drone.server: modularise
All checks were successful
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing

This commit is contained in:
Jake Hillion 2023-12-08 21:18:21 +00:00 committed by JakeHillion
parent 89374c44dc
commit 785a17059d
6 changed files with 51 additions and 20 deletions

View File

@ -3,7 +3,6 @@
{ {
imports = [ imports = [
../../modules/common/default.nix ../../modules/common/default.nix
../../modules/drone/server.nix
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
@ -21,6 +20,7 @@
## Custom Services ## Custom Services
custom = { custom = {
locations.autoServe = true; locations.autoServe = true;
drone.server.path = "/data/drone";
}; };
## Networking ## Networking

View File

@ -6,6 +6,7 @@
./chia.nix ./chia.nix
./common/hostinfo.nix ./common/hostinfo.nix
./desktop/awesome/default.nix ./desktop/awesome/default.nix
./drone/default.nix
./impermanence.nix ./impermanence.nix
./locations.nix ./locations.nix
./resilio.nix ./resilio.nix

View File

@ -0,0 +1,7 @@
{ ... }:
{
imports = [
./server.nix
];
}

View File

@ -1,13 +1,30 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let
cfg = config.custom.drone.server;
in
{ {
config.age.secrets."drone/gitea_client_secret".file = ../../secrets/drone/gitea_client_secret.age; options.custom.drone.server = {
config.age.secrets."drone/rpc_secret".file = ../../secrets/drone/rpc_secret.age; enable = lib.mkEnableOption "drone server";
config.virtualisation.oci-containers.containers."drone" = { path = lib.mkOption {
image = "drone/drone:2.16.0"; type = lib.types.str;
volumes = [ "/data/drone:/data" ]; default = "/var/lib/drone";
ports = [ "18733:80" ]; };
port = lib.mkOption {
type = lib.types.port;
default = 18733;
};
};
config = lib.mkIf cfg.enable {
age.secrets."drone/gitea_client_secret".file = ../../secrets/drone/gitea_client_secret.age;
age.secrets."drone/rpc_secret".file = ../../secrets/drone/rpc_secret.age;
virtualisation.oci-containers.containers."drone" = {
image = "drone/drone:2.21.0";
volumes = [ "${cfg.path}:/data" ];
ports = [ "${toString cfg.port}:80" ];
environment = { environment = {
DRONE_AGENTS_ENABLED = "true"; DRONE_AGENTS_ENABLED = "true";
DRONE_GITEA_SERVER = "https://gitea.hillion.co.uk"; DRONE_GITEA_SERVER = "https://gitea.hillion.co.uk";
@ -22,4 +39,5 @@
config.age.secrets."drone/rpc_secret".path config.age.secrets."drone/rpc_secret".path
]; ];
}; };
};
} }

View File

@ -17,6 +17,9 @@ in
mastodon = "vm.strangervm.ts.hillion.co.uk"; mastodon = "vm.strangervm.ts.hillion.co.uk";
matrix = "jorah.cx.ts.hillion.co.uk"; matrix = "jorah.cx.ts.hillion.co.uk";
}; };
drone = {
server = "vm.strangervm.ts.hillion.co.uk";
};
}; };
}; };
}; };
@ -25,5 +28,7 @@ in
custom.services.downloads.enable = cfg.locations.services.downloads == config.networking.fqdn; custom.services.downloads.enable = cfg.locations.services.downloads == config.networking.fqdn;
custom.services.mastodon.enable = cfg.locations.services.mastodon == config.networking.fqdn; custom.services.mastodon.enable = cfg.locations.services.mastodon == config.networking.fqdn;
custom.services.matrix.enable = cfg.locations.services.matrix == config.networking.fqdn; custom.services.matrix.enable = cfg.locations.services.matrix == config.networking.fqdn;
custom.drone.server.enable = cfg.locations.drone.server == config.networking.fqdn;
}; };
} }

View File

@ -51,7 +51,7 @@ in
reverse_proxy /_synapse/client/* http://${locations.services.matrix}:8008 reverse_proxy /_synapse/client/* http://${locations.services.matrix}:8008
''; '';
"drone.hillion.co.uk".extraConfig = '' "drone.hillion.co.uk".extraConfig = ''
reverse_proxy http://vm.strangervm.ts.hillion.co.uk:18733 reverse_proxy http://${locations.drone.server}:18733
''; '';
}; };
}; };