nixos-config/modules/woodpecker/default.nix

62 lines
1.5 KiB
Nix
Raw Normal View History

2023-06-19 08:19:00 +02:00
{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.eboskma.woodpecker;
in
{
options.eboskma.woodpecker = { enable = mkEnableOption "Woodpecker CI"; };
config = mkIf cfg.enable {
services.woodpecker-server = {
enable = true;
environment = {
WOODPECKER_GITEA = "true";
WOODPECKER_GITEA_URL = "https://git.datarift.nl";
WOODPECKER_HOST = "https://drone.datarift.nl";
WOODPECKER_SERVER_ADDR = ":8100";
WOODPECKER_ADMIN = "erwin";
WOODPECKER_SESSION_EXPIRES = "48h";
};
environmentFile = config.sops.secrets.woodpecker-server.path;
};
services.woodpecker-agents.agents.local = {
enable = true;
environment = {
WOODPECKER_SERVER = "localhost:9000";
WOODPECKER_MAX_PROCS = "2";
WOODPECKER_BACKEND = "docker";
DOCKER_HOST = "unix:///run/podman/podman.sock";
};
environmentFile = [ config.sops.secrets.woodpecker-agent.path ];
extraGroups = [ "podman" ];
};
environment.systemPackages = [ pkgs.woodpecker-cli ];
# virtualisation.docker = {
# enable = true;
# autoPrune = {
# enable = true;
# };
# };
virtualisation.podman = {
enable = true;
dockerCompat = true;
autoPrune = {
enable = true;
};
defaultNetwork.settings.dns_enable = true;
};
networking.firewall = {
allowedTCPPorts = [ 8100 ];
interfaces."podman+" = {
allowedUDPPorts = [ 53 ];
allowedTCPPorts = [ 53 ];
};
};
};
}