[mcp] Adds gitea runners

2025-04-28 16:59:54 -07:00
parent 6fd171ae12
commit 3da928a7a8
2 changed files with 50 additions and 25 deletions
--- a/system/hosts/mcp/containers/gitea.nix
+++ b/system/hosts/mcp/containers/gitea.nix
@@ -1,24 +1,40 @@
 { config, ... }:
 let 
-  inherit (import ./lib.nix config) hostRule blazestar;
+  inherit (import ./lib.nix config) mkContainer blazestar;
 in
 {
-  virtualisation.oci-containers.containers.gitea = {
+  sops.secrets = {
+    "gitea/db_password" = {
+      restartUnits = [ "podman-gitea.service" ];
+    };
+    "gitea/registration_token" = {
+      restartUnits = [ "podman-gitea-runner.service" ];
+    };
+  };
+
+  sops.templates."gitea.env".content = ''
+    GITEA__database__DB_TYPE="postgres"
+    GITEA__database__HOST="db"
+    GITEA__database__NAME="gitea"
+    GITEA__database__USER="gitea"
+    GITEA__database__PASSWD="${config.sops.placeholder."gitea/db_password"}"
+  '';
+
+  virtualisation.oci-containers.containers.gitea = mkContainer {
    image = "gitea/gitea:latest-rootless";
-    autoStart = true;
    dependsOn = [
      "db"
    ];
-    extraOptions = [
-      "-l=traefik.enable=true"
-      "-l=traefik.http.routers.gitea.rule=${hostRule "git" blazestar}"
-      "-l=traefik.http.services.gitea.loadbalancer.server.port=3000"
-      "-l=homepage.group=Apps"
-      "-l=homepage.name=Gitea"
-      "-l=homepage.icon=gitea.png"
-      "-l=homepage.href=https://git.${blazestar}"
-      "-l=homepage.description=Git Server"
-    ];
+    hostName = "git";
+    domain = blazestar;
+    public = true;
+    port = 3000;
+    homepageOpts = {
+      name = "Gitea";
+      icon = "gitea.png";
+      description = "Git Server";
+      group = "Apps";
+    };
    ports = [
      "2222:2222"
    ];
@@ -36,14 +52,21 @@ in
    ];
  };

-  sops.secrets."gitea_db_password" = {
-    restartUnits = [ "podman-gitea.service" ];
-  };
-  sops.templates."gitea.env".content = ''
-    GITEA__database__DB_TYPE="postgres"
-    GITEA__database__HOST="db"
-    GITEA__database__NAME="gitea"
-    GITEA__database__USER="gitea"
-    GITEA__database__PASSWD="${config.sops.placeholder."gitea_db_password"}"
+  sops.templates."gitea-runner.env".content = ''
+    GITEA_RUNNER_NAME=MCP
+    GITEA_INSTANCE_URL=https://git.${blazestar}
+    GITEA_RUNNER_REGISTRATION_TOKEN=${config.sops.placeholder."gitea/registration_token"}
  '';
+
+  virtualisation.oci-containers.containers.gitea-runner = {
+    image = "gitea/act_runner:latest";
+    autoStart = true;
+    environmentFiles = [
+      config.sops.templates."gitea-runner.env".path
+    ];
+    volumes = [
+      # The runner will spawn new containers to run the actions
+      "/var/run/podman/podman.sock:/var/run/docker.sock:ro"
+    ];
+  };
 }