From dad207d19b932bca26997183dbd141c1cdacb459 Mon Sep 17 00:00:00 2001
From: ediblerope <fredrik@nordhammer.it>
Date: Fri, 1 May 2026 16:04:32 +0100
Subject: [PATCH] runner: document tokenFile EnvironmentFile format
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The gitea-actions-runner module loads tokenFile as a systemd
EnvironmentFile, so it needs KEY=value lines, not a raw token. Comment
updated to match — the runner failed to start the first time around
because the file just contained the bare registration token.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---
 services/forgejo-runner.nix | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/services/forgejo-runner.nix b/services/forgejo-runner.nix
index 68eabb8..f36d832 100644
--- a/services/forgejo-runner.nix
+++ b/services/forgejo-runner.nix
@@ -7,9 +7,10 @@
 #
 # The runner registration token is one-time-use: it must exist at the path
 # below on first activation, after which the runner stores its own auth in
-# /var/lib/gitea-runner. To register:
+# /var/lib/gitea-runner. The module loads this file as a systemd
+# EnvironmentFile, so it must use KEY=value format (not the raw token):
 #
-#   echo 'YOUR_REGISTRATION_TOKEN' | sudo tee /var/secrets/forgejo-runner-token
+#   echo 'TOKEN=YOUR_REGISTRATION_TOKEN' | sudo tee /var/secrets/forgejo-runner-token
 #   sudo chmod 600 /var/secrets/forgejo-runner-token
 { config, lib, pkgs, ... }:
 {