diff options
Diffstat (limited to 'hosts/tahoe')
-rw-r--r-- | hosts/tahoe/secrets/drone/secrets.age | bin | 0 -> 703 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/secrets.nix | 5 | ||||
-rw-r--r-- | hosts/tahoe/services.nix | 6 |
3 files changed, 11 insertions, 0 deletions
diff --git a/hosts/tahoe/secrets/drone/secrets.age b/hosts/tahoe/secrets/drone/secrets.age new file mode 100644 index 0000000..c0eb97b --- /dev/null +++ b/hosts/tahoe/secrets/drone/secrets.age Binary files differdiff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix index 390f2b6..7b9500f 100644 --- a/hosts/tahoe/secrets/secrets.nix +++ b/hosts/tahoe/secrets/secrets.nix @@ -22,6 +22,11 @@ in mode = "0440"; }; + "drone/secrets.age" = { + publicKeys = all; + owner = "drone"; + }; + "buildkite/graphql.age" = { publicKeys = all; owner = "buildkite-agent-builder-1"; diff --git a/hosts/tahoe/services.nix b/hosts/tahoe/services.nix index f7edfa4..e5f53ab 100644 --- a/hosts/tahoe/services.nix +++ b/hosts/tahoe/services.nix @@ -20,6 +20,12 @@ in enable = true; stateDir = "/var/lib/gitea"; }; + drone = { + enable = true; + vhostName = "ci.fcuny.net"; + runners = [ "docker" "exec" ]; + sharedSecretFile = secrets."drone/secrets".path; + }; prometheus = { enable = true; }; grafana = { enable = true; |