Commit 5d0027c8 authored by Sven-Hendrik Haase's avatar Sven-Hendrik Haase
Browse files

gitlab-runner: Add role, config and secrets

parent 51a69203
$ANSIBLE_VAULT;1.1;AES256
31383863663532323366626536363461346133646636393932323339653461303631353061383561
6233383937663935316564663361333563353233323135380a613361393236613039333837323735
62303037313863633931663066323838653564653231323139373235646263393261343463333866
3831303263376634380a363562646632653166353564326462643535613338633937396539613931
32313862323736373965366137353036303832376562333131643731313039666265633765626563
37343332326633373735316138316533656566623935326263663565663862333361323162663932
36346162323833336666353334373134656662643936623563396332316531333539343739396561
62643562323638633634
---
network_interface: "eno2"
ipv4_address: "169.50.62.125"
ipv4_netmask: "/26"
ipv4_gateway: "169.50.62.65"
---
network_interface: "eno2"
ipv4_address: "159.122.70.8"
ipv4_netmask: "/26"
ipv4_gateway: "159.122.70.1"
......@@ -11,9 +11,8 @@ ind.mirror.pkgbuild.com
jpn.mirror.pkgbuild.com
mex.mirror.pkgbuild.com
sgp.mirror.pkgbuild.com
159.122.70.8
169.50.62.125
runner1.archlinux.org
runner2.archlinux.org
[mirrors]
ind.mirror.pkgbuild.com
......@@ -51,6 +50,10 @@ dragon.archlinux.org
soyuz.archlinux.org
sgp.mirror.pkgbuild.com
[gitlab-runners]
runner1.archlinux.org
runner2.archlinux.org
[reproduciblebuilds]
repro1.pkgbuild.com
repro2.pkgbuild.com
---
- name: setup gitlab-runners
hosts: gitlab-runners
remote_user: root
roles:
- { role: common }
- { role: sshd }
- { role: root_ssh }
- { role: gitlab-runner }
- name: restart gitlab runner
service: name=gitlab-runner state=restarted
---
- name: install dependencies
pacman: name=docker,python-docker,python-gitlab,gitlab-runner state=present
- name: start docker
service: name=docker enabled=yes state=started
- name: open firewall holes
firewalld: port={{ item }} permanent=true state=enabled immediate=yes
when: configure_firewall
with_items:
- "8093/tcp"
tags:
- firewall
- name: make docker0 interface trusted
firewalld: interface=docker0 zone=trusted permanent=true state=enabled immediate=yes
when: configure_firewall
tags:
- firewall
- name: register gitlab-runner
command: >
gitlab-runner register
--non-interactive
--url=https://gitlab.archlinux.org/
--docker-image=alpine:latest
--tag-list=docker
--registration-token="{{ vault_gitlab_runner_registration_token }}"
--executor=docker
--description="{{ inventory_hostname }}"
--run-untagged=true
--docker-tlsverify=true
--locked=false
--access-level=not_protected
args:
creates: /etc/gitlab-runner/config.toml
- name: increase concurrency
lineinfile:
path: /etc/gitlab-runner/config.toml
regexp: '^concurrent = .*'
line: concurrent = 100
notify: restart gitlab runner
- name: enable and start gitlab runner service
service: name=gitlab-runner state=started enabled=yes
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment