monolith: add wopus gitlab runners

2025-05-28 00:07:44 -03:00 · 2025-05-28 00:07:44 -03:00 · 72ddcec77e
commit 72ddcec77e
parent a4b900582a
3 changed files with 26 additions and 9 deletions
--- a/system/gitlab-runner.nix
+++ b/system/gitlab-runner.nix
@ -1,18 +1,19 @@
 { pkgs, lib, ... }:
 {
  mkNixRunner =
-    authenticationTokenConfigFile: with lib; rec {
+    authenticationTokenConfigFile: with lib; {
      # File should contain at least these two variables:
      # `CI_SERVER_URL`
      # `REGISTRATION_TOKEN`
      inherit authenticationTokenConfigFile; # 2
      dockerImage = "alpine:3.18.2";
-      dockerAllowedImages = [ dockerImage ];
      dockerVolumes = [
        "/etc/nix/nix.conf:/etc/nix/nix.conf:ro"
        "/nix/store:/nix/store:ro"
        "/nix/var/nix/db:/nix/var/nix/db:ro"
        "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
+        "/var/run/docker.sock:/var/run/docker.sock"
+        "/cache"
      ];
      dockerDisableCache = true;
      preBuildScript = pkgs.writeScript "setup-container" ''
@ -36,6 +37,7 @@
              cacert
              git
              openssh
+              docker
            ]
          )
        }
--- a/system/monolith-gitlab-runner.nix
+++ b/system/monolith-gitlab-runner.nix
@ -18,6 +18,8 @@ in
      thoreb-telemetria-nix = mkNixRunner config.sops.secrets."gitlab-runners/thoreb-telemetria-nix".path;
      thoreb-itinerario-nix = mkNixRunner config.sops.secrets."gitlab-runners/thoreb-itinerario-nix".path;

+      wopus-gitlab-nix = mkNixRunner config.sops.secrets."gitlab-runners/wopus-gitlab-nix".path;
+
      default = {
        # File should contain at least these two variables:
        # `CI_SERVER_URL`
@ -25,6 +27,15 @@ in
        authenticationTokenConfigFile = config.sops.secrets."gitlab-runners/docker-images-token".path;
        dockerImage = "debian:stable";
      };
+
+      wopus-gitlab-docker-images = {
+        # File should contain at least these two variables:
+        # `CI_SERVER_URL`
+        # `CI_SERVER_TOKEN`
+        authenticationTokenConfigFile =
+          config.sops.secrets."gitlab-runners/wopus-gitlab-docker-images".path;
+        dockerImage = "debian:stable";
+      };
    };
  };
  systemd.services.gitlab-runner.serviceConfig.Nice = 10;
@ -39,5 +50,11 @@ in
    "gitlab-runners/docker-images-token" = {
      sopsFile = ../secrets/monolith/default.yaml;
    };
+    "gitlab-runners/wopus-gitlab-nix" = {
+      sopsFile = ../secrets/monolith/default.yaml;
+    };
+    "gitlab-runners/wopus-gitlab-docker-images" = {
+      sopsFile = ../secrets/monolith/default.yaml;
+    };
  };
 }