forked from CCCHH/nix-infra
28 lines
1.1 KiB
Nix
28 lines
1.1 KiB
Nix
|
# Sources for this configuration:
|
||
|
# - https://woodpecker-ci.org/docs/administration/deployment/nixos
|
||
|
# - https://woodpecker-ci.org/docs/administration/agent-config
|
||
|
# - https://woodpecker-ci.org/docs/administration/backends/docker
|
||
|
|
||
|
{ config, pkgs, pkgs-unstable, ... }:
|
||
|
|
||
|
{
|
||
|
services.woodpecker-agents.agents."podman" = {
|
||
|
enable = true;
|
||
|
# Since we use woodpecker-server from unstable, use the agent from unstable as well.
|
||
|
package = pkgs-unstable.woodpecker-agent;
|
||
|
extraGroups = [ "podman" ];
|
||
|
environment = {
|
||
|
WOODPECKER_SERVER = "localhost${config.services.woodpecker-server.environment.WOODPECKER_GRPC_ADDR}";
|
||
|
WOODPECKER_MAX_WORKFLOWS = "4";
|
||
|
WOODPECKER_BACKEND = "docker";
|
||
|
DOCKER_HOST = "unix:///run/podman/podman.sock";
|
||
|
# Set via enviornmentFile:
|
||
|
# WOODPECKER_AGENT_SECRET
|
||
|
};
|
||
|
environmentFile = [ "/run/secrets/woodpecker_agent_secret_environment_file" ];
|
||
|
};
|
||
|
|
||
|
# Remainder defined in ../woodpecker-server/woodpecker-server.nix
|
||
|
sops.secrets."woodpecker_agent_secret_environment_file".restartUnits = [ "woodpecker-agent-podman.service" ];
|
||
|
}
|