{config, pkgs, lib, ...}:

{
  services.gitlab-runner = {
    enable = true;
    concurrent = 4;
    services.infra4future = {
      buildsDir = "/var/lib/gitlab-runner/builds";
      dockerImage = "nixos/nix";
      executor = "docker";
      registrationConfigFile = "/run/gitlab-runner.env";
    };
  };

  systemd.services.gitlab-runner.serviceConfig = {
    DynamicUser = lib.mkForce false;
    User = "gitlab-runner";
  };

  users.users.gitlab-runner = {
    home = "/var/lib/gitlab-runner";
    extraGroups = [ "docker" ];
    isSystemUser = true;
  };

  virtualisation.docker.storageDriver = "zfs";
}