WIP: init drone-exec-runner-in-docker on ryzensun

This commit is contained in:
teutat3s 2022-10-24 18:12:29 +02:00
parent a99fd1ff34
commit 938c7a2b71
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1
4 changed files with 50 additions and 18 deletions

View file

@ -10,15 +10,34 @@ in
];
config = {
age.secrets.environment-secrets = {
file = "${self}/secrets/environment-secrets.age";
mode = "700";
owner = "teutat3s";
age.secrets = {
environment-secrets = {
file = "${self}/secrets/environment-secrets.age";
mode = "700";
owner = "teutat3s";
};
drone_exec_runner_config = {
file = "${self}/secrets/drone_exec_runner_config";
mode = "700";
owner = "999";
};
};
pub-solar.nextcloud.enable = mkForce false;
pub-solar.docker.enable = true;
pub-solar.virtualisation.enable = true;
pub-solar.docker-ci-runner = {
enable = true;
enableKvm = true;
nixCacheLocation = "/mnt/internal/ci-cache-nix-store/nix";
runnerEnvironment = {
DRONE_RUNNER_CAPACITY = "1";
DRONE_RUNNER_LABELS = "hosttype:baremetal";
};
runnerVarsFile = "/run/agenix/drone_exec_runner_config";
};
home-manager.users."${psCfg.user.name}".xdg.configFile = mkIf psCfg.sway.enable {
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;

View file

@ -0,0 +1,13 @@
age-encryption.org/v1
-> ssh-ed25519 Wp/X/Q cdo0CMxdOqP1MLc3cUbOD1Ha5hW70JYK1E06NwV8SkE
M9vPqxgeAPh+l7XH6IVPITlI6Vfte5EYgQbs7+csD1A
-> ssh-ed25519 8U1+ng Ag+IfCUi6yf7tn+Nc+3rySZeGdxx5oPIZ5AyY0EYQ0c
Vi35krkHDR5ASs+Ia5iWlTsNttJr2W6vts1Ap+skrpw
-> ssh-ed25519 BVsyTA zBkihyt0U/cKlD3zeHDWchqsNYrGDZUMpdDElQamWjQ
hqdON//Mi+DMhMvUt4yh+xzW7A0aimA0feVNw8ZUxVA
-> piv-p256 xGzyzw A0u0D1ELUINR5C+s5CuuD3AlxTNT07gu76Skav/PYswi
CAd+qtKFJB8GCLJKOhzZbMwrvoIc9+czTcmtSCP50gg
-> 6j-T-grease vhW, 0O njRFEQ@` F5=qhL!Q
bccSqKLEZ9j4cjioEHWLgPVhhZUEgnkIvVLIDS0d+Z1bZQhApZNQW/KkSw
--- /QTl3uBvy9Pi+541vXLEj5SIoZ08KeiNi6lwwsb04ss
¼FOàïh>¸õfÇ=Ú¥ÎÀШ¸Ï`¥ fàÕ!$^½9¦Zœ~PšqgÖRÀÇ©û]ì°>âBº|»^œˆ´TD;Ó@¢WéTä2aÄÝ#ú ä*/¨ÛDQÃô“¥ýºè뙪v!õö=>ÓŒT“×95ÆòjèChKZ”ŸÏ¢ hâ<68>Ì Ì&´³pVxCÅW6?÷ɬLF²1U²¯=ƒú€0xƒo²<6F>*±nüË

