Enable services.buildkite-agents

Instead of enabling `buildkite-agent` ad hoc, use NixOS to configure it.
author: William Carroll <wpcarro@gmail.com> 2020-08-17T16·33+0100
committer: William Carroll <wpcarro@gmail.com> 2020-08-20T10·26+0100
commit: 60b8b83376df8d1007137b6920ee09ed8cdcc3ac (patch)
tree: ed0e95578279eb8cd0fa2be1e33d9dfc32955117 /nixos/socrates/default.nix
parent: 890d4606cfafa933ab2fca830b3b18eb122d1428 (diff)
1 files changed, 7 insertions, 7 deletions
diff --git a/nixos/socrates/default.nix b/nixos/socrates/default.nix
index 3891123850d5..f638b83d66fb 100644
--- a/nixos/socrates/default.nix
+++ b/nixos/socrates/default.nix
@@ -50,13 +50,6 @@ in {
       shell = pkgs.fish;
     };
 
-    users.buildkite-agent = {
-      # TODO: Consider setting this to `false` when you better understand the
-      # implications.
-      isNormalUser = true;
-      extraGroups = [ "git" ];
-    };
-
     users.git = {
       group = "git";
       isNormalUser = false;
@@ -115,6 +108,13 @@ in {
     rootUrl = "https://git.wpcarro.dev/";
   };
 
+  services.buildkite-agents = {
+    socrates = {
+      enable = true;
+      tokenPath = "/etc/secrets/buildkite-agent-token";
+    };
+  };
+
   # systemd.services.monzo-token-server = {
   #   enable = true;
   #   description = "Ensure my Monzo access token is valid";
author	William Carroll <wpcarro@gmail.com>	2020-08-17T16·33+0100
committer	William Carroll <wpcarro@gmail.com>	2020-08-20T10·26+0100
commit	60b8b83376df8d1007137b6920ee09ed8cdcc3ac (patch)
tree	ed0e95578279eb8cd0fa2be1e33d9dfc32955117 /nixos/socrates/default.nix
parent	890d4606cfafa933ab2fca830b3b18eb122d1428 (diff)