volker.raschek/ansible-role-act-runner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial Commit
Some checks failed
Ansible Linter / ansible-lint (push) Successful in 22s
Details
Lint Markdown files / markdown-lint (push) Failing after 4s
Details

Browse Source
This commit is contained in:
Markus Pesch
2026-01-08 17:13:52 +01:00
commit 80b1eb7918
21 changed files with 2339 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.ansible-lint Normal file
View File

@@ -0,0 +1,4 @@
---
exclude_paths:
- .gitea/

12
.editorconfig Normal file
View File

@@ -0,0 +1,12 @@
# EditorConfig is awesome: https://EditorConfig.org
# top-most EditorConfig file
root = true
[*]
indent_style = space
indent_size = 2
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = false

20
.gitea/workflows/ansible-linters.yaml Normal file
View File

@@ -0,0 +1,20 @@
name: Ansible Linter
on:
pull_request:
types: [ "opened", "reopened", "synchronize" ]
push:
branches: [ '**' ]
tags-ignore: [ '**' ]
jobs:
ansible-lint:
runs-on:
- ubuntu-latest
steps:
- uses: actions/checkout@v6.0.1
- name: Run ansible-lint
uses: ansible/ansible-lint@v25.12.2
with:
args: "--config-file .ansible-lint"
setup_python: "true"

18
.gitea/workflows/markdown-linters.yaml Normal file
View File

@@ -0,0 +1,18 @@
name: Lint Markdown files
on:
pull_request:
types: [ "opened", "reopened", "synchronize" ]
push:
branches: [ '**' ]
tags-ignore: [ '**' ]
jobs:
markdown-lint:
runs-on:
- ubuntu-latest
steps:
- uses: actions/checkout@v6.0.1
- uses: DavidAnson/markdownlint-cli2-action@v21.0.0
with:
globs: '**/*.md'

21
.gitea/workflows/release.yaml Normal file
View File

@@ -0,0 +1,21 @@
name: Release Ansible Role
on:
push:
tags:
- '**'
jobs:
release:
name: Release Ansible Role
runs-on: ubuntu-latest
steps:
- name: Install Ansible Galaxy
run: |
apt update --yes
apt install --yes ansible
- env:
ANSIBLE_GALAXY_TOKEN: ${{ secrets.ANSIBLE_GALAXY_TOKEN }}
name: Update Ansible Role in Ansible Galaxy
run: |
ansible-galaxy role import --token=${ANSIBLE_GALAXY_TOKEN} volker-raschek ${GITHUB_REPOSITORY#*/}

