Last active
September 30, 2025 23:20
-
-
Save orzklv/bc987fb1d7a7283317eee0d1bbb19502 to your computer and use it in GitHub Desktop.
Module to generate runners from a single list.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| lib, | |
| config, | |
| pkgs, | |
| ... | |
| }: let | |
| cfg = config.kolyma.runners; | |
| user = { | |
| users.users.${cfg.user} = { | |
| description = "Git Runner user"; | |
| isNormalUser = true; | |
| createHome = false; | |
| extraGroups = ["admins"]; | |
| group = cfg.group; | |
| }; | |
| users.groups.${cfg.group} = {}; | |
| }; | |
| tests = { | |
| assertions = | |
| # token check | |
| (map | |
| (runner: { | |
| assertion = runner ? token; | |
| message = "Runner “${runner.name or "<unnamed>"}” must define a token"; | |
| }) | |
| cfg.runners) | |
| ++ | |
| # url check | |
| (map | |
| (runner: { | |
| assertion = runner ? url; | |
| message = "Runner “${runner.name or "<unnamed>"}” must define a url"; | |
| }) | |
| cfg.runners) | |
| ++ | |
| # uniqueness of name across all runners | |
| [ | |
| { | |
| assertion = let | |
| names = map (r: r.name or "") cfg.runners; | |
| in | |
| lib.lists.length (lib.lists.unique names) == lib.lists.length names; | |
| message = "Runner names must be unique"; | |
| } | |
| ]; | |
| }; | |
| mkGitHub = { | |
| enable, | |
| name, | |
| url, | |
| token, | |
| ... | |
| }: { | |
| services.github-runners = { | |
| "Kolyma-${name}" = { | |
| inherit enable url; | |
| inherit (cfg) user group; | |
| tokenFile = token; | |
| replace = true; | |
| extraLabels = [name]; | |
| package = pkgs.unstable.github-runner; | |
| serviceOverrides = { | |
| ProtectSystem = "full"; | |
| ReadWritePaths = "/srv"; | |
| PrivateMounts = false; | |
| UMask = 22; | |
| }; | |
| }; | |
| }; | |
| }; | |
| mkForgejo = { | |
| enable, | |
| name, | |
| url, | |
| token, | |
| ... | |
| }: { | |
| services.gitea-actions-runner = { | |
| package = lib.mkDefault pkgs.unstable.forgejo-actions-runner; | |
| instances.default = { | |
| inherit enable name url; | |
| tokenFile = token; | |
| labels = ["native:host"]; | |
| }; | |
| }; | |
| }; | |
| mkRunner = param: | |
| lib.rmatch param [ | |
| [{type = "github";} (mkGitHub param)] | |
| [{type = "forgejo";} (mkForgejo param)] | |
| ]; | |
| in { | |
| options = { | |
| kolyma.runners = { | |
| enable = lib.mkOption { | |
| type = lib.types.bool; | |
| default = false; | |
| description = "Enable git hosting provider runners"; | |
| }; | |
| runners = lib.mkOption { | |
| default = false; | |
| description = "Enable git hosting provider runners"; | |
| type = with lib.types; with lib.kotypes; listOf (submodule runner); | |
| }; | |
| user = lib.mkOption { | |
| type = lib.types.str; | |
| default = "runner"; | |
| example = "git-runner"; | |
| description = "Enable git hosting provider runners"; | |
| }; | |
| group = lib.mkOption { | |
| type = lib.types.str; | |
| default = "runner"; | |
| example = "git-runner"; | |
| description = "Enable git hosting provider runners"; | |
| }; | |
| }; | |
| }; | |
| config = lib.mkIf cfg.enable ( | |
| (map mkRunner cfg.runners) ++ [user tests] |> lib.mkMerge | |
| ); | |
| meta = { | |
| doc = ./readme.md; | |
| buildDocsInSandbox = true; | |
| maintainers = with lib.maintainers; [orzklv]; | |
| }; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment