2024-07-09 11:41:05 +10:00
|
|
|
{ config, inputs, ... }:
|
2024-12-16 08:34:56 +10:00
|
|
|
let
|
|
|
|
|
secret = {
|
2024-07-09 11:41:05 +10:00
|
|
|
owner = "hercules-ci-agent";
|
2024-12-16 08:34:56 +10:00
|
|
|
sopsFile = "${inputs.self}/modules/secrets/hercules-ci.yaml";
|
2024-07-09 11:41:05 +10:00
|
|
|
};
|
2024-12-16 08:34:56 +10:00
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
sops.secrets.hercules-binary-caches = secret;
|
2024-07-09 11:41:05 +10:00
|
|
|
|
2024-12-16 08:34:56 +10:00
|
|
|
sops.secrets.hercules-cluster-join-token = secret;
|
2024-07-09 11:41:05 +10:00
|
|
|
|
2024-12-16 08:34:56 +10:00
|
|
|
sops.secrets.hercules-secrets = secret;
|
2024-07-09 11:41:05 +10:00
|
|
|
|
|
|
|
|
services.hercules-ci-agent = {
|
|
|
|
|
enable = true;
|
|
|
|
|
settings = {
|
2024-12-16 08:34:56 +10:00
|
|
|
binaryCachesPath = config.sops.secrets.hercules-binary-caches.path;
|
|
|
|
|
clusterJoinTokenPath = config.sops.secrets.hercules-cluster-join-token.path;
|
2024-07-09 11:41:05 +10:00
|
|
|
# secrets file is needed for effects
|
2024-12-16 08:34:56 +10:00
|
|
|
secretsJsonPath = config.sops.secrets.hercules-secrets.path;
|
2024-07-09 11:41:05 +10:00
|
|
|
};
|
|
|
|
|
};
|
2025-01-22 15:09:16 +10:00
|
|
|
|
|
|
|
|
# State 'stop-sigterm' timed out. Killing.
|
|
|
|
|
systemd.services.hercules-ci-agent.serviceConfig.TimeoutStopSec = 15;
|
2024-07-09 11:41:05 +10:00
|
|
|
}
|
