replace host/istal with host/amstel

Makefile

@@ -18,7 +18,7 @@ MACHINES := \
 	macbook-pro
 
 VPS := \
-	istal \
+	amstel \
 	tatos
 
 .PHONY: help

hosts/amstel/configuration.nix

@@ -6,7 +6,7 @@
     ./services
   ];
 
-  networking.hostName = "istal";
+  networking.hostName = "amstel";
   networking.domain = "local";
 
   users.users.root.openssh.authorizedKeys.keys = globalData.publicKeys.users.janistal;

hosts/amstel/services/forgejo-runners/default.nix

@@ -5,16 +5,18 @@ let
 in
 {
   age.secrets.forgejo-runner-token-istal-docker.file = ./forgejo-runner-token-istal-docker.age;
-  age.secrets.forgejo-runner-token-codeberg-docker.file = ./forgejo-runner-token-codeberg-docker.age;
 
   virtualisation.docker.enable = true;
+  systemd.services.docker.serviceConfig = {
+    CPUQuota = "50%"; # Ограничение для всего Docker демона?
+  };
 
   services.gitea-actions-runner = {
     package = pkgs.unstable.forgejo-runner;
     instances = {
-      istal-docker = {
+      amstel-docker = {
         enable = true;
-        name = "istal-docker";
+        name = "amstel-docker";
         url = "https://git.pleshevski.ru";
         labels = [
           "docker:docker://node:20-bullseye"
@@ -25,24 +27,11 @@ in
           runner = {
             envs = { inherit NODE_OPTIONS; };
 
-            timeout = "1h";
-          };
-        };
-      };
-      codeberg-docker = {
-        enable = true;
-        name = "codeberg-docker";
-        url = "https://codeberg.org";
-        labels = [ ];
-        tokenFile = config.age.secrets.forgejo-runner-token-codeberg-docker.path;
-        settings = {
-          runner = {
-            envs = { inherit NODE_OPTIONS; };
-
             timeout = "1h";
           };
         };
       };
     };
   };
+
 }

hosts/amstel/services/wireguard/default.nix

@@ -2,8 +2,8 @@
 
 let
   tatosData = import (hostsPath + "/tatos/data.secret.nix");
-  istalData = import (hostsPath + "/istal/data.secret.nix");
-  inherit (istalData.wireguard) port;
+  amstelData = import (hostsPath + "/amstel/data.secret.nix");
+  inherit (amstelData.wireguard) port;
 in
 {
   boot.kernel.sysctl."net.ipv4.ip_forward" = 1;

hosts/default.nix

@@ -33,14 +33,14 @@ in
     ];
   };
 
-  istal = {
+  amstel = {
     system = x86_64-linux;
 
     extraModules = [
       ../modules/vps.nix
     ];
 
-    targetHost = (import ./istal/data.secret.nix).addr;
+    targetHost = (import ./amstel/data.secret.nix).addr;
   };
 
   tatos = {

hosts/tatos/services/prometheus.nix

@@ -34,7 +34,7 @@ in
           {
             targets = [
               "tatos:${toString nodeExporterPort}"
-              "istal:${toString nodeExporterPort}"
+              "amstel:${toString nodeExporterPort}"
             ];
           }
         ];

hosts/tatos/services/wireguard/default.nix

@@ -3,7 +3,7 @@
 # Source: https://habr.com/ru/companies/xakep/articles/699000/
 
 let
-  istalData = import (hostsPath + "/istal/data.secret.nix");
+  amstelData = import (hostsPath + "/amstel/data.secret.nix");
   tatosData = import (hostsPath + "/tatos/data.secret.nix");
   port = tatosData.wireguard.port;
 
@@ -67,9 +67,9 @@ in
       privateKeyFile = config.age.secrets.wireguard-tatos-private.path;
 
       peers = [
-        # Istal
+        # Amstel
         {
-          publicKey = istalData.wireguard.publicKey;
+          publicKey = amstelData.wireguard.publicKey;
           allowedIPs = [ "10.20.30.2/32" "0.0.0.0/0" ];
         }
         # Home