M docs/CONFIGURATION.md => docs/CONFIGURATION.md +1 -1
@@ 139,7 139,7 @@ srht_email_privkey: |
KEYHERE
```
-## Forward facing changes
+## Configure the frontend
Sourcehut allows you to customize the instance name and contact adress,
this playbook exposes these options as follows:
```yaml
M group_vars/all/default.yml => group_vars/all/default.yml +11 -0
@@ 91,3 91,14 @@ srht_service_key: ""
# A secret key to encrypt internal messages with. Use `srht-keygen network` to
# generate this key. It must be consistent between all services and nodes.
srht_network_key: ""
+
+# S3 ARTIFACT UPLOADING
+# s3 server url
+# https will automatiically be prepended to this
+srht_s3_upstream: "s3.{{ srht_domain }}"
+# s3 acces key
+# used for authentification
+srht_s3_access_key: ""
+# s3 secret key
+# used for authentification
+srht_s3_secret_key: ""
M roles/builds.sr.ht/README.md => roles/builds.sr.ht/README.md +36 -0
@@ 18,6 18,42 @@ and you probably do not need to change it.
`buildssrht_runner_mem` allows you to specify the amount of memory (RAM)
the worker container/VM is allowed to use.
+#### Artifact uploads
+To use the `artifacts` option to automatically upload artifacts,
+you have to setup s3 object storage.
+
+**This requires access to an s3 storage server like minio or AWS**,
+for example you could use
+[the minio docker container](https://hub.docker.com/r/minio/minio/).
+
+Using the admin panel of your s3 storage solution,
+create a new bucket (for example `builds.sr.ht`)
+and create a new *access-key* with write permission for that bucket.
+(NOTE: this will also generate a *secret-key* that will only be shown once,
+so make sure to copy it).
+
+After creating the bucket and keys,
+open you secret file and configure the following variables:
+
+``` yaml
+# s3 server url
+srht_s3_upstream: "s3.{{ srht_domain }}"
+# s3 bucket name
+buildssrht_s3_bucket: "builds.sr.ht"
+# s3 prefix
+buildssrht_s3_prefix: ""
+# s3 acces key
+# used for authentification
+srht_s3_access_key: ""
+# s3 secret key
+# used for authentification
+srht_s3_secret_key: ""
+```
+
+Note that `srht_s3_*` affects configuration options for your whole instance,
+and thus require you to rerun the full playbook
+(as the change files in `sr.ht-core`)
+
### Setting up an Alpine Linux image
Creating images should differ on a platform by platform basis,
but lets walk through a basic alpine setup.
M roles/builds.sr.ht/defaults/main.yml => roles/builds.sr.ht/defaults/main.yml +14 -0
@@ 10,3 10,17 @@ buildssrht_runner_mem: "2048M"
# how long the runner may be active
# see buildssrht_runner_timeout for more
buildssrht_runner_timeout: "45m"
+
+# S3 ARTIFACT UPLOADING
+# currently at most 8 artifacts per job are accepted,
+# where each artifact may only be 1GB in size.
+# The bucket location is also hardcoded to us-east-1
+# for more implementation-related restrictions see here:
+# https://git.sr.ht/~sircmpwn/builds.sr.ht/tree/master/item/worker/tasks.go
+#
+# format: https://<upstream>/<bucket>/<prefix>~<username><jobid><rnd><file>
+#
+# s3 bucket name
+buildssrht_s3_bucket: "builds.sr.ht"
+# s3 prefix
+buildssrht_s3_prefix: ""
M roles/builds.sr.ht/tasks/worker.yml => roles/builds.sr.ht/tasks/worker.yml +2 -2
@@ 54,8 54,8 @@
# Configure the S3 bucket and prefix for object storage. Leave empty to disable
# object storage. Bucket is required to enable object storage; prefix is
# optional.
- s3-bucket=
- s3-prefix=
+ s3-prefix={{ buildssrht_s3_prefix }}
+ s3-bucket={{ buildssrht_s3_bucket }}
register: conf
- name: Overwrite default runner setup
M roles/sr.ht-core/templates/config.ini => roles/sr.ht-core/templates/config.ini +3 -3
@@ 53,9 53,9 @@ global-domain={{ srht_domain }}
# Configure S3-compatible object storage for services. Optional.
#
# Minio is recommended as a FOSS solution over AWS: https://min.io
-s3-upstream=
-s3-access-key=
-s3-secret-key=
+s3-upstream={{ srht_s3_upstream }}
+s3-access-key={{ srht_s3_access_key }}
+s3-secret-key={{ srht_s3_secret_key }}
[mail]
#