forked from SUNET/soc-ops
44 lines
1.2 KiB
Puppet
44 lines
1.2 KiB
Puppet
# Configure a forgejo runner
|
|
# taken from cdn-ops
|
|
class soc::runner(
|
|
)
|
|
{
|
|
$runner_token = lookup({ 'name' => 'runner_token.vuln_management_repo', 'default_value' => undef })
|
|
$runner_labels = join([
|
|
"python:docker://nikolaik/python3.12-nodejs23",
|
|
"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04",
|
|
], ',')
|
|
|
|
if $runner_token {
|
|
|
|
file { '/opt/forgejo-runner':
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0750',
|
|
}
|
|
|
|
# The owner/group matches 'user' in compose file for runner
|
|
file { '/opt/forgejo-runner/data':
|
|
ensure => directory,
|
|
owner => '1001',
|
|
group => '1001',
|
|
mode => '0750',
|
|
}
|
|
|
|
file { '/opt/forgejo-runner/docker_certs':
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => '1001',
|
|
mode => '0750',
|
|
}
|
|
|
|
sunet::docker_compose { 'soc-action-runner':
|
|
content => template('soc/runner/docker-compose.yml.erb'),
|
|
service_name => 'soc-runner',
|
|
compose_dir => '/opt/compose/runner',
|
|
compose_filename => 'docker-compose.yml',
|
|
description => 'SUNET SOC forgejo runner',
|
|
}
|
|
}
|
|
}
|