Compare commits
No commits in common. "410017d86fd407667a26f2f181009e8cf279051a" and "86e0c091fb3afa22739c78c0c916d6e01779b76b" have entirely different histories.
410017d86f
...
86e0c091fb
14 changed files with 13 additions and 383 deletions
|
@ -1,53 +0,0 @@
|
||||||
name: Build_Deploy
|
|
||||||
|
|
||||||
on:
|
|
||||||
workflow_run:
|
|
||||||
workflows: [ "Update_Flake" ]
|
|
||||||
types:
|
|
||||||
- completed
|
|
||||||
push:
|
|
||||||
paths:
|
|
||||||
- applications/**/*
|
|
||||||
- machines/**/*
|
|
||||||
- secrets/**/*
|
|
||||||
- flake.*
|
|
||||||
- config/**/*
|
|
||||||
- .forgejo/**/*
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
linter:
|
|
||||||
runs-on: nix
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- run: nix fmt -- --check .
|
|
||||||
|
|
||||||
#if: github.repository == 'Skynet/nixos'
|
|
||||||
build:
|
|
||||||
runs-on: nix
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- run: nix develop
|
|
||||||
- run: colmena build -v --on @active-dns
|
|
||||||
- run: colmena build -v --on @active-core
|
|
||||||
- run: colmena build -v --on @active
|
|
||||||
- run: colmena build -v --on @active-ext
|
|
||||||
- run: colmena build -v --on @active-gitlab
|
|
||||||
|
|
||||||
deploy_dns:
|
|
||||||
runs-on: nix
|
|
||||||
needs: [ linter, build ]
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- run: colmena apply -v --on @active-dns --show-trace
|
|
||||||
shell: bash
|
|
||||||
|
|
||||||
deploy_active:
|
|
||||||
strategy:
|
|
||||||
matrix:
|
|
||||||
batch: [ active-core, active, active-ext ]
|
|
||||||
runs-on: nix
|
|
||||||
needs: [ deploy_dns ]
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- run: colmena apply -v --on @${{ matrix.batch }} --show-trace
|
|
||||||
shell: bash
|
|
|
@ -1,29 +0,0 @@
|
||||||
name: Update_Flake
|
|
||||||
|
|
||||||
on:
|
|
||||||
workflow_dispatch:
|
|
||||||
inputs:
|
|
||||||
input_to_update:
|
|
||||||
description: 'Flake input to update'
|
|
||||||
required: true
|
|
||||||
type: string
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
update:
|
|
||||||
runs-on: nix
|
|
||||||
|
|
||||||
permissions:
|
|
||||||
# Give the default GITHUB_TOKEN write permission to commit and push the
|
|
||||||
# added or changed files to the repository.
|
|
||||||
contents: write
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
with:
|
|
||||||
ref: ${{ github.head_ref }}
|
|
||||||
token: ${{ secrets.PIPELINE_TOKEN }}
|
|
||||||
- run: nix flake lock --update-input "${{ inputs.input_to_update }}"
|
|
||||||
shell: bash
|
|
||||||
- uses: https://github.com/stefanzweifel/git-auto-commit-action@v5
|
|
||||||
with:
|
|
||||||
commit_message: "Updated flake for ${{ inputs.input_to_update }}"
|
|
|
@ -1,113 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib; let
|
|
||||||
name = "forgejo";
|
|
||||||
cfg = config.services.skynet."${name}";
|
|
||||||
|
|
||||||
domain_base = "${cfg.domain.base}.${cfg.domain.tld}";
|
|
||||||
domain_full = "${cfg.domain.sub}.${domain_base}";
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
];
|
|
||||||
|
|
||||||
options.services.skynet."${name}" = {
|
|
||||||
enable = mkEnableOption "Skynet Forgejo";
|
|
||||||
|
|
||||||
domain = {
|
|
||||||
tld = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "ie";
|
|
||||||
};
|
|
||||||
|
|
||||||
base = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "skynet";
|
|
||||||
};
|
|
||||||
|
|
||||||
sub = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = name;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
