From f72713410af7bec3feb0205c5a199267b75e600c Mon Sep 17 00:00:00 2001
From: Jack O'Sullivan <jackos1998@gmail.com>
Date: Fri, 17 Nov 2023 02:36:32 +0000
Subject: [PATCH] nixos/gitea: Maybe working CI setup

---
 nixos/boxes/colony/vms/default.nix            |  2 +-
 .../boxes/colony/vms/whale2/gitea-actions.nix |  5 ++++-
 secrets/gitea/actions-runner.env.age          | 21 +++++++++++--------
 3 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/nixos/boxes/colony/vms/default.nix b/nixos/boxes/colony/vms/default.nix
index ef7bf51..a1a3c5a 100644
--- a/nixos/boxes/colony/vms/default.nix
+++ b/nixos/boxes/colony/vms/default.nix
@@ -156,7 +156,7 @@
               cpus = 8;
               threads = 2;
             };
-            memory = 16384;
+            memory = 32768;
             networks.vms.mac = "52:54:00:d5:d9:c6";
             cleanShutdown.timeout = 120;
             drives = [ ] ++ (optionals (!config.my.build.isDevVM) [
diff --git a/nixos/boxes/colony/vms/whale2/gitea-actions.nix b/nixos/boxes/colony/vms/whale2/gitea-actions.nix
index 0bd9943..6409815 100644
--- a/nixos/boxes/colony/vms/whale2/gitea-actions.nix
+++ b/nixos/boxes/colony/vms/whale2/gitea-actions.nix
@@ -7,6 +7,7 @@ let
   cfgFile = pkgs.writeText "gitea-actions-runner.yaml" (toJSON {
     container = {
       network = "colony";
+      privileged = true;
     };
     cache = {
       enabled = true;
@@ -28,7 +29,9 @@ in
         main = {
           enable = true;
           name = "main-docker";
-          labels = [ ];
+          labels = [
+            "ubuntu-22.04:docker://git.nul.ie/dev/actions-ubuntu:22.04"
+          ];
           url = "https://git.${pubDomain}";
           tokenFile = config.age.secrets."gitea/actions-runner.env".path;
         };
diff --git a/secrets/gitea/actions-runner.env.age b/secrets/gitea/actions-runner.env.age
index 5b98860..bd9cfcb 100644
--- a/secrets/gitea/actions-runner.env.age
+++ b/secrets/gitea/actions-runner.env.age
@@ -1,11 +1,14 @@
 -----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IC9FSlh2ZyA0Ynpx
-ZU84aTNsaCsrd0ZXRHQxZmt6dnpGNUViQlhJSEs2d0lVQWhWN3gwCi9KQmJPN092
-Tjl5UjFNeWtsdXhtNjhFdlNrS0Ezb1lqT1NjNDY2ZXd1cFUKLT4gWDI1NTE5IFRT
-Rld4NUNOaHB0b0l2eTQ5STB5V0dnZS9YUjF1RTZ5VndDaW5SYzg3aU0KcU9jbDlx
-czZkVm5pUVlmdEw1MEVheU9QN3hpRzlUbFR1WTdNOEpKU3lNTQotPiBkXDItZ3Jl
-YXNlCnQrY3FaendQNVF6RXNUWGZ4TE81QXJycC9kVTZjMDY4dnVLVkhIVWlMSlRS
-NjRsL0o0YVlUUQotLS0gY0tlekNPbzdaa1EySlA2bkdqbmRMbUhUVm01NjJ1MEgv
-K2dqcDhQL3BCdwpUfh9ODJOtZ0jkeOSdCj17XbuALje7tBa41o2nl6at+WIgiodJ
-xZ+COxUZ4W1ehK2Nrjqe0zGL08JwHB3vt3Y5oitdlrjZcQRsBmM/GRKu
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IC9FSlh2ZyBYL09w
+aWtCSnR1SlF5dGl3ME14cEVXNXRCTlVJc2EzQ2h0aWcrTjZMSlh3CkZVV1p0ekFk
+cGdweS9uOVNKTFZtK2xFRmRYUDU5cjhYeGxsUi90QTJFWUEKLT4gWDI1NTE5IGVP
+TUczWU84V3Znb2UzMnowTkdheDFNYjcwNWNiRENVSnZaL1dnSFV0d1UKT2pwdmJX
+aHF5aGRiT3c2bGtObFZtRTErQzEyYnh0SjliMGRTcXpYbjJDbwotPiBYMjU1MTkg
+azY4Vk5IdEhoVkhuRFdDOWVnV2poQ1JxTlFPSVlmK3lNei81Q3RwL2xoVQp2Tnk0
+dkxObzdSL3pseFBHRzliaDJwZXpiTmtNUFBCcFhCYmVIcjFLSE9ZCi0+IFUsdy1n
+cmVhc2Uga3daakI1IC0yK2IrYiBHdisnRW8KdlNXbmc1Q0hmS3dIVDJGbG9pankx
+L3UyTTBrMHY3emlvd3pEdUFVb0poOEVlWDE4eE5OYmxXSWcwajRsUk9ZZApMeHY5
+NTRlZitnCi0tLSBjczV1M2ppNzVwS1VjeTdjVkt6Zngva3RvUFBhS3FvanVyUHVy
+NkgyZnE4Cj/vbg5W+u2Ycmw31K590IF6tlnrMgn02tFTpGSGBzeay7LrzNWa2MIP
+SoaaCI1YLl0uTR89UuHjuXaLuFCVNuX7wMHpiRlJLBi/FLPiRLA=
 -----END AGE ENCRYPTED FILE-----