pub-solar
/
infra
6
1
Fork 3
Code Issues 16 Pull Requests 6 Actions Packages Projects 1 Releases Wiki Activity

gitea-actions-runner: don't run as systemd DynamicUser
Flake checks / Check (pull_request) Failing after 4m55s Details 

to enable usage of cache outside of /var/lib/private
pull/152/head
teutat3s 2024-04-23 15:42:33 +02:00
parent 9541e5029e
commit fa9ce9d435
Signed by: teutat3s
GPG Key ID: 4FA1D3FA524F22C1
1 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
hosts/flora-6/apps/forgejo-actions-runner.nix
View File

@ -13,9 +13,24 @@
# Needed for the docker runner to communicate with the act_runner cache
networking.firewall.trustedInterfaces = [ "br-+" ];
systemd.services."gitea-runner-flora\\x2d6".serviceConfig = {
CacheDirectory = "/data/gitea-actions-runner";
users.users.gitea-runner = {
home = "/var/lib/gitea-runner/flora-6";
useDefaultShell = true;
group = "gitea-runner";
isSystemUser = true;
};
users.groups.gitea-runner = {};
systemd.services."gitea-runner-flora\\x2d6".serviceConfig = {
DynamicUser = lib.mkForce false;
};
systemd.tmpfiles.rules = [
"d '/data/gitea-actions-runner' 0750 gitea-runner gitea-runner - -"
"d '/var/lib/gitea-runner' 0750 gitea-runner gitea-runner - -"
];
# forgejo actions runner
# https://forgejo.org/docs/latest/admin/actions/
# https://docs.gitea.com/usage/actions/quickstart