hosts: add tsuru

hosts/README.md

@@ -10,6 +10,7 @@ Name            | Description
 `sakura`        | main vm, hosting most internet connected services
 `sora`          | hetzner vps
 `tsuki`         | main machine running hyprland
+`tsuru`         | vm for ci/cd runners, and (potentially) a binary cache
 `yuki`          | my old proxmox machine, now running pure nix
 `default`       | defines `nixosConfigurations`
 `deploy`        | defines deployment nodes for deploy-rs

hosts/default.nix

@@ -151,4 +151,24 @@ in {
       }
     ];
   };
+  tsuru = nixosSystem {
+    inherit system;
+    specialArgs = {inherit inputs;};
+    modules = [
+      ./tsuru
+      sopsModule
+      hmModule
+      {
+        home-manager = {
+          useGlobalPkgs = true;
+          useUserPackages = true;
+          users.notoh = {
+            imports = [
+              ./tsuru/home.nix
+            ];
+          };
+        };
+      }
+    ];
+  };
 }

hosts/tsuru/default.nix

@@ -0,0 +1,29 @@
+{...}: {
+  imports = [
+    ./hardware-configuration.nix
+    ./services
+    ../../modules
+  ];
+
+  boot.loader = {
+    grub = {
+      enable = true;
+      configurationLimit = 5;
+      device = "/dev/sda";
+      useOSProber = false;
+    };
+  };
+
+  networking = {
+    hostName = "tsuru";
+  };
+
+  services.xserver = {
+    layout = "us";
+    xkbVariant = "";
+  };
+
+  users.users.notoh.openssh.authorizedKeys.keys = [
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKwby2FLCKFZZlOLDRhsm9GckyYAuyk0mq28jRD02tdv tsuru''
+  ];
+}

hosts/tsuru/hardware-configuration.nix

@@ -0,0 +1,27 @@
+{
+  lib,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+
+  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = [];
+  boot.extraModulePackages = [];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/625f557a-99a0-4e2d-9aef-f3aed7cea1c8";
+    fsType = "ext4";
+  };
+
+  swapDevices = [
+    {device = "/dev/disk/by-uuid/5be1a83b-5b40-4068-ade3-fcf28ff07e35";}
+  ];
+
+  networking.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}

hosts/tsuru/home.nix

@@ -0,0 +1,14 @@
+{...}: {
+  imports = [
+    ../../home
+  ];
+
+  systemd.user.startServices = "sd-switch";
+  programs.home-manager.enable = true;
+
+  home = {
+    username = "notoh";
+    homeDirectory = "/home/notoh";
+    stateVersion = "23.05";
+  };
+}

hosts/tsuru/services/default.nix

@@ -0,0 +1,4 @@
+_: {
+  imports = [
+  ];
+}

hosts/tsuru/services/forgejo-runners.nix

@@ -0,0 +1,57 @@
+{
+  pkgs,
+  config,
+  ...
+}: {
+  sops.secrets.forgejo-runner-token = {};
+  sops.secrets.basegbot-runner-token = {};
+  services.gitea-actions-runner = {
+    package = pkgs.forgejo-actions-runner;
+    instances.snowflake = {
+      settings = {
+        container = {
+          network = "host";
+        };
+      };
+      enable = true;
+      name = config.networking.hostName;
+      token = config.sops.secrets.forgejo-runner-token.path;
+      url = "https://git.flake.sh";
+      labels = [
+        "debian-latest:docker://node:18-bullseye"
+        "ubuntu-latest:docker://node:18-bullseye"
+        #"native:host"
+      ];
+      hostPackages = with pkgs; [
+        bash
+        curl
+        coreutils
+        wget
+        gitMinimal
+      ];
+    };
+    instances.basegbot = {
+      settings = {
+        container = {
+          network = "host";
+        };
+      };
+      enable = true;
+      name = config.networking.hostName;
+      token = config.sops.secrets.basegbot-runner-token.path;
+      url = "https://git.flake.sh";
+      labels = [
+        "debian-latest:docker://node:18-bullseye"
+        "ubuntu-latest:docker://node:18-bullseye"
+        #"native:host"
+      ];
+      hostPackages = with pkgs; [
+        bash
+        curl
+        coreutils
+        wget
+        gitMinimal
+      ];
+    };
+  };
+}