Compare commits
2 Commits
master
...
34ac53ab01
| Author | SHA1 | Date | |
|---|---|---|---|
| 34ac53ab01 | |||
|
d64000c577 |
16
README.md
16
README.md
@@ -2,7 +2,7 @@
|
||||
|
||||
## 📖 Overview
|
||||
|
||||
This repository provisions and manages the Gitea Self-Hosted Runner for the Comprofix Homelab Infrastructure. This repo is designed to be run manually to build and setup the runner when requuired.
|
||||
This repository provisions and manages the GitHub Self-Hosted Runner for the Comprofix Homelab Infrastructure. This repo is designed to be run manually to build and setup the runner when requuired.
|
||||
|
||||
Built using Infrastructure as Code (IaC) with [OpenTofu](https://opentofu.org/) and [Ansible](https://ansible.com)
|
||||
---
|
||||
@@ -16,23 +16,11 @@ Built using Infrastructure as Code (IaC) with [OpenTofu](https://opentofu.org/)
|
||||
|
||||
## 🔄 Usage
|
||||
|
||||
### 🛠️ Opentofu
|
||||
|
||||
1. Checkout repo
|
||||
2. From the opentofu folder, generate `terraform.auto.tfvars` using the supplied `prepareEnv.sh`
|
||||
2. From the opentofu folder, generate `terraform.auto.tfvars` using the supplied ```prepareEnv.sh```
|
||||
3. Run `tofu init`, `tofu fmt`, `tofu validate`
|
||||
4. Execute `tofu plan`
|
||||
5. If successful, run `tofu apply`
|
||||
6. From the ansible folder, run `ansible-playbook main.yml`
|
||||
|
||||
### 🧩 Ansible
|
||||
|
||||
1. Checkout repo
|
||||
2. From the ansible folder, run `export GITEA_RUNNER_TOKEN="{{ YOUR_GITEA_RUNNER_TOKEN }}"`
|
||||
3. Run `ansible-playbook main.yml -e "GITEA_RUNNER_TOKEN=$GITEA_RUNNER_TOKEN"`
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -1,6 +1,10 @@
|
||||
---
|
||||
install_packages:
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
- curl
|
||||
- gnupg
|
||||
- lsb-release
|
||||
- vim
|
||||
- git
|
||||
- htop
|
||||
@@ -8,3 +12,8 @@ install_packages:
|
||||
- mc
|
||||
- net-tools
|
||||
- unattended-upgrades
|
||||
|
||||
data_folder: /data
|
||||
alpine_latest_image: "alpine:latest"
|
||||
ubuntu_latest_image: "node:22-trixie"
|
||||
debian_latest_image: "git.comprofix.com/mmckinnon/debian-latest:2025.08.31-093853"
|
||||
|
||||
@@ -20,5 +20,8 @@
|
||||
- administrator
|
||||
tasks:
|
||||
- name: Deploy docker apps
|
||||
import_tasks: "tasks/gitea-runner.yml"
|
||||
|
||||
include_tasks: "tasks/{{ container }}.yml"
|
||||
loop:
|
||||
- gitea-runner
|
||||
loop_control:
|
||||
loop_var: container
|
||||
6
ansible/tasks/create_folders.yml
Normal file
6
ansible/tasks/create_folders.yml
Normal file
@@ -0,0 +1,6 @@
|
||||
---
|
||||
- name: Create directories for {{ container }}
|
||||
file:
|
||||
path: "{{ data_folder }}/{{ container }}/{{ item }}"
|
||||
state: directory
|
||||
loop: "{{ subfolders | default(['config', 'data', 'logs']) }}"
|
||||
@@ -1,20 +1,17 @@
|
||||
|
||||
- name: Create folders
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
with_items:
|
||||
- "/data/gitea-runner"
|
||||
- "/data/gitea-runner/config"
|
||||
- name: Create Folders
|
||||
include_tasks: create_folders.yml
|
||||
vars:
|
||||
subfolders:
|
||||
- config
|
||||
|
||||
- name: Check that config.yaml exists
|
||||
stat:
|
||||
path: "/data/gitea-runner/config/config.yaml"
|
||||
path: "{{ data_folder }}/gitea-runner/config/config.yaml"
|
||||
register: configyaml
|
||||
|
||||
- name: Create config.yaml file
|
||||
file:
|
||||
path: "/data/gitea-runner/config/config.yaml"
|
||||
path: "{{ data_folder }}/gitea-runner/config/config.yaml"
|
||||
state: touch
|
||||
mode: "0600"
|
||||
access_time: preserve
|
||||
@@ -32,51 +29,12 @@
|
||||
# - 127.0.0.11
|
||||
volumes:
|
||||
- "/etc/resolv.conf:/etc/resolv.conf:ro"
|
||||
