iklim.co/Environment_Infrastructure
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Environment_Infrastructure/ansible/roles/act_runner/tasks/main.yml
Murat ÖZDEMİR 2198f932cd Implement: Gitea Actions runner, automated DB stack, and Turkish localization 
*   Introduces an Ansible role for installing and registering `act_runner` for Gitea Actions.
*   Automates PostgreSQL and MongoDB deployment on Docker Swarm in the test environment, leveraging Docker named volumes for data persistence.
*   Translates core documentation, including `README.md` and `setup/04-test-db-docker-kurulum.md`, to Turkish.
*   Adds comprehensive documentation for firewall architecture (`facts/firewall.md`) and Docker Swarm node recovery (`facts/swarm-node-recovery.md`).
*   Enhances security hardening by ensuring `fail2ban` is enabled and streamlining admin SSH key management via Ansible.
*   Updates Ansible vault structure to support new secret variables and adds `.vault_pass` to `.gitignore`.
2026-05-12 18:34:24 +03:00

87 lines
2.3 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
- name: Install deploy prerequisites
ansible.builtin.dnf:
name:
- gettext
- jq
- git
state: present
- name: Create gitea-runner system user
ansible.builtin.user:
name: gitea-runner
system: true
shell: /bin/bash
create_home: true
home: /var/lib/gitea-runner
groups: docker
append: true
- name: Download act_runner binary
ansible.builtin.get_url:
url: "https://dl.gitea.com/act_runner/{{ act_runner_version }}/act_runner-{{ act_runner_version }}-{{ act_runner_arch }}"
dest: /usr/local/bin/act_runner
mode: "0755"
owner: root
group: root
- name: Create act_runner config directory
ansible.builtin.file:
path: /etc/gitea-act-runner
state: directory
owner: gitea-runner
group: gitea-runner
mode: "0750"
# Kayıt öncesinde varsayılan config.yaml üretilir; dosya varsa tekrar yazılmaz.
- name: Generate default config.yaml
ansible.builtin.shell:
cmd: /usr/local/bin/act_runner generate-config > /etc/gitea-act-runner/config.yaml
creates: /etc/gitea-act-runner/config.yaml
become_user: gitea-runner
- name: Fix config.yaml ownership
ansible.builtin.file:
path: /etc/gitea-act-runner/config.yaml
owner: gitea-runner
group: gitea-runner
mode: "0640"
# .runner dosyası varsa runner zaten kayıtlıdır; creates ile idempotent hale gelir.
- name: Register runner with Gitea
ansible.builtin.command:
argv:
- /usr/local/bin/act_runner
- register
- --instance
- "{{ act_runner_gitea_url }}"
- --token
- "{{ act_runner_registration_token }}"
- --no-interactive
- --name
- "{{ act_runner_name }}"
- --config
- /etc/gitea-act-runner/config.yaml
- --labels
- "{{ act_runner_labels }}"
args:
chdir: /var/lib/gitea-runner
creates: /var/lib/gitea-runner/.runner
become_user: gitea-runner
when: act_runner_registration_token | length > 0
no_log: true
- name: Deploy gitea-act-runner systemd service
ansible.builtin.template:
src: gitea-act-runner.service.j2
dest: /etc/systemd/system/gitea-act-runner.service
mode: "0644"
notify: restart act_runner
- name: Enable and start gitea-act-runner
ansible.builtin.systemd:
name: gitea-act-runner
enabled: true
state: started
daemon_reload: true
Reference in New Issue View Git Blame Copy Permalink