Skip to content

Commit

Permalink
Set tokenFile only if service is active
Browse files Browse the repository at this point in the history
  • Loading branch information
arunoruto committed Nov 18, 2024
1 parent d05f23c commit 6c49ad0
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions modules/nixos/services/github-runner.nix
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,8 @@ in
services.github-runners.YASF = {
enable = lib.mkDefault false;
url = "https://github.com/AGBV/YASF";
tokenFile = config.sops.secrets."tokens/yasf-runner".path;
tokenFile =
if cfg.enable then config.sops.secrets."tokens/yasf-runner".path else ./github-runner.nix;
name = config.networking.hostName;
replace = true;
extraLabels = [
Expand All @@ -38,15 +39,15 @@ in
];
};

systemd.tmpfiles.settings.yasf-files = cfg.enable {
systemd.tmpfiles.settings.yasf-files = lib.mkIf cfg.enable {
${workDir}.d = {
user = gh-user;
group = gh-user;
mode = "0744";
};
};

sops.secrets = cfg.enable {
sops.secrets = lib.mkIf cfg.enable {
"tokens/yasf-runner" = {
owner = config.users.users.${gh-user}.name;
inherit (config.users.users.${gh-user}) group;
Expand Down

0 comments on commit 6c49ad0

Please sign in to comment.