11:06:43 +02:00 · 79cbb2462a
commit 79cbb2462a
parent 0e7f1a4e36
4 changed files with 76 additions and 40 deletions
--- a/flake.lock
+++ b/flake.lock
@ -21,19 +21,19 @@
    "ghostty": {
      "inputs": {
        "nixpkgs-stable": [
-          "nixpkgs-unstable"
+          "nixpkgs"
        ],
        "nixpkgs-unstable": [
-          "nixpkgs-unstable"
+          "nixpkgs"
        ],
        "zig": "zig"
      },
      "locked": {
-        "lastModified": 1729220096,
-        "narHash": "sha256-4erPSUsLVTTbdAXAjKfl7FpVxohmDSL0zWfewff7jcc=",
+        "lastModified": 1729515458,
+        "narHash": "sha256-AYLxdLukuWXJREYupBiAXRk9PGX1qA7w/5adKMlNpTo=",
        "ref": "refs/heads/main",
-        "rev": "913c4b5801b0d3881eabbe93dec5a2c40fefe65f",
-        "revCount": 7730,
+        "rev": "c2cbc214d5f6d45cfa171b8ed6ea7a670a5cbdab",
+        "revCount": 7762,
        "type": "git",
        "url": "ssh://git@github.com/ghostty-org/ghostty"
      },
@ -60,15 +60,15 @@
    "home-manager": {
      "inputs": {
        "nixpkgs": [
-          "nixpkgs-unstable"
+          "nixpkgs"
        ]
      },
      "locked": {
-        "lastModified": 1729174520,
-        "narHash": "sha256-QxCAdgQdeIOaCiE0Sr23s9lD0+T1b/wuz5pSiGwNrCQ=",
+        "lastModified": 1729551526,
+        "narHash": "sha256-7LAGY32Xl14OVQp3y6M43/0AtHYYvV6pdyBcp3eoz0s=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "e78cbb20276f09c1802e62d2f77fc93ec32da268",
+        "rev": "5ec753a1fc4454df9285d8b3ec0809234defb975",
        "type": "github"
      },
      "original": {
@ -77,29 +77,13 @@
        "type": "github"
      }
    },
-    "nixpkgs-stable": {
+    "nixpkgs": {
      "locked": {
-        "lastModified": 1729044727,
-        "narHash": "sha256-GKJjtPY+SXfLF/yTN7M2cAnQB6RERFKnQhD8UvPSf3M=",
+        "lastModified": 1729256560,
+        "narHash": "sha256-/uilDXvCIEs3C9l73JTACm4quuHUsIHcns1c+cHUJwA=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "dc2e0028d274394f73653c7c90cc63edbb696be1",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nixos",
-        "ref": "nixos-24.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs-unstable": {
-      "locked": {
-        "lastModified": 1728888510,
-        "narHash": "sha256-nsNdSldaAyu6PE3YUA+YQLqUDJh+gRbBooMMekZJwvI=",
-        "owner": "nixos",
-        "repo": "nixpkgs",
-        "rev": "a3c0b3b21515f74fd2665903d4ce6bc4dc81c77c",
+        "rev": "4c2fcb090b1f3e5b47eaa7bd33913b574a11e0a0",
        "type": "github"
      },
      "original": {
@ -109,13 +93,29 @@
        "type": "github"
      }
    },
+    "nixpkgs-stable": {
+      "locked": {
+        "lastModified": 1729307008,
+        "narHash": "sha256-QUvb6epgKi9pCu9CttRQW4y5NqJ+snKr1FZpG/x3Wtc=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "a9b86fc2290b69375c5542b622088eb6eca2a7c3",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-24.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
    "root": {
      "inputs": {
        "ghostty": "ghostty",
        "ghostty-hm": "ghostty-hm",
        "home-manager": "home-manager",
-        "nixpkgs-stable": "nixpkgs-stable",
-        "nixpkgs-unstable": "nixpkgs-unstable"
+        "nixpkgs": "nixpkgs",
+        "nixpkgs-stable": "nixpkgs-stable"
      }
    },
    "systems": {
--- a/flake.nix
+++ b/flake.nix
@ -2,17 +2,17 @@
  description = "NixOS configuration";

  inputs = {
-    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
    nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.05";

    home-manager.url = "github:nix-community/home-manager";
-    home-manager.inputs.nixpkgs.follows = "nixpkgs-unstable";
+    home-manager.inputs.nixpkgs.follows = "nixpkgs";

    ghostty = {
      url = "git+ssh://git@github.com/ghostty-org/ghostty";
      inputs = {
-        nixpkgs-stable.follows = "nixpkgs-unstable";
-        nixpkgs-unstable.follows = "nixpkgs-unstable";
+        nixpkgs-stable.follows = "nixpkgs";
+        nixpkgs-unstable.follows = "nixpkgs";
      };
    };
    ghostty-hm.url = "github:clo4/ghostty-hm-module";
@ -21,7 +21,7 @@
  outputs =
    inputs@{
      self,
-      nixpkgs-unstable,
+      nixpkgs,
      ghostty-hm,
      home-manager,
      ...
@ -29,11 +29,11 @@
    let
      inherit (self) outputs;
      system = "x86_64-linux";
-      pkgs = nixpkgs-unstable.legacyPackages.${system};
+      pkgs = nixpkgs.legacyPackages.${system};

      mkHost =
        modules:
-        nixpkgs-unstable.lib.nixosSystem {
+        nixpkgs.lib.nixosSystem {
          specialArgs = {
            inherit inputs outputs;
          };
--- a/hosts/nemo/default.nix
+++ b/hosts/nemo/default.nix
@ -7,7 +7,10 @@
 }:

 {
-  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    ./woodpecker.nix
+  ];

  boot = {
    extraModulePackages = with config.boot.kernelPackages; [
--- a/hosts/nemo/woodpecker.nix
+++ b/hosts/nemo/woodpecker.nix
@ -0,0 +1,33 @@
+{
+  config,
+  pkgs,
+  ...
+}:
+{
+  services.woodpecker-agents.agents.docker = {
+    enable = true;
+    package = pkgs.woodpecker-agent;
+    environment = {
+      DOCKER_HOST = "unix:///run/podman/podman.sock";
+      WOODPECKER_BACKEND = "docker";
+      WOODPECKER_SERVER = "10.1.100.10:8300"; # forgejo-1
+      WOODPECKER_MAX_WORKFLOWS = "5";
+      WOODPECKER_BACKEND_DOCKER_VOLUMES = "/nix:/mnt/nix:ro";
+    };
+    environmentFile = [
+      "/etc/woodpecker/woodpecker-agent.env"
+    ];
+    extraGroups = [ "podman" ];
+  };
+
+  systemd.services.woodpecker-agent-docker = {
+    after = [
+      "podman.socket"
+      "woodpecker-server.service"
+    ];
+    # restartIfChanged = false;
+    serviceConfig = {
+      BindPaths = [ "/run/podman/podman.sock" ];
+    };
+  };
+}