diff --git a/hosts/sakura/services/default.nix b/hosts/sakura/services/default.nix index e8762d7..ee341ce 100644 --- a/hosts/sakura/services/default.nix +++ b/hosts/sakura/services/default.nix @@ -11,5 +11,6 @@ ./rustypaste.nix ./grafana.nix ./prometheus.nix + ./woodpecker.nix ]; } diff --git a/hosts/sakura/services/traefik.nix b/hosts/sakura/services/traefik.nix index cc6fd00..82c1a35 100644 --- a/hosts/sakura/services/traefik.nix +++ b/hosts/sakura/services/traefik.nix @@ -71,6 +71,13 @@ _: { tls.domains = [{main = "*.notohh.dev";}]; tls.certresolver = "production"; }; + woodpecker-server = { + rule = "Host(`ci.notohh.dev`)"; + entrypoints = ["websecure"]; + service = "woodpecker-server"; + tls.domains = [{main = "*.notohh.dev";}]; + tls.certresolver = "production"; + }; }; services = { homepage.loadBalancer.servers = [{url = "http://localhost:3005";}]; @@ -82,6 +89,7 @@ _: { gitea.loadBalancer.servers = [{url = "http://localhost:3000";}]; rustypaste.loadBalancer.servers = [{url = "http://localhost:8000";}]; grafana.loadBalancer.servers = [{url = "http://localhost:3100";}]; + woodpecker-server.loadBalancer.servers = [{url = "http://localhost:8006";}]; }; }; }; diff --git a/hosts/sakura/services/woodpecker.nix b/hosts/sakura/services/woodpecker.nix new file mode 100644 index 0000000..e40094a --- /dev/null +++ b/hosts/sakura/services/woodpecker.nix @@ -0,0 +1,19 @@ +{config, ...}: { + sops.secrets.woodpecker-server = {}; + services.woodpecker-server = { + enable = true; + environment = { + WOODPECKER_SERVER_ADDR = ":8006"; + WOODPECKER_HOST = "https://ci.notohh.dev"; + WOODPECKER_OPEN = "false"; + WOODPECKER_GITEA = "true"; + WOODPECKER_GITEA_URL = "https://git.notohh.dev"; + WOODPECKER_ADMIN = "notohh"; + }; + environmentFile = config.sops.secrets.woodpecker-server.path; + }; + + services.woodpecker-agents.agents.nix = { + enable = true; + }; +}