ivo/sce
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
sce/roles/podman_woodpecker_agent/tasks/agents.yml

60 lines
2.2 KiB
YAML
Raw Blame History

---
- name: Create Woodpecker agent volume
containers.podman.podman_volume:
name: "woodpecker-agent-{{ workspace_user }}"
state: present
- name: Create Woodpecker agent secret
containers.podman.podman_secret:
state: present
name: "woodpecker-agent-secret-{{ workspace_user }}"
data: "{{ podman_woodpecker_agent_secret }}"
# Necessary to make the module idempotent on Podman < v4.7
# See: https://github.com/containers/ansible-podman-collections/issues/692
skip_existing: true
- name: Determine UID of workspace user
ansible.builtin.user:
name: "{{ workspace_user }}"
register: user_data
- name: Create Woodpecker container
containers.podman.podman_container:
name: "woodpecker-agent-{{ user_data['uid'] }}"
state: present
image: "{{ podman_woodpecker_agent_image_path }}:{{ podman_woodpecker_version }}"
volumes:
- 'woodpecker-agent-{{ workspace_user }}:/etc/woodpecker'
- '/etc/timezone:/etc/timezone:ro'
- '/etc/localtime:/etc/localtime:ro'
- "/run/woodpecker/{{ user_data['uid'] }}.sock:/var/run/docker.sock"
env:
WOODPECKER_SERVER: "{{ podman_woodpecker_agent_server }}"
WOODPECKER_HOSTNAME: "{{ workspace_user }}"
# Nothing is using the healthcheck IIUC, so disabling it doesn't reduce functionality.
WOODPECKER_HEALTHCHECK: false
WOODPECKER_LOG_LEVEL: debug
WOODPECKER_BACKEND: docker
WOODPECKER_FILTER_LABELS: "{{ podman_woodpecker_agent_filter_labels }}"
secrets:
- "woodpecker-agent-secret-{{ workspace_user }},type=env,target=WOODPECKER_AGENT_SECRET"
generate_systemd:
restart_policy: always
path: ~/.config/systemd/user
after: "podman-proxy@{{ user_data['uid'] }}.target"
requires: "podman-proxy@{{ user_data['uid'] }}.target"
notify: Reload user systemd daemon
- name: Flush handlers
ansible.builtin.meta: flush_handlers
- name: Start and enable Woodpecker services
ansible.builtin.systemd_service:
name: "{{ item }}"
daemon_reload: true
state: started
enabled: true
scope: user
loop:
- "podman-proxy@{{ user_data['uid'] }}.path"
- "container-woodpecker-agent-{{ user_data['uid'] }}.service"
Reference in a new issue View git blame Copy permalink