From 85c059c75c6e4e2e96c591af4295a4c56b8db6bf Mon Sep 17 00:00:00 2001
From: June <june@jsts.xyz>
Date: Thu, 18 Jan 2024 05:03:21 +0100
Subject: [PATCH] Configure new forgejo-actions-runner host

Configure it to host a forgejo-actions-runner capable of handling CI
workloads running on Docker.
---
 .../forgejo-actions-runner/configuration.nix  |  7 +++++
 .../hosts/forgejo-actions-runner/default.nix  | 10 +++++++
 .../hosts/forgejo-actions-runner/docker.nix   | 13 ++++++++
 .../forgejo-actions-runner.nix                | 30 +++++++++++++++++++
 .../forgejo-actions-runner/networking.nix     | 20 +++++++++++++
 flake.nix                                     | 14 +++++++++
 6 files changed, 94 insertions(+)
 create mode 100644 config/hosts/forgejo-actions-runner/configuration.nix
 create mode 100644 config/hosts/forgejo-actions-runner/default.nix
 create mode 100644 config/hosts/forgejo-actions-runner/docker.nix
 create mode 100644 config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix
 create mode 100644 config/hosts/forgejo-actions-runner/networking.nix

diff --git a/config/hosts/forgejo-actions-runner/configuration.nix b/config/hosts/forgejo-actions-runner/configuration.nix
new file mode 100644
index 0000000..d2a52da
--- /dev/null
+++ b/config/hosts/forgejo-actions-runner/configuration.nix
@@ -0,0 +1,7 @@
+{ config, pkgs, ... }:
+
+{
+  networking.hostName = "forgejo-actions-runner";
+
+  system.stateVersion = "23.11";
+}
diff --git a/config/hosts/forgejo-actions-runner/default.nix b/config/hosts/forgejo-actions-runner/default.nix
new file mode 100644
index 0000000..6a01b20
--- /dev/null
+++ b/config/hosts/forgejo-actions-runner/default.nix
@@ -0,0 +1,10 @@
+{ ... }:
+
+{
+  imports = [
+    ./configuration.nix
+    ./docker.nix
+    ./forgejo-actions-runner.nix
+    ./networking.nix
+  ];
+}
diff --git a/config/hosts/forgejo-actions-runner/docker.nix b/config/hosts/forgejo-actions-runner/docker.nix
new file mode 100644
index 0000000..b626e9f
--- /dev/null
+++ b/config/hosts/forgejo-actions-runner/docker.nix
@@ -0,0 +1,13 @@
+# Sources for this configuration:
+# - https://nixos.wiki/wiki/Docker
+{ config, pkgs, ... }:
+
+{
+  virtualisation.docker = {
+    enable = true;
+    autoPrune = {
+      enable = true;
+      dates = "weekly";
+    };
+  };
+}
diff --git a/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix b/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix
new file mode 100644
index 0000000..b2efcbe
--- /dev/null
+++ b/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix
@@ -0,0 +1,30 @@
+# Sources for this configuration:
+# - https://forgejo.org/docs/latest/admin/actions/
+# - https://forgejo.org/docs/latest/user/actions/
+# - https://docs.gitea.com/next/usage/actions/act-runner
+
+{ config, pkgs, ... }:
+
+{
+  services.gitea-actions-runner = {
+    package = pkgs.forgejo-actions-runner;
+    instances.ccchh-forgejo-global-docker = {
+      enable = true;
+      name = "Global Docker Forgejo Actions Runner";
+      url = "https://git.hamburg.ccc.de/";
+      tokenFile = "/secrets/registration-token.secret";
+      labels = [ "docker:docker://node:current-bookworm" ];
+    };
+  };
+
+  deployment.keys = {
+    "registration-token.secret" = {
+      keyCommand = [ "pass" "noc/services/forgejo-actions-runner/registration_token" ];
+      destDir = "/secrets";
+      user = "gitea-runner";
+      group = "gitea-runner";
+      permissions = "0640";
+      uploadAt = "pre-activation";
+    };
+  };
+}
diff --git a/config/hosts/forgejo-actions-runner/networking.nix b/config/hosts/forgejo-actions-runner/networking.nix
new file mode 100644
index 0000000..7c5e178
--- /dev/null
+++ b/config/hosts/forgejo-actions-runner/networking.nix
@@ -0,0 +1,20 @@
+{ config, pkgs, ... }:
+
+{
+  networking.interfaces.net0 = {
+    ipv4.addresses = [
+      {
+        address = "172.31.17.155";
+        prefixLength = 25;
+      }
+    ];
+  };
+  networking.defaultGateway = "172.31.17.129";
+  networking.nameservers = [ "212.12.50.158" "192.76.134.90" ];
+  networking.search = [ "hamburg.ccc.de" ];
+
+  systemd.network.links."10-net0" = {
+    matchConfig.MACAddress = "1E:E0:4E:D0:DA:BE";
+    linkConfig.Name = "net0";
+  };
+}
diff --git a/flake.nix b/flake.nix
index 086c076..6bc74ee 100644
--- a/flake.nix
+++ b/flake.nix
@@ -178,6 +178,20 @@
           ./config/hosts/git
         ];
       };
+
+      forgejo-actions-runner = {
+        deployment = {
+          targetHost = "forgejo-actions-runner-intern.hamburg.ccc.de";
+          targetPort = 22;
+          targetUser = "colmena-deploy";
+          tags = [ "chaosknoten" ];
+        };
+        imports = [
+          ./config/common
+          ./config/proxmox-vm
+          ./config/hosts/forgejo-actions-runner
+        ];
+      };
     };
 
     packages.x86_64-linux = {