1
0
forked from infra/ansible

act_runner: new role

gitea actions will replace drone
This commit is contained in:
Markus 2024-01-11 17:28:09 +01:00
parent c3ce352580
commit cf373d84ec
17 changed files with 258 additions and 297 deletions

View File

@ -22,16 +22,6 @@ dns_axfr_ips:
dhcp_omapi_key: "{{ vault_dhcp_omapi_key }}" dhcp_omapi_key: "{{ vault_dhcp_omapi_key }}"
drone_admin: moepman
drone_domain: drone.binary-kitchen.de
drone_dbname: drone
drone_dbuser: drone
drone_dbpass: "{{ vault_drone_dbpass }}"
drone_uipass: "{{ vault_drone_uipass }}"
drone_secret: "{{ vault_drone_secret }}"
drone_gitea_client: "{{ vault_drone_gitea_client }}"
drone_gitea_secret: "{{ vault_drone_gitea_secret }}"
dss_domain: dss.binary-kitchen.de dss_domain: dss.binary-kitchen.de
dss_secret: "{{ vault_dss_secret }}" dss_secret: "{{ vault_dss_secret }}"

View File

@ -1,119 +1,106 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
39666135633235396538666436663736616531633830653365383833386364353631613361383063 61333062333563653966393334326633643564313063346266663461633538366662623937373738
3163363832383139333937666162363533656238313063650a646536336664666636666461323031 3732396164303638643362316564393236353737346235380a666361396631656563303733343032
36656434616237323734623163646162303932316338313334333739643933653064656234336535 66396531313139343062363639636334373836306237363733393635346261313832366330303436
3533643334666333310a303262373731333061343561633138316165623162653539353535366165 6362383638363931380a323066343834363138356662656439343131353330366532626538653434
30393863343633613463333432383831626631333830613331653763643237646534333465333234 64663834333563333263356532326262333938613432356233656238313365663661636334333066
32356436363135636537373230343166336235623137323065636435356335643435346264633035 63653561316239356638653834646261643564316535306133633832666365383238303364346466
35343661333737326631303635643537613234346630643034646561343037343734383131646662 63393164646330623061633039316638656566346663616661633464303237386261316262623533
33336565633961366533346266396636623036646231643730363964666137333433633563303464 63306266333063373333323030666264323564663032333637343134306231373964666630333538
31616666363864303033306431366566633334333034373439636531393535306534303930353637 63626363383836363639663830643530376361613466613666303933363563663763636635363132
61376465373130663461663432353838613166306361663865333063306661353966356662613562 36666432646233313663613563663565313537316164313964656461666336326331303035343062
36386331653736393864653837613939323266663431666265306237366530623337346235383933 35323363373130333935373035663635626666613236376261623934366235633738323430666330
61343262633932373863353434653266313161316266343230613135643634616632346464393034 33323130363839386331613334636531396665316336376265333231343763656637396437653733
35356266323666363964353666633461643433613033333934626239653766643635656438356361 64366565336132333131346463356236343934663332633830373939616434613561613564313837
66346236626537343638376639626237643761376531633237633837393965633038643563393931 34333039363962643333343961636165323766343531336465306438306365636137636662303165
32363235383732626162656265353963666434323961373035376163333439626262366561626331 35346530313134346432303862643735376331376432616136306537653266333434336663373931
63633663313838663533313830646638303532323962376231613665343866313362336537633564 35373235333937646165663238636232656336393330386161636435666637356632333832646137
35313862396363663935623639633263393466633233343837623035653161623962396639653238 30333233636266623165663538303639663466363337323330383962383139643532623462663564
33386665303966366362316333396665663761316436383833343439616565303033636539633630 63313262366236623232303732373136393139323562313733623763363864646432653037316465
66643463386266613230303765323431316631666465366464353338366566653338366130353266 34306261303035306436396262333131366562643166333130393438393636623034656163653131
61346362656661616266656264663430616565633037613037313434613466343433386635633865 65363530613064633462633238343834336538353766353766336132303333383164326363316365
32303831616562663139616163636266643738666366633165356339633266616635646531663665 31303532363838306338626662313234343134306531353765333237303962303339366233366632
37363536643765383935306531656665393863343330326366633061303361363930353062346637 35643565353766353962386135323765356130393731363633373238626332356637363339356437
30643466656366353839303366383237623136336536656464653936306566393432633265386465 30386361363837373434363939373361343862393364316537633463653862666164613730306565
61336365383638633930363133343332643066376136383537376366376530373532616163376266 36343762326337333235643862626566346235333934656631306461633934306230333365343731