forgejo = {
|
|
||||||
port = mkOption {
|
|
||||||
type = types.port;
|
|
||||||
default = 3000;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
|
||||||
# age.secrets.forgejo-mailer-password = {
|
|
||||||
# file = ../../secrets/forgejo/mailer-password.age;
|
|
||||||
# mode = "400";
|
|
||||||
# owner = "forgejo";
|
|
||||||
# };
|
|
||||||
|
|
||||||
services.skynet.acme.domains = [
|
|
||||||
"${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}"
|
|
||||||
];
|
|
||||||
|
|
||||||
# using https://nixos.org/manual/nixos/stable/index.html#module-services-gitlab as a guide
|
|
||||||
services.skynet.dns.records = [
|
|
||||||
{
|
|
||||||
record = cfg.domain.sub;
|
|
||||||
r_type = "CNAME";
|
|
||||||
value = config.services.skynet.host.name;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
services.nginx.virtualHosts = {
|
|
||||||
# main site
|
|
||||||
"${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" = {
|
|
||||||
forceSSL = true;
|
|
||||||
useACMEHost = "skynet";
|
|
||||||
locations."/" = {
|
|
||||||
proxyPass = "http://localhost:${toString cfg.forgejo.port}";
|
|
||||||
extraConfig = ''
|
|
||||||
client_max_body_size 1000M;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.forgejo = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.forgejo;
|
|
||||||
database.type = "sqlite3";
|
|
||||||
# Enable support for Git Large File Storage
|
|
||||||
lfs.enable = true;
|
|
||||||
settings = {
|
|
||||||
server = {
|
|
||||||
DOMAIN = "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}";
|
|
||||||
# You need to specify this to remove the port from URLs in the web UI.
|
|
||||||
ROOT_URL = "https://${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}/";
|
|
||||||
HTTP_PORT = cfg.forgejo.port;
|
|
||||||
};
|
|
||||||
|
|
||||||
# You can temporarily allow registration to create an admin user.
|
|
||||||
service.DISABLE_REGISTRATION = true;
|
|
||||||
# Add support for actions, based on act: https://github.com/nektos/act
|
|
||||||
# actions = {
|
|
||||||
# ENABLED = true;
|
|
||||||
# DEFAULT_ACTIONS_URL = "github";
|
|
||||||
# };
|
|
||||||
# Sending emails is completely optional
|
|
||||||
# You can send a test email from the web UI at:
|
|
||||||
# Profile Picture > Site Administration > Configuration > Mailer Configuration
|
|
||||||
# mailer = {
|
|
||||||
# ENABLED = true;
|
|
||||||
# SMTP_ADDR = "mail.${cfg.domain.base}.${cfg.domain.tld}";
|
|
||||||
# FROM = "noreply@${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}";
|
|
||||||
# USER = "noreply@${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}";
|
|
||||||
# };
|
|
||||||
};
|
|
||||||
# mailerPasswordFile = config.age.secrets.forgejo-mailer-password.path;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,145 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
inputs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib; let
|
|
||||||
name = "forgejo_runner";
|
|
||||||
cfg = config.services.skynet."${name}";
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
];
|
|
||||||
|
|
||||||
options.services.skynet."${name}" = {
|
|
||||||
enable = mkEnableOption "Skynet ForgeJo Runner";
|
|
||||||
|
|
||||||
runner = {
|
|
||||||
name = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = config.networking.hostName;
|
|
||||||
};
|
|
||||||
|
|
||||||
website = mkOption {
|
|
||||||
default = "https://forgejo.skynet.ie";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