2
.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
.ansible
node_modules

137
.markdownlint.yaml Normal file
View File

@@ -0,0 +1,137 @@
# markdownlint YAML configuration
# https://github.com/DavidAnson/markdownlint/blob/main/schema/.markdownlint.yaml
# Default state for all rules
default: true
# Path to configuration file to extend
extends: null
# MD003/heading-style/header-style - Heading style
MD003:
# Heading style
style: "atx"
# MD004/ul-style - Unordered list style
MD004:
style: "dash"
# MD007/ul-indent - Unordered list indentation
MD007:
# Spaces for indent
indent: 2
# Whether to indent the first level of the list
start_indented: false
# MD009/no-trailing-spaces - Trailing spaces
MD009:
# Spaces for line break
br_spaces: 2
# Allow spaces for empty lines in list items
list_item_empty_lines: false
# Include unnecessary breaks
strict: false
# MD010/no-hard-tabs - Hard tabs
MD010:
# Include code blocks
code_blocks: true
# MD012/no-multiple-blanks - Multiple consecutive blank lines
MD012:
# Consecutive blank lines
maximum: 1
# MD013/line-length - Line length
MD013:
# Number of characters
line_length: 120
# Number of characters for headings
heading_line_length: 120
# Number of characters for code blocks
code_block_line_length: 120
# Include code blocks
code_blocks: false
# Include tables
tables: false
# Include headings
headings: true
# Strict length checking
strict: false
# Stern length checking
stern: false
# MD022/blanks-around-headings/blanks-around-headers - Headings should be surrounded by blank lines
MD022:
# Blank lines above heading
lines_above: 1
# Blank lines below heading
lines_below: 1
# MD025/single-title/single-h1 - Multiple top-level headings in the same document
MD025:
# Heading level
level: 1
# RegExp for matching title in front matter
front_matter_title: "^\\s*title\\s*[:=]"
# MD026/no-trailing-punctuation - Trailing punctuation in heading
MD026:
# Punctuation characters
punctuation: ".,;:!。,;:!"
# MD029/ol-prefix - Ordered list item prefix
MD029:
# List style
style: "one_or_ordered"
# MD030/list-marker-space - Spaces after list markers
MD030:
# Spaces for single-line unordered list items
ul_single: 1
# Spaces for single-line ordered list items
ol_single: 1
# Spaces for multi-line unordered list items
ul_multi: 1
# Spaces for multi-line ordered list items
ol_multi: 1
# MD033/no-inline-html - Inline HTML
MD033:
# Allowed elements
allowed_elements: []
# MD035/hr-style - Horizontal rule style
MD035:
# Horizontal rule style
style: "---"
# MD036/no-emphasis-as-heading/no-emphasis-as-header - Emphasis used instead of a heading
MD036:
# Punctuation characters
punctuation: ".,;:!?。,;:!?"
# MD041/first-line-heading/first-line-h1 - First line in a file should be a top-level heading
MD041:
# Heading level
level: 1
# RegExp for matching title in front matter
front_matter_title: "^\\s*title\\s*[:=]"
# MD044/proper-names - Proper names should have the correct capitalization
MD044:
# List of proper names
names:
- gitea
# Include code blocks
code_blocks: false
# MD046/code-block-style - Code block style
MD046:
# Block style
style: "fenced"
# MD048/code-fence-style - Code fence style
MD048:
# Code fence syle
style: "backtick"

14
.vscode/settings.json vendored Normal file
View File

@@ -0,0 +1,14 @@
{
"ansible.python.interpreterPath": "/bin/python",
"files.associations": {
"**/.gitea/**/*.yml": "yaml",
"**/.gitea/**/*.yaml": "yaml",
"docker-compose*.yml": "dockercompose",
"*.yml": "ansible",
"*.yaml": "ansible",
".yamllint": "yaml",
".yamllint.yml": "yaml",
".yamllint.yaml": "yaml"
},
"rewrap.wrappingColumn": 120
}

19
.yamllint.yaml Normal file
View File

@@ -0,0 +1,19 @@
---
#
# Documentation:
# https://yamllint.readthedocs.io/en/stable/
#
rules:
brackets:
forbid: false
min-spaces-inside: 0
max-spaces-inside: 2
min-spaces-inside-empty: 0
max-spaces-inside-empty: 0
indentation:
spaces: 2
indent-sequences: false
line-length:
max: 360

20
LICENSE Normal file
View File

@@ -0,0 +1,20 @@
Copyright (c) 2025 Markus Pesch
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