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- "/data/gitea-runner/config/config.yaml:/config.yaml"
|
||||
- "{{ data_folder }}/gitea-runner/config/config.yaml:/config.yaml"
|
||||
- "/etc/hosts:/etc/hosts:ro"
|
||||
env:
|
||||
CONFIG_FILE: "/config.yaml"
|
||||
GITEA_INSTANCE_URL: "https://git.comprofix.com"
|
||||
GITEA_RUNNER_REGISTRATION_TOKEN: "{{ GITEA_RUNNER_TOKEN }}"
|
||||
GITEA_RUNNER_NAME: "gtar-runner"
|
||||
GITEA_RUNNER_LABELS: "alpine-latest:docker://git.comprofix.com/mmckinnon/alpine-runner:latest,ubuntu-latest:docker://node:22-trixie,homelab-latest:docker://git.comprofix.com/mmckinnon/debian-latest:latest"
|
||||
|
||||
- name: Create pull-ci-images.sh script
|
||||
copy:
|
||||
dest: /usr/local/bin/pull-ci-images.sh
|
||||
mode: '0755'
|
||||
owner: root
|
||||
group: root
|
||||
content: |
|
||||
#!/bin/bash
|
||||
set -euo pipefail
|
||||
|
||||
IMAGES=(
|
||||
"ghcr.io/renovatebot/renovate:latest"
|
||||
"git.comprofix.com/mmckinnon/alpine-runner:latest"
|
||||
"git.comprofix.com/mmckinnon/debian-latest:latest"
|
||||
"node:22-trixie"
|
||||
"catthehacker/ubuntu:act-latest"
|
||||
)
|
||||
|
||||
echo "Starting image pull at $(date)"
|
||||
|
||||
for image in "${IMAGES[@]}"; do
|
||||
echo "Pulling $image..."
|
||||
docker pull "$image"
|
||||
done
|
||||
|
||||
echo "Pruning old images..."
|
||||
docker image prune -af --filter "until=168h"
|
||||
|
||||
echo "Image pull completed at $(date)"
|
||||
|
||||
- name: Ensure cron job for pulling CI images exists
|
||||
cron:
|
||||
name: "Pull latest CI images daily"
|
||||
user: "{{ ansible_user_id }}"
|
||||
job: "/usr/local/bin/pull-ci-images.sh >> /var/log/pull-ci-images.log 2>&1"
|
||||
hour: 2
|
||||
minute: 0
|
||||
GITEA_RUNNER_LABELS: "alpine-latest:docker://{{ alpine_latest_image }},ubuntu-latest:docker://{{ ubuntu_latest_image }},gtar-latest:docker://{{ debian_latest_image }}"
|
||||
17
ansible/tasks/pull_image.yml
Executable file
17
ansible/tasks/pull_image.yml
Executable file
@@ -0,0 +1,17 @@
|
||||
---
|
||||
# Reusable snippet for pulling Docker images
|
||||
|
||||
- name: Set {{ image_name }} image reference
|
||||
set_fact:
|
||||
"{{ image_var }}_image_ref": "{{ image_ref }}"
|
||||
|
||||
- name: Ensure {{ image_name }} image is pulled
|
||||
community.docker.docker_image:
|
||||
name: "{{ image_ref }}"
|
||||
source: pull
|
||||
register: pulled_image
|
||||
|
||||
- name: Save image result under dynamic key
|
||||
set_fact:
|
||||
container_images: >-
|
||||
{{ container_images | default({}) | combine({ image_var: pulled_image }) }}
|
||||
@@ -18,12 +18,12 @@ resource "proxmox_lxc" "gtar" {
|
||||
${var.ssh_key}
|
||||
EOF
|
||||
|
||||
memory = "8192"
|
||||
memory = "4096"
|
||||
swap = "512"
|
||||
|
||||
rootfs {
|
||||
storage = "local"
|
||||
size = "20G"
|
||||
storage = "local-zfs"
|
||||
size = "8G"
|
||||
}
|
||||
|
||||
features {
|
||||
|
||||
@@ -2,7 +2,7 @@ terraform {
|
||||
required_providers {
|
||||
proxmox = {
|
||||
source = "telmate/proxmox"
|
||||
version = "3.0.2-rc05"
|
||||
version = "3.0.2-rc04"
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,15 +1,3 @@
|
||||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"extends": [
|
||||
"local>RenovateBot/renovate-config",
|
||||
":semanticCommitTypeAll(chore)"
|
||||
],
|
||||
"ignoreDeps": ["postgres"],
|
||||
"commitBodyTable": true,
|
||||
"ignoreTests": true,
|
||||
"major": {
|
||||
"automerge": false,
|
||||
"commitMessagePrefix": "chore(deps-major): ",
|
||||
"labels": ["dependencies", "breaking"]
|
||||
}
|
||||
}
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json"
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user