git: add git forges cli

flake.nix

@@ -140,6 +140,7 @@
           inherit system specialArgs;
           modules = [
             ./hosts/double-rainbow.nix
+            ./system/rainbow-gitlab-runner.nix
           ] ++ common_modules;
         };
         pixie = lib.nixosSystem {

secrets/secrets.nix

@@ -2,6 +2,9 @@ let
   main_ssh_public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCxR/w+38b2lX90yNBqhq3mUmkn1WGu6GAPhN1tVp2ZjYRJNV/+5gWCnTtOWYtDx35HmK/spQ2Qy8X9ttkzORa24fysNx1Iqn/TiXhD7eIJjbGPnrOpIKTkW5/uB3SD/P5NBSa06//BaqJU4sBlG79hoXRpod052hQtdpTVDiMCIV+iboWPKqopmJJfWdBtVnHXs9rep0htPRExxGslImFk7Z6xjcaHyCpIQZPlOGf+sGsmUU7jRqzvZFV8ucIdbnAlMHrU4pepNFhuraESyZVTa/bi9sw0iozXp5Q5+5thMebEslmT1Z771kI4sieDy+O4r8c0Sx2/VY1UAzcpq1faggc3YB01MTh+tiEC6xdMvZLrQGL1NBWjHleMyL53GU5ERluC0vXJF3Hv3BGGBDfXWbrEm5n06DHr2apRVJGC0LwiQ7Woud1X4V4X1pKSusxCVMjT2lmcOwV6YhKhB2sowJc1OdMx4+tL0UWE+YKSZgBHfolwk6ml0F4EO9nnUHc= lelgenio@i15";
 in
 {
+  "rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.age".publicKeys = [
+    main_ssh_public_key
+  ];
   "monolith-gitlab-runner-thoreb-itinerario-registrationConfigFile.age".publicKeys = [
     main_ssh_public_key
   ];

system/rainbow-gitlab-runner.nix

@@ -0,0 +1,22 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+let
+  inherit (pkgs.callPackage ./gitlab-runner.nix { }) mkNixRunner;
+in
+{
+  boot.kernel.sysctl."net.ipv4.ip_forward" = true;
+  virtualisation.docker.enable = true;
+  services.gitlab-runner = {
+    enable = true;
+    settings.concurrent = 6;
+    services = {
+      thoreb-telemetria-nix = mkNixRunner config.age.secrets.gitlab-runner-thoreb-telemetria-registrationConfigFile.path;
+      thoreb-itinerario-nix = mkNixRunner config.age.secrets.rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.path;
+    };
+  };
+  systemd.services.gitlab-runner.serviceConfig.Nice = 10;
+}

system/secrets.nix

@@ -6,6 +6,7 @@
     secrets.monolith-gitlab-runner-thoreb-itinerario-registrationConfigFile.file = ../secrets/monolith-gitlab-runner-thoreb-itinerario-registrationConfigFile.age;
     secrets.gitlab-runner-thoreb-telemetria-registrationConfigFile.file = ../secrets/gitlab-runner-thoreb-telemetria-registrationConfigFile.age;
     secrets.monolith-forgejo-runner-token.file = ../secrets/monolith-forgejo-runner-token.age;
+    secrets.rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.file = ../secrets/rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.age;
     secrets.monolith-nix-serve-privkey.file = ../secrets/monolith-nix-serve-privkey.age;
     secrets.phantom-forgejo-mailer-password.file = ../secrets/phantom-forgejo-mailer-password.age;
   };

user/git.nix

@@ -43,6 +43,9 @@ in
 
     home.packages = with pkgs; [
       git_clean_remote_deleted
+
+      gh
+      glab
     ];
   };
 }