2025-02-04 16:23:49 +01:00
|
|
|
# Configure a forgejo runner
|
|
|
|
|
# taken from cdn-ops
|
2025-02-05 00:50:28 +01:00
|
|
|
class soc::runner(
|
2025-02-04 16:23:49 +01:00
|
|
|
)
|
|
|
|
|
{
|
|
|
|
|
$runner_token = lookup({ 'name' => 'runner_token.vuln_management_repo', 'default_value' => undef })
|
|
|
|
|
|
|
|
|
|
if $runner_token {
|
|
|
|
|
|
|
|
|
|
file { '/opt/forgejo-runner':
|
|
|
|
|
ensure => directory,
|
|
|
|
|
owner => 'root',
|
|
|
|
|
group => 'root',
|
|
|
|
|
mode => '0750',
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# The owner/group matches 'user' in compose file for runner
|
|
|
|
|
file { '/opt/forgejo-runner/data':
|
|
|
|
|
ensure => directory,
|
|
|
|
|
owner => '1001',
|
|
|
|
|
group => '1001',
|
|
|
|
|
mode => '0750',
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
file { '/opt/forgejo-runner/docker_certs':
|
|
|
|
|
ensure => directory,
|
|
|
|
|
owner => 'root',
|
|
|
|
|
group => '1001',
|
|
|
|
|
mode => '0750',
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sunet::docker_compose { 'soc-action-runner':
|
|
|
|
|
content => template('soc/runner/docker-compose.yml.erb'),
|
|
|
|
|
service_name => 'soc-runner',
|
|
|
|
|
compose_dir => '/opt/compose/runner',
|
|
|
|
|
compose_filename => 'docker-compose.yml',
|
|
|
|
|
description => 'SUNET SOC forgejo runner',
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
