summaryrefslogtreecommitdiff
path: root/os/kay/modules
diff options
context:
space:
mode:
Diffstat (limited to 'os/kay/modules')
-rw-r--r--os/kay/modules/github-runner.nix20
1 files changed, 15 insertions, 5 deletions
diff --git a/os/kay/modules/github-runner.nix b/os/kay/modules/github-runner.nix
index 4462ff2..2b838ae 100644
--- a/os/kay/modules/github-runner.nix
+++ b/os/kay/modules/github-runner.nix
@@ -1,14 +1,24 @@
-{ config, ... }: let
- secret_path = "misc/nocodb-runner-registration-token";
+{ config, ... }:
+let
repo = "nocodb/nocodb";
-in {
- sops.secrets.${secret_path} = {};
+in
+{
+ sops.secrets = {
+ "github-runner/nocodb-registration-token" = { };
+ "github-runner/age-master-key" = { };
+ };
services.github-runners.kay = {
enable = true;
noDefaultLabels = true;
extraLabels = [ "nix" ];
- tokenFile = config.sops.secrets.${secret_path}.path;
+ tokenFile = config.sops.secrets."github-runner/nocodb-registration-token".path;
url = "https://github.com/${repo}";
};
+
+ systemd.services."github-runner-kay" = {
+ environment.SOPS_AGE_KEY_FILE = "%d/age-master-key";
+ serviceConfig.LoadCredential =
+ "age-master-key:${config.sops.secrets."github-runner/age-master-key".path}";
+ };
}