{ config, pkgs,... }:

{
  # users.users.forgejo-runner = {
  #   isSystemUser = true;
  #   extraGroups = [ "docker" ];  # Optional: if using docker jobs
  # };

  services.gitea-actions-runner = {
    package = pkgs.forgejo-actions-runner;
    instances.default = {
      enable = true;
      name = config.networking.hostName;
      url = "https://git.procopius.dk";
      # Obtaining the path to the runner token file may differ
      # tokenFile should be in format TOKEN=<secret>, since it's EnvironmentFile for systemd
      tokenFile = config.sops.secrets."forgejo-runner-registration-token".path;
      labels = [
        "ubuntu-latest:docker://node:16-bullseye"
        # "ubuntu-22.04:docker://node:16-bullseye"
        # "ubuntu-20.04:docker://node:16-bullseye"
        # "ubuntu-18.04:docker://node:16-buster"
        ## optionally provide native execution on the host:
        # "native:host"
      ];
    };
  };

  # systemd.services."forgejo-actions-runner-default".serviceConfig = {
  #   User = "forgejo-runner";
  #   Group = "forgejo-runner";
  # };

  virtualisation.docker.enable = true;  # Optional: if using docker
}