From 9059e76b26bfb10851d23a674fd98016e826c848 Mon Sep 17 00:00:00 2001
From: Michael Thomas <michaelhthomas@outlook.com>
Date: Sun, 16 Jun 2024 15:07:20 -0400
Subject: [PATCH 1/7] fix: do not merge modules incorrectly

---
 flake.nix | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/flake.nix b/flake.nix
index cdd4ef1..512ca03 100644
--- a/flake.nix
+++ b/flake.nix
@@ -91,20 +91,22 @@
     };
 
     nixosConfigurations = let
-      homeModule =
-        baseHomeModule
-        // {
-          home-manager.users.michael = import ./user/environments/nixos/home.nix;
-        };
+      fullNixOSModules =
+        defaultModules
+        ++ [
+          baseHomeModule
+          {
+            home-manager.users.michael = import ./user/environments/nixos/home.nix;
+          }
+        ];
     in {
       kitchen = nixpkgs.lib.nixosSystem {
         system = utils.lib.system.x86_64-linux;
         modules =
-          defaultModules
+          fullNixOSModules
           ++ [
             ./modules/common.nix
             ./modules/containers.nix
-            homeModule
 
             ./machines/kitchen/configuration.nix
           ];
@@ -114,12 +116,11 @@
       thinkcentre = nixpkgs.lib.nixosSystem {
         system = utils.lib.system.x86_64-linux;
         modules =
-          defaultModules
+          fullNixOSModules
           ++ [
             ./modules/common.nix
             ./modules/hyprland.nix
             ./modules/containers.nix
-            homeModule
 
             ./machines/thinkcentre/configuration.nix
             agenix.nixosModules.default
@@ -135,13 +136,12 @@
       terra = nixpkgs.lib.nixosSystem {
         system = utils.lib.system.x86_64-linux;
         modules =
-          defaultModules
+          fullNixOSModules
           ++ [
             ./modules/common.nix
             ./modules/hyprland.nix
             ./modules/containers.nix
             ./modules/applications/steam
-            homeModule
 
             ./machines/terra/configuration.nix
             agenix.nixosModules.default

From 26d749fa043b9bcbf29c18d6f958d5d80d0a04c5 Mon Sep 17 00:00:00 2001
From: Michael Thomas <michaelhthomas@outlook.com>
Date: Sun, 16 Jun 2024 15:14:41 -0400
Subject: [PATCH 2/7] fix(thinkcentre): migrate to new syntax for xkb options

---
 machines/thinkcentre/configuration.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/machines/thinkcentre/configuration.nix b/machines/thinkcentre/configuration.nix
index 9e4602e..4da7a28 100644
--- a/machines/thinkcentre/configuration.nix
+++ b/machines/thinkcentre/configuration.nix
@@ -55,9 +55,9 @@
   };
 
   # Configure keymap in X11
-  services.xserver = {
+  services.xserver.xkb = {
     layout = "us";
-    xkbVariant = "";
+    variant = "";
   };
 
   services.openssh = {

From b746ec813fed3a2ab4737f481b85c83c57332026 Mon Sep 17 00:00:00 2001
From: Michael Thomas <michaelhthomas@outlook.com>
Date: Sun, 16 Jun 2024 15:15:15 -0400
Subject: [PATCH 3/7] chore: update lockfile

---
 flake.lock | 50 +++++++++++++++++++++++++-------------------------
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/flake.lock b/flake.lock
index 892b140..b935678 100644
--- a/flake.lock
+++ b/flake.lock
@@ -73,11 +73,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1718345812,
-        "narHash": "sha256-FJhA+YFsOFrAYe6EaiTEfomNf7jeURaPiG5/+a3DRSc=",
+        "lastModified": 1718440858,
+        "narHash": "sha256-iMVwdob8F6P6Ib+pnhMZqyvYI10ZxmvA885jjnEaO54=",
         "owner": "lnl7",
         "repo": "nix-darwin",
-        "rev": "ff988d78f2f55641efacdf9a585d2937f7e32a9b",
+        "rev": "58b905ea87674592aa84c37873e6c07bc3807aba",
         "type": "github"
       },
       "original": {
@@ -377,11 +377,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1717527182,
-        "narHash": "sha256-vWSkg6AMok1UUQiSYVdGMOXKD2cDFnajITiSi0Zjd1A=",
+        "lastModified": 1718530513,
+        "narHash": "sha256-BmO8d0r+BVlwWtMLQEYnwmngqdXIuyFzMwvmTcLMee8=",
         "owner": "rycee",
         "repo": "home-manager",
-        "rev": "845a5c4c073f74105022533907703441e0464bc3",
+        "rev": "a1fddf0967c33754271761d91a3d921772b30d0e",
         "type": "github"
       },
       "original": {
@@ -452,11 +452,11 @@
         "xdph": "xdph"
       },
       "locked": {
-        "lastModified": 1718395253,
-        "narHash": "sha256-kbXUz5Pg0ph9HD9wRO0w+kyCyX9n1YuED0WZGIH8GH4=",
+        "lastModified": 1718564210,
+        "narHash": "sha256-3+uzDpcA2zhcc3wEPwlhE4jE9p1sOkFg7DQw0Hw7Suc=",
         "ref": "refs/heads/main",
-        "rev": "cb63398f079b4b4324c04e2e41ba17983d66487c",
-        "revCount": 4829,
+        "rev": "d5ef10abf429355246abcda65fe4c15d886fad7c",
+        "revCount": 4850,
         "submodules": true,
         "type": "git",
         "url": "https://github.com/hyprwm/Hyprland"
@@ -642,11 +642,11 @@
         "nixpkgs": "nixpkgs_3"
       },
       "locked": {
-        "lastModified": 1718328588,
-        "narHash": "sha256-dTuHdsZkPJg2YS7S/04d5gLpLqCmKEGuJkRO0yHklgo=",
+        "lastModified": 1718501434,
+        "narHash": "sha256-bvsRY6N9bWJg31cPeWrTBahJ2ZbZJ1ncTqXl+fit4Q4=",
         "owner": "nix-community",
         "repo": "nix-vscode-extensions",
-        "rev": "ae25cb00075c72a2a91497814a11a00f567f5f75",
+        "rev": "8e091c59f250bcc1f6e73350fcacc59b36769ade",
         "type": "github"
       },
       "original": {
@@ -664,11 +664,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1717976391,
-        "narHash": "sha256-STKlWaiiFKDybexvQCg5U1+DSLRaxT93NwVaiBSEvTI=",
+        "lastModified": 1718470009,
+        "narHash": "sha256-VBeDG3we0bkbFWMyZy+wjUkmeDN58pGFzw1dQCTeDV8=",
         "owner": "nix-community",
         "repo": "NixOS-WSL",
-        "rev": "e3f215e518d52f6f2e68cf713cefe773284e1aa6",
+        "rev": "e0a970cbb8c3af05c80ef48a336ad91efd9b2bf6",
         "type": "github"
       },
       "original": {
@@ -768,11 +768,11 @@
         "treefmt-nix": "treefmt-nix"
       },
       "locked": {
-        "lastModified": 1718376125,
-        "narHash": "sha256-NIJZxmY2CWsqJK/9BQCRSHfcCY9K6thjq/1XtJobxmU=",
+        "lastModified": 1718560097,
+        "narHash": "sha256-JI17CzgQbbzeB2H0n3G9N/HtTAMFSq2IFbRPnlJNTt8=",
         "owner": "nix-community",
         "repo": "nixvim",
-        "rev": "7a2a25af02be25987aa43cd681312f4b5ba12317",
+        "rev": "6ac0d2869d8d5a71547a504900f9199871d62506",
         "type": "github"
       },
       "original": {
@@ -783,11 +783,11 @@
     },
     "nur": {
       "locked": {
-        "lastModified": 1718397909,
-        "narHash": "sha256-nQd/7GPc4OC0OY+uw0m2BbfXWj41jRoRotsUBarbN04=",
+        "lastModified": 1718559875,
+        "narHash": "sha256-7jH1WTZnrK1HI1Q/Gn7O0BnNWhXZ7qJWBmGeJldA1No=",
         "owner": "nix-community",
         "repo": "NUR",
-        "rev": "24123cf5fea48b71954e81b0f4fe5db127109979",
+        "rev": "92d4e146d9db87b515fc9d0e4f5f1ffd0a0b47cd",
         "type": "github"
       },
       "original": {
@@ -842,11 +842,11 @@
         "nixpkgs": "nixpkgs_5"
       },
       "locked": {
-        "lastModified": 1718331519,
-        "narHash": "sha256-6Ru37wS8uec626nHVIh6hSpCYB7eNc3RPFa2U//bhw4=",
+        "lastModified": 1718504420,
+        "narHash": "sha256-F2HT/abCfr0CDpkvXwYCscJyD66XDTLMVfdrIMRp2ck=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "419e7fae2731f41dd9b3e34dfe8802be68558b92",
+        "rev": "0043c3f92304823cc2c0a4354b0feaa61dfb4cd9",
         "type": "github"
       },
       "original": {

