5 changed files with 18 additions and 35 deletions
--- a/secrets/gitea-runner-gospel.age
+++ b/secrets/gitea-runner-gospel.age
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -7,17 +7,15 @@ let
    node = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETLBnc8kJokmFiA28BaSYpeE7flY1W0SM5C1pWv/tOv";
    pi4 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK9fnNXzEmDdmtR+KWj/M9vQioFR0s/4jMnIkUFcj8As";
    proxy = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAf6Z7SZEOH3H51T/GPIc/B0OpbaydM5l2PP3nMnwpFl";
-    git = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN8JLy/ipBfOet3/KT7rXOXHDjjmt+VqqQb3V+ILIuDN";
  };
 in {
  "cf_dns_kilonull.age".publicKeys = [users.me machines.node machines.gospel machines.pi4 machines.proxy];
-  "gitea-runner-gospel.age".publicKeys = [users.me machines.gospel];
-  "hass_mqtt.age".publicKeys = [users.me machines.pi4 machines.node machines.gospel];
-  "hydra-aws-creds.age".publicKeys = [users.me machines.gospel];
  "nextcloud_admin.age".publicKeys = [users.me machines.node machines.gospel];
-  "tailscale_git_server.age".publicKeys = [users.me machines.git]; # This key expires, might have to update
-  "teslamate_db.age".publicKeys = [users.me machines.node machines.gospel];
-  "teslamate_encryption.age".publicKeys = [users.me machines.node machines.gospel];
-  "teslamate_mqtt.age".publicKeys = [users.me machines.pi4 machines.node machines.gospel];
  "theengs_ble_mqtt.age".publicKeys = [users.me machines.pi4 machines.gospel];
+  "hass_mqtt.age".publicKeys = [users.me machines.pi4 machines.node machines.gospel];
+  "teslamate_db.age".publicKeys = [users.me machines.node machines.gospel];
+  "teslamate_mqtt.age".publicKeys = [users.me machines.pi4 machines.node machines.gospel];
+  "teslamate_encryption.age".publicKeys = [users.me machines.node machines.gospel];
+  "hydra-aws-creds.age".publicKeys = [users.me machines.gospel];
+  "gitea-runner-gospel.age".publicKeys = [users.me machines.gospel];
 }
--- a/secrets/tailscale_git_server.age
+++ b/secrets/tailscale_git_server.age
--- a/systems/x86_64-linux/git/default.nix
+++ b/systems/x86_64-linux/git/default.nix
@ -4,12 +4,9 @@
  ...
 }: let
  domain = "git.alejandr0angul0.dev";
-  secrets = config.age.secrets;
 in {
  imports = ["${inputs.nixpkgs}/nixos/modules/virtualisation/digital-ocean-config.nix"];

-  age.secrets.authKeyFile.file = ../../../secrets/tailscale_git_server.age;
-
  aa = {
    nix.enable = true;

@ -20,10 +17,6 @@ in {

    services = {
      openssh.enable = true;
-      tailscale = {
-        enable = true;
-        configureClientRouting = true;
-      };
    };
  };

@ -32,11 +25,6 @@ in {
    enableACME = true;
  };

-  services.tailscale = {
-    authKeyFile = secrets.authKeyFile.path;
-    extraUpFlags = ["--ssh"];
-  };
-
  security.acme = {
    acceptTerms = true;
    defaults = {
--- a/systems/x86_64-linux/gospel/default.nix
+++ b/systems/x86_64-linux/gospel/default.nix
@ -76,13 +76,11 @@
    })
  ];

-  services.gitea-actions-runner = {
-    package = pkgs.forgejo-runner;
-    instances = {
+  services.gitea-actions-runner.instances = {
    gospel = {
      enable = true;
      name = config.networking.hostName;
-        url = "https://git.alejandr0angul0.dev";
+      url = "https://gitea.kilonull.com";
      tokenFile = config.age.secrets.gitea-runner-gospel.path;
      labels = [
        "ubuntu-latest:docker://node:16-bullseye"
@ -92,7 +90,6 @@
      ];
    };
  };
-  };
  virtualisation = {
    libvirtd.enable = true;