38 lines
955 B
Nix
38 lines
955 B
Nix
# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
{ depot, lib, pkgs, config, ... }:
|
|
{
|
|
my.vault.secrets.gitlab-runner-environment = {
|
|
restartUnits = ["gitlab-runner.service"];
|
|
group = "root";
|
|
template = ''
|
|
{{ with secret "kv/apps/gitlab-runner" }}
|
|
{{ .Data.data.environment }}
|
|
{{ end }}
|
|
'';
|
|
};
|
|
services.gitlab-runner = {
|
|
enable = true;
|
|
settings.concurrent = 1;
|
|
services = {
|
|
deployer = {
|
|
registrationConfigFile = config.my.vault.secrets.gitlab-runner-environment.path;
|
|
executor = "shell";
|
|
tagList = [ "cacher" ];
|
|
};
|
|
};
|
|
gracefulTermination = true;
|
|
gracefulTimeout = "4min";
|
|
package = depot.nix.pkgs.heptapod-runner;
|
|
};
|
|
users.users.gitlab-runner = {
|
|
isNormalUser = true;
|
|
group = "nogroup";
|
|
createHome = true;
|
|
home = "/srv/gitlab-runner";
|
|
};
|
|
|
|
nix.gc.automatic = false;
|
|
}
|