homelab/host-forgejo-runner
0
0
Fork 0
Code Issues 1 Pull requests 1 Activity Actions
host-forgejo-runner/ansible-pipeline.yml
GregoryDosh 5165576c9e
All checks were successful
Deploy Ansible Pipeline / Deploy Ansible Pipeline (push) Successful in 5m13s
Details
fix: remove volumes instead of only echoing their names 😆
2025-01-04 22:09:43 +00:00

171 lines
6 KiB
YAML
Raw Permalink Blame History

# git.auengun.net/homelab/image-renovate
# Copyright (C) 2024 GregoryDosh
---
- name: Homelab Common
hosts: forgejo_runner
tags:
- homelab-common
tasks:
- ansible.builtin.include_role:
name: auengun.homelab.common
- name: Host Specific Healthchecks
hosts: forgejo_runner
tags:
- healthchecks
tasks:
- ansible.builtin.include_role:
name: auengun.homelab.cron_healthcheck_script
vars:
HEALTHCHECK_NAME: "{{ inventory_hostname_short }} - Docker Prune - ♻️"
HEALTHCHECK_TAGS: "{{ inventory_hostname_short }} docker-prune ♻️"
HEALTHCHECK_CRON_USER: root
HEALTHCHECK_CRON_HOUR: "0"
HEALTHCHECK_CRON_MINUTE: "25"
HEALTHCHECK_FILE_MODE: "0700"
HEALTHCHECK_FILE_NAME: hc-docker-prune
HEALTHCHECK_FILE_CONTENT: |
if [ "${USER:-$LOGNAME}" != "root" ]; then
echo "[ERROR] [$(date)]: Non-root user" > /dev/stderr
EXIT_STATUS=1
exit 1
fi
docker exec -t \
-e DOCKER_HOST=tcp://docker:2376 \
-e DOCKER_TLS_VERIFY=1 \
-e DOCKER_CERT_PATH=/certs/client \
docker_dind \
sh -c "
docker system prune --volumes -f;
docker buildx prune -a --filter=until=24h -f;
docker image prune -a --filter=until=24h -f;
docker images -qf "dangling=true" | xargs -r docker rmi -f || true;
docker ps -aqf status=exited | xargs -r docker rm -v || true;
docker volume ls -qf "dangling=true" | xargs -r docker volume rm || true;
"
EXIT_STATUS="$?"
- name: forgejo-runner (register w/ server)
hosts: forgejo_server
tags:
- forgejo-runner
tasks:
- name: Facts from environment
ansible.builtin.set_fact:
FORGEJO_RUNNER_SHARED_SECRET: "{{ lookup('ansible.builtin.env', 'FORGEJO_RUNNER_SHARED_SECRET') }}"
- name: Validate required variables defined.
ansible.builtin.assert:
that:
- "FORGEJO_RUNNER_SHARED_SECRET | length > 0"
- name: Register Runner w/ Forgejo in Docker
ansible.builtin.shell: |
docker exec -t forgejo sh -c "
forgejo forgejo-cli actions register \
--secret {{ FORGEJO_RUNNER_SHARED_SECRET }} \
--name 'Forgejo Runner - forgejo-runner-01.auengun.net' \
--labels 'docker,ubuntu-act-latest'
"
register: _runner_uuid
failed_when: "_runner_uuid.stdout | length != 36"
- name: Pull Runner UUID from Server Registration Output
ansible.builtin.set_fact:
_FORGEJO_RUNNER_UUID: "{{ _runner_uuid.stdout }}"
- name: forgejo-runner
hosts: forgejo_runner
tags:
- forgejo-runner
tasks:
- name: Facts from environment
ansible.builtin.set_fact:
DOCKER_DIND_VERSION: "{{ lookup('ansible.builtin.env', 'DOCKER_DIND_VERSION') }}"
FORGEJO_RUNNER_IMAGE_ACT_VERSION: "{{ lookup('ansible.builtin.env', 'FORGEJO_RUNNER_IMAGE_ACT_VERSION') }}"
FORGEJO_RUNNER_NAME: "Forgejo Runner - {{ ansible_host }}"
FORGEJO_RUNNER_SHARED_SECRET: "{{ lookup('ansible.builtin.env', 'FORGEJO_RUNNER_SHARED_SECRET') }}"
FORGEJO_RUNNER_UUID: "{{ hostvars['git.auengun.net']['_FORGEJO_RUNNER_UUID'] }}"
FORGEJO_RUNNER_VERSION: "{{ lookup('ansible.builtin.env', 'FORGEJO_RUNNER_VERSION') }}"
STEP_CERTS_ACME_CA_PROVISIONER: "{{ lookup('ansible.builtin.env', 'STEP_CERTS_ACME_CA_PROVISIONER') }}"
- name: Validate required variables defined.
ansible.builtin.assert:
that:
- "DOCKER_DIND_VERSION | length > 0"
- "FORGEJO_RUNNER_IMAGE_ACT_VERSION | length > 0"
- "FORGEJO_RUNNER_NAME | length > 0"
- "FORGEJO_RUNNER_SHARED_SECRET | length > 0"
- "FORGEJO_RUNNER_UUID | length > 0"
- "FORGEJO_RUNNER_VERSION | length > 0"
- "STEP_CERTS_ACME_CA_PROVISIONER | length > 0"
- name: Add Insecure Registry/Mirror for Docker
become: true
ansible.builtin.template:
src: "templates/daemon.json"
dest: "/etc/docker/daemon.json"
owner: root
group: root
mode: "0755"
register: _docker_daemon_json
- name: Restart Docker
when: _docker_daemon_json.changed
become: true
ansible.builtin.systemd_service:
name: "docker.service"
state: "restarted"
- ansible.builtin.include_role:
name: auengun.homelab.dcaass
vars:
DCAASS_CONFIG_PATH: /forgejo-runner
DCAASS_CONFIG_USER_NAME: forgejo-runner
DCAASS_CONFIG_GROUP_NAME: forgejo-runner
DCAASS_SERVICE_NAME: forgejo-runner
DCAASS_DOCKER_PRIVATE_MIRROR_INSTALL: false
DCAASS_SERVICE_ANSIBLE_RESTART_ASYNC: true
DCAASS_DOCKER_COMPOSE_YAML_OVERRIDES:
services:
docker-in-docker:
image: "docker.io/library/docker:{{ DOCKER_DIND_VERSION }}"
runner-daemon:
image: "code.forgejo.org/forgejo/runner:{{ FORGEJO_RUNNER_VERSION }}"
DCAASS_EXTRA_CONFIG_DIRS:
- "/forgejo-runner"
- "/forgejo-runner/data"
- "/forgejo-runner/data/.cache"
DCAASS_EXTRA_CONFIG_FILES:
- {
src: "templates/dind-daemon.json",
dest: "/forgejo-runner/data/dind-daemon.json",
mode: "0644",
}
- {
src: "templates/config.yml",
dest: "/forgejo-runner/data/config.yml",
mode: "0644",
}
- {
src: "templates/.runner",
dest: "/forgejo-runner/data/.runner",
mode: "0666",
}
- name: ensure workspace directories writeable
become: true
ansible.builtin.file:
path: "{{ item }}"
owner: forgejo-runner
group: forgejo-runner
mode: "0777"
state: directory
with_items:
- "/workspace/forgejo"
- "/workspace/forgejo/container"
- "/workspace/forgejo/host/"
Reference in a new issue View git blame Copy permalink