From 976942c353e0e15e044b863cddf859e4559b0070 Mon Sep 17 00:00:00 2001
From: Michael Thomas <michaelhthomas@outlook.com>
Date: Tue, 18 Jun 2024 16:33:37 -0400
Subject: [PATCH 4/7] feat(services/forgejo): add nix label for forgejo actions

---
 modules/services/forgejo/default.nix | 114 ++++++++++++++++++++++++---
 1 file changed, 104 insertions(+), 10 deletions(-)

diff --git a/modules/services/forgejo/default.nix b/modules/services/forgejo/default.nix
index 4e57c68..ea5f988 100644
--- a/modules/services/forgejo/default.nix
+++ b/modules/services/forgejo/default.nix
@@ -9,6 +9,33 @@ with lib; let
   inherit (config.my.server) domain proxyIP firewallInterface;
   forgejoDomain = "git.${domain}";
   forgejoUrl = "https://${forgejoDomain}";
+
+  # for nix actions runner
+  storeDeps = pkgs.runCommand "store-deps" {} ''
+    mkdir -p $out/bin
+    for dir in ${
+      toString [
+        pkgs.coreutils
+        pkgs.findutils
+        pkgs.gnugrep
+        pkgs.gawk
+        pkgs.git
+        pkgs.nix
+        pkgs.bash
+        pkgs.jq
+        pkgs.nodejs
+        pkgs.devenv
+      ]
+    }; do
+      for bin in "$dir"/bin/*; do
+        ln -s "$bin" "$out/bin/$(basename "$bin")"
+      done
+    done
+
+    # Add SSL CA certs
+    mkdir -p $out/etc/ssl/certs
+    cp -a "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" $out/etc/ssl/certs/ca-bundle.crt
+  '';
 in {
   options.my.services.forgejo = {
     enable = mkEnableOption "Forgejo";
@@ -59,33 +86,100 @@ in {
       };
 
       networking.firewall.interfaces."${firewallInterface}".allowedTCPPorts = [cfg.port];
+    })
+    (mkIf cfg.actions.enable {
+      # build image // taken from https://git.clan.lol/clan/clan-infra/src/branch/main/modules/web01/gitea/actions-runner.nix
+      # everything here has no dependencies on the store
+      systemd.services.forgejo-runner-nix-image = {
+        wantedBy = ["multi-user.target"];
+        after = ["podman.service"];
+        requires = ["podman.service"];
+        path = [
+          config.virtualisation.podman.package
+          pkgs.gnutar
+          pkgs.shadow
+          pkgs.getent
+        ];
+        # we also include etc here because the cleanup job also wants the nixuser to be present
+        script = ''
+          set -eux -o pipefail
+          mkdir -p etc/nix
 
+          # Create an unpriveleged user that we can use also without the run-as-user.sh script
+          touch etc/passwd etc/group
+          groupid=$(cut -d: -f3 < <(getent group nixuser))
+          userid=$(cut -d: -f3 < <(getent passwd nixuser))
+          groupadd --prefix $(pwd) --gid "$groupid" nixuser
+          emptypassword='$6$1ero.LwbisiU.h3D$GGmnmECbPotJoPQ5eoSTD6tTjKnSWZcjHoVTkxFLZP17W9hRi/XkmCiAMOfWruUwy8gMjINrBMNODc7cYEo4K.'
+          useradd --prefix $(pwd) -p "$emptypassword" -m -d /tmp -u "$userid" -g "$groupid" -G nixuser nixuser
+
+          cat <<NIX_CONFIG > etc/nix/nix.conf
+          accept-flake-config = true
+          experimental-features = nix-command flakes
+          NIX_CONFIG
+
+          cat <<NSSWITCH > etc/nsswitch.conf
+          passwd:    files mymachines systemd
+          group:     files mymachines systemd
+          shadow:    files
+
+          hosts:     files mymachines dns myhostname
+          networks:  files
+
+          ethers:    files
+          services:  files
+          protocols: files
+          rpc:       files
+          NSSWITCH
+
+          # list the content as it will be imported into the container
+          tar -cv . | tar -tvf -
+          tar -cv . | podman import - forgejo-runner-nix
+        '';
+        serviceConfig = {
+          RuntimeDirectory = "forgejo-runner-nix-image";
+          WorkingDirectory = "/run/forgejo-runner-nix-image";
+          Type = "oneshot";
+          RemainAfterExit = true;
+        };
+      };
+
+      users.users.nixuser = {
+        group = "nixuser";
+        description = "Used for running nix ci jobs";
+        home = "/var/empty";
+        isSystemUser = true;
+      };
+      users.groups.nixuser = {};
+
+      # configure the actions runner itself
       age.secrets.forgejoActions.file = ../../../secrets/forgejo-actions.age;
       services.gitea-actions-runner = mkIf cfg.actions.enable {
         package = pkgs.unstable.forgejo-runner;
         instances.venus = {
           enable = true;
-          name = "venus";
+          name = "venus-nix-runner";
           url = forgejoUrl;
           settings = {
-            # log = {
-            #   level = "debug";
-            # };
-            options = "-v /var/run/podman/podman.sock:/var/run/podman/podman.sock";
+            # options = "-v /var/run/podman/podman.sock:/var/run/podman/podman.sock";
             runner = {
               capacity = 5;
               timeout = "45m";
             };
             container = {
-              privileged = true;
-              valid_volumes = ["*"];
-              force_pull = false;
+              options = "-e NIX_BUILD_SHELL=/bin/bash -e PAGER=cat -e PATH=/bin -e SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt --device /dev/kvm -v /nix:/nix -v ${storeDeps}/bin:/bin -v ${storeDeps}/etc/ssl:/etc/ssl --user nixuser --device=/dev/kvm";
+              # privileged = true;
+              valid_volumes = [
+                "/nix"
+                "${storeDeps}/bin"
+                "${storeDeps}/etc/ssl"
+              ];
+              # force_pull = false;
               network = "bridge";
             };
           };
           labels = [
-            "debian-latest:docker://ghcr.io/catthehacker/ubuntu:act-latest"
-            "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-latest"
+            "nix:docker://forgejo-runner-nix"
           ];
           tokenFile = config.age.secrets.forgejoActions.path;
         };

From 5c816c5b0a15a7ce560794af50b22dfbd50dabaf Mon Sep 17 00:00:00 2001
From: Michael Thomas <michaelhthomas@outlook.com>
Date: Tue, 18 Jun 2024 16:34:06 -0400
Subject: [PATCH 5/7] chore(nvim): update lockfile