64626633333435383533353564386431643363363939353637363661353137373138643436303232 64643835323061613230336234343438383938653761393133656137626434653532636466313439
36663233373935616133303136623163333237656565366566353266303362356436393963643064 31363362306539643635386237353466343733616334303762343964636533636662333661653839
64366339323837343038343963613137316533396266313130323738396263363765633734636637 34663264613033373965336635663131396334616432653462346634626535393761666237623936
31373530383163636133393539643731346335653435653265313866653138393164393938396531 31666439356261303134343938333433323538653337653937333830656163633965353235653539
36653537666631643536396134626232623766363062323062393538393961653838616336396162 65353937333463343236636237313736313565613833653530333135623233363564393266353363
61393936393663633034613863643864386363316237633464636262633064623666363164663661 33323236643634616263303133663631386638356561373730653930646265616634356364366361
35613662336361386563326361386232653539313634663665636665353663666136326639353134 37666362363230313664343633343464383334386539616132636562626465326364353436356338
62616262333036336332373634393339396162663135353136396438386263323537373531383561 61383736663733643132656266633837646366343637303264363465633536633962353235303336
64313439646666366333353161323431343834353565633762396363383338336166323664346630 38376430343733386631623334386564616264386234613664366631313334626436313865356565
35613562633035393439326132623135666431383835383962636430363731326466363932346164 33663433663963653835376666303664656438623337663536376234356465396534306362346162
65663634636637613232626366613730343262633136333131333539353465326138323230333336 62323262323933336232376636353831633834656536633666643961396365306464303730626463
31393530306538363966373866626161353631383336613863386533643065656462656264633432 36363631336236353730393035613333666465653861373766393731373863353330656366306263
34383533396137336234326131346462336565343461363234626637326636353430376435356466 62316636333230366563623836316232323831393233366539363662646564373436623230343761
62333630323334666630386566306539353233663333356263633034366235396364616563363066 61626235656438373566646365353761376139383962353635393439666365333332313035653433
63383565626639613130663233393961333333336234666264333936623666316130393130353735 64316638363061613561306534616465646661326637633332333734626562353664666432616137
30666465366132383033363765643732306231633938303039323466613833643431316131346639 32643636356261613430376535633837646437626132373735323366313738633134303962306163
33306263386562343030633539666336306266303739376464326665636264373339393762623937 30366230333533663433616664343862346232363733623239353035656134366437313662353933
61366131616564316432346566623332613738336332623964383763333533396235623166666663 32663261663937663437643233383562656537333364643435356639616136623036306231633839
65306566353363643139373031616438613964636563623533396637363738333439616435303762 38386631643264636535323766643661626566323661313831326530636532383330633066336130
39666565343934306130663537383963626463393961613236326261633166323263346439323862 39306631636433376361636637633135316662306636306137366531333662303238613434333534
33393335323865393036303931363330623036303837343038306566386139306639313235396433 35633162316363333934623663303839343366376263343536333563663833323734356566623663
39386365626166623763333033396334306265353037363337386437353161653261373763343236 64646437343935306230333034636431396439366237643839363035313164393666616235393034
38373531633639303234303437386261323061633263663864393333303637373536646532306339 33323333626537633730303961613263363835343030363331633165663035336633613831326632
36393134373732623965323165613130333861643636396564323434666433336536373565373935 35363738336534663934616338363764353562306139613464663533323863326331646464333533
30663066353538396136666435613330653232616361656639373565353139653831373962393561 36363962653830613864393565623561646233313135386163623932363865343861313534663234
63393131353763613936663839333234393061353438643335656432653638336166356230646636 32313466656532616638376238363937613264346265316135336137363961386161376364343063
64613636646361616438386562396535313763316563396463326364356139383434653636376635 33316662343066336438336137353262646264656434333364343334373762303062386165663530
63373032343561636165646266393831326230363863313134326566623437653437303263376639 63313666356633633936366162366332333163656164306533356530666166353635616364643830
32363038663933623163643964363464653561396633666666636361363164383163363465336561 66336339663737616664616430373162386238636134303137386331393837353462623336663335
