87 lines
2.4 KiB
Nix
87 lines
2.4 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let cfg = config.services.woodpecker-agent;
|
|
servercfg = config.services.woodpecker-server;
|
|
in
|
|
{
|
|
options = {
|
|
services.woodpecker-agent = {
|
|
enable = mkOption {
|
|
default = false;
|
|
type = types.bool;
|
|
description = lib.mdDoc "Enable Woodpecker agent.";
|
|
};
|
|
|
|
user = mkOption {
|
|
type = types.str;
|
|
default = "woodpecker-agent";
|
|
description = lib.mdDoc "User account under which woodpecker agent runs.";
|
|
};
|
|
|
|
agentSecretFile = mkOption {
|
|
type = types.nullOr types.path;
|
|
default = servercfg.agentSecretFile;
|
|
description = lib.mdDoc "Read the agent secret from this file path.";
|
|
};
|
|
|
|
maxProcesses = mkOption {
|
|
type = types.int;
|
|
default = 1;
|
|
description = lib.mdDoc "The maximum number of processes per agent.";
|
|
};
|
|
|
|
backend = mkOption {
|
|
type = types.enum [ "auto-detect" "docker" "local" "ssh" ];
|
|
default = "auto-detect";
|
|
description = lib.mdDoc "Configures the backend engine to run pipelines on.";
|
|
};
|
|
|
|
server = mkOption {
|
|
type = types.str;
|
|
default = "localhost:${if servercfg.enabled then toString servercfg.gRPCPort else "9000"}";
|
|
description = lib.mdDoc "The gPRC address of the server.";
|
|
};
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
systemd.services.woodpecker-agent = {
|
|
description = "woodpecker-agent";
|
|
after = [ "network.target" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
serviceConfig = {
|
|
Type = "simple";
|
|
User = cfg.user;
|
|
Group = "woodpecker-agent";
|
|
ExecStart = "${pkgs.woodpecker-agent}/bin/woodpecker-agent";
|
|
Restart = "always";
|
|
# TODO add security/sandbox params.
|
|
};
|
|
environment = mkMerge [
|
|
{
|
|
WOODPECKER_SERVER=true;
|
|
WOODPECKER_MAX_PROCS=cfg.maxProcesses;
|
|
WOODPECKER_BACKEND=cfg.backend;
|
|
}
|
|
(mkIf (cfg.agentSecretFile != null) {
|
|
WOODPECKER_AGENT_SECRET_FILE=cfg.agentSecretFile;
|
|
})
|
|
];
|
|
};
|
|
|
|
users.users = mkIf (cfg.user == "woodpecker-agent") {
|
|
woodpecker-agent = {
|
|
createHome = true;
|
|
home = cfg.stateDir;
|
|
useDefaultShell = true;
|
|
group = "woodpecker-agent";
|
|
extraGroups = [ "woodpecker" ];
|
|
isSystemUser = true;
|
|
};
|
|
};
|
|
users.groups.woodpecker-agent = { };
|
|
};
|
|
}
|