{ lib, config, pkgs, ... }: let cfg = config.my.services.forgejo-runner; in { options.my.services.forgejo-runner = { enable = lib.mkEnableOption "Enable Forgejo Actions runner"; url = lib.mkOption { type = lib.types.str; description = "URL of the Forgejo instance"; example = "https://git.example.com"; }; tokenFile = lib.mkOption { type = lib.types.path; description = "Path to file containing the runner registration token"; }; name = lib.mkOption { type = lib.types.str; default = config.networking.hostName; description = "Name of the runner"; }; labels = lib.mkOption { type = lib.types.listOf lib.types.str; default = [ "nix:host" "native:host" ]; description = "Labels for the runner"; }; }; config = lib.mkIf cfg.enable { # Ensure Nix is available with flakes enabled (should already be the case) nix.settings.experimental-features = [ "nix-command" "flakes" ]; # Install packages needed for CI jobs environment.systemPackages = with pkgs; [ git nix colmena jq curl ]; services.gitea-actions-runner = { package = pkgs.forgejo-runner; instances.default = { enable = true; name = cfg.name; url = cfg.url; tokenFile = cfg.tokenFile; labels = cfg.labels; settings = { runner = { # Capacity defines how many jobs can run concurrently capacity = 1; # Timeout for a job timeout = "6h"; }; container = { # Disable container mode - run directly on host # This allows using nix commands directly network = ""; privileged = false; options = ""; workdir_parent = ""; }; }; hostPackages = with pkgs; [ bash coreutils curl gawk git gnused jq nix nodejs wget ]; }; }; }; }