99
README.md Normal file
View File

@@ -0,0 +1,99 @@
# act_runner
This Ansible role installs and configures a Gitea Act Runner for executing GitHub Actions-compatible workflows.
## Installation
```bash
ansible-galaxy install volker-raschek.act_runner
```
## Usage
### Simple Playbook
```yaml
- hosts: runners
become: yes
roles:
- role: volker-raschek.act_runner
vars:
act_runner_gitea_url: "https://your-gitea-instance.com"
act_runner_token: "your-registration-token"
```
### Advanced Configuration
```yaml
- hosts: runners
become: yes
roles:
- role: volker-raschek.act_runner
vars:
act_runner_gitea_url: "https://your-gitea-instance.com"
act_runner_token: "your-registration-token"
act_runner_config:
runner:
capacity: 2
labels:
- "ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest"
- "custom-label:docker://custom-image:latest"
container:
privileged: true
```
## Further ansible roles
This ansible role is used in combination with other ansible roles of `volker-raschek`. You can search for the other
ansible roles via the following command.
```bash
$ ansible-galaxy role search --author "volker-raschek"
Found roles matching your search:
Name Description
---- -----------
volker-raschek.bind9 Role to install and configure bind9 on different distributions
volker-raschek.dhcpd Role to install and configure dhcpd on different distributions
volker-raschek.renovate Role to configure renovate as container image
...
```
## Parameters
### Act Runner
| Name | Description | Value |
| -------------------------------------------- | -------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `act_runner_config_file` | Path to the act_runner configuration file | `/etc/act_runner/config.yaml` |
| `act_runner_config.log.level` | The level of logging, can be trace, debug, info, warn, error, fatal | `info` |
| `act_runner_config.runner.file` | Where to store the registration result | `.runner` |
| `act_runner_config.runner.capacity` | Execute how many tasks concurrently at the same time | `1` |
| `act_runner_config.runner.envs` | Extra environment variables to run jobs | `{}` |
| `act_runner_config.runner.env_file` | Extra environment variables to run jobs from a file | `.env` |
| `act_runner_config.runner.timeout` | The timeout for a job to be finished | `3h` |
| `act_runner_config.runner.shutdown_timeout` | The timeout for the runner to wait for running jobs to finish when shutting down | `0s` |
| `act_runner_config.runner.insecure` | Whether skip verifying the TLS certificate of the Gitea instance | `false` |
| `act_runner_config.runner.fetch_timeout` | The timeout for fetching the job from the Gitea instance | `5s` |
| `act_runner_config.runner.fetch_interval` | The interval for fetching the job from the Gitea instance | `2s` |
| `act_runner_config.runner.github_mirror` | The mirror address of the github that pulls the action repository | `""` |
| `act_runner_config.runner.labels` | The labels of a runner are used to determine which jobs the runner can run | `["ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest","ubuntu-22.04:docker://docker.gitea.com/runner-images:ubuntu-22.04","ubuntu-20.04:docker://docker.gitea.com/runner-images:ubuntu-20.04"]` |
| `act_runner_config.cache.enabled` | Enable cache server to use actions/cache | `true` |
| `act_runner_config.cache.dir` | The directory to store the cache data | `""` |
| `act_runner_config.cache.host` | The host of the cache server | `""` |
| `act_runner_config.cache.port` | The port of the cache server | `0` |
| `act_runner_config.cache.external_server` | The external cache server URL | `""` |
| `act_runner_config.container.network` | Specifies the network to which the container will connect | `""` |
| `act_runner_config.container.privileged` | Whether to use privileged mode when launching task containers | `false` |
| `act_runner_config.container.options` | Other options to be used when the container is started | `nil` |
| `act_runner_config.container.workdir_parent` | The parent directory of a job's working directory | `nil` |
| `act_runner_config.container.valid_volumes` | Volumes that can be mounted to containers | `[]` |
| `act_runner_config.container.docker_host` | Overrides the docker client host with the specified one | `""` |
| `act_runner_config.container.force_pull` | Pull docker image(s) even if already present | `true` |
| `act_runner_config.container.force_rebuild` | Rebuild docker image(s) even if already present | `false` |
| `act_runner_config.container.require_docker` | Always require a reachable docker daemon | `false` |
| `act_runner_config.container.docker_timeout` | Timeout to wait for the docker daemon to be reachable | `0s` |
| `act_runner_config.host.workdir_parent` | The parent directory of a job's working directory | `nil` |
| `act_runner_gitea_url` | The URL of the Gitea instance | `""` |
| `act_runner_token` | The registration token for the act_runner | `""` |

