A roles/containers/woodpecker-ci/README.org => roles/containers/woodpecker-ci/README.org +17 -0
@@ 0,0 1,17 @@
+* /roles/containers/woodpecker-ci
+[[woodpecker-ci.org/][Woodpecker CI]] module.
+
+Before using this,
+you probably want to set/edit the following variables
+in your ~secret.yml~ (or your unencrypted config):
+#+begin_src yaml
+woodpecker_port: 8000
+woodpecker_host: https://ci.ccw.icu
+woodpecker_gitea: https://codeberg.org
+woodpecker_gitea_client: changeme
+woodpecker_gitea_secret: changeme
+woodpecker_orgs: ""
+woodpecker_admin: "{{ username }}"
+woodpecker_repo_owners: "{{ username }}"
+woodpecker_agent_secret: changeme
+#+end_src
A roles/containers/woodpecker-ci/defaults/main.yml => roles/containers/woodpecker-ci/defaults/main.yml +13 -0
@@ 0,0 1,13 @@
+---
+woodpecker_project_dir: "ci"
+woodpecker_port: "8000"
+woodpecker_open: "false"
+woodpecker_domain: "ci.ccw.icu"
+woodpecker_host: "https://{{ woodpecker_domain }}"
+woodpecker_gitea: "https://codeberg.org"
+woodpecker_gitea_client: "changeme"
+woodpecker_gitea_secret: "changeme"
+woodpecker_orgs: ""
+woodpecker_admin: "{{ username }}"
+woodpecker_repo_owners: "{{ username }}"
+woodpecker_agent_secret: "changeme"
A roles/containers/woodpecker-ci/tasks/caddy.yml => roles/containers/woodpecker-ci/tasks/caddy.yml +24 -0
@@ 0,0 1,24 @@
+---
+- name: Make sure woodpecker-caddy reverse proxy config exists
+ become: true
+ vars:
+ domain: "{{ woodpecker_domain }}"
+ port: "{{ woodpecker_port }}"
+ template:
+ src: ../../../network/caddy/templates/reverse-proxy.template
+ dest: /etc/caddy/woodpecker
+ validate: caddy validate --adapter caddyfile --config %s
+
+- name: Make sure caddy links to the woodpecker config
+ become: true
+ lineinfile:
+ path: /etc/caddy/Caddyfile
+ search_string: "^import /etc/caddy/woodpecker"
+ line: "import /etc/caddy/woodpecker"
+ validate: caddy validate --adapter caddyfile --config %s
+ notify: Restart caddy
+
+- name: Restart caddy
+ service:
+ name: caddy
+ state: restarted
A roles/containers/woodpecker-ci/tasks/main.yml => roles/containers/woodpecker-ci/tasks/main.yml +3 -0
@@ 0,0 1,3 @@
+---
+- include_tasks: setup.yml
+- include_tasks: caddy.yml
A roles/containers/woodpecker-ci/tasks/setup.yml => roles/containers/woodpecker-ci/tasks/setup.yml +42 -0
@@ 0,0 1,42 @@
+---
+- name: Ensure woodpecker-project-dir "{{ woodpecker_project_dir }}" exists
+ file:
+ path: "{{ container_dir }}/{{ woodpecker_project_dir }}"
+ state: directory
+ recurse: true
+
+- name: Setup woodpecker-server
+ docker_container:
+ name: woodpecker-server
+ restart_policy: unless-stopped
+ image: woodpeckerci/woodpecker-server:next-alpine
+ ports:
+ - "{{ woodpecker_port }}:8000"
+ volumes:
+ - "{{ container_dir }}\
+ /{{ woodpecker_project_dir }}\
+ /woodpecker-server-data\
+ :/var/lib/woodpecker"
+ env:
+ WOODPECKER_OPEN: "{{ woodpecker_open }}"
+ WOODPECKER_HOST: "{{ woodpecker_host }}"
+ WOODPECKER_GITEA: "true"
+ WOODPECKER_GITEA_URL: "{{ woodpecker_gitea }}"
+ WOODPECKER_GITEA_CLIENT: "{{ woodpecker_gitea_client }}"
+ WOODPECKER_GITEA_SECRET: "{{ woodpecker_gitea_secret }}"
+ WOODPECKER_ORGS: "{{ woodpecker_orgs }}"
+ WOODPECKER_ADMIN: "{{ woodpecker_admin }}"
+ WOODPECKER_REPO_OWNERS: "{{ woodpecker_repo_owners }}"
+
+- name: Setup woodpecker-agent
+ docker_container:
+ name: woodpecker-agent
+ restart_policy: unless-stopped
+ image: woodpeckerci/woodpecker-agent:next-alpine
+ command: agent
+ links: woodpecker-server
+ volumes:
+ - /var/run/docker.sock:/var/run/docker.sock
+ env:
+ WOODPECKER_SERVER: "woodpecker-server:9000"
+ WOODPECKER_AGENT_SECRET: "{{ woodpecker_agent_secret }}"
M run.yml => run.yml +10 -3
@@ 1,6 1,13 @@
---
-- hosts: all
- become: yes
-
+- name: Setup base system
+ hosts: all
+ become: true
roles:
- role: system
+ tags: system
+
+- name: Woodpecker CI
+ hosts: all
+ roles:
+ - role: containers/woodpecker-ci
+ tags: woodpecker-ci