diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml new file mode 100644 index 0000000..1389ae4 --- /dev/null +++ b/.gitea/workflows/ci.yml @@ -0,0 +1,90 @@ +name: CI + +on: + push: + branches: + - main + - master + pull_request: + workflow_dispatch: + +permissions: + contents: read + +jobs: + flake-check: + name: Flake Check + runs-on: [self-hosted, nix-builder] + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Check flake + run: nix flake check --show-trace --print-build-logs + + format-check: + name: Format Check + runs-on: [self-hosted, nix-builder] + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Check formatting + run: | + nix fmt **/*.nix + if ! git diff --quiet; then + echo "::error::Code is not formatted. Please run 'nix fmt **/*.nix' locally." + git diff + exit 1 + fi + + eval-configs: + name: Evaluate Key Configurations + runs-on: [self-hosted, nix-builder] + needs: [flake-check, format-check] + strategy: + matrix: + config: + - nix-builder + - nix-laptop1 + - nix-desktop1 + fail-fast: false + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Evaluate configuration + run: | + echo "Evaluating configuration for ${{ matrix.config }}" + nix eval .#nixosConfigurations.${{ matrix.config }}.config.system.build.toplevel.drvPath \ + --show-trace + + build-artifacts: + name: Build Artifacts + runs-on: [self-hosted, nix-builder] + needs: [flake-check, format-check] + strategy: + matrix: + artifact: + - lxc-nix-builder + - installer-iso-nix-laptop1 + fail-fast: false + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Build artifact + run: | + echo "Building artifact ${{ matrix.artifact }}" + nix build .#${{ matrix.artifact }} \ + --print-build-logs \ + --show-trace + + - name: Show build result + run: | + if [ -L result ]; then + ls -lh result/ + if [ -d result/iso ]; then + ls -lh result/iso/ + fi + fi diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index d335c49..c6a0cb6 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -1,7 +1,9 @@ -# GitHub Copilot Instructions for nixos-systems +# GitHub Copilot Instructions for Athenix This repository manages NixOS configurations for the UGA Innovation Factory's fleet of devices using Nix flakes and a custom configuration system. +**Repository:** https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git + ## Repository Overview This is a **NixOS system configuration repository** that uses: @@ -106,7 +108,7 @@ athenix.forUser = "username"; # Convenience: enable user + set WSL us 4. Test: `nix flake check` #### Creating External Modules -1. Use templates: `nix flake init -t github:UGA-Innovation-Factory/nixos-systems#{user|system}` +1. Use templates: `nix flake init -t git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#{user|system}` 2. User modules: Provide `user.nix` (required) and `nixos.nix` (optional) 3. System modules: Provide `default.nix` that accepts `{ inputs, ... }` 4. Reference in `inventory.nix` or `users.nix` using `builtins.fetchGit` diff --git a/README.md b/README.md index d369d67..b02bcbc 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # UGA Innovation Factory - Athenix -[![CI](https://github.com/UGA-Innovation-Factory/nixos-systems/actions/workflows/ci.yml/badge.svg)](https://github.com/UGA-Innovation-Factory/nixos-systems/actions/workflows/ci.yml) +[![CI](https://git.factory.uga.edu/UGA-Innovation-Factory/athenix/actions/workflows/ci.yml/badge.svg)](https://git.factory.uga.edu/UGA-Innovation-Factory/athenix/actions) This repository contains the NixOS configuration for the Innovation Factory's fleet of laptops, desktops, Surface tablets, and containers. It provides a declarative, reproducible system configuration using Nix flakes. @@ -28,7 +28,7 @@ This command automatically fetches the latest configuration, rebuilds your syste **Note:** If you use external user configurations (personal dotfiles), run: ```bash -sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems --impure +sudo nixos-rebuild switch --flake git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git --impure ``` ### For Administrators @@ -177,7 +177,7 @@ Users and systems can reference external Git repositories for configuration: ```nix # In users.nix - External dotfiles with user configuration myuser.external = builtins.fetchGit { - url = "https://github.com/username/dotfiles"; + url = "https://git.factory.uga.edu/username/dotfiles"; rev = "abc123..."; }; # The external user.nix file contains both athenix.users.myuser options @@ -186,7 +186,7 @@ myuser.external = builtins.fetchGit { # In inventory.nix - External system config nix-lxc = { devices."server" = builtins.fetchGit { - url = "https://github.com/org/server-config"; + url = "https://git.factory.uga.edu/org/server-config"; rev = "abc123..."; }; }; @@ -195,10 +195,10 @@ nix-lxc = { **Create templates:** ```bash # User configuration (dotfiles) -nix flake init -t github:UGA-Innovation-Factory/nixos-systems#user +nix flake init -t git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#user # System configuration -nix flake init -t github:UGA-Innovation-Factory/nixos-systems#system +nix flake init -t git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#system ``` **See [docs/EXTERNAL_MODULES.md](docs/EXTERNAL_MODULES.md) for complete guide.** @@ -207,13 +207,13 @@ nix flake init -t github:UGA-Innovation-Factory/nixos-systems#system ```bash # Build installer ISO -nix build github:UGA-Innovation-Factory/nixos-systems#installer-iso-nix-laptop1 +nix build git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#installer-iso-nix-laptop1 # Build LXC container nix build .#lxc-nix-builder # List all available artifacts -nix flake show github:UGA-Innovation-Factory/nixos-systems +nix flake show git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git ``` **See [docs/BUILDING.md](docs/BUILDING.md) for complete guide on building ISOs, containers, and using remote builders.** diff --git a/docs/BUILDING.md b/docs/BUILDING.md index 38a5a99..aa279e7 100644 --- a/docs/BUILDING.md +++ b/docs/BUILDING.md @@ -16,7 +16,7 @@ This guide covers building installer ISOs, live images, and container artifacts ```bash # Build an installer ISO for a specific host -nix build github:UGA-Innovation-Factory/nixos-systems#installer-iso-nix-laptop1 +nix build git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#installer-iso-nix-laptop1 # Result will be in result/iso/ ls -lh result/iso/ @@ -27,7 +27,7 @@ ls -lh result/iso/ List all available build outputs: ```bash -nix flake show github:UGA-Innovation-Factory/nixos-systems +nix flake show git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git ``` Common artifact types: @@ -57,10 +57,10 @@ ls -lh result/iso/nixos-*.iso sudo dd if=result/iso/nixos-*.iso of=/dev/sdX bs=4M status=progress ``` -### Building from GitHub +### Building from Gitea ```bash -nix build github:UGA-Innovation-Factory/nixos-systems#installer-iso-nix-laptop1 +nix build git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#installer-iso-nix-laptop1 ``` ### Using the Installer diff --git a/docs/DEVELOPMENT.md b/docs/DEVELOPMENT.md index fd16373..9b114ef 100644 --- a/docs/DEVELOPMENT.md +++ b/docs/DEVELOPMENT.md @@ -66,7 +66,7 @@ sudo nixos-rebuild build --flake . ## Continuous Integration -The repository uses GitHub Actions for automated testing and validation. CI jobs run on the self-hosted `nix-builder` machine via SSH. +The repository uses Gitea Actions for automated testing and validation. CI jobs run on the self-hosted `nix-builder` machine. ### CI Workflow @@ -94,7 +94,7 @@ Check the CI status badge at the top of the README or view detailed logs: ```bash # View workflow status -https://github.com/UGA-Innovation-Factory/nixos-systems/actions +https://git.factory.uga.edu/UGA-Innovation-Factory/athenix/actions ``` ### Running CI Checks Locally @@ -118,49 +118,49 @@ nix build .