From c3c13fb3b997147f6e6f3476585a1bc27c3db2c2 Mon Sep 17 00:00:00 2001
From: Luis-Hebendanz <luis.nixos@gmail.com>
Date: Sun, 1 Oct 2023 13:16:37 +0200
Subject: [PATCH] Add KVM to allowed devices in container

---
 modules/web01/gitea/actions-runner.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/web01/gitea/actions-runner.nix b/modules/web01/gitea/actions-runner.nix
index 7ef117d..459d8a0 100644
--- a/modules/web01/gitea/actions-runner.nix
+++ b/modules/web01/gitea/actions-runner.nix
@@ -199,7 +199,7 @@ in
     tokenFile = "/var/lib/gitea-registration/token";
     labels = [ "nix:docker://gitea-runner-nix" ];
     settings = {
-      container.options = "-e NIX_BUILD_SHELL=/bin/bash -e PAGER=cat -e PATH=/bin -e SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt -v /nix:/nix -v ${storeDeps}/bin:/bin -v ${storeDeps}/etc/ssl:/etc/ssl --user nixuser";
+      container.options = "-e NIX_BUILD_SHELL=/bin/bash -e PAGER=cat -e PATH=/bin -e SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt -v /nix:/nix -v ${storeDeps}/bin:/bin -v ${storeDeps}/etc/ssl:/etc/ssl --user nixuser --device=/dev/kvm";
       # the default network that also respects our dns server settings
       container.network = "podman";
       container.valid_volumes = [