gitea-actions-runner: don't run as systemd DynamicUser
Some checks failed
Flake checks / Check (pull_request) Failing after 4m55s

to enable usage of cache outside of /var/lib/private
This commit is contained in:
teutat3s 2024-04-23 15:42:33 +02:00
parent 9541e5029e
commit fa9ce9d435
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1

View file

@ -13,9 +13,24 @@
# Needed for the docker runner to communicate with the act_runner cache
networking.firewall.trustedInterfaces = [ "br-+" ];
systemd.services."gitea-runner-flora\\x2d6".serviceConfig = {
CacheDirectory = "/data/gitea-actions-runner";
users.users.gitea-runner = {
home = "/var/lib/gitea-runner/flora-6";
useDefaultShell = true;
group = "gitea-runner";
isSystemUser = true;
};
users.groups.gitea-runner = {};
systemd.services."gitea-runner-flora\\x2d6".serviceConfig = {
DynamicUser = lib.mkForce false;
};
systemd.tmpfiles.rules = [
"d '/data/gitea-actions-runner' 0750 gitea-runner gitea-runner - -"
"d '/var/lib/gitea-runner' 0750 gitea-runner gitea-runner - -"
];
# forgejo actions runner
# https://forgejo.org/docs/latest/admin/actions/
# https://docs.gitea.com/usage/actions/quickstart