update workflow and sudo perms
Some checks are pending
Activate NixOS Homelab Configuration On Push / deploy (push) Waiting to run
Some checks are pending
Activate NixOS Homelab Configuration On Push / deploy (push) Waiting to run
This commit is contained in:
parent
21c7809cb6
commit
22ac4b4b5e
2 changed files with 10 additions and 2 deletions
|
|
@ -10,7 +10,7 @@ env:
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
deploy:
|
deploy:
|
||||||
runs-on: nixos-server
|
runs-on: nixos-server:host
|
||||||
defaults:
|
defaults:
|
||||||
run:
|
run:
|
||||||
shell: /bin/sh -e {0}
|
shell: /bin/sh -e {0}
|
||||||
|
|
@ -38,4 +38,5 @@ jobs:
|
||||||
ssh-private-key: ${{ secrets.DEPLOY_SSH_KEY }}
|
ssh-private-key: ${{ secrets.DEPLOY_SSH_KEY }}
|
||||||
|
|
||||||
- name: Deploy System over SSH
|
- name: Deploy System over SSH
|
||||||
run: nixos-rebuild switch --flake ./src#homelab --target-host root@localhost -L --show-trace
|
run: nixos-rebuild switch --flake ./src#homelab --target-host root@localhost -L --show-trace
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,11 @@
|
||||||
{ lib, pkgs, homelab, ... }: {
|
{ lib, pkgs, homelab, ... }: {
|
||||||
|
security.sudo.extraRules = [{
|
||||||
|
users = [ "gitea-runner" ];
|
||||||
|
commands = [{
|
||||||
|
command = "/run/current-system/sw/bin/nixos-rebuild";
|
||||||
|
options = [ "NOPASSWD" ];
|
||||||
|
}];
|
||||||
|
}];
|
||||||
services = {
|
services = {
|
||||||
forgejo = {
|
forgejo = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue