Add Gitea act runner bootstrap tooling
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 4s
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 4s
This commit is contained in:
defiQUG
70
scripts/dev-vm/bootstrap-gitea-act-runner-site-wide.sh
Executable file
70
scripts/dev-vm/bootstrap-gitea-act-runner-site-wide.sh
Executable file
@@ -0,0 +1,70 @@
|
||||
#!/usr/bin/env bash
|
||||
# Site-wide Gitea Actions runner: use admin GITEA_TOKEN from root .env to fetch the
|
||||
# instance registration token, then register act_runner on dev-vm (5700) with ubuntu-latest.
|
||||
#
|
||||
# Requires: SSH to Proxmox (BatchMode), CT 5700 running Gitea + act_runner under /opt/act_runner.
|
||||
# Env (from .env via load-project-env): GITEA_TOKEN, optional GITEA_URL, RUNNER_LABELS,
|
||||
# RUNNER_FORCE_REREGISTER=1 to drop .runner and re-register, DEV_VM_VMID (default 5700).
|
||||
#
|
||||
# Usage (repo root):
|
||||
# bash scripts/dev-vm/bootstrap-gitea-act-runner-site-wide.sh
|
||||
# RUNNER_FORCE_REREGISTER=1 bash scripts/dev-vm/bootstrap-gitea-act-runner-site-wide.sh
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
PROJECT_ROOT="$(cd "${SCRIPT_DIR}/../.." && pwd)"
|
||||
# Load only root .env + IPs (avoid full load-project-env if another dotenv exits non-zero under set -e).
|
||||
[[ -f "${PROJECT_ROOT}/.env" ]] && set -a && source "${PROJECT_ROOT}/.env" && set +a
|
||||
[[ -f "${PROJECT_ROOT}/config/ip-addresses.conf" ]] && source "${PROJECT_ROOT}/config/ip-addresses.conf"
|
||||
PROXMOX_HOST_R630_01="${PROXMOX_R630_01:-${PROXMOX_HOST_R630_01:-192.168.11.11}}"
|
||||
PROXMOX_HOST_R630_02="${PROXMOX_R630_02:-${PROXMOX_HOST_R630_02:-192.168.11.12}}"
|
||||
PROXMOX_HOST_ML110="${PROXMOX_ML110:-${PROXMOX_HOST_ML110:-192.168.11.10}}"
|
||||
get_host_for_vmid() {
|
||||
case "$1" in
|
||||
5000|5700|7810|2201|2303|2401|6200|6201|10234|10237|5800|5801) echo "${PROXMOX_HOST_R630_02}";;
|
||||
5400|5401|5402|5403|5410|5411|5412|5413|5414|5415|5416|5417|5418|5419|5420|5421|5422|5423|5424|5425|5440|5441|5442|5443|5444|5445|5446|5447|5448|5449|5450|5451|5452|5453|5454|5455|5470|5471|5472|5473|5474|5475|5476) echo "${PROXMOX_HOST_R630_02}";;
|
||||
2101|10130|10150|10151|106|107|108|10000|10001|10020|10100|10101|10120|10233|10235) echo "${PROXMOX_HOST_R630_01}";;
|
||||
2301|2400|1504|2503|2504|2505) echo "${PROXMOX_HOST_ML110}";;
|
||||
*) echo "${PROXMOX_HOST_R630_01}";;
|
||||
esac
|
||||
}
|
||||
|
||||
GITEA_URL="${GITEA_URL:-https://gitea.d-bis.org}"
|
||||
GITEA_URL="${GITEA_URL%/}"
|
||||
VMID="${DEV_VM_VMID:-5700}"
|
||||
RUNNER_LABELS="${RUNNER_LABELS:-ubuntu-latest}"
|
||||
|
||||
if [[ -z "${GITEA_TOKEN:-}" ]]; then
|
||||
echo "ERROR: GITEA_TOKEN not set (root .env)." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
REG_JSON="$(curl -sS -H "Authorization: token ${GITEA_TOKEN}" \
|
||||
"${GITEA_URL}/api/v1/admin/runners/registration-token")"
|
||||
REG_TOKEN="$(printf '%s' "$REG_JSON" | sed -n 's/.*"token"[[:space:]]*:[[:space:]]*"\([^"]*\)".*/\1/p')"
|
||||
if [[ -z "$REG_TOKEN" || "$REG_TOKEN" == "null" ]]; then
|
||||
echo "ERROR: Could not get admin registration token. Response:" >&2
|
||||
printf '%s\n' "$REG_JSON" >&2
|
||||
echo "Ensure GITEA_TOKEN is an admin token with access to GET /api/v1/admin/runners/registration-token" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PROXMOX_HOST="$(get_host_for_vmid "$VMID")"
|
||||
echo "Using Proxmox host ${PROXMOX_HOST} for VMID ${VMID}."
