104 lines
2.6 KiB
YAML
104 lines
2.6 KiB
YAML
#cloud-config
|
|
|
|
growpart:
|
|
mode: "off"
|
|
resize_rootfs: false
|
|
|
|
groups:
|
|
- docker
|
|
users:
|
|
- name: runner
|
|
homedir: /var/lib/runner
|
|
groups: docker
|
|
package_update: true
|
|
package_upgrade: true
|
|
package_reboot_if_required: false
|
|
packages:
|
|
- git
|
|
- uidmap
|
|
- dbus-user-session
|
|
- ca-certificates
|
|
- curl
|
|
- gnupg
|
|
- lsb-release
|
|
- docker-ce
|
|
- docker-ce-cli
|
|
- docker-ce-rootless-extras
|
|
- containerd.io
|
|
- docker-compose-plugin
|
|
apt:
|
|
sources:
|
|
docker.list:
|
|
source: "deb [arch=${arch} signed-by=$KEY_FILE] https://download.docker.com/linux/ubuntu $RELEASE stable"
|
|
keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
|
|
|
|
write_files:
|
|
- content: |
|
|
Defaults runcwd=*
|
|
path: /etc/sudoers.d/10-runcwd
|
|
owner: root:root
|
|
permissions: "0644"
|
|
|
|
- encoding: gzip+base64
|
|
content: ${unattended_upgrades_config}
|
|
path: /etc/apt/apt.conf.d/50unattended-upgrades
|
|
owner: root:root
|
|
permissions: "0644"
|
|
|
|
- encoding: gzip+base64
|
|
content: ${forgejo_runner_service}
|
|
path: /lib/systemd/system/forgejo-runner.service
|
|
owner: runner:runner
|
|
permissions: "0640"
|
|
defer: true
|
|
|
|
- encoding: gzip+base64
|
|
content: ${forgejo_runner_config}
|
|
path: /etc/act/config.yaml
|
|
owner: runner:runner
|
|
permissions: "0640"
|
|
defer: true
|
|
|
|
- content: |
|
|
{
|
|
"features": {
|
|
"containerd-snapshotter": true
|
|
}
|
|
}
|
|
|
|
path: /etc/docker/daemon.json
|
|
owner: root:root
|
|
permissions: "0640"
|
|
defer: true
|
|
|
|
- content: |
|
|
{
|
|
"features": {
|
|
"containerd-snapshotter": true
|
|
}
|
|
}
|
|
path: /var/lib/runner/.config/docker/daemon.json
|
|
owner: runner:runner
|
|
permissions: "0640"
|
|
defer: true
|
|
|
|
runcmd:
|
|
- |
|
|
set -e
|
|
loginctl enable-linger runner
|
|
|
|
docker run --privileged --rm tonistiigi/binfmt --install all
|
|
|
|
sleep 10
|
|
|
|
sudo -u runner DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus XDG_RUNTIME_DIR=/run/user/1000 /usr/bin/dockerd-rootless-setuptool.sh install --force
|
|
|
|
curl -L -o /usr/local/bin/forgejo-runner https://code.forgejo.org/forgejo/runner/releases/download/v${forgejo_runner_version}/forgejo-runner-${forgejo_runner_version}-linux-${arch}
|
|
|
|
curl -L -o /tmp/forgejo-runner.asc https://code.forgejo.org/forgejo/runner/releases/download/v${forgejo_runner_version}/forgejo-runner-${forgejo_runner_version}-linux-${arch}.asc
|
|
|
|
gpg --keyserver keys.openpgp.org --recv EB114F5E6C0DC2BCDD183550A4B61A2DC5923710
|
|
gpg --verify /tmp/forgejo-runner.asc /usr/local/bin/forgejo-runner
|
|
chmod +x /usr/local/bin/forgejo-runner
|
|
|
|
systemctl restart unattended-upgrades.service
|