65343238313434373837633263333162393435373537663230653139303865393938396338373339 34303038323037363165613935376262376464383265323462373638313530396537633031653530
33346363616630383933366233303930613532656339346432376534623835643033326235653963 63613135373639623138333635343035303734383932336333303063666662333164643430393637
61663061613764646563356364353538343466363962633839613538363463633661303438613362 64393262363235616666303366346137633132313066613731333064346139646361363832343730
32623731633538636333376463666166303063666238626264303639376132333537626236316665 39666338303339663665363033653735346130313431306131306261636430396465323937623062
66313161346662313135396136336364653139336665363465313935613633343535346534623863 32343433376438623965363338633639383738326561376665623461653539383666636535656663
61306561303732386662636365653963353933323564316436633735613738303565326561663339 37353665363663356464366331313236653430313034613733363665633239656361623931646432
37633363353162306135623833363438316439326233386566363162353661316465333166366633 30653632643062366333663830326663623766646535666534613933663333366466333033383165
37616262313934303862343231366462306231646331653765393262393637393464633763653036 33373039303564656562636432303934383132666665656161323535333930346265623639316366
61383863396431666633653934366432653237363661663335373637666530643134373238633634 38393764346265653734373136636538346361363966393732323362323733386631623762313366
34373230383536333064626166313335363530383937626666393834326134353863363132643337 63313733653730336536393335623138383365303934303730343136613734663062326166316461
36623035653037653937336265326338643734303236363537646339653231326162323830393333 35313363656335643531343561336662663434353031623733353035633063396366376664303364
34393237303430303630373739623663646138613837386261376532333234326230383835343364 36643262633832363362306263376135346632386631346432333137623631343234333337643536
65353833613632396430363338366362633834353765306661623036353263623336633434656432 35353135303330626663663963366139363265666434363364303266613564373337616564366566
39306631663932623761353531333831656539313438646466636230306237633531633832303835 30646635633834616536333361303361313934316434393330333231613038346466306531646537
34623165386663323765333831646533613762373432333761326233636438663335623335363930 39303131396562656334303536613964363936643435613035623065323963633764623432373235
34353230346162336562303766616236333936313263313163623366636639393637363437336538 37393564626239333761626131643366306131346339356364373061353865653966326362613164
38653632366430356433316633326232393364656236643137336565356465646665363961626632 62366562326234303865323934353734613364653161316131363964666439636561663361396239
39346465306131626438663966613861373339363436363134316536326132313834373033393335 30353266303764396265656635616462653563613630616537353530613835656333353364333632
34356331613634326134393365623165366136333232623163643564396461303637623237626436 39663939376633613133623839353133613066633333633135316132636435363330393966396431
30343739326133616530626330376136306661396561346335643439663764303361636162386134 30656638653662356164393038323538643661333734623937653430643931623061666330633631
33363364353863376133386238656436363835326531336335393335343138396132333032613466 63323834313733353635363535613666643361356363386465383961626331303435333363396230
62306539643663373437353939653462643136343961303636333865373731633537356539663332 37313835633136323134623261626432653965366230656266356333653437386463396563613563
33326335363439373462643063633031626337373833326433383864346431366665626635373231 62656562626131336230383965303962383464643832333361343838393338353365663766373031
35656638653333363932663837386334666664333933633031363231633134336235373163353033 31633265653262356139323564663834616164313439346133386135333563323264313261336336
30643065653266383937656162353664386262313932386532363537343861663834656536373764 39393166613865353164376130303536373931643436633133313361356166393432363631666361
36663733373035613266663165393934323263636334386135393430666461363435346236386565 36366537363630333830333432333466363266666636643932636565613738346239383736306533
31313766336134333239336639326562396439613862623065623933326562363133313938623962 32333838396638656134643538313033336137316638326232303837386537393737316237356237
31346630313363643833366563376632613566373966333234633039653136623161386664313133 62646561333430303765656537373738316131306664626533646461333261306665626336376537
30353433366432336464663563626338613564666531663531363434626339336466306537396130 35633736303262656236303230653564386130666362303132646166306432393962306366663432
