diff --git a/dragonwell/caddy.nix b/dragonwell/caddy.nix index 3f36e5dcbbe5daf33f90a423cc2c3f5862fc07ca..911aae6f0e901e27f36d4959f407ec6959ea89ca 100644 --- a/dragonwell/caddy.nix +++ b/dragonwell/caddy.nix @@ -59,6 +59,9 @@ }; "git.jolheiser.com".extraConfig = '' reverse_proxy localhost:8449 ''; + "ci.jolheiser.com".extraConfig = '' + reverse_proxy localhost:2423 + ''; "pr.jolheiser.com".extraConfig = '' reverse_proxy localhost:7449 ''; diff --git a/dragonwell/woodpecker.nix b/dragonwell/woodpecker.nix index bd96aff4674e604d4ebc064f58a897869223a7a4..30cd814e6b748d48e590e6dd66247878ca73c18b 100644 --- a/dragonwell/woodpecker.nix +++ b/dragonwell/woodpecker.nix @@ -5,17 +5,16 @@ services = { woodpecker-server = { enable = true; environment = { - WOODPECKER_HOST = "https://cicd"; + WOODPECKER_HOST = "https://ci.jolheiser.com"; WOODPECKER_OPEN = "true"; WOODPECKER_ADDON_FORGE = "${pkgs.lib.getExe pkgs.jolheiser.gitpecker}"; WOODPECKER_ADMIN = "jolheiser"; WOODPECKER_SERVER_ADDR = ":2423"; - GITPECKER_REPOS = "/var/lib/ugit/repos"; GITPECKER_URL = "https://git.jolheiser.com"; GITPECKER_PROVIDER = "https://id.jolheiser.com"; GITPECKER_CLIENT_ID = "6975ecea-ce29-48f0-ad8d-323e419f7732"; - GITPECKER_REDIRECT = "https://cicd/authorize"; + GITPECKER_REDIRECT = "https://ci.jolheiser.com/authorize"; GITPECKER_LOG_FILE = "/var/lib/woodpecker-server/gitpecker.log"; }; environmentFile = [ config.age.secrets.woodpecker.path ]; @@ -29,32 +28,8 @@ bash coreutils woodpecker-plugin-git ]; - environment = { - WOODPECKER_BACKEND = "docker"; - DOCKER_HOST = "unix:///run/podman/podman.sock"; - }; - extraGroups = [ "podman" ]; environmentFile = [ config.age.secrets.woodpecker.path ]; }; - tailproxy.woodpecker = { - enable = true; - hostname = "cicd"; - port = 2423; - authKey = "tskey-auth-kgrGNGArZw11CNTRL-rA3rdahB1dEobvWZraPhcEpHp2BVBcYh"; # One-time key - }; }; systemd.services.woodpecker-server.serviceConfig.SupplementaryGroups = [ "ugit" ]; - - virtualisation = { - containers.enable = true; - podman = { - enable = true; - dockerCompat = true; - defaultNetwork.settings.dns_enable = true; - }; - }; - networking.firewall.interfaces."podman+" = { - allowedUDPPorts = [ 53 ]; - allowedTCPPorts = [ 53 ]; - }; } diff --git a/flake.lock b/flake.lock index e1557a28603893d956bad33e8df02f2fdb3358ab..0b47f8a1d1fce44ef4a307f7f92a099b870c9df1 100644 --- a/flake.lock +++ b/flake.lock @@ -454,11 +454,11 @@ } }, "nixpkgs_14": { "locked": { - "lastModified": 1770562336, - "narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=", + "lastModified": 1765186076, + "narHash": "sha256-hM20uyap1a0M9d344I692r+ik4gTMyj60cQWO+hAYP8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d6c71932130818840fc8fe9509cf50be8c64634f", + "rev": "addf7cf5f383a3101ecfba091b98d0a1263dc9b8", "type": "github" }, "original": { @@ -964,10 +964,10 @@ "tailwind-ctp": "tailwind-ctp", "tailwind-ctp-lsp": "tailwind-ctp-lsp" }, "locked": { - "lastModified": 1770755698, - "narHash": "sha256-46X+QSz7exOsePPmu6THZVBF/ptYBLyKwwF1j6StKYQ=", + "lastModified": 1770468130, + "narHash": "sha256-MiAxb2zUgnNO95iqCMEsWUzDscjSrI/jmCEjixK8EmU=", "ref": "refs/heads/main", - "rev": "2492c5bc2aee1529d819e347ee1e5728cf25a888", + "rev": "4ffe885f97514eefbf6f6f53417ea44c916ce8eb", "revCount": 101, "type": "git", "url": "https://git.jolheiser.com/ugit.git" diff --git a/secrets/pocket-id.age b/secrets/pocket-id.age index 06f9e487984427022eb88fe0f40b81a3307504b3..318784e282e82f32fbe091cf1f7f7e95a5001b46 100644 Binary files a/secrets/pocket-id.age and b/secrets/pocket-id.age differ diff --git a/secrets/woodpecker.age b/secrets/woodpecker.age index 8d47f847258846ba9e68b508ab57f1d29a2e8719..34aa96968839dff5385b125e21366c3d1b507678 100644 Binary files a/secrets/woodpecker.age and b/secrets/woodpecker.age differ