merith-tk/forgejo-runner
1
0
Fork 0
Code Issues Pull requests 2 Projects Releases Packages Wiki Activity Actions
forgejo-runner/examples/docker-compose/compose-forgejo-and-runner.yml
Merith ea96696f10 remove rootless dockerfile, updatedate entrypoint, update docker compose 
Removed the rootless dockerfile as upon further investigation into how a `rootless` container works, the entrypoint that has been written fully accomodates that

to reflect this the compose file has had the rootless config removed from it as it is no longer needed to test a seperate container image,

added a debug echo function `decho` to the entrypoint, when `DEBUG=true` it will print "[entrypoint] message content"

added a 10 second wait to the entrypoint to allow other services such as docker-in-docker and forgejo to finish launching before the runner is launched, this is bypassable by `SKIP_WAIT=true`

applied several modifications requested by viceice,
2024-09-26 15:08:31 -07:00

88 lines
2.9 KiB
YAML
Raw Blame History

# Copyright 2024 The Forgejo Authors.
# SPDX-License-Identifier: MIT
#
# Create a secret with:
#
# openssl rand -hex 20
#
# Replace all occurences of {SHARED_SECRET} below with the output.
#
# NOTE: a token obtained from the Forgejo web interface cannot be used
# as a shared secret.
#
# Replace ${RUNNER_TOKEN} with the token obtained from the Forgejo web interface.
#
networks:
forgejo:
volumes:
docker_certs:
services:
docker-in-docker:
image: code.forgejo.org/oci/docker:dind
# container_name: docker # Must set container_name to docker for both internal DNS and TLS to work
hostname: docker
privileged: true
networks:
- forgejo
environment:
DOCKER_TLS_CERTDIR: "/certs" # set to "" to disable the use of TLS, also manually update existing runner configs to use port 2375
volumes:
- docker_certs:/certs
forgejo:
image: codeberg.org/forgejo/forgejo:1.21
hostname: forgejo
networks:
- forgejo
volumes:
- ./forgejo:/data
ports:
- 8080:3000
command: >-
bash -c '
/bin/s6-svscan /etc/s6 &
sleep 10 ;
su -c "forgejo admin user create --admin --username root --password examplepassword --email root@example.com" git ;
su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET}" git ;
sleep infinity
'
# all values that have defaults listed are optional
# only FORGEJO_SECRET or RUNNER_TOKEN is required
# FORGEJO_URL is required if forgejo is in this compose file or docker network
forgejo-runner:
## TODO: Update image to the the release
## made from this PR: https://code.forgejo.org/forgejo/runner/pulls/283
# image: code.forgejo.org/forgejo/runner:3.4.1
build: ../../
# user: "1000" # set to run rootless, overrides RUNNER_USER and disables automatic file ownership
volumes:
- ./forgejo-runner:/data
- docker_certs:/certs
networks:
- forgejo
depends_on:
- docker-in-docker
- forgejo
environment:
CONFIG_FILE: config.yml # defaults to /data/config.yml
DOCKER_HOST: "docker" # defaults to docker
DOCKER_TLS_CERTDIR: "/certs/client" # defaults to /certs/client
DOCKER_TLS_VERIFY: "1" # defaults to 0, set to 1 to enable TLS
FORGEJO_URL: ${FORGEJO_URL} # defaults to http://forgejo:3000
FORGEJO_SECRET: "{SHARED_SECRET}" # shared secret, must match Forgejo's, overrides RUNNER_TOKEN
RUNNER_FILE: .runner # defaults to /data/runner.json
RUNNER_NAME: forgejo-runner # defaults to forgejo-runner, used for registration
RUNNER_TOKEN: "${RUNNER_TOKEN}"
RUNNER_USER: 1000 # defaults to 1000, allows for automatic file ownership
DEBUG: "true" # defaults to false, set to true to enable debug logging
SKIP_WAIT: "false" # defaults to false, set to true to skip the 10 second wait to allow for forgejo and docker-in-docker to start
Reference in a new issue View git blame Copy permalink