# Configure the SUNET CDN forgejo runner
class cdn::runner(
)
{
  $runner_token = lookup({ 'name' => 'runner_token', 'default_value' => undef })

  if $runner_token {

    file { '/opt/forgejo-runner':
      ensure  => directory,
      owner   => 'root',
      group   => 'root',
      mode    => '0750',
    }

    # The owner/group matches 'user' in compose file for runner
    file { '/opt/forgejo-runner/data':
      ensure  => directory,
      owner   => '1001',
      group   => '1001',
      mode    => '0750',
    }

    file { '/opt/forgejo-runner/data/seccomp.json':
      ensure  => file,
      owner   => 'root',
      group   => '1001',
      mode    => '0640',
      content => template('cdn/runner/seccomp.json.erb'),
    }

    file { '/opt/forgejo-runner/docker_certs':
      ensure  => directory,
      owner   => 'root',
      group   => '1001',
      mode    => '0750',
    }

    sunet::docker_compose { 'sunet-cdn-runner':
      content          => template('cdn/runner/docker-compose.yml.erb'),
      service_name     => 'cdn-runner',
      compose_dir      => '/opt/sunet-cdn/compose/runner',
      compose_filename => 'docker-compose.yml',
      description      => 'SUNET CDN forgejo runner',
    }
  }
}