user = mkOption {
|
|
||||||
default = "gitea-runner";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
|
||||||
# https://search.nixos.org/options?from=0&size=50&sort=alpha_desc&type=packages&query=services.gitlab-runner.
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
forgejo-actions-runner
|
|
||||||
];
|
|
||||||
|
|
||||||
age.secrets.forgejo_runner_token = {
|
|
||||||
file = ../../secrets/forgejo/runners/token.age;
|
|
||||||
owner = cfg.runner.user;
|
|
||||||
group = cfg.runner.user;
|
|
||||||
};
|
|
||||||
|
|
||||||
# make sure the ssh config stuff is in teh right palce
|
|
||||||
systemd.tmpfiles.rules = [
|
|
||||||
#"d /home/${cfg.runner.user} 0755 ${cfg.runner.user} ${cfg.runner.user}"
|
|
||||||
"L+ /home/${cfg.runner.user}/.ssh/config 0755 ${cfg.runner.user} ${cfg.runner.user} - ${./ssh_config}"
|
|
||||||
];
|
|
||||||
age.secrets.forgejo_runner_ssh = {
|
|
||||||
file = ../../secrets/forgejo/runners/ssh.age;
|
|
||||||
mode = "600";
|
|
||||||
owner = "${cfg.runner.user}";
|
|
||||||
group = "${cfg.runner.user}";
|
|
||||||
symlink = false;
|
|
||||||
path = "/home/${cfg.runner.user}/.ssh/skynet/root";
|
|
||||||
};
|
|
||||||
|
|
||||||
nix = {
|
|
||||||
settings = {
|
|
||||||
trusted-users = [
|
|
||||||
# allow the runner to build nix stuff and to use the cache
|
|
||||||
"gitea-runner"
|
|
||||||
];
|
|
||||||
trusted-public-keys = [
|
|
||||||
"skynet-cache:zMFLzcRZPhUpjXUy8SF8Cf7KGAZwo98SKrzeXvdWABo="
|
|
||||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
|
||||||
];
|
|
||||||
substituters = [
|
|
||||||
"https://nix-cache.skynet.ie/skynet-cache/"
|
|
||||||
"https://cache.nixos.org/"
|
|
||||||
];
|
|
||||||
trusted-substituters = [
|
|
||||||
"https://nix-cache.skynet.ie/skynet-cache/"
|
|
||||||
"https://cache.nixos.org/"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# very basic setup to always be watching for changes in teh cache
|
|
||||||
systemd.services.attic-uploader = {
|
|
||||||
enable = true;
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = "${pkgs.attic-client}/bin/attic watch-store skynet-cache";
|
|
||||||
User = "root";
|
|
||||||
Restart = "always";
|
|
||||||
RestartSec = 1;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# give teh runner user a home to store teh ssh config stuff
|
|
||||||
systemd.services.gitea-runner-default.serviceConfig = {
|
|
||||||
DynamicUser = lib.mkForce false;
|
|
||||||
User = lib.mkForce cfg.runner.user;
|
|
||||||
};
|
|
||||||
users = {
|
|
||||||
groups."${cfg.runner.user}" = {};
|
|
||||||
users."${cfg.runner.user}" = {
|
|
||||||
#isSystemUser = true;
|
|
||||||
isNormalUser = true;
|
|
||||||
group = cfg.runner.user;
|
|
||||||
createHome = true;
|
|
||||||
shell = pkgs.bash;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# the actual runner
|
|
||||||
services.gitea-actions-runner = {
|
|
||||||
package = pkgs.forgejo-actions-runner;
|
|
||||||
instances.default = {
|
|
||||||
enable = true;
|
|
||||||
name = cfg.runner.name;
|
|
||||||
url = cfg.runner.website;
|
|
||||||
tokenFile = config.age.secrets.forgejo_runner_token.path;
|
|
||||||
labels = [
|
|
||||||
## optionally provide native execution on the host:
|
|
||||||
"nix:host"
|
|
||||||
"docker:docker://node:16-bullseye"
|
|
||||||
"ubuntu-latest:docker://node:16-bullseye"
|
|
||||||
];
|
|
||||||
|
|
||||||
hostPackages = with pkgs; [
|
|
||||||
# default ones
|
|
||||||
bash
|
|
||||||
coreutils
|
|
||||||
curl
|
|
||||||
gawk
|
|
||||||
gitMinimal
|
|
||||||
gnused
|
|
||||||
nodejs
|
|
||||||
wget
|
|
||||||
|
|
||||||
# used in deployments
|
|
||||||
inputs.colmena.defaultPackage."x86_64-linux"
|
|
||||||
attic-client
|
|
||||||
nix
|
|
||||||
openssh
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,5 +0,0 @@
|
||||||
Host *.skynet.ie 193.1.99.* 193.1.96.165
|
|
||||||
User root
|
|
||||||
IdentityFile ~/.ssh/skynet/root
|
|
||||||
IdentitiesOnly yes
|
|
||||||
|
|
|
@ -56,32 +56,32 @@ in {
|
||||||
# grep -r --exclude-dir={docker,containers,log,sys,nix,proc} gitlab /
|
