From a2de24657156c1e74d220b2756321c29ad3281f1 Mon Sep 17 00:00:00 2001 From: Robert Perce Date: Wed, 26 Nov 2025 16:02:11 -0600 Subject: [PATCH 1/4] add crm.rperce.net to caddy --- vm-homelab.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vm-homelab.nix b/vm-homelab.nix index d2d900b..8d93367 100644 --- a/vm-homelab.nix +++ b/vm-homelab.nix @@ -35,6 +35,9 @@ in "barkeep.rperce.net".extraConfig = '' reverse_proxy http://192.168.0.2:8000 ''; + "crm.rperce.net".extraConfig = '' + reverse_proxy http://192.168.0.2:3000 + ''; "minecraft.dukeceph.xyz".extraConfig = '' reverse_proxy http://192.168.0.4:8080 ''; From 0fbf1d0cb5f1253546a8f97ca3dba0ec8304b6ba Mon Sep 17 00:00:00 2001 From: Robert Perce Date: Wed, 7 Jan 2026 16:37:18 -0600 Subject: [PATCH 2/4] forge runner --- Taskfile | 7 +++++- flake.nix | 2 ++ lxc-forge-runner.nix | 58 ++++++++++++++++++++++++++++++++++++++++++++ lxc-metrics.nix | 1 + 4 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 lxc-forge-runner.nix diff --git a/Taskfile b/Taskfile index cef244f..8fde074 100755 --- a/Taskfile +++ b/Taskfile @@ -15,7 +15,7 @@ dump() { if [ -e "vm-$1.nix" ]; then sudo cp -f result/vzdump* /mnt/share/proxmox/dump/ elif [ -e "lxc-$1.nix" ]; then - sudo cp -f result/tarball/nixos-system-x86_64-linux.tar.xz "/mnt/share/proxmox/dump/$1.tar.xz" + sudo cp -f result/tarball/nixos-image-lxc-*.tar.xz "/mnt/share/proxmox/template/cache/$1.tar.xz" fi } @@ -38,6 +38,11 @@ deploy() { 'nixos-rebuild switch --flake .#'"$1"' --target-host admin@"'"$ip"'" --use-remote-sudo' } +jump-deploy() { + jump_ip=$(tailscale ip xalicas | head -n1) + env NIX_SSHOPTS="-J robert@$jump_ip" ./Taskfile deploy "$1" +} + ssh() { command "${2:-mosh}" admin@"$(get-ip "$1")" } diff --git a/flake.nix b/flake.nix index 3726b2f..6b8206e 100644 --- a/flake.nix +++ b/flake.nix @@ -30,12 +30,14 @@ outputs = { self, nixpkgs, ... }@inputs: majcraft = nixos-vma ./vm-majcraft.nix; homelab = nixos-vma ./vm-homelab.nix; metrics = nixos-lxc ./lxc-metrics.nix; + forge-runner = nixos-lxc ./lxc-forge-runner.nix; }; packages.${system} = { majcraft = image "majcraft"; homelab = image "homelab"; metrics = lxc "metrics"; + forge-runner = lxc "forge-runner"; }; }; } diff --git a/lxc-forge-runner.nix b/lxc-forge-runner.nix new file mode 100644 index 0000000..245c770 --- /dev/null +++ b/lxc-forge-runner.nix @@ -0,0 +1,58 @@ +{ + pkgs, + lib, + ... +}: + +{ + imports = [ + ./lxc-base.nix + ]; + + config = { + my.vm = { + name = "runner01"; + ip4 = "192.168.0.7"; + }; + + environment.systemPackages = with pkgs; [ + grafana-to-ntfy + ]; + + networking.extraHosts = '' + 192.168.0.2 xalicas + 192.168.0.3 proxmox + 192.168.0.4 craft01 + 192.168.0.5 lab01 + 192.168.0.6 metrics01 + 192.168.0.7 runner01 + 192.168.0.100 unifi + ''; + + networking.firewall.trustedInterfaces = [ "br-+" ]; + + virtualisation.docker = { + enable = true; + daemon.settings = { + fixed-cidr-v6 = "fd00::/80"; + ipv6 = true; + }; + }; + + services.gitea-actions-runner = { + package = pkgs.forgejo-runner; + instances.runner01 = { + enable = true; + name = "runner01"; + token = "E17wr2p2EH4krR5NIUokwsBhhdLCWNW5ahpEyjHY"; + url = "https://forge.rperce.net/"; + labels = [ + "node-22:docker://node:22-bookworm" + "nixos-latest:docker://nixos/nix" + "playwright-latest:docker://mcr.microsoft.com/playwright:v1.57.0-jammy" + ]; + # settings = { ... }; + }; + }; + }; +} diff --git a/lxc-metrics.nix b/lxc-metrics.nix index 207ec9e..de1ed6e 100644 --- a/lxc-metrics.nix +++ b/lxc-metrics.nix @@ -25,6 +25,7 @@ 192.168.0.4 craft01 192.168.0.5 lab01 192.168.0.6 metrics01 + 192.168.0.7 runner01 192.168.0.100 unifi ''; From df50fa38306bc82af19318827fcfab716b2104b4 Mon Sep 17 00:00:00 2001 From: Robert Perce Date: Wed, 7 Jan 2026 16:46:56 -0600 Subject: [PATCH 3/4] quote curl urls --- lxc-metrics.nix | 2 +- vm-homelab.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lxc-metrics.nix b/lxc-metrics.nix index de1ed6e..023f94f 100644 --- a/lxc-metrics.nix +++ b/lxc-metrics.nix @@ -173,7 +173,7 @@ startAt = "daily"; postHook = '' if [ $exitStatus -eq 0 ]; then - curl -sSL http://metrics01:3001/api/push/LmyyAawLzw?status=up&msg=OK&ping= + /run/current-system/sw/bin/curl -sSL 'http://192.168.0.6:3001/api/push/LmyyAawLzw?status=up&msg=OK&ping=' fi ''; }; diff --git a/vm-homelab.nix b/vm-homelab.nix index 8d93367..a082ce5 100644 --- a/vm-homelab.nix +++ b/vm-homelab.nix @@ -108,7 +108,7 @@ in postHook = '' echo "exit $exitStatus" if [ $exitStatus -eq 0 ]; then - /run/current-system/sw/bin/curl -sSL http://192.168.0.6:3001/api/push/yTBTVZF8Bz?status=up&msg=OK&ping= + /run/current-system/sw/bin/curl -sSL 'http://192.168.0.6:3001/api/push/yTBTVZF8Bz?status=up&msg=OK&ping=' fi ''; }; From 39bc01a6a4e2c11863c114dc67bef64a383fb6e8 Mon Sep 17 00:00:00 2001 From: Robert Perce Date: Sun, 18 Jan 2026 22:45:50 -0600 Subject: [PATCH 4/4] fix: install curl to use it --- lxc-metrics.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lxc-metrics.nix b/lxc-metrics.nix index 023f94f..9ec1d7b 100644 --- a/lxc-metrics.nix +++ b/lxc-metrics.nix @@ -17,6 +17,7 @@ environment.systemPackages = with pkgs; [ grafana-to-ntfy + curl ]; networking.extraHosts = '' @@ -29,7 +30,7 @@ 192.168.0.100 unifi ''; - networking.firewall.allowedTCPPorts = [ + networking.firewall.allowedTCPPorts = [ 3000 # grafana 3001 # uptime-kuma ]; @@ -173,7 +174,7 @@ startAt = "daily"; postHook = '' if [ $exitStatus -eq 0 ]; then - /run/current-system/sw/bin/curl -sSL 'http://192.168.0.6:3001/api/push/LmyyAawLzw?status=up&msg=OK&ping=' + /run/current-system/sw/bin/curl -sSL 'http://uptime.rperce.net/api/push/LmyyAawLzw?status=up&msg=OK&ping=' fi ''; };