v
/
infrastructure
1
0
Fork 0
Code Issues 13 Pull Requests 1 Actions Packages Projects Releases Activity

migrate woodpecker

pull/154/head
Vivian 2023-04-22 21:00:55 +02:00
parent 0cb9e1ac06
commit 991b93c0ae
3 changed files with 26 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.editorconfig
View File

@ -5,7 +5,7 @@ root = true
[*]
indent_style = space
indent_size = 4
indent_size = 2
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true

1
nixos/hosts/olympus/default.nix
View File

@ -144,6 +144,7 @@
};
"woodpecker" = {
ip = "10.42.42.33";
ip6 = "2001:41f0:9639:1:1c24:daff:fedb:4a1a";
mac = "1E:24:DA:DB:4A:1A";
};
"nuc" = {

58
nixos/hosts/olympus/woodpecker/configuration.nix
View File

@ -18,53 +18,43 @@ in {
# Additional packages
environment.systemPackages = with pkgs; [ ];
networking.firewall.allowedTCPPorts = [ ];
networking.firewall.allowedTCPPorts = [ 8000 9000 ];
vault-secrets.secrets.woodpecker = {
services = [ "podman-woodpecker-server" "podman-woodpecker-agent" ];
services = [ "woodpecker-server" "woodpecker-agent-docker" ];
quoteEnvironmentValues = false; # Needed for docker
};
virtualisation.podman = {
enable = true;
dockerSocket.enable = true;
dockerCompat = true;
};
systemd.services.create-woodpecker-pod = with config.virtualisation.oci-containers; {
serviceConfig.Type = "oneshot";
wantedBy = [ "${backend}-woodpecker-server.service" "${backend}-woodpecker-agent.service"];
script = ''
${pkgs.podman}/bin/podman pod exists woodpecker || \
${pkgs.podman}/bin/podman pod create -n woodpecker -p 8000:8000
'';
services.woodpecker-server = {
enable = true;
environment = {
WOODPECKER_OPEN = "true";
WOODPECKER_HOST = "https://ci.0x76.dev";
WOODPECKER_GITEA = "true";
WOODPECKER_GITEA_URL = "https://git.0x76.dev";
WOODPECKER_ADMIN = "v";
WOODPECKER_AUTHENTICATE_PUBLIC_REPOS = "true";
WOODPECKER_SERVER_ADDR = "0.0.0.0:8000";
};
environmentFile = "${vs.woodpecker}/environment";
};
virtualisation.oci-containers = {
backend = "podman";
containers = {
woodpecker-server = {
image = "woodpeckerci/woodpecker-server:latest";
volumes = [ "woodpecker-server-data:/var/lib/woodpecker/" ];
environmentFiles = [ "${vs.woodpecker}/environment" ];
extraOptions = [ "--pod=woodpecker" ];
environment = {
WOODPECKER_OPEN = "true";
WOODPECKER_HOST = "https://ci.0x76.dev";
WOODPECKER_GITEA = "true";
WOODPECKER_GITEA_URL = "https://git.0x76.dev";
WOODPECKER_ADMIN = "v";
WOODPECKER_AUTHENTICATE_PUBLIC_REPOS = "true";
};
};
woodpecker-agent = {
image = "woodpeckerci/woodpecker-agent:latest";
dependsOn = [ "woodpecker-server" ];
extraOptions = [ "--pod=woodpecker" ];
cmd = [ "agent" ];
volumes = [ "/var/run/docker.sock:/var/run/docker.sock" ];
environmentFiles = [ "${vs.woodpecker}/environment" ];
environment = { WOODPECKER_SERVER = "localhost:9000"; };
services.woodpecker-agents.agents = {
docker = {
enable = true;
environment = {
DOCKER_HOST = "unix:///run/podman/podman.sock";
WOODPECKER_BACKEND = "docker";
WOODPECKER_SERVER = "localhost:9000";
};
environmentFile = [ "${vs.woodpecker}/environment" ];
extraGroups = [ "podman" ];
};
};
}