#lxc-nix-builder ### Self-Hosted Runner -CI jobs run on the `nix-builder` host as a self-hosted GitHub Actions runner. This provides: +CI jobs run on the `nix-builder` host as a self-hosted Gitea Actions runner. This provides: - Native Nix environment without installation overhead - Access to local Nix store for faster builds - Consistent build environment matching deployment targets - Direct access to build caching infrastructure -#### Setting Up the GitHub Actions Runner +#### Setting Up the Gitea Actions Runner -The nix-builder host is configured with a GitHub Actions self-hosted runner in `inventory.nix`. To complete the setup: +The nix-builder host is configured with a Gitea Actions self-hosted runner in `inventory.nix`. To complete the setup: -1. **Generate a GitHub Personal Access Token (PAT)**: - - Go to https://github.com/settings/tokens - - Create a new token with `repo` scope - - Copy the token value +1. **Generate a Gitea Runner Token**: + - Go to https://git.factory.uga.edu/UGA-Innovation-Factory/athenix/settings/actions/runners + - Click "Create new Runner" + - Copy the registration token 2. **Create the token file on nix-builder**: ```bash ssh engr-ugaif@nix-builder - echo "YOUR_TOKEN_HERE" | sudo tee /var/lib/github-runner-token > /dev/null - sudo chmod 600 /var/lib/github-runner-token + echo "YOUR_TOKEN_HERE" | sudo tee /var/lib/gitea-runner-token > /dev/null + sudo chmod 600 /var/lib/gitea-runner-token ``` 3. **Rebuild the system** to start the runner: ```bash - sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems#nix-builder + sudo nixos-rebuild switch --flake git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#nix-builder ``` 4. **Verify the runner is registered**: - - Check https://github.com/UGA-Innovation-Factory/nixos-systems/settings/actions/runners + - Check https://git.factory.uga.edu/UGA-Innovation-Factory/athenix/settings/actions/runners - The runner should appear with the `nix-builder` label The runner service is configured in the nix-builder device configuration and will automatically: - Register with the repository on first start - Use the `nix-builder` label for workflow targeting - Run as the `engr-ugaif` user -- Store work in `/var/lib/github-runner` +- Store work in `/var/lib/gitea-runner` ### Troubleshooting CI Failures If CI fails: -1. **Check the error logs** in the GitHub Actions tab +1. **Check the error logs** in the Gitea Actions tab 2. **Run the same command locally** to reproduce the issue 3. **Use `--show-trace`** for detailed error information 4. **Verify formatting** with `nix fmt` if format check fails @@ -195,13 +195,13 @@ sudo nixos-rebuild build --flake . ```bash # Rebuild from GitHub main branch -sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems +sudo nixos-rebuild switch --flake git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git # Use --impure for external user configurations with fetchGit -sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems --impure +sudo nixos-rebuild switch --flake git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git --impure # Rebuild specific host from GitHub -sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems#nix-laptop1 +sudo nixos-rebuild switch --flake git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#nix-laptop1 ``` ### Boot into Previous Generation diff --git a/docs/EXTERNAL_MODULES.md b/docs/EXTERNAL_MODULES.md index 3e08e93..65552d3 100644 --- a/docs/EXTERNAL_MODULES.md +++ b/docs/EXTERNAL_MODULES.md @@ -38,7 +38,7 @@ nix-lxc = { # External module from Git "remote-server" = builtins.fetchGit { - url = "https://github.com/org/server-config"; + url = "https://git.factory.uga.edu/org/server-config"; rev = "abc123..."; # Pin to specific commit }; }; @@ -96,7 +96,7 @@ Later modules can override earlier ones using standard NixOS module precedence. Create a new system module: ```bash -nix flake init -t github:UGA-Innovation-Factory/nixos-systems#system +nix flake init -t git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#system ``` See [templates/system/](../templates/system/) for the complete template. @@ -111,7 +111,7 @@ External user modules provide home-manager configurations (dotfiles, packages, p athenix.users = { # External user module (dotfiles, home-manager, and user options) myuser = builtins.fetchGit { - url = "https://github.com/username/dotfiles"; + url = "https://git.factory.uga.edu/username/dotfiles"; rev = "abc123..."; }; @@ -225,7 +225,7 @@ username = { Create a new user module: ```bash -nix flake init -t github:UGA-Innovation-Factory/nixos-systems#user +nix flake init -t git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#user ``` See [templates/user/](../templates/user/) for the complete template. @@ -303,7 +303,7 @@ Use local directories during development: # Initialize in new directory mkdir my-server-config cd my-server-config -nix flake init -t github:UGA-Innovation-Factory/nixos-systems#system +nix flake init -t git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#system ``` See [templates/system/README.md](../templates/system/README.md) for detailed usage. @@ -314,7 +314,7 @@ See [templates/system/README.md](../templates/system/README.md) for detailed usa # Initialize in new directory mkdir my-dotfiles cd my-dotfiles -nix flake init -t github:UGA-Innovation-Factory/nixos-systems#user +nix flake init -t git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#user ``` See [templates/user/README.md](../templates/user/README.md) for detailed usage. @@ -369,7 +369,7 @@ You can mix external modules with local overrides: nix-lxc = { devices = { "server" = builtins.fetchGit { - url = "https://github.com/org/base-config"; + url = "https://git.factory.uga.edu/org/base-config"; rev = "abc123..."; }; }; diff --git a/docs/INVENTORY.md b/docs/INVENTORY.md index edeb106..a85623e 100644 --- a/docs/INVENTORY.md +++ b/docs/INVENTORY.md @@ -115,7 +115,7 @@ For complex configurations, use external modules (see [EXTERNAL_MODULES.md](../E nix-lxc = { devices = { "special-server" = builtins.fetchGit { - url = "https://github.com/org/server-config"; + url = "https://git.factory.uga.edu/org/server-config"; rev = "abc123..."; }; }; diff --git a/docs/NAMESPACE.md b/docs/NAMESPACE.md index b131ab6..14f2986 100644 --- a/docs/NAMESPACE.md +++ b/docs/NAMESPACE.md @@ -216,7 +216,7 @@ athenix.users.myuser = { # Option 2: Use external configuration (recommended) # The external user.nix can set athenix.users.myuser options directly athenix.users.anotheruser.external = builtins.fetchGit { - url = "https://github.com/username/dotfiles"; + url = "https://git.factory.uga.edu/username/dotfiles"; rev = "abc123..."; }; ``` diff --git a/docs/USER_CONFIGURATION.md b/docs/USER_CONFIGURATION.md index 8f56f70..29abd3a 100644 --- a/docs/USER_CONFIGURATION.md +++ b/docs/USER_CONFIGURATION.md @@ -40,7 +40,7 @@ athenix.users = { # Option 2: External configuration (recommended for personalization) myuser.external = builtins.fetchGit { - url = "https://github.com/username/dotfiles"; + url = "https://git.factory.uga.edu/username/dotfiles"; rev = "abc123..."; # Pin to specific commit }; }; @@ -126,7 +126,7 @@ myuser = { # Point to external configuration repository external = builtins.fetchGit { - url = "https://github.com/username/dotfiles"; + url = "https://git.factory.uga.edu/username/dotfiles"; rev = "abc123..."; # Pin to specific commit }; }; @@ -236,7 +236,7 @@ external = /home/username/dev/dotfiles; ### Create User Template ```bash -nix flake init -t github:UGA-Innovation-Factory/nixos-systems#user +nix flake init -t git+https://git.factory.uga.edu/UGA-Innovation-Factory/athenix.git#user ``` See [templates/user/README.md](../templates/user/README.md) for complete template. @@ -390,7 +390,7 @@ developer = { shell = pkgs.zsh; hashedPassword = "$6$..."; external = builtins.fetchGit { - url = "https://github.com/username/dotfiles"; + url = "https://git.factory.uga.edu/username/dotfiles"; rev = "abc123def456..."; }; }; @@ -405,7 +405,7 @@ wsl-user = { shell = pkgs.zsh; hashedPassword = "$6$..."; external = builtins.fetchGit { - url = "https://github.com/username/dotfiles"; + url = "https://git.factory.uga.edu/username/dotfiles"; rev = "abc123..."; }; }; @@ -489,7 +489,7 @@ nix eval .