diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 5579c57..b3fbb3f 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -15,3 +15,6 @@ ansible_become_pass: !vault | 36343435646561643662373138613237626461373330346566356132636366623731643838383633 3765666163656264340a663138623535626161376666323862373131383637356231323737313564 6430 + +woodpecker_server: 'ci.rustybever.be:9000' +woodpecker_secret: "{{ vault_woodpecker_secret }}" diff --git a/group_vars/all/vault.yml b/group_vars/all/vault.yml index f4da912..2aaf6ac 100644 --- a/group_vars/all/vault.yml +++ b/group_vars/all/vault.yml @@ -1,6 +1,10 @@ $ANSIBLE_VAULT;1.1;AES256 -37303338366435366664333235623930303461666537326463613536303263353233303631653061 -3365613139333035616434376464386436653863366338650a366363336438313364646432626335 -32396334643064326531393930666263643163636163316430616434363139316665323262616538 -3665633530616432350a326439636231383765666365386433313432373432373938656638373636 -34323166343965616330366265353462626132356565316637313430343462363163 +65396664323038303134303832613939623230323365613162313835623462663137623231643466 +3661303536326134636662636237326337653535613565380a643035326434656334363432633037 +31626233633935616234376334336138353833613962653632313639383932613638316238636436 +3066656463396530340a356634316630363866373834393035336663373264613031646231666538 +63366666336236313236653831316433346335356430366364303739666532623835373931376636 +63386434346265626331306461393330316164396632383462613537343664616266643938646632 +66316362623730313039666161353232313265613463653762666533356532633333616631343235 +66646339643366663365323165383830353562643266353935386334383134623933353162653666 +6432 diff --git a/nas.yml b/nas.yml index 9cbb433..7730b2b 100644 --- a/nas.yml +++ b/nas.yml @@ -41,3 +41,10 @@ roles: - rclone tags: rclone + +- name: Install Woodpecker agent + hosts: nas + become: yes + roles: + - woodpecker + tags: woodpecker diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 5e2ae80..5f20a61 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -17,7 +17,7 @@ - name: Add Docker PPA. apt_repository: # https://gist.github.com/rbq/886587980894e98b23d0eee2a1d84933 - repo: deb [arch=amd64] https://download.docker.com/{{ ansible_system | lower }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable + repo: deb [arch=arm64] https://download.docker.com/{{ ansible_system | lower }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable state: present - name: Install Docker, docker-compose & cron. diff --git a/roles/woodpecker/files/woodpecker-agent.service b/roles/woodpecker/files/woodpecker-agent.service new file mode 100644 index 0000000..d1801a7 --- /dev/null +++ b/roles/woodpecker/files/woodpecker-agent.service @@ -0,0 +1,16 @@ +[Unit] +Description=Woodpecker Agent +Documentation=https://woodpecker-ci.org/ +After=network.target network-online.target +Requires=network-online.target + +[Service] +Type=exec +User=woodpecker +Group=woodpecker +ExecStart=/usr/local/bin/woodpecker-agent +Restart=always +EnvironmentFile=/etc/woodpecker/woodpecker-agent.env + +[Install] +WantedBy=multi-user.target diff --git a/roles/woodpecker/handlers/main.yml b/roles/woodpecker/handlers/main.yml new file mode 100644 index 0000000..a9933a7 --- /dev/null +++ b/roles/woodpecker/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: woodpecker-agent-restart + ansible.builtin.service: + name: 'woodpecker-agent' + state: 'restarted' diff --git a/roles/woodpecker/meta/main.yml b/roles/woodpecker/meta/main.yml new file mode 100644 index 0000000..cb7d8e0 --- /dev/null +++ b/roles/woodpecker/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - role: docker diff --git a/roles/woodpecker/tasks/main.yml b/roles/woodpecker/tasks/main.yml new file mode 100644 index 0000000..f6fda97 --- /dev/null +++ b/roles/woodpecker/tasks/main.yml @@ -0,0 +1,78 @@ +--- +- name: Create download directory + ansible.builtin.file: + path: '/home/debian/woodpecker-agent-1.0.1' + state: directory + mode: '0755' + +- name: Download agent tarball + ansible.builtin.unarchive: + src: 'https://github.com/woodpecker-ci/woodpecker/releases/download/v1.0.1/woodpecker-agent_linux_arm64.tar.gz' + remote_src: true + dest: '/home/debian/woodpecker-agent-1.0.1' + creates: '/home/debian/woodpecker-agent-1.0.1/woodpecker-agent' + include: + - 'woodpecker-agent' + register: res + +- name: Move binary to correct location + ansible.builtin.copy: + src: '/home/debian/woodpecker-agent-1.0.1/woodpecker-agent' + remote_src: true + dest: '/usr/local/bin/woodpecker-agent' + owner: 'root' + group: 'root' + mode: '0755' + when: 'res.changed' + +- name: Ensure system group exists + group: + name: 'woodpecker' + gid: 200 + system: true + state: present + +- name: Ensure system user exists + user: + name: 'woodpecker' + group: 'woodpecker' + uid: 200 + system: true + create_home: false + +- name: Ensure woodpecker directory is present + file: + path: '/etc/woodpecker' + state: directory + mode: '0755' + owner: 'woodpecker' + group: 'woodpecker' + +- name: Ensure agent environment file is present + template: + src: 'woodpecker-agent.env.j2' + dest: '/etc/woodpecker/woodpecker-agent.env' + owner: 'woodpecker' + group: 'woodpecker' + mode: '0644' + notify: woodpecker-agent-restart + +- name: Ensure service file is present + copy: + src: 'woodpecker-agent.service' + dest: '/lib/systemd/system/woodpecker-agent.service' + owner: 'root' + group: 'root' + mode: '0644' + register: res + +- name: systemd-reload + ansible.builtin.systemd_service: + daemon_reload: true + when: 'res.changed' + +- name: Ensure agent service is enabled + ansible.builtin.service: + name: 'woodpecker-agent' + state: started + enabled: true diff --git a/roles/woodpecker/templates/woodpecker-agent.env.j2 b/roles/woodpecker/templates/woodpecker-agent.env.j2 new file mode 100644 index 0000000..1314a2b --- /dev/null +++ b/roles/woodpecker/templates/woodpecker-agent.env.j2 @@ -0,0 +1,4 @@ +WOODPECKER_SERVER={{ woodpecker_server }} +WOODPECKER_AGENT_SECRET={{ woodpecker_secret }} +WOODPECKER_AGENT_CONFIG_FILE=/etc/woodpecker/woodpecker-agent.conf +WOODPECKER_BACKEND=docker