Clean up old runner

2025-12-26 23:14:57 +08:00 · 2024-03-26 17:05:26 -04:00 · 2024-03-26 17:05:26 -04:00 · 8c6cb63649
commit 8c6cb63649
parent 96672a0bda
10 changed files with 17 additions and 248 deletions
--- a/clusters/github-runner/README.md
+++ b/clusters/github-runner/README.md
@ -0,0 +1,51 @@
+
+# Self-Hosted CI on Macbook Pro
+
+**WARNING: WIP Notes**. Expect final version in nixos.asia as a blog post.
+
+## `github-runner.nix`
+
+Create a classic token, and store it impurely:
+
+```sh
+sudo sh -c "echo 'ghp_...' > /run/github-token-ci"
+```
+
+Setup github-runner.nix for first time, and then:
+
+```sh
+sudo chown _github-runner:_github-runner /run/github-token-ci
+```
+
+## Linux Builder
+
+The author has observed the official "linux-builder" to be slow, in comparison to a Parallels VM. Prefer setting up a Parallels VM if you can.
+
+### Via Parallels
+
+- Create new VM, installing NixOS: https://nixos.asia/en/nixos-install-disko
+    - Name it parallels-linux-builder`
+    - CPU: 6; RAM 16GB; Disk 1TB; Use Rosetta
+    - Post install
+        - `sudo nano /etc/nixos/configuration.nix` and `services.openssh.enable = true;` and `sudo nixos-rebuild switch`
+        - If you are not using disko, you must copy over `hardware-configuration.nix`
+- `ssh-copy-id` your keys to both parallels@ and root@
+    - `ssh-copy-id -o PubkeyAuthentication=no -o PreferredAuthentications=password  parallels@parallels-linux-builder`
+    - `ssh parallels@parallels-linux-builder` and `sudo sh -c 'cp /home/parallels/.ssh/authorized_keys /root/.ssh'`
+    - Verify `ssh root@parallels-linux-builder` works.
+        - `service gdm stop` (we don't need)
+- Adjust the mac host keys
+
+```
+j remote-install
+```
+
+As root, run `ssh -i /etc/ssh/ssh_host_ed25519_key srid@parallels-linux-builder ` to access it as known host.
+
+### Via linux-builder
+
+See `nix-darwin/linux-builder`. Follow the instructions.
+
+## See also
+
+- [Zulip notes](https://nixos.zulipchat.com/#narrow/stream/413948-nixos/topic/Self-hosted.20GitHub.20runners)
--- a/clusters/github-runner/nixos-module.nix
+++ b/clusters/github-runner/nixos-module.nix
@ -18,15 +18,29 @@ let
          enable = true;
          replace = true;
          extraPackages = with pkgs; [
-            coreutils
+            # Standard nix tools
            nixci
+            cachix
+
+            # For nixos-flake
+            sd
+
+            # Tools already available in standard GitHub Runners; so we provide
+            # them here:
+            coreutils
+            which
+            jq
+            # https://github.com/actions/upload-pages-artifact/blob/56afc609e74202658d3ffba0e8f6dda462b719fa/action.yml#L40
+            (pkgs.runCommandNoCC "gtar" { } ''
+              mkdir -p $out/bin
+              ln -s ${lib.getExe pkgs.gnutar} $out/bin/gtar
+            '')
          ];
          url = "https://github.com/${user}/${repoName}";
        })));
  hostIP = "10.37.129.2"; # Find out using `ifconfig` on host, looking for bridge101
 in
 {
-
  # User
  users.users.${user} = {
    inherit group;
@ -38,6 +52,7 @@ in
  # Runners
  services.github-runners = mkPersonalRunners "srid" {
    perpetuum.num = 2;
+    haskell-flake.num = 2 * 7;
  };

  # macOS remote builder