feat(gitea): add ci runner (#2 )

feat(gitea): add ci runner
feat(fish): add some aliases
2026-06-17 15:24:39 +02:00 · 2026-05-28 11:41:58 +02:00 · 2026-05-28 11:39:34 +02:00 · 2026-05-28 10:37:14 +02:00 · 2026-05-28 10:24:22 +02:00 · 2026-05-28 10:18:56 +02:00
6 changed files with 70 additions and 19 deletions
@@ -2,6 +2,14 @@
 {
  programs.fish = {
    enable = true;
    shellAliases = {
      "please" = "sudo $(fc -ln -1)";
      "amend" = "git commit --amend";
      "commit" = "git commit";
      "add" = "git add .";
      "ssh" = "kitten ssh"; 
      "dev" = "nix develop --command 'fish'";
    };
    interactiveShellInit = ''
      			# This is commented until a good way of installing themes is found
      			# fish_config theme choose Catppuccin\ Mocha
@@ -12,16 +20,6 @@
      				  krabby random --no-title --padding-left 2
              end
      			end
      			function weather
      				curl "wttr.in/Bolzano?0?Q?" 
      			end
      			function dev
      				nix develop --command "fish"
      			end
            alias ssh "kitten ssh"
      		'';
    plugins = with pkgs.fishPlugins; [
      {
@@ -1,4 +1,4 @@
-{ ... }:
+{ config, ... }:
 {
  sops =
    let
@@ -20,6 +20,14 @@
        prowlarr_api_key = default;
        seerr_api_key = default;
        indexers_ilcorsaroblu_password = default;
        gitea_registration_token = default;
      };
      templates = {
        "gitea_runner.env".content = ''
          GITEA_INSTANCE_URL=${config.services.gitea.settings.server.ROOT_URL}
          GITEA_RUNNER_NAME="Runner"
          GITEA_RUNNER_REGISTRATION_TOKEN=${config.sops.placeholder.gitea_registration_token}
        '';
      };
    };
 }
@@ -1,6 +1,6 @@
-{ ... }:
+{ config, ... }:
 {
-  services.gitea = {
+  config.services.gitea = {
    enable = true;
    settings = {
      server = {
@@ -11,4 +11,14 @@
      service.DISABLE_REGISTRATION = true;
    };
  };
  config.virtualisation.oci-containers.containers.gitea-act-runner = {
    image = "docker.io/gitea/act_runner:latest";
    environmentFiles = [
      config.sops.templates."gitea_runner.env".path
    ];
    volumes = [
      "/var/run/docker.sock:/var/run/docker.sock"
    ];
  };
 }
@@ -72,4 +72,5 @@
  };
  documentation.man.cache.enable = false;
  boot.tmp.cleanOnBoot = true;
 }
@@ -1,9 +1,42 @@
 { currentSystemUser, ... }:
 let
  swBin = "/run/current-system/sw/bin";
  wrappersBin = "/run/wrappers/bin";
 in
 {
-  security.sudo.extraConfig = ''
+  security.sudo = {
-    		Defaults pwfeedback
+    extraConfig = ''
-        		Defaults timestamp_timeout=120
+      Defaults pwfeedback
-    	'';
+      Defaults timestamp_timeout=120
    '';
    extraRules = [
      {
        groups = [ "wheel" ];
        commands = [
          {
            command = "${swBin}/shutdown";
            options = [ "NOPASSWD" ];
          }
