Adrian Cowan
85178d9c92
All checks were successful
CI / Terraform fmt + validate (push) Successful in 20s
67 lines
1.7 KiB
HCL
67 lines
1.7 KiB
HCL
job "act-runner" {
|
|
group "act-runner" {
|
|
network {
|
|
mode = "bridge"
|
|
}
|
|
|
|
# Consul Connect upstream to Gitea so the runner can register and receive jobs
|
|
service {
|
|
name = "act-runner"
|
|
connect {
|
|
sidecar_service {
|
|
proxy {
|
|
upstreams {
|
|
destination_name = "code-connect"
|
|
local_bind_port = 3000
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
task "act-runner" {
|
|
driver = "docker"
|
|
|
|
config {
|
|
image = "gitea/act_runner:latest"
|
|
volumes = ["/var/run/docker.sock:/var/run/docker.sock"]
|
|
}
|
|
|
|
env = {
|
|
GITEA_INSTANCE_URL = "https://gitea-1ef0bea6b75a4fd3e9393a9f7f7e4b02.othrayte.one"
|
|
CONFIG_FILE = "/secrets/runner-config.yml"
|
|
}
|
|
|
|
# Required SOPS key:
|
|
# act-runner.registration_token — runner registration token from Gitea
|
|
# Admin → Settings → Actions → Runners → Create new runner
|
|
template {
|
|
data = <<EOF
|
|
GITEA_RUNNER_REGISTRATION_TOKEN={{ with nomadVar "nomad/jobs/act-runner" }}{{ .registration_token }}{{ end }}
|
|
EOF
|
|
destination = "secrets/runner.env"
|
|
env = true
|
|
}
|
|
|
|
# Limit which images/labels the runner will accept so it doesn't pick up
|
|
# unrelated workloads if more runners are added later.
|
|
template {
|
|
data = <<EOF
|
|
runner:
|
|
labels:
|
|
- "ubuntu-latest:docker://node:20-bookworm"
|
|
- "ubuntu-22.04:docker://node:20-bookworm"
|
|
- "ubuntu-24.04:docker://node:20-bookworm"
|
|
EOF
|
|
destination = "secrets/runner-config.yml"
|
|
}
|
|
|
|
resources {
|
|
cpu = 200
|
|
memory = 256
|
|
memory_max = 1024
|
|
}
|
|
}
|
|
}
|
|
}
|