82
defaults/main.yaml Normal file
View File

@@ -0,0 +1,82 @@
## @section Act Runner
## @param act_runner_config_file Path to the act_runner configuration file
act_runner_config_file: /etc/act_runner/config.yaml
act_runner_config:
log:
## @param act_runner_config.log.level The level of logging, can be trace, debug, info, warn, error, fatal
level: info
runner:
## @param act_runner_config.runner.file Where to store the registration result
file: .runner
## @param act_runner_config.runner.capacity Execute how many tasks concurrently at the same time
capacity: 1
## @param act_runner_config.runner.envs Extra environment variables to run jobs
envs: {}
# A_TEST_ENV_NAME_1: a_test_env_value_1
# A_TEST_ENV_NAME_2: a_test_env_value_2
## @param act_runner_config.runner.env_file Extra environment variables to run jobs from a file
env_file: .env
## @param act_runner_config.runner.timeout The timeout for a job to be finished
timeout: 3h
## @param act_runner_config.runner.shutdown_timeout The timeout for the runner to wait for running jobs to finish when shutting down
shutdown_timeout: 0s
## @param act_runner_config.runner.insecure Whether skip verifying the TLS certificate of the Gitea instance
insecure: false
## @param act_runner_config.runner.fetch_timeout The timeout for fetching the job from the Gitea instance
fetch_timeout: 5s
## @param act_runner_config.runner.fetch_interval The interval for fetching the job from the Gitea instance
fetch_interval: 2s
## @param act_runner_config.runner.github_mirror The mirror address of the github that pulls the action repository
github_mirror: ''
## @param act_runner_config.runner.labels The labels of a runner are used to determine which jobs the runner can run
labels:
- "ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest"
- "ubuntu-22.04:docker://docker.gitea.com/runner-images:ubuntu-22.04"
- "ubuntu-20.04:docker://docker.gitea.com/runner-images:ubuntu-20.04"
cache:
## @param act_runner_config.cache.enabled Enable cache server to use actions/cache
enabled: true
## @param act_runner_config.cache.dir The directory to store the cache data
dir: ""
## @param act_runner_config.cache.host The host of the cache server
host: ""
## @param act_runner_config.cache.port The port of the cache server
port: 0
## @param act_runner_config.cache.external_server The external cache server URL
external_server: ""
container:
## @param act_runner_config.container.network Specifies the network to which the container will connect
network: ""
## @param act_runner_config.container.privileged Whether to use privileged mode when launching task containers
privileged: false
## @param act_runner_config.container.options Other options to be used when the container is started
options:
## @param act_runner_config.container.workdir_parent The parent directory of a job's working directory
workdir_parent:
## @param act_runner_config.container.valid_volumes Volumes that can be mounted to containers
valid_volumes: []
## @param act_runner_config.container.docker_host Overrides the docker client host with the specified one
docker_host: ""
## @param act_runner_config.container.force_pull Pull docker image(s) even if already present
force_pull: true
## @param act_runner_config.container.force_rebuild Rebuild docker image(s) even if already present
force_rebuild: false
## @param act_runner_config.container.require_docker Always require a reachable docker daemon
require_docker: false
## @param act_runner_config.container.docker_timeout Timeout to wait for the docker daemon to be reachable
docker_timeout: 0s
host:
## @param act_runner_config.host.workdir_parent The parent directory of a job's working directory
workdir_parent:
## @param act_runner_gitea_url The URL of the Gitea instance
act_runner_gitea_url: ""
## @param act_runner_token The registration token for the act_runner
act_runner_token: ""

7
handlers/main.yaml Normal file
View File

@@ -0,0 +1,7 @@
---
- name: Restart act_runner
ansible.builtin.systemd:
name: "{{ act_runner_service_name }}"
state: restarted
daemon_reload: true

26
meta/main.yaml Normal file
View File

@@ -0,0 +1,26 @@
dependencies: []
galaxy_info:
author: "Markus Pesch"
company: "Cryptic Systems"
description: "Role to create and managed an existing PKI infrastructure"
galaxy_tags:
- ca
- ssl
- tls
license: "MIT"
min_ansible_version: "2.9"
namespace: volker-raschek
platforms:
- name: ArchLinux
versions:
- all
- name: EL
versions:
- all
- name: Fedora
versions:
- all
- name: Ubuntu
versions:
- all
role_name: "act_runner"

