diff options
Diffstat (limited to 'hosts/tahoe')
-rw-r--r-- | hosts/tahoe/secrets/drone/secrets.age | bin | 697 -> 703 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/drone/shared-secrets | 5 | ||||
-rw-r--r-- | hosts/tahoe/secrets/secrets.nix | 5 | ||||
-rw-r--r-- | hosts/tahoe/services.nix | 6 |
4 files changed, 11 insertions, 5 deletions
diff --git a/hosts/tahoe/secrets/drone/secrets.age b/hosts/tahoe/secrets/drone/secrets.age index 618bbc6..c0eb97b 100644 --- a/hosts/tahoe/secrets/drone/secrets.age +++ b/hosts/tahoe/secrets/drone/secrets.age Binary files differdiff --git a/hosts/tahoe/secrets/drone/shared-secrets b/hosts/tahoe/secrets/drone/shared-secrets deleted file mode 100644 index 47612be..0000000 --- a/hosts/tahoe/secrets/drone/shared-secrets +++ /dev/null @@ -1,5 +0,0 @@ -DRONE_GITEA_CLIENT_ID=21ef7412-a58a-493c-beec-2e1dc27ebe79 -DRONE_GITEA_CLIENT_SECRET=GCXGi97PXxAoMTpHveMtNJXDyzdvI8jeC0TaEtCgpPab -DRONE_GITEA_SERVER=https://git.fcuny.net -DRONE_GIT_ALWAYS_AUTH=1 -DRONE_RPC_SECRET=d3daa6782d0f4ed66f7f557fa384ff8f diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix index 390f2b6..7b9500f 100644 --- a/hosts/tahoe/secrets/secrets.nix +++ b/hosts/tahoe/secrets/secrets.nix @@ -22,6 +22,11 @@ in mode = "0440"; }; + "drone/secrets.age" = { + publicKeys = all; + owner = "drone"; + }; + "buildkite/graphql.age" = { publicKeys = all; owner = "buildkite-agent-builder-1"; diff --git a/hosts/tahoe/services.nix b/hosts/tahoe/services.nix index f7edfa4..e5f53ab 100644 --- a/hosts/tahoe/services.nix +++ b/hosts/tahoe/services.nix @@ -20,6 +20,12 @@ in enable = true; stateDir = "/var/lib/gitea"; }; + drone = { + enable = true; + vhostName = "ci.fcuny.net"; + runners = [ "docker" "exec" ]; + sharedSecretFile = secrets."drone/secrets".path; + }; prometheus = { enable = true; }; grafana = { enable = true; |