monolith: cleanup host-specific modules

2026-02-24 14:22:16 -03:00 · 2026-02-24 14:22:16 -03:00 · 5adec3b1d3
commit 5adec3b1d3
parent 52f5d725ea
5 changed files with 12 additions and 36 deletions
--- a/system/monolith-gitlab-runner.nix
+++ b/system/monolith-gitlab-runner.nix
@ -1,60 +0,0 @@
-{
-  config,
-  pkgs,
-  inputs,
-  ...
-}:
-let
-  inherit (pkgs.callPackage ./gitlab-runner.nix { inherit inputs; }) mkNixRunner mkNixRunnerFull;
-in
-{
-  boot.kernel.sysctl."net.ipv4.ip_forward" = true;
-  virtualisation.docker.enable = true;
-  services.gitlab-runner = {
-    enable = true;
-    settings.concurrent = 3;
-    services = {
-      # runner for building in docker via host's nix-daemon
-      # nix store will be readable in runner, might be insecure
-      thoreb-telemetria-nix = mkNixRunner config.sops.secrets."gitlab-runners/thoreb-telemetria-nix".path;
-      thoreb-itinerario-nix = mkNixRunner config.sops.secrets."gitlab-runners/thoreb-itinerario-nix".path;
-
-      wopus-gitlab-nix = mkNixRunnerFull {
-        authenticationTokenConfigFile = config.sops.secrets."gitlab-runners/wopus-gitlab-nix".path;
-        # nixCacheSshPrivateKeyPath = config.sops.secrets."gitlab-runners/wopus-ssh-nix-cache-pk".path;
-        # nixCacheSshPublicKeyPath = config.sops.secrets."gitlab-runners/wopus-ssh-nix-cache-pub".path;
-      };
-
-      default = {
-        # File should contain at least these two variables:
-        # `CI_SERVER_URL`
-        # `CI_SERVER_TOKEN`
-        authenticationTokenConfigFile = config.sops.secrets."gitlab-runners/docker-images-token".path;
-        dockerImage = "debian:stable";
-        dockerPullPolicy = "if-not-present";
-      };
-    };
-  };
-  systemd.services.gitlab-runner.serviceConfig.Nice = 10;
-
-  sops.secrets = {
-    "gitlab-runners/thoreb-telemetria-nix" = {
-      sopsFile = ../secrets/monolith/default.yaml;
-    };
-    "gitlab-runners/thoreb-itinerario-nix" = {
-      sopsFile = ../secrets/monolith/default.yaml;
-    };
-    "gitlab-runners/docker-images-token" = {
-      sopsFile = ../secrets/monolith/default.yaml;
-    };
-    "gitlab-runners/wopus-gitlab-nix" = {
-      sopsFile = ../secrets/monolith/default.yaml;
-    };
-    "gitlab-runners/wopus-ssh-nix-cache-pk" = {
-      sopsFile = ../secrets/monolith/default.yaml;
-    };
-    "gitlab-runners/wopus-ssh-nix-cache-pub" = {
-      sopsFile = ../secrets/monolith/default.yaml;
-    };
-  };
-}