# grep -r --exclude-dir={docker,containers,log,sys,nix,proc} gitlab /
|
||||||
|
|
||||||
age.secrets.gitlab_pw = {
|
age.secrets.gitlab_pw = {
|
||||||
file = ../../secrets/gitlab/pw.age;
|
file = ../secrets/gitlab/pw.age;
|
||||||
owner = cfg.user;
|
owner = cfg.user;
|
||||||
group = cfg.user;
|
group = cfg.user;
|
||||||
};
|
};
|
||||||
age.secrets.gitlab_secrets_db = {
|
age.secrets.gitlab_secrets_db = {
|
||||||
file = ../../secrets/gitlab/secrets_db.age;
|
file = ../secrets/gitlab/secrets_db.age;
|
||||||
owner = cfg.user;
|
owner = cfg.user;
|
||||||
group = cfg.user;
|
group = cfg.user;
|
||||||
};
|
};
|
||||||
age.secrets.gitlab_secrets_secret = {
|
age.secrets.gitlab_secrets_secret = {
|
||||||
file = ../../secrets/gitlab/secrets_secret.age;
|
file = ../secrets/gitlab/secrets_secret.age;
|
||||||
owner = cfg.user;
|
owner = cfg.user;
|
||||||
group = cfg.user;
|
group = cfg.user;
|
||||||
};
|
};
|
||||||
age.secrets.gitlab_secrets_otp = {
|
age.secrets.gitlab_secrets_otp = {
|
||||||
file = ../../secrets/gitlab/secrets_otp.age;
|
file = ../secrets/gitlab/secrets_otp.age;
|
||||||
owner = cfg.user;
|
owner = cfg.user;
|
||||||
group = cfg.user;
|
group = cfg.user;
|
||||||
};
|
};
|
||||||
age.secrets.gitlab_secrets_jws = {
|
age.secrets.gitlab_secrets_jws = {
|
||||||
file = ../../secrets/gitlab/secrets_jws.age;
|
file = ../secrets/gitlab/secrets_jws.age;
|
||||||
owner = cfg.user;
|
owner = cfg.user;
|
||||||
group = cfg.user;
|
group = cfg.user;
|
||||||
};
|
};
|
||||||
age.secrets.gitlab_db_pw = {
|
age.secrets.gitlab_db_pw = {
|
||||||
file = ../../secrets/gitlab/db_pw.age;
|
file = ../secrets/gitlab/db_pw.age;
|
||||||
owner = cfg.user;
|
owner = cfg.user;
|
||||||
group = cfg.user;
|
group = cfg.user;
|
||||||
};
|
};
|
|
@ -51,8 +51,8 @@ in {
|
||||||
pkgs.gitlab-runner
|
pkgs.gitlab-runner
|
||||||
];
|
];
|
||||||
|
|
||||||
age.secrets.runner_01_nix.file = ../../secrets/gitlab/runners/runner01.age;
|
age.secrets.runner_01_nix.file = ../secrets/gitlab/runners/runner01.age;
|
||||||
age.secrets.runner_02_general.file = ../../secrets/gitlab/runners/runner02.age;
|
age.secrets.runner_02_general.file = ../secrets/gitlab/runners/runner02.age;
|
||||||
|
|
||||||
boot.kernel.sysctl."net.ipv4.ip_forward" = true; # 1
|
boot.kernel.sysctl."net.ipv4.ip_forward" = true; # 1
|
||||||
virtualisation.docker.enable = true;
|
virtualisation.docker.enable = true;
|
|
@ -779,11 +779,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_8": {
|
"nixpkgs_8": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1722813957,
|
"lastModified": 1721379653,
|
||||||
"narHash": "sha256-IAoYyYnED7P8zrBFMnmp7ydaJfwTnwcnqxUElC1I26Y=",
|
"narHash": "sha256-8MUgifkJ7lkZs3u99UDZMB4kbOxvMEXQZ31FO3SopZ0=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "cb9a96f23c491c081b38eab96d22fa958043c9fa",
|
"rev": "1d9c2c9b3e71b9ee663d11c5d298727dace8d374",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -26,8 +26,7 @@ Notes: Each user has roughly 20gb os storage
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
../applications/git/gitlab.nix
|
../applications/gitlab.nix
|
||||||
../applications/git/forgejo.nix
|
|
||||||
];
|
];
|
||||||
|
|
||||||
deployment = {
|
deployment = {
|
||||||
|
@ -42,6 +41,5 @@ in {
|
||||||
host = host;
|
host = host;
|
||||||
backup.enable = true;
|
backup.enable = true;
|
||||||
gitlab.enable = true;
|
gitlab.enable = true;
|
||||||
forgejo.enable = true;
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,8 +25,7 @@ Notes:
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
../applications/git/gitlab_runner.nix
|
../applications/gitlab_runner.nix
|
||||||
../applications/git/forgejo_runner.nix
|
|
||||||
];
|
];
|
||||||
|
|
||||||
deployment = {
|
deployment = {
|
||||||
|
@ -45,7 +44,5 @@ in {
|
||||||
enable = true;
|
enable = true;
|
||||||
runner.name = "runner01";
|
runner.name = "runner01";
|
||||||
};
|
};
|
||||||
|
|
||||||
forgejo_runner.enable = true;
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Binary file not shown.
|
@ -1,17 +0,0 @@
|
||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 V1pwNA bGirG6sUND19fSIwyvtjS3RDjyNUc+kXmzRoN4P1bC8
|
|
||||||
kPJr2S9BlGWWnoggce6dx1OR0/r57AB5Rcgz+qY0qKE
|
|
||||||
-> ssh-ed25519 4PzZog iciiKCHhfK38SwvSPrdoMK7C250qTV5eBgv657iyKwU
|
|
||||||
dEiSS1FuxEpovNAl1HPZk+MRCcjLGiKgTfpi5Ssi38M
|
|
||||||
-> ssh-ed25519 5Nd93w FFgxLg0NNK6Op64FHu24sjaerv3jgDaPz6uKPi/A8AE
|
|
||||||
ZvHbJ2K3T7CUJSrrpF9fMmP6FWCQ3i6m/5Fi2UNtbew
|
|
||||||
-> ssh-ed25519 q8eJgg nVm1H/mbEsGt2O87i7VKUL5do6Rc7n5nvSilUtQ4cBU
|
|
||||||
WWtsNbIatU5ZostueLntGgKD/nxcavZPheU9afRvbH0
|
|
||||||
-> ssh-ed25519 KVr8rw Nnroz2PgUoJsd/frf+N+b7xdJDAzj3NsmJaogsIkYGk
|
|
||||||
xX73tnCCYGBNA3BRjjPMn/IV+qwjIwEUk+IZbhCCfHY
|
|
||||||
-> ssh-ed25519 fia1eQ GLYqWGKYKwkBRwQ7SxSnErmz1MFw5gPCexfap8VM9Rk
|
|
||||||
Z+dIKhk+JH7W07diX1Abr/Deezkw8xGkzXQuYn1HfJI
|
|
||||||
-> ssh-ed25519 yvS9bw Lwo77pDciewUZemyFc1EUboIlXFCBx3CY6BGuizach4
|
|
||||||
AkWzgV1zRJzLtfRxkfhmd80EU8fW1w+5sxMAfWgdEMI
|
|
||||||
--- ac6h3StxSHr+HFsyPIBPENQRcfKzXX8fzJlZ0MER/8c
|
|
||||||
å¯ñ„üzwyCÉ>þÖ¸Æ\k¡±êu/<2F>óí{z§©€<>¢Õ®¼<C2AE>º<EFBFBD>ø£jDÇÐÒßã4õ{^mÃDsÝ妞ÂÎ#kiné“xo
|
|
|
@ -134,9 +134,6 @@ in {
|
||||||
"gitlab/runners/runner01.age".publicKeys = users ++ gitlab_runners;
|
"gitlab/runners/runner01.age".publicKeys = users ++ gitlab_runners;
|
||||||
"gitlab/runners/runner02.age".publicKeys = users ++ gitlab_runners;
|
"gitlab/runners/runner02.age".publicKeys = users ++ gitlab_runners;
|
||||||
|
|
||||||
"forgejo/runners/token.age".publicKeys = users ++ gitlab_runners;
|
|
||||||
"forgejo/runners/ssh.age".publicKeys = users ++ gitlab_runners;
|
|
||||||
|
|
||||||
# for ldap
|
# for ldap
|
||||||
"ldap/pw.age".publicKeys = users ++ ldap ++ bitwarden;
|
"ldap/pw.age".publicKeys = users ++ ldap ++ bitwarden;
|
||||||
# for use connectring to teh ldap
|
# for use connectring to teh ldap
|
||||||
|
|
Loading…
Reference in a new issue