#nixosConfigurations.nix-laptop1.config.users.users.myuser.openssh.aut **Check repository access:** ```bash -git ls-remote https://github.com/username/dotfiles +git ls-remote https://git.factory.uga.edu/username/dotfiles ``` **Verify structure:** diff --git a/inventory.nix b/inventory.nix index e462675..b63d78e 100644 --- a/inventory.nix +++ b/inventory.nix @@ -97,27 +97,23 @@ nix-lxc = { devices = { "nix-builder" = { - # GitHub Actions self-hosted runner configuration + # Gitea Actions self-hosted runner configuration athenix.sw = { type = [ "headless" "builders" ]; - builders.githubRunner = { + builders.giteaRunner = { enable = true; - url = "https://github.com/UGA-Innovation-Factory/nixos-systems"; - # Token file must be created manually at this path with a GitHub PAT - # that has repo access. Generate at: https://github.com/settings/tokens - # echo "YOUR_TOKEN_HERE" | sudo tee /var/lib/github-runner-token > /dev/null - tokenFile = "/var/lib/github-runner-token"; + url = "https://git.factory.uga.edu"; + # Token file must be created manually at this path with a Gitea runner token + # Generate in repository settings: Settings > Actions > Runners > Create new Runner + # echo "YOUR_TOKEN_HERE" | sudo tee /var/lib/gitea-runner-token > /dev/null + tokenFile = "/var/lib/gitea-runner-token"; # Labels to identify this runner in workflows extraLabels = [ "nix-builder" ]; - # User to run the runner as - user = "engr-ugaif"; - # Working directory for runner - workDir = "/var/lib/github-runner"; # Runner service name - name = "nixos-systems"; + name = "athenix"; }; }; }; diff --git a/sw/builders/default.nix b/sw/builders/default.nix index df4f74a..96f8aa2 100644 --- a/sw/builders/default.nix +++ b/sw/builders/default.nix @@ -1,7 +1,7 @@ # ============================================================================ # Builders Software Configuration # ============================================================================ -# Imports builder-specific programs and services (GitHub Actions runners, etc.) +# Imports builder-specific programs and services (Gitea Actions runners, etc.) { config, diff --git a/sw/builders/services.nix b/sw/builders/services.nix index 3c59e0a..9e8a785 100644 --- a/sw/builders/services.nix +++ b/sw/builders/services.nix @@ -11,29 +11,25 @@ let cfg = config.athenix.sw; builderCfg = cfg.builders; in -mkIf builderCfg.githubRunner.enable { - services.github-runners.${builderCfg.githubRunner.name} = { +mkIf builderCfg.giteaRunner.enable { + services.gitea-actions-runner.instances.${builderCfg.giteaRunner.name} = { enable = true; - url = builderCfg.githubRunner.url; - tokenFile = builderCfg.githubRunner.tokenFile; - extraLabels = builderCfg.githubRunner.extraLabels; - user = builderCfg.githubRunner.user; - workDir = builderCfg.githubRunner.workDir; - replace = builderCfg.githubRunner.replace; + url = builderCfg.giteaRunner.url; + tokenFile = builderCfg.giteaRunner.tokenFile; + labels = builderCfg.giteaRunner.extraLabels; + name = builderCfg.giteaRunner.name; }; - # Configure the systemd service for better handling of cleanup and restarts - systemd.services."github-runner-${builderCfg.githubRunner.name}" = { + # Configure the systemd service for better handling in LXC containers + systemd.services."gitea-runner-${builderCfg.giteaRunner.name}" = { unitConfig = { # Only start the service if token file exists # This allows graceful deployment before the token is manually installed - ConditionPathExists = builderCfg.githubRunner.tokenFile; + ConditionPathExists = builderCfg.giteaRunner.tokenFile; }; serviceConfig = { # Give the service more time to stop cleanly - TimeoutStopSec = 60; - # Restart on failure, but not immediately - RestartSec = 10; + TimeoutStopSec = mkForce 60; # Disable all namespace isolation features that don't work in LXC containers PrivateMounts = mkForce false; @@ -50,80 +46,6 @@ mkIf builderCfg.githubRunner.enable { ProtectKernelTunables = mkForce false; ProtectKernelModules = mkForce false; ProtectControlGroups = mkForce false; - - # Use LoadCredential to securely pass the token file to the service - # This allows the service to read the token even when