Home

infra @main - refs - log -
- 
https://git.jolheiser.com/infra.git
dragonwell flake
tree log patch
just run nix locally Signed-off-by: jolheiser <git@jolheiser.com>
Signature
-----BEGIN SSH SIGNATURE----- U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgBTEvCQk6VqUAdN2RuH6bj1dNkY oOpbPWj+jw4ua1B1cAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5 AAAAQIWbfTZdB1K5bmZtNblhCHyoCI4u1upzKhnhIv1HxOgaijLNPAcRKj8HBuabc8jV1b QS3qM9kkVXFctx3KWBAwc= -----END SSH SIGNATURE-----
jolheiser <git@jolheiser.com>
23 hours ago
2 changed files, 11 additions(+), 20 deletions(-)
dragonwell/default.nixdragonwell/woodpecker.nixsecrets/woodpecker.age
M dragonwell/default.nix -> dragonwell/default.nix
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15

diff --git a/dragonwell/default.nix b/dragonwell/default.nix
index 5046cfd03dd00c75fea802e1b428550723d12814..8bf8e1e852342c9fbec49845084b7c233c3510cb 100644
--- a/dragonwell/default.nix
+++ b/dragonwell/default.nix
@@ -70,6 +70,10 @@       automatic = true;
       randomizedDelaySec = "15m";
     };
     optimise.automatic = true;
+    settings.experimental-features = [
+      "flakes"
+      "nix-command"
+    ];
   };
 
   system.stateVersion = "22.11";
M dragonwell/woodpecker.nix -> dragonwell/woodpecker.nix
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

diff --git a/dragonwell/woodpecker.nix b/dragonwell/woodpecker.nix
index bd96aff4674e604d4ebc064f58a897869223a7a4..dd813702ffaece54c35c9bd03dc8f1185bd01456 100644
--- a/dragonwell/woodpecker.nix
+++ b/dragonwell/woodpecker.nix
@@ -25,15 +25,15 @@       enable = true;
       path = with pkgs; [
         git
         git-lfs
+        woodpecker-plugin-git
+
         bash
-        coreutils
-        woodpecker-plugin-git
+        nix
+        uutils-coreutils-noprefix
+
+        cachix
       ];
-      environment = {
-        WOODPECKER_BACKEND = "docker";
-        DOCKER_HOST = "unix:///run/podman/podman.sock";
-      };
-      extraGroups = [ "podman" ];
+      environment.WOODPECKER_BACKEND = "local";
       environmentFile = [ config.age.secrets.woodpecker.path ];
     };
     tailproxy.woodpecker = {
@@ -44,17 +44,4 @@       authKey = "tskey-auth-kgrGNGArZw11CNTRL-rA3rdahB1dEobvWZraPhcEpHp2BVBcYh"; # One-time key
     };
   };
   systemd.services.woodpecker-server.serviceConfig.SupplementaryGroups = [ "ugit" ];
-
-  virtualisation = {
-    containers.enable = true;
-    podman = {
-      enable = true;
-      dockerCompat = true;
-      defaultNetwork.settings.dns_enable = true;
-    };
-  };
-  networking.firewall.interfaces."podman+" = {
-    allowedUDPPorts = [ 53 ];
-    allowedTCPPorts = [ 53 ];
-  };
 }
M secrets/woodpecker.age -> secrets/woodpecker.age
1
2
3

diff --git a/secrets/woodpecker.age b/secrets/woodpecker.age
index 8d47f847258846ba9e68b508ab57f1d29a2e8719..19e4061470d2a330d66143e99a051597e4d861f9 100644
Binary files a/secrets/woodpecker.age and b/secrets/woodpecker.age differ