diff options
Diffstat (limited to 'hosts')
-rw-r--r-- | hosts/tahoe/secrets/drone/secrets.age | bin | 0 -> 697 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/drone/shared-secrets | 5 | ||||
-rw-r--r-- | hosts/tahoe/secrets/secrets.nix | 5 | ||||
-rw-r--r-- | hosts/tahoe/services.nix | 6 |
4 files changed, 16 insertions, 0 deletions
diff --git a/hosts/tahoe/secrets/drone/secrets.age b/hosts/tahoe/secrets/drone/secrets.age new file mode 100644 index 0000000..618bbc6 --- /dev/null +++ b/hosts/tahoe/secrets/drone/secrets.age Binary files differdiff --git a/hosts/tahoe/secrets/drone/shared-secrets b/hosts/tahoe/secrets/drone/shared-secrets new file mode 100644 index 0000000..47612be --- /dev/null +++ b/hosts/tahoe/secrets/drone/shared-secrets @@ -0,0 +1,5 @@ +DRONE_GITEA_CLIENT_ID=21ef7412-a58a-493c-beec-2e1dc27ebe79 +DRONE_GITEA_CLIENT_SECRET=GCXGi97PXxAoMTpHveMtNJXDyzdvI8jeC0TaEtCgpPab +DRONE_GITEA_SERVER=https://git.fcuny.net +DRONE_GIT_ALWAYS_AUTH=1 +DRONE_RPC_SECRET=d3daa6782d0f4ed66f7f557fa384ff8f diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix index d9ca4d9..60b8550 100644 --- a/hosts/tahoe/secrets/secrets.nix +++ b/hosts/tahoe/secrets/secrets.nix @@ -13,6 +13,11 @@ in { owner = "acme"; }; + "drone/secrets.age" = { + publicKeys = all; + owner = "drone"; + }; + "unifi/unifi-poller.age".publicKeys = all; "restic/repo-systems.age".publicKeys = all; diff --git a/hosts/tahoe/services.nix b/hosts/tahoe/services.nix index 6ad8456..a3533da 100644 --- a/hosts/tahoe/services.nix +++ b/hosts/tahoe/services.nix @@ -24,6 +24,12 @@ in { enable = true; stateDir = "/var/lib/gitea"; }; + drone = { + enable = true; + vhostName = "drone.fcuny.xyz"; + runners = [ "docker" "exec" ]; + sharedSecretFile = secrets."drone/secrets".path; + }; rclone = { enable = true; }; nginx = { enable = true; }; transmission = { |