Harald Hoyer
62f1eb0a2d
Switched from `forgejo-actions-runner` to `forgejo-runner` package for the gitea actions runner instance. This aligns with the updated package naming convention in the system configuration. The change ensures proper integration with the forgejo ecosystem and maintains consistency with the project's package structure.
105 lines
2.7 KiB
Nix
105 lines
2.7 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
inputs,
|
|
...
|
|
}:
|
|
|
|
with lib;
|
|
with lib.metacfg;
|
|
let
|
|
cfg = config.metacfg.nix;
|
|
|
|
substituters-submodule = types.submodule (
|
|
{ name, ... }:
|
|
{
|
|
options = with types; {
|
|
key = mkOpt (nullOr str) null "The trusted public key for this substituter.";
|
|
};
|
|
}
|
|
);
|
|
in
|
|
{
|
|
options.metacfg.nix = with types; {
|
|
enable = mkBoolOpt false "Whether or not to manage nix configuration.";
|
|
package = mkOpt package pkgs.nix "Which nix package to use.";
|
|
|
|
default-substituter = {
|
|
url = mkOpt str "https://cache.nixos.org" "The url for the substituter.";
|
|
key =
|
|
mkOpt str "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
|
"The trusted public key for the substituter.";
|
|
};
|
|
|
|
extra-substituters = mkOpt (attrsOf substituters-submodule) { } "Extra substituters to configure.";
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
assertions = mapAttrsToList (name: value: {
|
|
assertion = value.key != null;
|
|
message = "metacfg.nix.extra-substituters.${name}.key must be set";
|
|
}) cfg.extra-substituters;
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
metacfg.nixos-revision
|
|
(metacfg.nixos-hosts.override { hosts = inputs.self.nixosConfigurations; })
|
|
deploy-rs
|
|
nixfmt
|
|
nix-index
|
|
nix-prefetch-git
|
|
nix-output-monitor
|
|
];
|
|
|
|
#systemd.services.nix-daemon.environment.TMPDIR = "/var/tmp";
|
|
|
|
nix =
|
|
let
|
|
users = [
|
|
"root"
|
|
config.metacfg.user.name
|
|
]
|
|
++ optional config.services.hydra.enable "hydra";
|
|
extra-substituters = cfg.extra-substituters;
|
|
in
|
|
{
|
|
package = cfg.package;
|
|
|
|
settings = {
|
|
experimental-features = "nix-command flakes";
|
|
http-connections = 50;
|
|
warn-dirty = false;
|
|
log-lines = 50;
|
|
sandbox = true;
|
|
auto-optimise-store = true;
|
|
trusted-users = users;
|
|
allowed-users = users;
|
|
|
|
substituters = [
|
|
cfg.default-substituter.url
|
|
]
|
|
++ (mapAttrsToList (name: value: name) extra-substituters);
|
|
trusted-public-keys = [
|
|
cfg.default-substituter.key
|
|
]
|
|
++ (mapAttrsToList (name: value: value.key) extra-substituters);
|
|
|
|
}
|
|
// (lib.optionalAttrs config.metacfg.tools.direnv.enable {
|
|
keep-outputs = true;
|
|
keep-derivations = true;
|
|
});
|
|
|
|
gc = {
|
|
automatic = true;
|
|
dates = lib.mkDefault "weekly";
|
|
options = lib.mkDefault "--delete-older-than 14d";
|
|
};
|
|
|
|
# flake-utils-plus
|
|
generateRegistryFromInputs = true;
|
|
generateNixPathFromInputs = true;
|
|
linkInputs = true;
|
|
};
|
|
};
|
|
}
|