Skip to content

Commit fa8ef76

Browse files
theorderingmachinetheorderingmachine
committed
ci: use generic github runner account with corrections to bins
1 parent a3e0521 commit fa8ef76

File tree

2 files changed

+23
-20
lines changed

2 files changed

+23
-20
lines changed

machines/tim/configuration.nix

Lines changed: 17 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -54,13 +54,15 @@
5454
};
5555
secrets = {
5656
"github/runners/dotfiles" = {
57-
owner = "dotfiles";
58-
group = "dotfiles";
57+
group = "_github-runner";
58+
owner = "_github-runner";
59+
path = "/run/secrets/github/runners/dotfiles";
5960
};
60-
"github/ssh" = {
61+
"github/theorderingmachine" = {
6162
key = "ssh/private";
62-
owner = "dotfiles";
63-
group = "dotfiles";
63+
group = "_github-runner";
64+
owner = "_github-runner";
65+
path = "/run/secrets/github/theorderingmachine";
6466
};
6567
"ssh/private" = {
6668
owner = input.config.users.users.ez.name;
@@ -95,20 +97,20 @@
9597
stateVersion = 5;
9698
};
9799
users = {
98-
knownGroups = [ "dotfiles" ];
99-
knownUsers = [ "dotfiles" ];
100+
knownGroups = [ "_github-runner" ];
101+
knownUsers = [ "_github-runner" ];
100102
groups = {
101-
dotfiles = {
102-
gid = 534;
103+
_github-runner = {
104+
gid = 533;
103105
};
104106
};
105107
users = {
106-
dotfiles = {
107-
createHome = true;
108-
gid = 534;
109-
home = "/private/var/lib/dotfiles";
110-
name = "dotfiles";
111-
uid = 534;
108+
_github-runner = {
109+
createHome = false;
110+
gid = 533;
111+
home = "/private/var/lib/github-runners";
112+
name = "_github-runner";
113+
uid = 533;
112114
};
113115
ez = {
114116
home = /Users/ez;

machines/tim/services/github-runners/default.nix

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -5,22 +5,23 @@
55
dotfiles = {
66
enable = true;
77
ephemeral = true;
8+
extraEnvironment = {
9+
DOTNET_SYSTEM_GLOBALIZATION_INVARIANT = "1";
10+
GIT_SSH_COMMAND = "ssh -i /run/secrets/github/theorderingmachine -o StrictHostKeyChecking=accept-new";
11+
};
812
extraLabels = [
913
"tim"
1014
];
11-
extraEnvironment = {
12-
GIT_SSH_COMMAND = "ssh -i /run/secrets/github/ssh -o StrictHostKeyChecking=accept-new";
13-
};
1415
extraPackages = [
1516
pkgs.openssh # https://github.com/openssh/openssh-portable
1617
pkgs.fastfetch # https://github.com/fastfetch-cli/fastfetch
1718
];
18-
group = "dotfiles";
19+
group = "_github-runner";
1920
name = "tim";
2021
replace = true;
2122
tokenFile = "/run/secrets/github/runners/dotfiles";
2223
url = "https://github.com/zimeg/.DOTFILES";
23-
user = "dotfiles";
24+
user = "_github-runner";
2425
};
2526
};
2627
}

0 commit comments

Comments
 (0)