tee hee next error

2025-09-29 16:12:43 +02:00 · 2025-09-29 16:12:43 +02:00 · df8ab8e97d
commit df8ab8e97d
parent 14f5aee907
1 changed files with 21 additions and 21 deletions
--- a/hosts/tesla-nixos/configuration.nix
+++ b/hosts/tesla-nixos/configuration.nix
@ -134,33 +134,33 @@
      # GitLab Runner
      services.gitlab-runner = {
        enable = true;
-        # service runs as this user so jobs share the same rootless Podman context
        user = "gitlab-runner";

-        concurrent = 4;
-        runners = [
-          {
-            name = "ci-nspawn-rootless-podman";
-            url  = "https://gitlab.com/";     # your GitLab URL
-            tokenFile = "/var/lib/gitlab-runner/registration-token"; # create this once
-            executor = "docker";              # GitLab's Docker executor (backed by Podman)
+        services = {
+          ci-nspawn-rootless-podman = {
+            # Prefer auth tokens (GitLab 18 deprecates registration tokens)
+            # Put CI_SERVER_URL and CI_SERVER_TOKEN into this file (ENV format).
+            authenticationTokenConfigFile = "/var/lib/gitlab-runner/token-env";
+            # …or, if you still use a registration token:
+            # registrationConfigFile = "/var/lib/gitlab-runner/registration.env";
+
+            executor = "docker";          # use Docker executor against Podman
            dockerImage = "alpine:3";
-            dockerPrivileged = true;          # often needed for DinD-like jobs; set false if you can
-            # Point the Docker executor at the *user* Podman socket:
-            environment = [
-              # IMPORTANT: set to the gitlab-runner user's runtime dir
-              # You can find UID with: id -u gitlab-runner (in container)
-              "DOCKER_HOST=unix:///run/user/$(id -u gitlab-runner)/podman/podman.sock"
-            ];
-            # Optional volumes for caching, etc.
+            dockerPrivileged = true;      # tighten later if you can
            dockerVolumes = [
              "/var/lib/gitlab-runner/cache:/cache"
            ];
-            # Helpful default pull behavior
-            dockerPullPolicy = "if-not-present";
-          }
-        ];
-      };
+
+            # If your nixpkgs exposes it (most do), point Docker executor at Podman:
+            dockerHost = "unix:///run/user/$(id -u gitlab-runner)/podman/podman.sock";
+            # If that option isn’t available in your channel, instead supply a full
+            # config.toml via `services.gitlab-runner.configFile` where you set:
+            #   [runners.docker]
+            #   host = "unix:///run/user/UID/podman/podman.sock"
+          }; # end services.ci-nspawn-rootless-podman
+        }; # end services.gitlab-runner
+      }; # end containers.ci.config
+

      # Make sure systemd + cgroups are fully available inside the container
      systemd.oomd.enable = false; # avoids noise in small containers