From b3f3813b36c7ca55f944468f752c6a586fc56e5d Mon Sep 17 00:00:00 2001
From: Julian Mutter <julian.mutter@comumail.de>
Date: Fri, 21 Mar 2025 21:45:42 +0100
Subject: [PATCH] builder: configure gitea actions

---
 systems/x86_64-linux/builder/default.nix | 36 +++++++++++++++++-------
 1 file changed, 26 insertions(+), 10 deletions(-)

diff --git a/systems/x86_64-linux/builder/default.nix b/systems/x86_64-linux/builder/default.nix
index d0e49df..23f7644 100644
--- a/systems/x86_64-linux/builder/default.nix
+++ b/systems/x86_64-linux/builder/default.nix
@@ -105,16 +105,16 @@
   };
 
   # Ollama used by open-webui as llm backend
-  services.ollama = {
-    enable = true;
-    # acceleration = "rocm";
-  };
-  services.open-webui = {
-    enable = true;
-    port = 8080;
-    openFirewall = true;
-    host = "builder.julian-mutter.de";
-  };
+  # services.ollama = {
+  #   enable = true;
+  #   # acceleration = "rocm";
+  # };
+  # services.open-webui = {
+  #   enable = true;
+  #   port = 8080;
+  #   openFirewall = true;
+  #   host = "builder.julian-mutter.de";
+  # };
 
   networking.firewall.allowedTCPPorts = [
     80
@@ -213,6 +213,22 @@
     };
   };
 
+  # =========== Gitea actions ==========
+  services.gitea-actions-runner.instances."builder" = {
+    enable = true;
+    url = "https://gitlab.julian-mutter.de";
+    name = "builder";
+    tokenFile = config.sops.secrets."gitea_token".path;
+    labels = [ ]; # use default labels
+  };
+
+  virtualisation.podman.enable = true;
+
+  sops.secrets."gitea_token" = {
+    owner = config.users.users.nix.name;
+    sopsFile = ../../../secrets/secrets-builder.yaml;
+  };
+
   # =========== Binary Cache ==========
   services.nix-serve = {
     enable = true;