# SPDX-FileCopyrightText: 2020 Luke Granger-Brown # # SPDX-License-Identifier: Apache-2.0 { depot, lib, pkgs, config, ... }: { my.vault.secrets.gitlab-runner-environment = { restartUnits = ["gitlab-runner.service"]; group = "root"; template = '' {{ with secret "kv/apps/gitlab-runner" }} {{ .Data.data.environment }} {{ end }} ''; }; services.gitlab-runner = { enable = true; settings.concurrent = 1; services = { deployer = { registrationConfigFile = config.my.vault.secrets.gitlab-runner-environment.path; executor = "shell"; tagList = [ "cacher" ]; }; }; gracefulTermination = true; gracefulTimeout = "4min"; package = depot.nix.pkgs.heptapod-runner; }; users.users.gitlab-runner = { isNormalUser = true; group = "nogroup"; createHome = true; home = "/srv/gitlab-runner"; }; nix.gc.automatic = false; }