running as non-root - LoadCredential = "token:${builderCfg.githubRunner.tokenFile}"; - - # Don't override ExecStartPre - let the default module handle configuration - # Just make the cleanup more tolerant by wrapping the original script - ExecStartPre = mkForce ( - let - # Get the runner package and scripts - runnerPkg = pkgs.github-runner; - - # Create wrapper scripts that are failure-tolerant - unconfigureWrapper = pkgs.writeShellScript "github-runner-unconfigure-wrapper.sh" '' - set +e # Don't fail on errors - - runnerDir="$1" - stateDir="$2" - logDir="$3" - - # If directory is busy, just skip cleanup with a warning - if [ -d "$runnerDir" ]; then - echo "Attempting cleanup of $runnerDir..." - find "$runnerDir" -mindepth 1 -maxdepth 1 -delete 2>/dev/null || { - echo "Warning: Cleanup had issues (directory may be in use), continuing anyway..." - } - fi - - exit 0 - ''; - - configureScript = pkgs.writeShellScript "github-runner-configure.sh" '' - set -e - - runnerDir="${builderCfg.githubRunner.workDir}/${builderCfg.githubRunner.name}" - - # Read token from systemd credential (passed via LoadCredential) - if [ -n "''${CREDENTIALS_DIRECTORY:-}" ] && [ -f "''${CREDENTIALS_DIRECTORY}/token" ]; then - token=$(cat "''${CREDENTIALS_DIRECTORY}/token") - else - echo "Error: Token credential not available" - exit 1 - fi - - cd "$runnerDir" - - # Configure the runner, optionally replacing existing registration - if [ ! -f ".runner" ] || [ "${ - if builderCfg.githubRunner.replace then "true" else "false" - }" = "true" ]; then - echo "Configuring GitHub Actions runner..." - ${runnerPkg}/bin/Runner.Listener configure \ - --unattended \ - --url "${builderCfg.githubRunner.url}" \ - --token "$token" \ - --name "$(hostname)" \ - --labels "${lib.concatStringsSep "," builderCfg.githubRunner.extraLabels}" \ - --work "_work" \ - ${if builderCfg.githubRunner.replace then "--replace" else ""} - else - echo "Runner already configured, skipping configuration." - fi - ''; - in - [ - "-${unconfigureWrapper} ${builderCfg.githubRunner.workDir}/${builderCfg.githubRunner.name} ${builderCfg.githubRunner.workDir} /var/log/github-runner/${builderCfg.githubRunner.name}" - "${configureScript}" - ] - ); }; }; - - # Ensure the work directory exists with proper ownership - systemd.tmpfiles.rules = [ - "d ${builderCfg.githubRunner.workDir} 0755 ${builderCfg.githubRunner.user} ${builderCfg.githubRunner.user} -" - ]; } diff --git a/sw/default.nix b/sw/default.nix index e802ba7..97f8c64 100644 --- a/sw/default.nix +++ b/sw/default.nix @@ -79,21 +79,21 @@ in builders = mkOption { type = types.submodule { options = { - githubRunner = { - enable = mkEnableOption "GitHub Actions self-hosted runner"; + giteaRunner = { + enable = mkEnableOption "Gitea Actions self-hosted runner"; url = mkOption { type = types.str; - description = "GitHub repository URL for the runner"; + description = "Gitea instance URL for the runner"; }; tokenFile = mkOption { type = types.path; - default = "/var/lib/github-runner-token"; + default = "/var/lib/gitea-runner-token"; description = '' - Path to file containing GitHub PAT token. - Generate at: https://github.com/settings/tokens - The token must have repo access. + Path to file containing Gitea runner token. + Generate in Gitea repository settings under Actions > Runners. + The token must have runner registration access. ''; }; @@ -103,28 +103,10 @@ in description = "Extra labels to identify this runner in workflows"; }; - user = mkOption { - type = types.str; - default = "engr-ugaif"; - description = "User to run the runner as"; - }; - - workDir = mkOption { - type = types.str; - default = "/var/lib/github-runner"; - description = "Working directory for runner"; - }; - name = mkOption { type = types.str; - default = "nixos-systems"; - description = "Name of the GitHub runner service"; - }; - - replace = mkOption { - type = types.bool; - default = false; - description = "Replace existing runner registration on start"; + default = "athenix"; + description = "Name of the Gitea runner service"; }; }; };