          {
            command = "${swBin}/reboot";
            options = [ "NOPASSWD" ];
          }
          {
            command = "${swBin}/poweroff";
            options = [ "NOPASSWD" ];
          }
          {
            command = "${wrappersBin}/mount";
            options = [ "NOPASSWD" ];
          }
          {
            command = "${wrappersBin}/umount";
            options = [ "NOPASSWD" ];
          }
        ];
      }
    ];
  };
  sops = {
    age.sshKeyPaths = [
      "/etc/ssh/ssh_host_ed25519_key"
@@ -8,6 +8,7 @@ sonarr_api_key: ENC[AES256_GCM,data:nm9lcY9/3aMce7MIEK9E+su9o0f7RdOafx52a8vgG8hx
 prowlarr_api_key: ENC[AES256_GCM,data:UDpnqIP64k8Qt9k/sjbESNostFiGHfLo3CEYfyWppHEwfkjVu1oirdtzDgAO056rxWaLwwcqJs0jDFau5VZi8Q==,iv:N9d9Sdbo/akFecQRYfbrkigq2Za3CXzsRJvNljm1MQM=,tag:Et1kIBHPX4bLlCgqpZf4CA==,type:str]
 seerr_api_key: ENC[AES256_GCM,data:KDQxxo2W4tz9UokscAUSz7pf7wY2AfsEQpZh2aXGjsQOBgSLt1DEe5LUxealBZju8gabhp4sNGFvp0+ioZpfkg==,iv:V/rbR6bZtVnDhLLVmygGyTf5Ujm8sb2xHy4JuvLiiV8=,tag:MxGzXHbZWgu3H+ICS2tSNQ==,type:str]
 indexers_ilcorsaroblu_password: ENC[AES256_GCM,data:w3CIGQqLxHEkUHvscZc=,iv:fjsB3zt4Z43MKRECjpa7+gNDzM8D+JK0sbKt2P+Hdiw=,tag:KvLawon+KfrhGmi1TWRHLw==,type:str]
 gitea_registration_token: ENC[AES256_GCM,data:aHoUBwPXtlme9RgGObwWt1V90JU5qeVBUtpINrb1hY6XjKi4+kLxAg==,iv:zkgDdx82Lku7/oNIoSoKUIrxvZuyPaGUI411V/rkW9c=,tag:0eBC0Kd71UwokH9scs/AKA==,type:str]
 sops:
    age:
        - enc: |
@@ -19,7 +20,7 @@ sops:
            ZQ17gIIOjhKHlGx8Lo5t/PekzFyQKCKdijS7caq74dVib1vO3tk+uQ==
            -----END AGE ENCRYPTED FILE-----
          recipient: age1ynu6zhhy84rr5xqce0flp25x5tnfgskesxfe39u7ewsk900fvagq9sq0lx
-    lastmodified: "2026-05-24T10:44:51Z"
+    lastmodified: "2026-05-28T09:37:32Z"
-    mac: ENC[AES256_GCM,data:vKUOBMV/FHyWdfJhsGpFmyhyFIM9RjhucfHRCE+jT2orlWDyu215qSfiWlhHLtLSqdh7IIrv2QFDUDhz0JNa0nHe5aoePyg6dsuLeDLvBTlmidSpDITsCcp+yYWtUx1TegmOXXs4GV2mvOboIFo+Ks7mCVy7WOVzoVubhZmHTzo=,iv:FoQbhWk+JZTohbd2CaYLVVcIp792GCH/TtQE7jGQ9+o=,tag:jJrC5nFZODIr856rb+CEiQ==,type:str]
+    mac: ENC[AES256_GCM,data:NNYUj3P5mdw+zS7DLmMVwUOAP1Vz/GTYFLAZWP6pR1Y9+g9/R4mTo2Cb/piMb0Wqopifo4a2VeMPSwkgz2+yGKajqU+LsgCFQRCeWurJxo1NTZTW3jabWYY4aw20piIQAWaOwfpy4pC2uukwS48Wat0vbL+l4hgBRNUUymfukDU=,iv:If1h3b0WVEPwh7mrU/VKqnXG7Yz0wXnXxdiBwiNaYIs=,tag:LojwaxKBLUu40TrDROapnQ==,type:str]
    unencrypted_suffix: _unencrypted
    version: 3.13.1
Author	SHA1	Message	Date
Patrick Canal	1f47725bdd	feat(gitea): add ci runner (#2 )	2026-05-28 11:41:58 +02:00
Superredstone	107ac22292	feat(gitea): add ci runner	2026-05-28 11:39:34 +02:00
Superredstone	817ed30cdb	feat(fish): add some aliases feat(fish): add some aliases	2026-05-28 10:37:14 +02:00
Superredstone	5e794db02a	feat(sudo): add sane rules	2026-05-28 10:24:22 +02:00
Superredstone	38d8c0118f	feat(boot): delete /tmp	2026-05-28 10:18:56 +02:00