View file

@ -1,15 +1,14 @@
age-encryption.org/v1
-> ssh-ed25519 Wp/X/Q vi9OTQKWNMjcFxcFxjmef3uVhATya9tA1BbS4I5unX0
uW3+5JdLQpIhFBwW54uTcI4fQ0wv8mjqTkrfL/VNiYI
-> ssh-ed25519 8U1+ng RTZuwmXp/Y32S3Wl49wu1QbPOUcUKpU2wFpPPe0cXEw
Zo1l9ZFBaFF/tzOG9zV/xGQBo1pX0AI1+Y75Ak5RSVg
-> ssh-ed25519 BVsyTA r4a1leF6KVyx9WlooY0UlQaYukV68xxI/0K1rUU0wzI
Pon1jMs8F43fuko3sfr6zLJ2byI4D8dPJt+MsJHncrg
-> piv-p256 xGzyzw A/f+lPJUWmFp16qnKAPer03T8zx3THmsgkmuSUfyPzVT
wHs2N5YTwGP2FMZLa4xYhq8mFrjMlPjtkG7SYYk0Cc8
-> UfCyg+%_-grease -psjj). +>ln{,{q zb&?uh yZk~q(
fpOxhJ7HKFoK2YxQCcuU5wiVtclm6sScfZVuXH2lPp7D+W3LVOb+gCMVbzmRlbt3
nn/yaOqow+uqekxIyIO16OhHJJf/dOnozOvsvkh5Wqath81g83SW4F4
--- LPldrPY9EiCjwcNFm2fkLfsdry24htLFQmabkBT/QPw
i´/ëtŠ¯Æ`)¨ éñ5<>Æ# Éïݘ6³©à%ª¹ÎÜÃC®Úƒëè—/½q¹µ‡sš¯§a#NsbæÊ|*8
n€WÏ®9<EFBFBD>û)´y­)eì4€xz칞½õ1‰£ 0©ÜIx#'^'<04>=q29ßFƒõ¸?5)œ~j¾…Æ<>¤Z ¡Ý”¦'æ ÐÒÄ×A`|<7C>Ò ÈK5ã<35>7¸4rM—dêõÇÕ<C387>5q§*Éà²Ãqk“m…Ü'!¨×¡ÑÈ\¥ ü ·Wö³¼êº.K
-> ssh-ed25519 Wp/X/Q 5CsTxMCc2bZg1W17va9ZqrPF73ZG+PZg0ivTOfQSFEA
S7KYGJF2WJuf0PFLw3K86JT03zcuZeS3IAjXu0LpJ4k
-> ssh-ed25519 8U1+ng nlNMDe8jh3BVRz9DO02n+cc3Ce5I5nYr+rwcLlBIUDU
3mKSLEi6h51icjg3tfaXRMklNqdTZ3HDzl3KTpj2nDw
-> ssh-ed25519 BVsyTA Pv/lJkT2IHRC1/m1loeAM2UyPvtsHCOSxpcisZ6Ttz0
bQ7Pv+FoRaxWb2eLbg3APC5a7L5k7vL7ja2NkE2QbEY
-> piv-p256 xGzyzw ApPpON96Th3WnXua8GsGwM5bJbA6wuqLyXlACS9/Vwec
oixZ1qz7u0lFOKyX3GiSNkOx4omG2FtCFcfQImKzDmc
-> $wlE_&-grease @R L~p ,tK
SqB+0A8uuo41O36H6nctONyRRNe8wQ2oC8jnuP5IOa5W815+sXIq2JtqMFB4dzIz
QcrmkwPOap8HWIGnP+IZxq11b5CZrnrRVxvL/EB+uf5I
--- 4j5etIXOJvk7n0UDmfbM+hlIvk6I0MwRulrh338EdRE
²Eú[Ù¿Ã<C2BF>ó·n=Y;åÞâûU»Íúk` l5XˆâPC Þ #B¼Q|׫°õ­cÞ†€´m<C2B4>óˆÆJ¿ÕjGÛ¡ù¦í¡§­žcï.²|xj¿êmkÝEM^á1&S*„VøP¼=å“tê—¸½WÇ7~g¬ˆ÷èÍbâvó"ÐÆ•9áKŸl|qßØð¡o©Ôî7ö!Ñõ7 Ý F ÏFøúƒ†¦Po‡_”Чëz¶aIpUñlpRñëŸz8È ÀÓ°cˆ:µzÛ@ñ’>mãº,?a¤ÿ†ð“‰G<6ÃÚÃÓXU>ñá"§NÃLmB¶¤É©”„iýD z6aœnÌDŸ³ªß

View file

@ -13,5 +13,6 @@ in
{
"example-secret.age".publicKeys = allKeys;
"environment-secrets.age".publicKeys = allKeys;
"drone_exec_runner_config".publicKeys = allKeys;
"test-secret.age".publicKeys = [ users.teutat3s-5-nfc ];
}