Skip to content

Run Renovate locally

Renovate can now be configured as a NixOS service.

Needs secrets:

  • Token with write access to repos
  • SSH secret key

Pros:

  • Can sign commits without the key ever leaving my machine
  • Easier to debug runtime issues locally
  • Can tear down entire Renovate repo

Cons:

  • Risk of leaking secrets

Plan:

  1. Install & configure using private repo
  2. Evaluate security
  3. Move to root repo
Edited by Victor Engmark
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information