Mark
6982bcf372
Some checks failed
Ansible Lint / Ansible Lint Check (push) Has been cancelled
Automated deployment of act_runner on Ubuntu 20.04+ servers: - Docker CE installation (DEB822 format) - Node.js 24.x via NodeSource - act_runner binary with SHA256 verification - systemd service with security hardening - CI: ansible-lint via Gitea Actions Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
57 lines
2.2 KiB
YAML
57 lines
2.2 KiB
YAML
---
|
|
# =============================================================================
|
|
# Gitea Act Runner - Configuration and Registration
|
|
# =============================================================================
|
|
#
|
|
# Deploys the runner configuration and registers with Gitea.
|
|
# Registration is idempotent: only runs if .runner file doesn't exist.
|
|
#
|
|
# The .runner file contains the runner's identity after registration.
|
|
# DO NOT DELETE this file or re-registration will be required.
|
|
#
|
|
# =============================================================================
|
|
|
|
# Deploy configuration file from template.
|
|
- name: Deploy act_runner configuration
|
|
ansible.builtin.template:
|
|
src: config.yaml.j2
|
|
dest: "{{ act_runner_config_dir }}/config.yaml"
|
|
owner: "{{ act_runner_user }}"
|
|
group: "{{ act_runner_group }}"
|
|
mode: '0640' # Restrictive: contains secrets
|
|
notify: Restart act_runner
|
|
|
|
# Check if runner is already registered.
|
|
# The .runner file is created during registration and persists.
|
|
- name: Check if runner is already registered
|
|
ansible.builtin.stat:
|
|
path: "{{ act_runner_home }}/.runner"
|
|
register: act_runner_runner_file
|
|
|
|
# Register the runner with Gitea (only if not already registered).
|
|
# This is a one-time operation that creates the .runner file.
|
|
- name: Register runner with Gitea
|
|
ansible.builtin.command:
|
|
cmd: >-
|
|
{{ act_runner_bin_path }} register
|
|
--no-interactive
|
|
--config {{ act_runner_config_dir }}/config.yaml
|
|
--instance {{ gitea_instance_url }}
|
|
--token {{ act_runner_token }}
|
|
--name {{ act_runner_name }}
|
|
--labels {{ act_runner_labels | join(',') }}
|
|
chdir: "{{ act_runner_home }}"
|
|
become: true
|
|
become_user: "{{ act_runner_user }}"
|
|
when: not act_runner_runner_file.stat.exists
|
|
register: act_runner_registration_result
|
|
changed_when: act_runner_registration_result.rc == 0
|
|
# Don't show token in logs
|
|
no_log: true
|
|
|
|
# Display registration result (without sensitive data).
|
|
- name: Display registration status
|
|
ansible.builtin.debug:
|
|
msg: >-
|
|
Runner registration: {{ 'NEW - registered successfully' if act_runner_registration_result.changed | default(false) else 'EXISTING - already registered' }}
|