Skip to content

Commit

Permalink
wip gha
Browse files Browse the repository at this point in the history
  • Loading branch information
nathanregner committed Mar 16, 2024
1 parent 1484832 commit 82a82fb
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 3 deletions.
11 changes: 11 additions & 0 deletions machines/iapetus/configuration.nix
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,17 @@
true; # Open ports in the firewall for Source Dedicated Server
};

sops.secrets.github-runner-token = {
sopsFile = ../../modules/nixos/server/secrets.yaml;
key = "github_runner_token";
};
services.github-runners.nix-config = {
enable = true;
url = "https://github.com/nathanregner/nix-config";
tokenFile = config.sops.secrets.github-runner-token.path;
replace = true;
};

# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It‘s perfectly fine and recommended to leave
Expand Down
7 changes: 4 additions & 3 deletions modules/nixos/server/secrets.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
tailscale:
builder_key: ENC[AES256_GCM,data:Ybz2bQVF1WHTcPxmzHZ3AgwlpHBB6OMBTOTNpFIP3/2nncaWBgEUUPT+PtuJ/GylR8JZXAhVVT8=,iv:cdLkXSvMErFELAwlq3sMJ7EJkFZr6frQyp1QeXsogPI=,tag:78mBb4YQCOtIxivGTex88Q==,type:str]
server_key: ENC[AES256_GCM,data:krpxufjTex34DFtY01kPevhMAZ4vo/YKtpeRa8raidqEtaGZNitCco/JAtNmKjT2ChAmMnhCFypb,iv:fpH/UGCRM7+PMCEsDtvoRzmnRJOBSFWEhhLo5dDOlwU=,tag:SswbMkp/oSajbBTHn8ToDg==,type:str]
github_runner_token: ENC[AES256_GCM,data:ciw25H8OKXNDimOJkNWSO/CVosxbRrRNuLskqg+f574W1UWiDbLyCYuhLK4f83TdeUxOr6sXwIxOLmJXtF+MulSFCF13+j7GRRq+smicnr2V2vvOS0yJwFiJwjRr,iv:rzE9cqvDamyu+ki75t17p9lW/2vXgTvfsRvFeCvtPh0=,tag:YyNQqwvxy7cLdQleBrYoYw==,type:str]
sops:
shamir_threshold: 1
kms:
Expand Down Expand Up @@ -84,8 +85,8 @@ sops:
R25hNm1ucWVCRWI1ZGoya0hNd004bVkKN2Nzy4nNSpD7oaRJBdMJfCrVwe67C4cG
WSREMis7mA1SRhfTthOtCPJBIiHpuDJWFU0gRPmwYcCvKMlZwVM1EQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-02-28T03:30:43Z"
mac: ENC[AES256_GCM,data:Kt4+CAVv8IU91Bs+K6RtSOdVFFM2jNX9cvjN+wXE3YFH5lCYcvyjCKHd5QYIuOOJJiVUsanz8oQ5FpFt5U75uqjSa4EgB3Pp8QZS0hXNCoLc5Crd3gA6e1k9UygI7mUvc/X4QMp8kmqpn9VWL21DF4dfw4D2+Q180YZ2oj0d3Jk=,iv:dMXf/2WHZi7dOnH+r2pbGExBXmyT5TQjru9gZawqsnQ=,tag:5GHUSEGA+g688+HvGQOyqg==,type:str]
lastmodified: "2024-03-16T00:42:10Z"
mac: ENC[AES256_GCM,data:ktE2ZCXfC+3YDCkO9SpMgNsvZV/BNwMQA5cxw/v3jUJhnGzkBU6I/Qc/dzu/uAnPIge89giQ4piAovuR5smmT+5/bqGkHmKW5T2+KB+bsh5HebGhsh+NlsXJxCzAV178ykenoj3kBx2W6o127VZgrpRdVR347STCrTuKxtDO39A=,iv:yZJ9EL1m4oBtOQFPktTkpdLc4XfKC3vXr229pwQm46k=,tag:A8Sdfpk39eUATgNuLCpI5Q==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3
version: 3.8.1

0 comments on commit 82a82fb

Please sign in to comment.