1727
package-lock.json generated Normal file
View File

File diff suppressed because it is too large Load Diff

19
package.json Normal file
View File

@@ -0,0 +1,19 @@
{
"name": "act-runner-ansible-role",
"homepage": "https://git.cryptic.systems/volker.raschek/act-runner-ansible-role.git",
"license": "MIT",
"private": true,
"engineStrict": true,
"engines": {
"node": ">=16.0.0",
"npm": ">=8.0.0"
},
"scripts": {
"readme:lint": "markdownlint *.md -f",
"readme:parameters": "readme-generator -v defaults/main.yaml -r README.md"
},
"devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.5.0",
"markdownlint-cli": "^0.45.0"
}
}

9
renovate.json Normal file
View File

@@ -0,0 +1,9 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"local>volker.raschek/renovate-config:default#master",
"local>volker.raschek/renovate-config:container#master",
"local>volker.raschek/renovate-config:actions#master",
"local>volker.raschek/renovate-config:regexp#master"
]
}

77
tasks/main.yaml Normal file
View File

@@ -0,0 +1,77 @@
---
- name: Include OS-specific variables
ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
- "{{ ansible_facts['distribution'] }}_{{ ansible_facts['architecture'] }}.yaml"
- "{{ ansible_facts['distribution'] }}.yaml"
- "{{ ansible_facts['os_family'] }}_{{ ansible_facts['architecture'] }}.yaml"
- "{{ ansible_facts['os_family'] }}.yaml"
- main.yaml
paths:
- vars
- name: Verify required variables
ansible.builtin.include_tasks: verify_vars.yaml
- name: Check Gitea instance availability
ansible.builtin.uri:
url: "{{ act_runner_gitea_url }}"
method: GET
validate_certs: false
timeout: 10
register: _gitea_check
failed_when: _gitea_check.status is not defined or _gitea_check.status >= 400
- name: Install act_runner and dependencies
ansible.builtin.package:
name: "{{ item }}"
state: present
with_items: "{{ act_runner_package_names }}"
- name: Create act_runner config directory
ansible.builtin.file:
path: "{{ act_runner_config_file | dirname }}"
state: directory
mode: "0755"
- name: Template act_runner config file
ansible.builtin.template:
src: etc/act_runner/config.yaml.j2
dest: "{{ act_runner_config_file }}"
owner: "{{ act_runner_unix_user }}"
group: "{{ act_runner_unix_group }}"
mode: "0644"
notify: Restart act_runner
- name: Create act_runner lib directory
ansible.builtin.file:
path: "{{ act_runner_lib_dir }}"
owner: "{{ act_runner_unix_user }}"
group: "{{ act_runner_unix_group }}"
mode: "0755"
state: directory
- name: Check if act_runner is already registered
ansible.builtin.stat:
path: "{{ act_runner_lib_dir }}/.runner"
register: _act_runner_registration_file
- name: Register act_runner
ansible.builtin.command:
cmd: "act_runner --config {{ act_runner_config_file }} register --instance {{ act_runner_gitea_url }} --no-interactive"
chdir: "{{ act_runner_lib_dir }}"
environment:
GITEA_RUNNER_REGISTRATION_TOKEN: "{{ act_runner_token }}"
register: _act_runner_register_cmd
failed_when: _act_runner_register_cmd.rc > 0
changed_when: _act_runner_register_cmd.rc == 0
when: not _act_runner_registration_file.stat.exists
- name: Start and enable act_runner service
ansible.builtin.service:
name: "{{ act_runner_service_name }}"
state: started
enabled: true

11
tasks/verify_vars.yaml Normal file
View File

@@ -0,0 +1,11 @@
---
- name: Verify required variables are defined
ansible.builtin.assert:
that:
- vars[item] is defined
- vars[item] | length > 0
fail_msg: "Required variable '{{ item }}' is not defined or empty."
with_items:
- act_runner_gitea_url
- act_runner_token

4
templates/etc/act_runner/config.yaml.j2 Normal file
View File

@@ -0,0 +1,4 @@
#
# {{ ansible_managed }}
#
{{ act_runner_config | to_yaml }}

11
vars/Archlinux.yaml Normal file
View File

@@ -0,0 +1,11 @@
---
act_runner_package_names:
- act_runner
act_runner_service_name: act_runner
act_runner_unix_user: act_runner
act_runner_unix_group: act_runner
act_runner_lib_dir: /var/lib/act_runner