From b6d46bdb79031d438008c3d1c0526e1bce30426e Mon Sep 17 00:00:00 2001 From: uttarayan21 Date: Tue, 22 Jul 2025 10:53:39 +0530 Subject: [PATCH] feat: Added gitea registration --- nixos/mirai/services/gitea.nix | 36 +++++++++++++++++----------------- secrets/secrets.yaml | 5 +++-- 2 files changed, 21 insertions(+), 20 deletions(-) diff --git a/nixos/mirai/services/gitea.nix b/nixos/mirai/services/gitea.nix index e0164348..03d582fd 100644 --- a/nixos/mirai/services/gitea.nix +++ b/nixos/mirai/services/gitea.nix @@ -1,9 +1,9 @@ {config, ...}: { - # virtualisation.docker.enable = true; - # sops = { - # # secrets."gitea/token".owner = config.systemd.services.gitea-actions-mirai.serviceConfig.User; - # secrets."gitea/token" = {}; - # }; + virtualisation.docker.enable = true; + sops = { + secrets."gitea/registration".owner = config.systemd.services.gitea-actions-mirai.serviceConfig.User; + # secrets."gitea/registration" = {}; + }; services = { gitea = { enable = true; @@ -25,19 +25,19 @@ }; }; }; - # gitea-actions-runner = { - # instances = { - # mirai = { - # name = "mirai"; - # enable = true; - # url = "https://git.darksailor.dev"; - # labels = [ - # "ubuntu-latest:docker://node:18-bullseye" - # ]; - # tokenFile = config.sops.secrets."gitea/token".path; - # }; - # }; - # }; + gitea-actions-runner = { + instances = { + mirai = { + name = "mirai"; + enable = true; + url = "https://git.darksailor.dev"; + labels = [ + "ubuntu-latest:docker://node:18-bullseye" + ]; + tokenFile = config.sops.secrets."gitea/registration".path; + }; + }; + }; caddy = { virtualHosts."git.darksailor.dev".extraConfig = '' forward_auth localhost:5555 { diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index c5546312..41a97af3 100644 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -5,6 +5,7 @@ paperless: secret_key: ENC[AES256_GCM,data:9OkJ/WRLHCQXA0a/FqMieoUX5Lk=,iv:br2OSWU6uQ4/JAEvYeRlA1buhF2PGyPCdGYx0OwROek=,tag:cgnmTTWgkga6E0krWXFIdw==,type:str] gitea: token: ENC[AES256_GCM,data:6vcGrOlxFxrsCEq3Mu9s3deOnXNpwgc6marpx90+FrU=,iv:3CNdT6P58Wy2/anaucvl9KVLTZ7z4MyDImXNxQVIAcI=,tag:YQboEG8R6G2MCZzDLaZ4wg==,type:str] + registration: ENC[AES256_GCM,data:gxnqE0aYxkyIrq6lRuzQK0T2edgJP8Xb/3PaKJLxA2W/NZ1TeRFsTA==,iv:dqsoDLfgZaLj0ut5T3V0+THdvRGYsNPBT8wG9cZeFVI=,tag:IC4nP10tvJpvRn2Dc4KgwA==,type:str] llama: user: ENC[AES256_GCM,data:qWbhnc/XLotWzqbEa6ekuMe5kD/GwC9SW8omXvgWqCG1BPPCOI3DtlS4YqKxsIhYmw8MQw+4DPnaWHqjrbIsVSrQ79M=,iv:VeqkKb1N9NSKfuilG6dzYdha8cO4JqJ+YUzmkjrPU+0=,tag:SYwR1oU6VWzNoCBPsMg0uQ==,type:str] api_key: ENC[AES256_GCM,data:wib+xbb25sTY2K9pacc1mU5eVSyQRurHiCMZyDVSqCAmG4yjkzEykvBevpThNbTZlsk6GZuK4hH0SYJM,iv:GTU6CQ83chXHAuuL0bFMf4L+UWqlcVfXnEE0/SxLzj4=,tag:0LkOSQsuuQd6TK3KHE95TA==,type:str] @@ -48,7 +49,7 @@ sops: VGZKdHpVeFRpQUxtSEkyaEhLMlBJcGsKLb0DvPNZosPBUuiX6qz1s5IO5INQh8CK ZtXTVClwMSmaUYhdSB2gKFrKVZHXTJZ4oAL5t/BpC0pOHyr+o96T3Q== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-15T18:26:32Z" - mac: ENC[AES256_GCM,data:ioly0v6GKcPaIREk4PNYFvaX3ZpgGNDzB4HLyZyMlVatnjqKJajUDCnWi2dMHNmSBLIWID6CrY6mfUeE0BpOTNk7onTgfDUR/Ipuo9KtBmSuQC22IA7yR4CHo1Mrtn9t/OOJMXxl7b+PCs5ko8C/CHV2mEJF5cM1ew2rh2rDUYU=,iv:YkjrAm26SO9U0gK1172aeDEzcFrsiVGyhGERyEfNQXg=,tag:ZDkpcl2pGnGXluOou/gvbQ==,type:str] + lastmodified: "2025-07-22T05:10:34Z" + mac: ENC[AES256_GCM,data:r8EFKt6lQWpR5Nmmje6ILAOdAsnL9RogOK5mmpGqHNRfDHGQFDZtcffrWAO7n0OxEJhsC2nY6DFcyLiFSPnN/A9vom1NkAShiDvt+yuCBGgHNxG6dC3VAfQHCD2Zt5ulmMc3cJ2GWX6BCXf9E3XNlS3Qh5gDURFnzBV62HyZJp0=,iv:aGQEjdQt+SWQpLHOpITNHxT8IMyLPGDpbMZrn3kOW+c=,tag:L4KLByPoDt278k3QsSkWYA==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2