Add Forgejo runner to CI host config

hosts/ci/configuration.nix

@@ -4,5 +4,7 @@
     ../../shared/base.nix
     ../../shared/hardware/vm.nix
     ../../shared/disko/basic-ext4.nix
+
+    ../../servers/ci.nix
   ];
 }

servers/ci.nix

@@ -0,0 +1,33 @@
+{ pkgs, config, ... }:
+{
+  networking.firewall.trustedInterfaces = [ "br-+" ];
+
+  services.gitea-actions-runner = {
+    package = pkgs.forgejo-runner;
+    instances.default = {
+      enable = true;
+      name = "ci.sinerva.eu";
+      url = "https://forgejo.sinerva.eu";
+      tokenFile = "/persist/secrets/forgejo_token";
+      labels = [
+        "ubuntu-24.04-lts:docker://ubuntu:24.04"
+        "ubuntu-22.04:docker://node:24-bullseye"
+        "nixos-latest:docker://nixos/nix"
+      ];
+      settings = {
+        container = {
+          network = "";
+          enable_ipv6 = true;
+        };
+      };
+    };
+  };
+
+  virtualisation.docker = {
+    enable = true;
+    daemon.settings = {
+      fixed-cidr-v6 = "${config.custom.gua_pref}d2:d0ce::/80";
+      ipv6 = true;
+    };
+  };
+}