hackclub/burrow
1
0
Fork 0
Code Pull requests Releases Packages Activity Actions

Harden macos runner cleanup
Some checks failed
Build Apple / Build App (macOS) (push) Waiting to run
Details
Build Apple / Build App (iOS Simulator) (push) Has started running
Details
Build Site / Next.js Build (push) Successful in 2m1s
Details
Build Rust / Cargo Test (push) Has been cancelled
Details

Browse source
This commit is contained in:
Conrad Kramer 2026-03-19 14:01:37 -07:00
parent fc79766a31
commit 283209d364
5 changed files with 239 additions and 113 deletions
Download patch file Download diff file Expand all files Collapse all files

6
services/forgejo-nsc/README.md
View file

@ -45,6 +45,9 @@ profile. The important knobs are:
- `namespace.machine_type` / `namespace.duration` shape + TTL for the ephemeral
Namespace environment. The dispatcher destroys the instance after a job so the
TTL acts as a hard cap, not an idle timeout.
- macOS fallback launches still use `nsc create`, but bootstrap runs over the
Compute SSH config endpoint instead of `nsc ssh` so the dispatcher can always
destroy the instance itself instead of relying on a websocket SSH proxy handoff.
- `namespace.linux_cache_*` / `namespace.macos_cache_*` persistent cache
volumes mounted into runners so Linux can keep `/nix` plus shared build
caches warm and macOS can reuse Rust toolchains, Xcode package caches, and
@ -176,6 +179,9 @@ Long-lived runtime state is now sourced from age-encrypted files:
After refreshing the encrypted secrets, deploy the forge host so
`config.age.secrets.*` updates the live paths for `services.burrow.forge`,
`services.burrow.forgeRunner`, and `services.burrow.forgejoNsc`.
The Nix host module also installs a periodic `forgejo-prune-runners` timer that
marks stale offline runners deleted in Forgejo's database so wedged instances do
not leave the queue polluted indefinitely.
Run it next to the dispatcher: