Add ansible files

2025-11-23 11:22:45 +00:00
parent 8fc60f9d8b
commit bc439597cb
26 changed files with 1364 additions and 0 deletions
--- a/ansible/files/gitea_runner.template.yaml
+++ b/ansible/files/gitea_runner.template.yaml
@@ -0,0 +1,122 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: gitea-act-runner
+  namespace: gitea
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: gitea-act-runner-config
+  namespace: gitea
+data:
+  config.yaml: |
+    log:
+      level: info
+    cache:
+      enabled: false
+    container:
+      valid_volumes:
+        - /certs
+      options: |
+        --add-host=docker:host-gateway -v /certs:/certs
+        -e "DOCKER_HOST=tcp://docker:2376/"
+        -e "DOCKER_TLS_VERIFY=1"
+        -e "DOCKER_CERT_PATH=/certs/client"
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: gitea-docker-daemon-config
+  namespace: gitea
+data:
+  daemon.json: |
+    { "insecure-registries": ["gitea-http.gitea.svc.cluster.local:3000"] }
+
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: gitea-act-runner-dind
+  namespace: gitea
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gitea-act-runner-dind
+  serviceName: gitea-act-runner-dind
+  template:
+    metadata:
+      labels:
+        app: gitea-act-runner-dind
+    spec:
+      containers:
+        - name: runner
+          image: docker.io/gitea/act_runner:nightly
+          env:
+            - name: DOCKER_HOST
+              value: "tcp://127.0.0.1:2376"
+            - name: DOCKER_CERT_PATH
+              value: /certs/client
+            - name: DOCKER_TLS_VERIFY
+              value: "1"
+            - name: ZOMBIE_TASK_TIMEOUT
+              value: "30m"
+            - name: GITEA_RUNNER_REGISTRATION_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: gitea-runner-registration-token
+                  key: token
+            - name: CONFIG_FILE
+              value: /config.yaml
+            - name: GITEA_INSTANCE_URL
+              value: http://gitea-http.gitea.svc.cluster.local:3000
+            - name: CONFIG_FILE
+              value: /actrunner/config.yaml
+
+          volumeMounts:
+            - name: gitea-act-runner-data
+              mountPath: /data
+            - name: docker-certs
+              mountPath: /certs/client
+            - name: gitea-act-runner-config
+              mountPath: /actrunner
+
+        - name: daemon
+          image: docker:27.1.2-dind
+          env:
+            - name: DOCKER_TLS_CERTDIR
+              value: /certs
+            - name: DOCKER_HOST
+              value: tcp://127.0.0.1:2376
+            - name: DOCKER_TLS_VERIFY
+              value: "1"
+          securityContext:
+            privileged: true
+          volumeMounts:
+            - name: docker-certs
+              mountPath: /certs/client
+            - name: gitea-docker-daemon-config
+              mountPath: /etc/docker
+
+      volumes:
+        - name: docker-certs
+          emptyDir: {}
+        - name: gitea-act-runner-config
+          configMap:
+            name: gitea-act-runner-config
+        - name: gitea-act-runner-data
+          persistentVolumeClaim:
+            claimName: gitea-act-runner
+        - name: gitea-docker-daemon-config
+          configMap:
+            name: gitea-docker-daemon-config