From 3fd470fe3b1738c4266a0c54e12ad70d2c643386 Mon Sep 17 00:00:00 2001 From: Markus Pesch Date: Thu, 11 Jun 2026 17:20:51 +0200 Subject: [PATCH] fix: append unix user to additional groups --- README.md | 1 + defaults/main.yaml | 4 ++++ tasks/main.yaml | 9 +++++++-- vars/Archlinux.yaml | 1 + 4 files changed, 13 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index bd1f128..d0c01cd 100644 --- a/README.md +++ b/README.md @@ -95,6 +95,7 @@ Found roles matching your search: | `gitea_runner_config.container.require_docker` | Always require a reachable docker daemon | `false` | | `gitea_runner_config.container.docker_timeout` | Timeout to wait for the docker daemon to be reachable | `0s` | | `gitea_runner_config.host.workdir_parent` | The parent directory of a job's working directory | `nil` | +| `gitea_runner_unix_extra_groups` | List of additional unix groups to append the executing gitea-runner user to. | `[]` | | `gitea_runner_gitea_url` | The URL of the Gitea instance | `""` | | `gitea_runner_token` | The registration token for the gitea_runner | `""` | diff --git a/defaults/main.yaml b/defaults/main.yaml index 00cba28..68cc817 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -75,6 +75,10 @@ gitea_runner_config: ## @param gitea_runner_config.host.workdir_parent The parent directory of a job's working directory workdir_parent: +## @param gitea_runner_unix_extra_groups List of additional unix groups to append the executing gitea-runner user to. +gitea_runner_unix_extra_groups: [] +# - docker + ## @param gitea_runner_gitea_url The URL of the Gitea instance gitea_runner_gitea_url: "" diff --git a/tasks/main.yaml b/tasks/main.yaml index bf33d00..ec12ee9 100644 --- a/tasks/main.yaml +++ b/tasks/main.yaml @@ -26,8 +26,7 @@ failed_when: _gitea_check.status is not defined or _gitea_check.status >= 400 - name: Install gitea-runner and dependencies - when: - - ansible_facts['distribution'] == 'Archlinux' + when: ansible_facts['distribution'] == 'Archlinux' block: - name: Update package cache community.general.pacman: @@ -38,6 +37,12 @@ state: present with_items: "{{ gitea_runner_package_names }}" +- name: Add unix user to further groups + ansible.builtin.user: + name: "{{ gitea_runner_unix_user }}" + groups: "{{ gitea_runner_unix_groups + gitea_runner_unix_extra_groups }}" + append: true + - name: Create gitea-runner config directory ansible.builtin.file: path: "{{ gitea_runner_config_file | dirname }}" diff --git a/vars/Archlinux.yaml b/vars/Archlinux.yaml index d67fdeb..d44ead9 100644 --- a/vars/Archlinux.yaml +++ b/vars/Archlinux.yaml @@ -7,5 +7,6 @@ gitea_runner_service_name: gitea-runner gitea_runner_unix_user: gitea-runner gitea_runner_unix_group: gitea-runner +gitea_runner_unix_groups: [] gitea_runner_lib_dir: /var/lib/gitea-runner