diff --git a/entrypoint.sh b/entrypoint.sh index c6145e9..d1376c0 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -64,9 +64,14 @@ if [[ ! -f "${CONFIG_FILE}" ]]; then sed -i "/^ labels:/c\ \"labels\": [\"docker:docker://code.forgejo.org/oci/node:20-bookworm\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]" ${CONFIG_FILE} sed -i "/^ network:/c\ network: host" ${CONFIG_FILE} sed -i "/^ privileged:/c\ privileged: true" ${CONFIG_FILE} - sed -i "/^ options:/c\ options: -v /certs/client:/certs/client" ${CONFIG_FILE} - sed -i "/^ valid_volumes:/c\ valid_volumes:\n - /certs/client" ${CONFIG_FILE} - sed -i "/^ docker_host:/c\ docker_host: tcp://${DOCKER_HOST}:2376" ${CONFIG_FILE} + + if [[ "${DOCKER_TLS_VERIFY}" -ne 1 ]]; then + sed -i "/^ docker_host:/c\ docker_host: tcp://${DOCKER_HOST}:2375" ${CONFIG_FILE} + else + sed -i "/^ docker_host:/c\ docker_host: tcp://${DOCKER_HOST}:2376" ${CONFIG_FILE} + sed -i "/^ valid_volumes:/c\ valid_volumes:\n - /certs/client" ${CONFIG_FILE} + sed -i "/^ options:/c\ options: -v /certs/client:/certs/client" ${CONFIG_FILE} + fi fi if [[ ! -z "${ENV_FILE}" ]]; then @@ -76,11 +81,8 @@ else fi if [[ ! -f "${ENV_FILE}" ]]; then - echo "Creating ${ENV_FILE} and populating with default values" - cat <${ENV_FILE} - DOCKER_TLS_VERIFY: 1 - DOCKER_CERT_PATH: /certs/client -EOF + echo "Creating ${ENV_FILE}" + touch ${ENV_FILE} fi EXTRA_ARGS="" @@ -101,12 +103,14 @@ if [[ ! -s "${RUNNER_FILE}" ]]; then if [[ ! -z "${FORGEJO_SECRET}" ]]; then EXTRA_ARGS="${EXTRA_ARGS} --secret ${FORGEJO_SECRET}" + echo "Registering with SECRET" else if [[ -z "${RUNNER_TOKEN}" ]]; then echo "RUNNER_TOKEN is not set" exit 1 fi EXTRA_ARGS="${EXTRA_ARGS} --token ${RUNNER_TOKEN}" + echo "Registering with TOKEN" fi # The point of this loop is to make it simple, when running both forgejo-runner and gitea in docker, @@ -114,17 +118,11 @@ if [[ ! -s "${RUNNER_FILE}" ]]; then # the context of a single docker-compose, something similar could be done via healthchecks, but # this is more flexible. while [[ $success -eq 0 ]] && [[ $try -lt ${MAX_REG_ATTEMPTS:-10} ]]; do - # run_command "forgejo-runner register \ - # --instance \"${FORGEJO_URL:-http://forgejo:3000}\" \ - # --name \"${RUNNER_NAME:-$(hostname)}\" \ - # ${CONFIG_ARG} ${EXTRA_ARGS} --no-interactive 2>&1 | tee /tmp/reg.log" - run_command "forgejo-runner create-runner-file --connect \ --instance \"${FORGEJO_URL:-http://forgejo:3000}\" \ --name \"${RUNNER_NAME:-$(hostname)}\" \ ${CONFIG_ARG} ${EXTRA_ARGS} 2>&1 | tee /tmp/reg.log" - cat /tmp/reg.log | grep 'connection successful' >/dev/null if [[ $? -eq 0 ]]; then echo "SUCCESS" diff --git a/examples/docker-compose/compose-forgejo-and-runner.yml b/examples/docker-compose/compose-forgejo-and-runner.yml index eb6006e..e38e841 100644 --- a/examples/docker-compose/compose-forgejo-and-runner.yml +++ b/examples/docker-compose/compose-forgejo-and-runner.yml @@ -7,7 +7,7 @@ # openssl rand -hex 20 # # Replace all occurences of {SHARED_SECRET} below with the output. -# +# # NOTE: a token obtained from the Forgejo web interface cannot be used # as a shared secret. # @@ -29,7 +29,7 @@ services: networks: - forgejo environment: - DOCKER_TLS_CERTDIR: /certs + DOCKER_TLS_CERTDIR: "" # set to "certs" to use the TLS certificates, also update existing runner configs to use port 2376 DOCKER_HOST: docker-in-docker volumes: - docker_certs:/certs @@ -104,5 +104,5 @@ services: FORGEJO_SECRET: "{SHARED_SECRET}" # shared secret, must match Forgejo's RUNNER_FILE: runner-rootless.json # defaults to /data/runner.json - RUNNER_NAME: forgejo-runner # defaults to forgejo-runner, used for registration + RUNNER_NAME: forgejo-runner-rootless # defaults to forgejo-runner, used for registration RUNNER_TOKEN: "${RUNNER_TOKEN}" \ No newline at end of file