ambroisie/nix-config
ambroisie/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

modules: services: woodpecker: use 'path' option
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details

Browse source 
One less thing to modify in the systemd service.
This commit is contained in:
Bruno BELANYI 2023-09-13 12:40:19 +00:00
parent f3f8c8fc3f
commit e979589174
1 changed files with 11 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
modules/services/woodpecker/agent-exec/default.nix
View file

@ -21,15 +21,6 @@ in
PAGER = "cat"; PAGER = "cat";
}; };
environmentFile = [ cfg.sharedSecretFile ];
};
};
# Adjust runner service for nix usage
systemd.services.woodpecker-agent-exec = {
# Might break deployment
restartIfChanged = false;
path = with pkgs; [ path = with pkgs; [
woodpecker-plugin-git woodpecker-plugin-git
bash bash
@ -41,6 +32,15 @@ in
nix nix
]; ];
environmentFile = [ cfg.sharedSecretFile ];
};
};
# Adjust runner service for nix usage
systemd.services.woodpecker-agent-exec = {
# Might break deployment
restartIfChanged = false;
serviceConfig = { serviceConfig = {
# Same option as upstream, without @setuid # Same option as upstream, without @setuid
SystemCallFilter = lib.mkForce "~@clock @privileged @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @swap"; SystemCallFilter = lib.mkForce "~@clock @privileged @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @swap";