rnsrk/open-productive-stack
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
open-productive-stack/forgejo-runner/docker-compose.yml

68 lines
2 KiB
YAML
Raw Permalink Blame History

services:
# Docker-in-Docker backend so CI jobs run in isolated containers,
# not against the host Docker daemon.
docker-in-docker:
image: docker:dind
container_name: forgejo-runner-dind
privileged: true
environment:
DOCKER_TLS_CERTDIR: /certs
volumes:
- runner-certs:/certs/client
- forgejo-runner-dind:/var/lib/docker
networks:
forgejo-runner:
# DinD's TLS cert is issued for the SAN "docker"; alias so the
# runner can verify the cert when connecting over TLS.
aliases:
- docker
restart: unless-stopped
forgejo-runner:
image: code.forgejo.org/forgejo/runner:${RUNNER_VERSION:-6}
container_name: forgejo-runner
environment:
DOCKER_HOST: tcp://docker:2376
DOCKER_CERT_PATH: /certs/client
DOCKER_TLS_VERIFY: "1"
FORGEJO_INSTANCE_URL: ${FORGEJO_INSTANCE_URL}
FORGEJO_RUNNER_TOKEN: ${FORGEJO_RUNNER_TOKEN}
FORGEJO_RUNNER_NAME: ${FORGEJO_RUNNER_NAME:-forgejo-runner}
entrypoint: ["/bin/sh", "-c"]
command:
- |
set -e
if [ ! -f /data/.runner ]; then
echo "Registering runner with ${FORGEJO_INSTANCE_URL} ..."
forgejo-runner register --no-interactive \
--instance "${FORGEJO_INSTANCE_URL}" \
--token "${FORGEJO_RUNNER_TOKEN}" \
--name "${FORGEJO_RUNNER_NAME}" \
--labels "docker:docker://node:20-bookworm,ubuntu-latest:docker://node:20-bookworm"
fi
exec forgejo-runner daemon
working_dir: /data
volumes:
- forgejo-runner-data:/data
- runner-certs:/certs/client:ro
networks:
- forgejo-runner
- traefik
depends_on:
- docker-in-docker
restart: unless-stopped
volumes:
forgejo-runner-data:
name: forgejo-runner-data
forgejo-runner-dind:
name: forgejo-runner-dind
runner-certs:
name: forgejo-runner-certs
networks:
forgejo-runner:
name: forgejo-runner
traefik:
name: traefik
external: true
Reference in a new issue View git blame Copy permalink