diff --git a/build01/buildkite.nix b/build01/buildkite.nix
index fab9e14..05e37aa 100644
--- a/build01/buildkite.nix
+++ b/build01/buildkite.nix
@@ -6,5 +6,12 @@
tokenPath = "/run/keys/buildkite-token";
openssh.privateKeyPath = builtins.toPath "/run/keys/buildkite-agent-key";
openssh.publicKeyPath = builtins.toPath "/run/keys/buildkite-agent-key-pub";
+
+ runtimePackages = [
+ pkgs.gnutar
+ pkgs.bash
+ pkgs.nix
+ pkgs.gzip
+ ];
};
}
diff --git a/build01/configuration.nix b/build01/configuration.nix
index 4d30843..11fa8e6 100644
--- a/build01/configuration.nix
+++ b/build01/configuration.nix
@@ -3,7 +3,9 @@
{
imports = [
./hardware-configuration.nix
+
./buildkite.nix
+ ./gitlab.nix
../profiles/common.nix
../profiles/docker.nix
diff --git a/build01/gitlab.nix b/build01/gitlab.nix
new file mode 100644
index 0000000..41beef4
--- /dev/null
+++ b/build01/gitlab.nix
@@ -0,0 +1,18 @@
+{ pkgs, ... }:
+
+let
+ gitlabModule = pkgs.fetchFromGitLab {
+ owner = "arianvp";
+ repo = "nixos-gitlab-runner";
+ rev = "9126927c701aa399bd1734e7e5230c3a0010c1b7";
+ sha256 = "1s0fy5ny2ygcfvx35xws8xz5ih4z4kdfqlq3r6byxpylw7r52fyi";
+ };
+
+in {
+ imports = [
+ "${gitlabModule}/gitlab-runner.nix"
+ ];
+
+ services.gitlab-runner2.enable = true;
+ services.gitlab-runner2.registrationConfigFile = "/run/keys/gitlab-runner-registration";
+}
diff --git a/deployment.nix b/deployment.nix
index ef3a474..f50a83c 100644
--- a/deployment.nix
+++ b/deployment.nix
@@ -33,6 +33,12 @@ in {
permissions = "0600";
};
+ deployment.keys.gitlab-runner-registration = {
+ text = secrets.gitlab-runner-registration;
+ user = "gitlab-runner";
+ permissions = "0600";
+ };
+
};
}
diff --git a/secrets/default.nix b/secrets/default.nix
index 41d7dba..66710a9 100644
Binary files a/secrets/default.nix and b/secrets/default.nix differ
diff --git a/secrets/gitlab-runner-registration b/secrets/gitlab-runner-registration
new file mode 100644
index 0000000..d45159b
Binary files /dev/null and b/secrets/gitlab-runner-registration differ