From 0aa3b439b16ff2fc26ce14eed63b78f01f9a0ce5 Mon Sep 17 00:00:00 2001 From: Lilian Date: Sun, 29 Mar 2026 18:59:33 +0200 Subject: [PATCH] Refactor to use new forgejo actions runner multi-connection feature instead of multiple instances --- .gitignore | 1 + config-vorstand.yml | 98 ------------------- config-infra.yml => config.yml | 14 ++- ...-runner@.service => forgejo-runner.service | 4 +- 4 files changed, 15 insertions(+), 102 deletions(-) delete mode 100644 config-vorstand.yml rename config-infra.yml => config.yml (93%) rename forgejo-runner@.service => forgejo-runner.service (92%) diff --git a/.gitignore b/.gitignore index c32e2a2..39bd733 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ # forgejo actions runner registration token .runner* +token-*.txt # podman authentication podman-auth.json diff --git a/config-vorstand.yml b/config-vorstand.yml deleted file mode 100644 index f2d9bb8..0000000 --- a/config-vorstand.yml +++ /dev/null @@ -1,98 +0,0 @@ -log: - # The level of logging, can be trace, debug, info, warn, error, fatal - level: info - # The level of logging for jobs, can be trace, debug, info, earn, error, fatal - job_level: info - -runner: - # Where to store the registration result. - file: /etc/forgejo-actions/.runner-vorstand - # Execute how many tasks concurrently at the same time. - capacity: 1 - # Extra environment variables to run jobs. - envs: - BUILDAH_ISOLATION: chroot # only possible way to isolate container builds within a container - # Extra environment variables to run jobs from a file. - # It will be ignored if it's empty or the file doesn't exist. - # env_file: .env - # The timeout for a job to be finished. - # Please note that the Forgejo instance also has a timeout (3h by default) for the job. - # So the job could be stopped by the Forgejo instance if it's timeout is shorter than this. - timeout: 2h - # The timeout for the runner to wait for running jobs to finish when - # shutting down because a TERM or INT signal has been received. Any - # running jobs that haven't finished after this timeout will be - # cancelled. - # If unset or zero the jobs will be cancelled immediately. - shutdown_timeout: 1m - # Whether skip verifying the TLS certificate of the instance. - insecure: false - # The timeout for fetching the job from the Forgejo instance. - fetch_timeout: 5s - # The interval for fetching the job from the Forgejo instance. - fetch_interval: 1m - # The interval for reporting the job status and logs to the Forgejo instance. - report_interval: 1s - # The labels of a runner are used to determine which jobs the runner can run, and how to run them. - # If it's empty when registering, it will ask for inputting labels. - # Remember to delete .runner when you modify this, otherwise the new labels will not get applied! - labels: ["ubuntu-latest:docker://git.ctbk.de/infra/ubuntu:act-24.04", "alpine:docker://git.ctbk.de/infra/alpine:latest", "alpine-latex:docker://git.ctbk.de/infra/alpine-latex:latest"] - -cache: - # Enable cache server to use actions/cache. - enabled: true - # The directory to store the cache data. - # If it's empty, the cache data will be stored in $HOME/.cache/actcache. - dir: "/mnt/cache/forgejo-actions" - # The host of the cache server. - # It's not for the address to listen, but the address to connect from job containers. - # So 0.0.0.0 is a bad choice, leave it empty to detect automatically. - host: "" - # The port of the cache server. - # 0 means to use a random available port. - port: 0 - # The external cache server URL. Valid only when enable is true. - # If it's specified, it will be used to set the ACTIONS_CACHE_URL environment variable. The URL should generally end with "/". - # Otherwise it will be set to the the URL of the internal cache server. - external_server: "" - -container: - # Specifies the network to which the container will connect. - # Could be host, bridge or the name of a custom network. - # If it's empty, create a network automatically. - network: "" - # Whether to create networks with IPv6 enabled. Requires the Docker daemon to be set up accordingly. - # Only takes effect if "network" is set to "". - enable_ipv6: true - # Whether to use privileged mode or not when launching task containers (privileged mode is required for Docker-in-Docker). - privileged: false - # And other options to be used when the container is started (eg, --add-host=my.forgejo.url:host-gateway). - # /dev/fuse is needed for the buildah overlayfs storage backend for container builds - options: "--cpus=1 --memory=1g --device=/dev/fuse" - # The parent directory of a job's working directory. - # If it's empty, /workspace will be used. - workdir_parent: - # Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob - # You can specify multiple volumes. If the sequence is empty, no volumes can be mounted. - # For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to: - # valid_volumes: - # - data - # - /src/*.json - # If you want to allow any volume, please use the following configuration: - # valid_volumes: - # - '**' - valid_volumes: [] - # overrides the docker client host with the specified one. - # If "-" or "", an available docker host will automatically be found. - # If "automount", an available docker host will automatically be found and mounted in the job container (e.g. /var/run/docker.sock). - # Otherwise the specified docker host will be used and an error will be returned if it doesn't work. - docker_host: "" - # Pull docker image(s) even if already present - force_pull: false - # Rebuild local docker image(s) even if already present - force_rebuild: false - -host: - # The parent directory of a job's working directory. - # If it's empty, $HOME/.cache/act/ will be used. - workdir_parent: diff --git a/config-infra.yml b/config.yml similarity index 93% rename from config-infra.yml rename to config.yml index 81cca53..02a95ba 100644 --- a/config-infra.yml +++ b/config.yml @@ -5,8 +5,6 @@ log: job_level: info runner: - # Where to store the registration result. - file: /etc/forgejo-actions/.runner-infra # Execute how many tasks concurrently at the same time. capacity: 1 # Extra environment variables to run jobs. @@ -96,3 +94,15 @@ host: # The parent directory of a job's working directory. # If it's empty, $HOME/.cache/act/ will be used. workdir_parent: + +server: + connections: + infra: + url: https://git.ctbk.de/ + uuid: f90f51c5-0d8f-4cbd-bfd0-9faf122b663f + token_url: file:/etc/forgejo-actions/token-infra.txt + vorstand: + url: https://git.ctbk.de/ + uuid: 97ac5a3a-2750-4ee7-bda3-7ced90d7ead6 + token_url: file:/etc/forgejo-actions/token-vorstand.txt + diff --git a/forgejo-runner@.service b/forgejo-runner.service similarity index 92% rename from forgejo-runner@.service rename to forgejo-runner.service index c09d0ee..16edce9 100644 --- a/forgejo-runner@.service +++ b/forgejo-runner.service @@ -1,11 +1,11 @@ [Unit] -Description=Forgejo Runner %I +Description=Forgejo Runner Documentation=https://forgejo.org/docs/latest/admin/actions/ After=podman.service podman.socket network-online.target Wants=podman.service [Service] -ExecStart=forgejo-runner daemon --config /etc/forgejo-actions/config-%i.yml +ExecStart=forgejo-runner daemon --config /etc/forgejo-actions/config.yml ExecReload=/bin/kill -s HUP $MAINPID Environment="DOCKER_HOST=unix:///run/podman/podman.sock"