|
||||
|
||||
if [[ "${RUNNER_FORCE_REREGISTER:-0}" == "1" ]]; then
|
||||
ssh -o BatchMode=yes -o StrictHostKeyChecking=accept-new "root@${PROXMOX_HOST}" \
|
||||
"pct exec ${VMID} -- bash -lc 'rm -f /opt/act_runner/.runner; systemctl stop act-runner 2>/dev/null || true'"
|
||||
fi
|
||||
|
||||
# Pass registration token into the container without embedding raw secret in ssh argv (still reversible from b64).
|
||||
TB64="$(printf '%s' "$REG_TOKEN" | base64 | tr -d '\n')"
|
||||
ssh -o BatchMode=yes -o StrictHostKeyChecking=accept-new "root@${PROXMOX_HOST}" \
|
||||
"pct exec ${VMID} -- bash -c 'export GITEA_RUNNER_REGISTRATION_TOKEN=\$(printf %s \"${TB64}\" | base64 -d); export RUNNER_LABELS=\"${RUNNER_LABELS}\"; bash -s'" \
|
||||
< "${SCRIPT_DIR}/setup-act-runner.sh"
|
||||
|
||||
ssh -o BatchMode=yes -o StrictHostKeyChecking=accept-new "root@${PROXMOX_HOST}" \
|
||||
"pct exec ${VMID} -- bash -s" < "${SCRIPT_DIR}/install-act-runner-systemd.sh"
|
||||
|
||||
echo "Done. Check Gitea Admin → Actions → Runners for an online runner with labels including: ${RUNNER_LABELS}"
|
||||
45
scripts/dev-vm/install-act-runner-systemd.sh
Executable file
45
scripts/dev-vm/install-act-runner-systemd.sh
Executable file
@@ -0,0 +1,45 @@
|
||||
#!/usr/bin/env bash
|
||||
# Install systemd unit for Gitea act_runner on the Gitea host (e.g. dev-vm 5700).
|
||||
# Run inside the container, or: ssh root@<proxmox> "pct exec 5700 -- bash -s" < scripts/dev-vm/install-act-runner-systemd.sh
|
||||
#
|
||||
# Optional env:
|
||||
# WORK_DIR default /opt/act_runner
|
||||
# GITEA_ACTION_URL default http://127.0.0.1:3000 (same host as Gitea)
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
WORK_DIR="${WORK_DIR:-/opt/act_runner}"
|
||||
GITEA_ACTION_URL="${GITEA_ACTION_URL:-http://127.0.0.1:3000}"
|
||||
|
||||
if [ ! -x "${WORK_DIR}/act_runner" ]; then
|
||||
echo "Missing ${WORK_DIR}/act_runner — run setup-act-runner.sh with GITEA_RUNNER_REGISTRATION_TOKEN first."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ ! -f "${WORK_DIR}/.runner" ]; then
|
||||
echo "Missing ${WORK_DIR}/.runner — register first: GITEA_RUNNER_REGISTRATION_TOKEN=... bash setup-act-runner.sh"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
cat > /etc/systemd/system/act-runner.service << EOF
|
||||
[Unit]
|
||||
Description=Gitea act_runner
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=root
|
||||
WorkingDirectory=${WORK_DIR}
|
||||
ExecStart=${WORK_DIR}/act_runner daemon
|
||||
Restart=on-failure
|
||||
RestartSec=10
|
||||
Environment=GITEA_ACTION_URL=${GITEA_ACTION_URL}
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
|
||||
systemctl daemon-reload
|
||||
systemctl enable act-runner
|
||||
systemctl restart act-runner
|
||||
systemctl --no-pager status act-runner
|
||||
@@ -6,9 +6,12 @@
|
||||
set -euo pipefail
|
||||
|
||||
ACT_RUNNER_VERSION="${ACT_RUNNER_VERSION:-0.2.13}"
|
||||
INSTANCE="${INSTANCE:-http://192.168.11.59:3000}"
|
||||
# Gitea root URL as seen from this host (same LXC as Gitea → 127.0.0.1)
|
||||
INSTANCE="${INSTANCE:-http://127.0.0.1:3000}"
|
||||
WORK_DIR="${WORK_DIR:-/opt/act_runner}"
|
||||
TOKEN="${GITEA_RUNNER_REGISTRATION_TOKEN:-}"
|
||||
# Workflows commonly use runs-on: ubuntu-latest; labels must match.
|
||||
RUNNER_LABELS="${RUNNER_LABELS:-ubuntu-latest}"
|
||||
|
||||
if [ -z "$TOKEN" ]; then
|
||||
echo "Set GITEA_RUNNER_REGISTRATION_TOKEN"
|
||||
@@ -29,6 +32,6 @@ fi
|
||||
chmod +x ./act_runner
|
||||
|
||||
if [ ! -f .runner ]; then
|
||||
./act_runner register --no-interactive --instance "$INSTANCE" --token "$TOKEN"
|
||||
./act_runner register --no-interactive --instance "$INSTANCE" --token "$TOKEN" --labels "$RUNNER_LABELS"
|
||||
fi
|
||||
echo "Ready. Run: ./act_runner daemon"
|
||||
|
||||
Reference in New Issue
Block a user