Mark
6982bcf372
Some checks failed
Ansible Lint / Ansible Lint Check (push) Has been cancelled
Automated deployment of act_runner on Ubuntu 20.04+ servers: - Docker CE installation (DEB822 format) - Node.js 24.x via NodeSource - act_runner binary with SHA256 verification - systemd service with security hardening - CI: ansible-lint via Gitea Actions Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
80 lines
3.2 KiB
YAML
80 lines
3.2 KiB
YAML
---
|
|
# =============================================================================
|
|
# Group Variables - All Hosts
|
|
# =============================================================================
|
|
#
|
|
# This file maps vault secrets to role variables and sets common overrides.
|
|
#
|
|
# VARIABLE RESOLUTION ORDER (lowest to highest priority):
|
|
# 1. roles/act_runner/defaults/main.yml (role defaults)
|
|
# 2. group_vars/all.yml (this file)
|
|
# 3. inventory host_vars (per-host overrides)
|
|
# 4. command line --extra-vars (highest priority)
|
|
#
|
|
# Vault variables (prefixed with vault_) are stored encrypted in vault.yml.
|
|
# Role variables are defined in roles/act_runner/defaults/main.yml.
|
|
#
|
|
# HOW TO USE:
|
|
# 1. Create the vault: ansible-vault create group_vars/vault.yml
|
|
# 2. Add your secrets to the vault (see vault.yml.example)
|
|
# 3. The mappings below will reference those vault variables
|
|
#
|
|
# See: https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html
|
|
# =============================================================================
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Vault Secret Mappings
|
|
# -----------------------------------------------------------------------------
|
|
# These map encrypted vault variables to the role's expected variable names.
|
|
# This indirection allows vault structure to differ from role expectations.
|
|
#
|
|
# REQUIRED: These must be set in group_vars/vault.yml
|
|
|
|
# URL of your Gitea instance (e.g., "https://git.example.com")
|
|
gitea_instance_url: "{{ vault_gitea_instance_url }}"
|
|
|
|
# Registration token from Gitea admin panel
|
|
# Get it from: {{ gitea_instance_url }}/-/admin/actions/runners
|
|
act_runner_token: "{{ vault_act_runner_token }}"
|
|
|
|
# Package registry hostname (usually same as Gitea host, without https://)
|
|
gitea_registry: "{{ vault_gitea_registry }}"
|
|
|
|
# Service account username for package registry authentication
|
|
gitea_actions_user: "{{ vault_gitea_actions_user }}"
|
|
|
|
# Personal Access Token (PAT) for package registry
|
|
# Create at: {{ gitea_instance_url }}/user/settings/applications
|
|
gitea_packages_token: "{{ vault_gitea_packages_token }}"
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Role Variable Overrides (Optional)
|
|
# -----------------------------------------------------------------------------
|
|
# Uncomment and modify to override role defaults for all hosts.
|
|
# See roles/act_runner/defaults/main.yml for all available variables.
|
|
|
|
# Act Runner Version
|
|
# Check available versions: https://dl.gitea.com/act_runner/
|
|
# act_runner_version: "0.2.13"
|
|
|
|
# Node.js Version
|
|
# Valid values: "18", "20", "22", "24"
|
|
# See: https://nodejs.org/en/about/previous-releases
|
|
# nodejs_version: "24"
|
|
|
|
# Runner Labels
|
|
# Define what jobs this runner can handle.
|
|
# Format: "label:executor" where executor is "host" or "docker://image"
|
|
# act_runner_labels:
|
|
# - "ubuntu-latest:host"
|
|
# - "self-hosted:host"
|
|
|
|
# Concurrent Jobs
|
|
# How many jobs can run simultaneously on each runner.
|
|
# Higher values = more parallelism but more resource usage.
|
|
# runner_capacity: 1
|
|
|
|
# Container Settings
|
|
# Whether to always pull images before running (recommended: true)
|
|
# container_force_pull: true
|