64346538353132383539656333613461333161333937663335613463373263363134316533353861 64353366353839643366376433646661376434313266326665343063653534343531623033316461
36313664663634383133636633616138383664643164313635636330316633396538376163356638 37306439373366303236666338616364343163663165626665613761333838333366336238343633
61373332396662326434333366316334336533663033396532333530363934396635303839383138 38663066623532353464653164616237353464363539313762396162653139393133323438643331
37303363383830626132343964626232646631636233383237343463356130626463323634626135 66306562346136346363396235356264303164636662386166666436316338323462656537386335
36323665626266333831656434393136623837303235366464646166353930363435343164336163 36373763313935666539643834653237336130336530653834643263373264353233643938393965
64633231383330346436396438643436633032313433306536636630616263653234666466626466 30313637366236383433313161386531623936356161333462636566633036383635616638316434
39316165363338633464656364656430666664336136363535623236363264396439386438356434 66313434393365333633336231656536353138303235616439643535376338326262663632313564
34323663333938323362386233336364313566353337333564363963666635373461353461326136 65306534356531303835373231623234356337623234366137386437303864643764613731326137
62313663353339343535363062376662636631366637376265303035616533386135643361646164 65376337386133353739376661353766343931383135363038353839376666306337323835613935
65393334623266383564306330373132323032316564343132646635313563653431373963376536 33303730623132613462363538666638313533333564656164363731323463613230366230373664
38353235343633363361313964633361616537353436353464336436313934393631626431356137 31303331396264353162383138643063313737366635333664343836346338353537366362613937
39363062386538623334303834333466616139356638623436316130323763613933386138613563 35623934646239356339343339653337656330616565616232633232373036383562393362343332
36373263633639316137396164343638386638623465393930663065313537633733326130376461 39316661623563333234656633666365303964366338303862333730656366626533326334613038
39636662633430303631323062343236613737396131613032613337323566316365383333613737 39663332623862626230373135623235363064636163373737316262613233663031383366363563
33373332386137326538343462396362336235396532366536393637666638313165666633336130 34613730343564373230306237656662636130333736393136366138333864313636343362613631
61353330636161623739383330613866363263386261616237363834393631363839396466333631 64636266626637366530363763323930643336313339613930623835326431643663356365353865
65613931353663323830313736646366653337343334303535353039306261346364616636396665 35653238333131363262346565653066383834633131303466636232653234363366646635656338
39666636363866626265386438393837393766666533373164383463626664383266336463336639 31386163616237316361643134396230386338643339633562376436333238346665363938323462
39616562306264336461353033623531656430346631393833353865343962643132623239653932 32336435663138393230366632633132333834303539303439313764623163383661396536383461
65346438616165353933306263616165316565613166636436313462303864306237623734613166 31636365633765346262616235336666363932336366373438643531663539333431663231326362
39626466626132333562376362303733326534633230623565353937643436653836663438333963 32326230363965356434343833383662393430333535636536323066373439653330373937636565
35636137663961383363613339316135346230393931366439616665626265666562393862396365 61306565663734636630633730383736653736383765326638656433646637393033356665633831
62383664363538393134636231613338656236383431663438396365336161363534623236623162 66353338633833346436666134343465623236626339613363623834333261313531
62646463646133633363333339626363636438653432653564613636343133393563373430353638
62383632663335666464313134316262333265663962373638303561336437393833343135656562
36393561616636613333626362333233396631616539353565326233393438343839366362353135
39363365356231393066663738666364633965653864383137613862323638626464383538383065
63646430353462353765623431653431663838323664663162373034373863663331393761343034
62666663653762656536636161396330616434353164396662653965626439626239316439363031
63626337306461613336353662363561373238383864363739633630643239326463336131356636
62373936616561386431653139656239653666643938626464343262363335613862396430383763
31323239383663393666366631633334643530383061656338666237373664316539376534633163
64653864376161316366633132373563333935333736303933656165373936366461393061643734
34653964323533303532653230336265346639663831313563643536663539613733666564363364
32646534343362343034653934316166356265623734663166336631626638646262626630373764
3437353830323832643732666163353165393362373334636437

