We are announcing a NixOS / nix-darwin module making it easy to self-host GitHub runners. In effect, this enables you to run CI for your GitHub repos on any machine (personal macbooks/laptops included).
Check it out at https://github.com/juspay/github-nix-ci
For questions & feedback, please post in the Zulip linked in the README. For bug reports & feature requests, please open an issue on GitHub.
Could be worth calling out why you would use this over the regular Nixpkgs version?
It does use the github-runner service provided by NixOS and nix-darwin: github-nix-ci/nix/module.nix at a15c0fd57021f1e042afec6603f25e880f91bed9 · juspay/github-nix-ci · GitHub. The idea of github-nix-ci here is to simplify self-hosting Github runners by letting you configure them in 20 lines of code instead of 200+ and also comes with secrets management using agenix (you are free to use a different secrets manager as well).
Yeah there’s a lot of ancillary setup that’s pretty necessary no matter what you’re doing, so this is pretty cool. Are there modules with direct agenix support in nixpkgs? If so, I’d be curious about whether you’d consider upstreaming some or all of this.
That would first require to have agenix options be merged into nixpkgs which doesn’t sound great to me tbh.
Tho I agree to have a standardized module API for secrets would be a nice improvement for UX (as it makes a clear statement how secrets might be handled well in the store)