Initial Commit

2025-10-02 19:57:57 +10:00
parent 0d81d80e28
commit 47d6aceca2
9 changed files with 91 additions and 35 deletions
--- a/ansible/ghshr.yml
+++ b/ansible/ghshr.yml
@ -1,24 +0,0 @@
---
- name: Prepare all servers
-  hosts: all
-  become: true
-  
-  pre_tasks:      
-    - name: Setup base system
-      import_tasks: tasks/base.yml
-      tags: base_setup
-  
-  tasks:
-    - name: Create ghshr folders
-      file:
-        path: "/opt/actions-runner"
-        state: directory
-    
-    - name: Download ans extract the GitHub Actions Runner
-      ansible.builtin.unarchive:
-        src: https://github.com/actions/runner/releases/download/v2.328.0/actions-runner-linux-x64-2.328.0.tar.gz
-        dest: /opt/actions-runner
-        remote_src: yes
-
-
-      
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -11,4 +11,6 @@ install_packages:
  - jq
  - mc
  - net-tools
-  - unattended-upgrades
+  - unattended-upgrades
+
+data_folder: /data
--- a/ansible/inventory/hosts.ini
+++ b/ansible/inventory/hosts.ini
@ -1,3 +1,3 @@
-[ghshr]
-ghshr.comprofix.xyz
+[gtar]
+gtar.comprofix.xyz

--- a/ansible/main.yml
+++ b/ansible/main.yml
@ -1,3 +1,30 @@
 ---
- import_playbook: ghshr.yml
+- name: Prepare all servers
+  hosts: all
+  become: true
+  vars:
+    alpine_latest_image: "alpine:latest"
+    ubuntu_latest_image: "node:22-trixie"
+    debian_latest_image: "git.comprofix.com/mmckinnon/debian-latest:2025.08.31-093853"

+  pre_tasks:
+    - name: Create directories
+      file:
+        path: "/data"
+        state: directory
+
+    - name: Setup base system
+      import_tasks: tasks/base.yml
+      tags: base_setup
+
+  roles:
+    - role: geerlingguy.docker
+      docker_users:
+        - administrator
+  tasks:
+    - name: Deploy docker apps
+      include_tasks: "tasks/{{ container }}.yml"
+      loop:
+        - gitea-runner
+      loop_control:
+        loop_var: container
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@ -0,0 +1,4 @@
+roles:
+  - name: geerlingguy.docker
+    src: git+https://github.com/geerlingguy/ansible-role-docker
+    version: master
--- a/ansible/tasks/create_folders.yml
+++ b/ansible/tasks/create_folders.yml
@ -0,0 +1,6 @@
+---
+- name: Create directories for {{ container }}
+  file:
+    path: "{{ data_folder }}/{{ container }}/{{ item }}"
+    state: directory
+  loop: "{{ subfolders | default(['config', 'data', 'logs']) }}"
--- a/ansible/tasks/gitea-runner.yml
+++ b/ansible/tasks/gitea-runner.yml
@ -0,0 +1,40 @@
+- name: Create Folders
+  include_tasks: create_folders.yml
+  vars:
+    subfolders:
+      - config
+
+- name: Check that config.yaml exists
+  stat:
+    path: "{{ data_folder }}/gitea-runner/config/config.yaml"
+  register: configyaml
+
+- name: Create config.yaml file
+  file:
+    path: "{{ data_folder }}/gitea-runner/config/config.yaml"
+    state: touch
+    mode: "0600"
+    access_time: preserve
+    modification_time: preserve
+  when: configyaml.stat.exists == False
+
+- name: Create the gitea-runner container
+  docker_container:
+    name: gitea-runner
+    image: gitea/act_runner:0.2.13
+    restart_policy: unless-stopped
+    recreate: true
+    # dns_servers:
+    #   - 10.10.10.1
+    #   - 127.0.0.11
+    volumes:
+      - "/etc/resolv.conf:/etc/resolv.conf:ro"
+      - /var/run/docker.sock:/var/run/docker.sock
+      - "{{ data_folder }}/gitea-runner/config/config.yaml:/config.yaml"
+      - "/etc/hosts:/etc/hosts:ro"
+    env:
+      CONFIG_FILE: "/config.yaml"
+      GITEA_INSTANCE_URL: "https://git.comprofix.com"
+      GITEA_RUNNER_REGISTRATION_TOKEN: "{{ GITEA_RUNNER_TOKEN }}"
+      GITEA_RUNNER_NAME: "gtar-runner"
+      GITEA_RUNNER_LABELS: "alpine-latest:docker://{{ alpine_latest_image }},ubuntu-latest:docker://{{ ubuntu_latest_image }},vps-latest:docker://{{ debian_latest_image }}"
--- a/opentofu/200-github.tf
+++ b/opentofu/200-github.tf
@ -1,8 +1,8 @@
-resource "proxmox_lxc" "ghshr" {
+resource "proxmox_lxc" "gtar" {

  target_node  = "pve"
  vmid         = "200"
-  hostname     = "ghshr"
+  hostname     = "gtar"
  ostemplate   = "local:vztmpl/debian-13-standard_13.1-1_amd64.tar.zst"
  password     = var.ci_password
  unprivileged = false
@ -10,6 +10,8 @@ resource "proxmox_lxc" "ghshr" {
  onboot       = true
  start        = true
  startup      = "order=1000"
+  tags         = "gitea;container"
+


  ssh_public_keys = <<EOF
@ -36,5 +38,6 @@ resource "proxmox_lxc" "ghshr" {
    ip     = "10.10.10.8/24"
    gw     = "10.10.10.1"
    tag    = 10
+    ip6    = "auto"
  }
 }
--- a/opentofu/provider.tf
+++ b/opentofu/provider.tf
@ -5,13 +5,11 @@ terraform {
      version = "3.0.2-rc04"
    }

-    bitwarden = {
-      source  = "maxlaverse/bitwarden"
-      version = ">= 0.13.6"
-    }
  }

-  backend "pg" {}
+  backend "pg" {
+    schema_name = "homelab-ghshr"
+  }
  encryption {
    key_provider "pbkdf2" "mykey" {
      passphrase    = var.passphrase