View File

@ -0,0 +1,7 @@
---
actrunner_user: act_runner
actrunner_group: act_runner
actrunner_version: 0.2.6
actrunner_url: https://gitea.com/gitea/act_runner/releases/download/v{{ actrunner_version }}/act_runner-{{ actrunner_version }}-linux-amd64

View File

@ -0,0 +1,7 @@
---
- name: Reload systemd
systemd: daemon_reload=yes
- name: Restart act_runner
service: name=act_runner state=restarted

View File

@ -0,0 +1,35 @@
---
- name: Create group
group: name={{ actrunner_group }}
- name: Create user
user: name={{ actrunner_user }} home=/var/lib/act_runner group={{ actrunner_group }} groups=docker
- name: Create directories
file: path={{ item }} state=directory owner={{ actrunner_user }} group={{ actrunner_group }}
with_items:
- /etc/act_runner
- /var/lib/act_runner
- name: Download act_runner binary
get_url: url={{ actrunner_url }} dest=/usr/local/bin/act_runner-{{ actrunner_version }} mode=0755
register: runner_download
- name: Symlink act_runner binary
file: src=/usr/local/bin/act_runner-{{ actrunner_version }} dest=/usr/local/bin/act_runner state=link
when: runner_download.changed
notify: Restart act_runner
- name: Configure act_runner
template: src=config.yaml.j2 dest=/etc/act_runner/config.yaml owner={{ actrunner_user }} group={{ actrunner_group }}
notify: Restart act_runner
- name: Install systemd unit
template: src=act_runner.service.j2 dest=/lib/systemd/system/act_runner.service
notify:
- Reload systemd
- Restart act_runner
- name: Enable act_runner
service: name=act_runner state=started enabled=yes

View File

@ -0,0 +1,16 @@
[Unit]
Description=Gitea Actions runner
Documentation=https://gitea.com/gitea/act_runner
After=docker.service
[Service]
ExecStart=/usr/local/bin/act_runner daemon --config /etc/act_runner/config.yaml
ExecReload=/bin/kill -s HUP $MAINPID
WorkingDirectory=/var/lib/act_runner
TimeoutSec=0
RestartSec=10
Restart=always
User={{ actrunner_user }}
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,86 @@
log:
# The level of logging, can be trace, debug, info, warn, error, fatal
level: warn
runner:
# Where to store the registration result.
file: .runner
# Execute how many tasks concurrently at the same time.
capacity: 4
# Extra environment variables to run jobs.
envs:
# Extra environment variables to run jobs from a file.
# It will be ignored if it's empty or the file doesn't exist.
env_file: .env
# The timeout for a job to be finished.
# Please note that the Gitea instance also has a timeout (3h by default) for the job.
# So the job could be stopped by the Gitea instance if it's timeout is shorter than this.
timeout: 3h
# Whether skip verifying the TLS certificate of the Gitea instance.
insecure: false
# The timeout for fetching the job from the Gitea instance.
fetch_timeout: 5s
# The interval for fetching the job from the Gitea instance.
fetch_interval: 2s
# The labels of a runner are used to determine which jobs the runner can run, and how to run them.
# Like: ["macos-arm64:host", "ubuntu-latest:docker://node:16-bullseye", "ubuntu-22.04:docker://node:16-bullseye"]
# If it's empty when registering, it will ask for inputting labels.
# If it's empty when execute `deamon`, will use labels in `.runner` file.
labels: [
"ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-latest",
"ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04",
"ubuntu-20.04:docker://ghcr.io/catthehacker/ubuntu:act-20.04",
]
cache:
# Enable cache server to use actions/cache.
enabled: true
# The directory to store the cache data.
# If it's empty, the cache data will be stored in $HOME/.cache/actcache.
dir: ""
# The host of the cache server.
# It's not for the address to listen, but the address to connect from job containers.
# So 0.0.0.0 is a bad choice, leave it empty to detect automatically.
host: ""
# The port of the cache server.
# 0 means to use a random available port.
port: 0
# The external cache server URL. Valid only when enable is true.
# If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself.
# The URL should generally end with "/".
external_server: ""
container:
# Specifies the network to which the container will connect.
# Could be host, bridge or the name of a custom network.
# If it's empty, act_runner will create a network automatically.
network: ""
# Whether to use privileged mode or not when launching task containers (privileged mode is required for Docker-in-Docker).
privileged: false
# And other options to be used when the container is started (eg, --add-host=my.gitea.url:host-gateway).
options:
# The parent directory of a job's working directory.
# If it's empty, /workspace will be used.
workdir_parent:
# Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob
# You can specify multiple volumes. If the sequence is empty, no volumes can be mounted.
# For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to:
# valid_volumes:
# - data
# - /src/*.json
# If you want to allow any volume, please use the following configuration:
# valid_volumes:
# - '**'
valid_volumes: []
# overrides the docker client host with the specified one.
# If it's empty, act_runner will find an available docker host automatically.
# If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers.
# If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work.
docker_host: ""
# Pull docker image(s) even if already present
force_pull: false
host:
# The parent directory of a job's working directory.
# If it's empty, $HOME/.cache/act/ will be used.
workdir_parent:

View File

@ -1,14 +0,0 @@
[Unit]
Description=drone.io server
After=network-online.target
[Service]
Type=simple
User=drone
EnvironmentFile=/etc/default/drone
ExecStart=/opt/drone/bin/drone-server
Restart=always
RestartSec=5s
[Install]
WantedBy=multi-user.target

View File

@ -1,13 +0,0 @@
---
- name: Reload systemd
systemd: daemon_reload=yes
- name: Run acertmgr
command: /usr/bin/acertmgr
- name: Restart drone
service: name=drone state=restarted
- name: Restart nginx
service: name=nginx state=restarted

View File

@ -1,5 +0,0 @@
---
dependencies:
- { role: acertmgr }
- { role: nginx, nginx_ssl: True }

View File

@ -1,57 +0,0 @@
---
- name: Create user
user: name=drone
# TODO install drone to /opt/drone/bin
# currently it is manually compiled
- name: Configure drone
template: src=drone.j2 dest=/etc/default/drone
notify: Restart drone
- name: Install PostgreSQL
apt:
name:
- postgresql
- python3-psycopg2
- name: Configure PostgreSQL database
postgresql_db: name={{ drone_dbname }}
become: true
become_user: postgres
- name: Configure PostgreSQL user
postgresql_user: db={{ drone_dbname }} name={{ drone_dbuser }} password={{ drone_dbpass }} priv=ALL state=present
become: true
become_user: postgres
- name: Ensure certificates are available
command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ drone_domain }}.key -out /etc/nginx/ssl/{{ drone_domain }}.crt -days 730 -subj "/CN={{ drone_domain }}" creates=/etc/nginx/ssl/{{ drone_domain }}.crt
notify: Restart nginx
- name: Configure certificate manager for drone
template: src=certs.j2 dest=/etc/acertmgr/{{ drone_domain }}.conf
notify: Run acertmgr
- name: Configure vhost
template: src=vhost.j2 dest=/etc/nginx/sites-available/drone
notify: Restart nginx
- name: Enable vhost
file: src=/etc/nginx/sites-available/drone dest=/etc/nginx/sites-enabled/drone state=link
notify: Restart nginx
- name: Install systemd unit
copy: src=drone.service dest=/lib/systemd/system/drone.service
notify:
- Reload systemd
- Restart drone
- name: Enable drone
service: name=drone enabled=yes
- name: Enable monitoring
include_role: name=icinga-monitor tasks_from=http
vars:
vhost: "{{ drone_domain }}"

View File

@ -1,15 +0,0 @@
---
{{ drone_domain }}:
- path: /etc/nginx/ssl/{{ drone_domain }}.key
user: root
group: root
perm: '400'
format: key
action: '/usr/sbin/service nginx restart'
- path: /etc/nginx/ssl/{{ drone_domain }}.crt
user: root
group: root
perm: '400'
format: crt,ca
action: '/usr/sbin/service nginx restart'

View File

@ -1,10 +0,0 @@
DRONE_AGENTS_ENABLED=true
DRONE_DATABASE_DATASOURCE=postgres://{{ drone_dbuser }}:{{ drone_dbpass }}@127.0.0.1:5432/{{ drone_dbname }}
DRONE_DATABASE_DRIVER=postgres
DRONE_GITEA_SERVER=https://{{ gitea_domain }}
DRONE_GITEA_CLIENT_ID={{ drone_gitea_client }}
DRONE_GITEA_CLIENT_SECRET={{ drone_gitea_secret }}
DRONE_RPC_SECRET={{ drone_secret }}
DRONE_SERVER_HOST={{ drone_domain }}
DRONE_SERVER_PROTO=https
DRONE_USER_CREATE=username:{{ drone_admin }},admin:true

View File

@ -1,31 +0,0 @@
server {
listen 80;
listen [::]:80;
server_name {{ drone_domain }};
location /.well-known/acme-challenge {
default_type "text/plain";
alias /var/www/acme-challenge;
}
location / {
return 301 https://{{ drone_domain }}$request_uri;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name {{ drone_domain }};
ssl_certificate_key /etc/nginx/ssl/{{ drone_domain }}.key;
ssl_certificate /etc/nginx/ssl/{{ drone_domain }}.crt;
location / {
client_max_body_size 128M;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://localhost:8080;
}
}

View File

@ -1,21 +0,0 @@
---
- name: Run runner container
docker_container:
name: runner
image: drone/drone-runner-docker:1
env:
DRONE_RPC_PROTO: "https"
DRONE_RPC_HOST: "{{ drone_domain }}"
DRONE_RPC_SECRET: "{{ drone_secret }}"
DRONE_RUNNER_CAPACITY: "2"
DRONE_RUNNER_NAME: "{{ ansible_fqdn }}"
DRONE_UI_USERNAME: "admin"
DRONE_UI_PASSWORD: "{{ drone_uipass }}"
ports:
- "3000:3000"
pull: yes
restart_policy: unless-stopped
state: started
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"

View File

@ -47,10 +47,10 @@
roles: roles:
- xrdp_apphost - xrdp_apphost
- name: Setup drone runner - name: Setup gitea runner
hosts: bob.binary.kitchen hosts: bob.binary.kitchen
roles: roles:
- drone_runner - act_runner
- name: Setup strichliste server - name: Setup strichliste server
hosts: tschunk.binary.kitchen hosts: tschunk.binary.kitchen
@ -88,7 +88,6 @@
hosts: boron.binary-kitchen.net hosts: boron.binary-kitchen.net
roles: roles:
- gitea - gitea
- drone
- name: Setup jabber server - name: Setup jabber server
hosts: carbon.binary-kitchen.net hosts: carbon.binary-kitchen.net