hackclub/burrow
1
0
Fork 0
Code Pull requests Releases Packages Activity Actions

Align Forgejo runner labels with workflows
Some checks failed
Build Rust / Cargo Test (push) Failing after 4s
Details
Build Site / Next.js Build (push) Failing after 0s
Details
Lint Governance / BEP Metadata (push) Failing after 0s
Details

Browse source
This commit is contained in:
Conrad Kramer 2026-04-06 01:12:47 -07:00
parent e2a2c73922
commit 5e58aafb07
2 changed files with 23 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
nixos/hosts/burrow-forge/default.nix
View file

@ -130,6 +130,12 @@ in
services.burrow.forgeRunner = { services.burrow.forgeRunner = {
enable = true; enable = true;
sshPrivateKeyFile = "/var/lib/burrow/intake/agent_at_burrow_net_ed25519"; sshPrivateKeyFile = "/var/lib/burrow/intake/agent_at_burrow_net_ed25519";
labels = [
"self-hosted"
"linux"
"x86_64"
"burrow-forge"
];
}; };
services.forgejo-nsc = { services.forgejo-nsc = {

17
nixos/modules/burrow-forge-runner.nix
View file

@ -5,8 +5,10 @@ let
runnerPkg = pkgs.forgejo-runner; runnerPkg = pkgs.forgejo-runner;
stateDir = cfg.stateDir; stateDir = cfg.stateDir;
runnerFile = "${stateDir}/.runner"; runnerFile = "${stateDir}/.runner";
registrationFingerprintFile = "${stateDir}/.runner-registration-fingerprint";
configFile = "${stateDir}/runner.yaml"; configFile = "${stateDir}/runner.yaml";
labelsCsv = lib.concatStringsSep "," (map (label: "${label}:host") cfg.labels); labelsCsv = lib.concatStringsSep "," (map (label: "${label}:host") cfg.labels);
registrationFingerprint = builtins.hashString "sha256" "${cfg.instanceUrl}\n${cfg.name}\n${labelsCsv}";
sshPrivateKeyFile = cfg.sshPrivateKeyFile or ""; sshPrivateKeyFile = cfg.sshPrivateKeyFile or "";
in in
{ {
@ -141,6 +143,17 @@ EOF
chown ${cfg.user}:${cfg.group} ${configFile} chown ${cfg.user}:${cfg.group} ${configFile}
chmod 0640 ${configFile} chmod 0640 ${configFile}
expected_fingerprint=${lib.escapeShellArg registrationFingerprint}
if [ -s ${runnerFile} ]; then
current_fingerprint=""
if [ -s ${registrationFingerprintFile} ]; then
current_fingerprint="$(tr -d '\r\n' < ${registrationFingerprintFile})"
fi
if [ "${"$"}current_fingerprint" != "${"$"}expected_fingerprint" ]; then
rm -f ${runnerFile} ${registrationFingerprintFile}
fi
fi
install -d -m 0700 -o ${cfg.user} -g ${cfg.group} ${stateDir}/.ssh install -d -m 0700 -o ${cfg.user} -g ${cfg.group} ${stateDir}/.ssh
${pkgs.util-linux}/bin/runuser -u ${cfg.user} -- \ ${pkgs.util-linux}/bin/runuser -u ${cfg.user} -- \
${pkgs.git}/bin/git config --global user.name ${lib.escapeShellArg cfg.gitUserName} ${pkgs.git}/bin/git config --global user.name ${lib.escapeShellArg cfg.gitUserName}
@ -177,6 +190,10 @@ EOF
--name ${lib.escapeShellArg cfg.name} \ --name ${lib.escapeShellArg cfg.name} \
--labels ${lib.escapeShellArg labelsCsv} \ --labels ${lib.escapeShellArg labelsCsv} \
--config ${configFile} --config ${configFile}
printf '%s\n' "${"$"}expected_fingerprint" > ${registrationFingerprintFile}
chown ${cfg.user}:${cfg.group} ${registrationFingerprintFile}
chmod 0640 ${registrationFingerprintFile}
fi fi
''; '';
}; };