---
 user/modules/nvim/lazy-lock.json | 10 ++++++++++
 user/modules/nvim/lazyvim.json   |  4 ++--
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/user/modules/nvim/lazy-lock.json b/user/modules/nvim/lazy-lock.json
index 475a915..df2d291 100644
--- a/user/modules/nvim/lazy-lock.json
+++ b/user/modules/nvim/lazy-lock.json
@@ -1,10 +1,12 @@
 {
   "LazyVim": { "branch": "main", "commit": "a5f8af912de4b334cb900a9f383b6e317568f27f" },
+  "LuaSnip": { "branch": "master", "commit": "50fcf17db7c75af80e6b6109acfbfb4504768780" },
   "bufferline.nvim": { "branch": "main", "commit": "99337f63f0a3c3ab9519f3d1da7618ca4f91cffe" },
   "catppuccin": { "branch": "main", "commit": "5215ea59df6d0a7e27da9a5cd1165e06d1b04cbe" },
   "cmp-buffer": { "branch": "main", "commit": "3022dbc9166796b644a841a02de8dd1cc1d311fa" },
   "cmp-nvim-lsp": { "branch": "main", "commit": "39e2eda76828d88b773cc27a3f61d2ad782c922d" },
   "cmp-path": { "branch": "main", "commit": "91ff86cd9c29299a64f968ebb45846c485725f23" },
+  "cmp_luasnip": { "branch": "master", "commit": "05a9ab28b53f71d1aece421ef32fee2cb857a843" },
   "conform.nvim": { "branch": "master", "commit": "069e971295a34a810484b7b2ef54b3c735214181" },
   "dashboard-nvim": { "branch": "master", "commit": "5346d023afc4bfc7ff63d05c70bcdb0784bb657a" },
   "dressing.nvim": { "branch": "master", "commit": "e3714c8049b2243e792492c4149e4cc395c68eb9" },
@@ -13,13 +15,18 @@
   "gitsigns.nvim": { "branch": "main", "commit": "4a143f13e122ab91abdc88f89eefbe70a4858a56" },
   "gruvbox.nvim": { "branch": "main", "commit": "d4cde3853a172485961b515c36d51d757728d6e6" },
   "indent-blankline.nvim": { "branch": "master", "commit": "d98f537c3492e87b6dc6c2e3f66ac517528f406f" },
+  "kdl.vim": { "branch": "main", "commit": "b84d7d3a15d8d30da016cf9e98e2cfbe35cddee5" },
   "lazy.nvim": { "branch": "main", "commit": "fafe1f7c640aed75e70a10e6649612cd96f39149" },
+  "lazydev.nvim": { "branch": "main", "commit": "107231114623e2c4f90c626ec83b3120816b554e" },
   "lualine.nvim": { "branch": "master", "commit": "0a5a66803c7407767b799067986b4dc3036e1983" },
+  "luvit-meta": { "branch": "main", "commit": "ce76f6f6cdc9201523a5875a4471dcfe0186eb60" },
   "mason-lspconfig.nvim": { "branch": "main", "commit": "8db12610bcb7ce67013cfdfaba4dd47a23c6e851" },
   "mason.nvim": { "branch": "main", "commit": "0950b15060067f752fde13a779a994f59516ce3d" },
   "mini.ai": { "branch": "main", "commit": "7859b6344f5cee567a94f173859d25e20ba1a77e" },
+  "mini.comment": { "branch": "main", "commit": "c8406379987c321ecdef9f53e1ca741a55002104" },
   "mini.pairs": { "branch": "main", "commit": "40261dfcec7623cd57be3c3beb50fa73f2650cdf" },
   "neo-tree.nvim": { "branch": "v3.x", "commit": "29f7c215332ba95e470811c380ddbce2cebe2af4" },
+  "neodev.nvim": { "branch": "main", "commit": "02893eeb9d6e8503817bd52385e111cba9a90500" },
   "no-neck-pain.nvim": { "branch": "main", "commit": "741ad26c4acc45f2164a3933f7825b0e555b724d" },
   "noice.nvim": { "branch": "main", "commit": "e5cb20c6e14305d24025ecb77d7d4dd9d61f1a64" },
   "nui.nvim": { "branch": "main", "commit": "322978c734866996274467de084a95e4f9b5e0b1" },
@@ -31,6 +38,7 @@
   "nvim-treesitter": { "branch": "master", "commit": "c5cbd3ec74f6f5ddbac939e6f24b99fe78262b4c" },
   "nvim-treesitter-textobjects": { "branch": "master", "commit": "34867c69838078df7d6919b130c0541c0b400c47" },
   "nvim-ts-autotag": { "branch": "main", "commit": "6eb4120a1aadef07ac312f1c4bc6456712220007" },
+  "nvim-ts-context-commentstring": { "branch": "main", "commit": "cb064386e667def1d241317deed9fd1b38f0dc2e" },
   "nvim-web-devicons": { "branch": "master", "commit": "b4b302d6ae229f67df7a87ef69fa79473fe788a9" },
   "persistence.nvim": { "branch": "main", "commit": "5fe077056c821aab41f87650bd6e1c48cd7dd047" },
   "plenary.nvim": { "branch": "master", "commit": "a3e3bc82a3f95c5ed0d7201546d5d2c19b20d683" },
@@ -40,4 +48,6 @@
   "tokyonight.nvim": { "branch": "main", "commit": "02e9028fe3560f38363c2d38f1c87e45eb04fdb3" },
   "tree-sitter-asm": { "branch": "main", "commit": "b0306e9bb2ebe01c6562f1aef265cc42ccc53070" },
   "trouble.nvim": { "branch": "main", "commit": "806c50491078b66daf13c408042f2e74da46d0ff" },
+  "vim-freemarker": { "branch": "master", "commit": "993bda23e72e4c074659970c1e777cb19d8cf93e" },
   "which-key.nvim": { "branch": "main", "commit": "0099511294f16b81c696004fa6a403b0ae61f7a0" }
+}
\ No newline at end of file
diff --git a/user/modules/nvim/lazyvim.json b/user/modules/nvim/lazyvim.json
index f03853f..2e70439 100644
--- a/user/modules/nvim/lazyvim.json
+++ b/user/modules/nvim/lazyvim.json
@@ -3,7 +3,7 @@
 
   ],
   "news": {
-    "NEWS.md": "3314"
+    "NEWS.md": "5950"
   },
-  "version": 3
+  "version": 6
 }
\ No newline at end of file

From 785cf77e891e0c4d6dd181c025f1ffb888d610e9 Mon Sep 17 00:00:00 2001
From: Michael Thomas <michaelhthomas@outlook.com>
Date: Wed, 19 Jun 2024 10:10:12 -0400
Subject: [PATCH 6/7] feat(services/forgejo): configure mailer with sendgrid

---
 modules/services/forgejo/default.nix |  14 ++++++++++++++
 secrets/secrets.nix                  |   1 +
 secrets/sendgrid-key.age             | Bin 0 -> 282 bytes
 3 files changed, 15 insertions(+)
 create mode 100644 secrets/sendgrid-key.age

diff --git a/modules/services/forgejo/default.nix b/modules/services/forgejo/default.nix
index ea5f988..b9527af 100644
--- a/modules/services/forgejo/default.nix
+++ b/modules/services/forgejo/default.nix
@@ -61,6 +61,11 @@ in {
 
   config = mkMerge [
     (mkIf cfg.enable {
+      age.secrets.forgejoSendgridKey = {
+        file = ../../../secrets/sendgrid-key.age;
+        owner = "forgejo";
+        group = "forgejo";
+      };
       services.forgejo = {
         enable = true;
         package = pkgs.unstable.forgejo;
@@ -83,6 +88,15 @@ in {
         settings.oauth2_client = {
           ENABLE_AUTO_REGISTRATION = true;
         };
+        settings.mailer = {
+          ENABLED = true;
+          FROM = "forgejo@michaelt.xyz";
+          PROTOCOL = "starttls";
+          SMTP_ADDR = "smtp.sendgrid.net";
+          SMTP_PORT = 587;
+          USER = "apikey";
+        };
+        mailerPasswordFile = config.age.secrets.forgejoSendgridKey.path;
       };
 
       networking.firewall.interfaces."${firewallInterface}".allowedTCPPorts = [cfg.port];
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 2f1fe02..b441023 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -7,6 +7,7 @@ in {
   "wireguard-thinkcentre.age".publicKeys = [venus];
   "keycloak-db.age".publicKeys = [venus];
   "forgejo-actions.age".publicKeys = [venus];
+  "sendgrid-key.age".publicKeys = [venus];
 
   # Oracle
   "wireguard-oracle.age".publicKeys = [oracle];
diff --git a/secrets/sendgrid-key.age b/secrets/sendgrid-key.age
new file mode 100644
index 0000000000000000000000000000000000000000..a9660a1878f61339d8f169603bede86763c648af
GIT binary patch
literal 282
zcmV+#0p<Q-XJsvAZewzJaCB*JZZ2<fXD@a!3N1b$b8~1dWn?lnH8D9LYC>*VaZw;;
zWot%PN<&yRL2-9eNKjHaWNcP*NoY$pW^p)HMNxP`Y-w~hZcH<Ccy9_tN@jLPH&Qid
zLP&H?M@TnPPC`(1Lt{&CXi8Z`T4H5zPfjyKZD@K~H%SUDEiE8xH8^NkOiy@oI7v8i
zYkEamLw7?+Ojk%@M|NysNpfc|FKlFGVR<oFFhvSbfWp=~-N5`5*bEFvlT<IbDtneZ
zP$x+IKb_||crz3ErP)9$0ME)zwXo3{JsB=Evyw^r)>%zwLFqP6Ey-CuhT!cG#<I1c
gHi0uavPKr<f@lJ;=C|2(L$QK|VvOSQ-v1%+de|;)0ssI2

literal 0
HcmV?d00001


From fb42002a186cd4d49a73b7c0453132917f35afab Mon Sep 17 00:00:00 2001
From: Michael Thomas <michaelhthomas@outlook.com>
Date: Wed, 19 Jun 2024 10:47:57 -0400
Subject: [PATCH 7/7] fix(services/forgejo): set runner capacity to 1

---
 modules/services/forgejo/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/services/forgejo/default.nix b/modules/services/forgejo/default.nix
index b9527af..6fe984c 100644
--- a/modules/services/forgejo/default.nix
+++ b/modules/services/forgejo/default.nix
@@ -177,7 +177,7 @@ in {
           settings = {
             # options = "-v /var/run/podman/podman.sock:/var/run/podman/podman.sock";
             runner = {
-              capacity = 5;
+              capacity = 1;
               timeout = "45m";
             };
             container = {