initial commit

.gitignore

@@ -0,0 +1 @@
+data/

README.md

@@ -0,0 +1,4 @@
+# Forgejo runner docker-compose configuration
+
+This repository contains the docker-compose configuration to run the forgejo
+runner for the forgejo.mixinet.net installation.

bin/setup-runner.sh

@@ -0,0 +1,78 @@
+#!/bin/sh
+
+set -e
+
+# Variables
+FORGEJO_URL="https://forgejo.mixinet.net"
+RUNNER_NAME="forgejo-docker-runner"
+
+# Compute WORK_DIR
+SCRIPT="$(readlink -f "$0")"
+SCRIPT_DIR="$(dirname "$SCRIPT")"
+WORK_DIR_RELPATH=".."
+WORK_DIR="$(readlink -f "$SCRIPT_DIR/$WORK_DIR_RELPATH")"
+
+DATA_DIR="$WORK_DIR/data"
+
+setup_user() {
+  if id -u forgejo-runner >/dev/null 2>&1; then
+    echo "User 'forgejo-runner' already exists."
+    return
+  fi
+  if id -g forgejo-runner >/dev/null 2>&1; then
+    echo "Group 'forgejo-runner' already exists."
+  else
+    sudo addgroup --system forgejo-runner
+  fi
+  sudo adduser --system --home /srv/forgejo-runner --no-create-home --ingroup forgejo-runner forgejo-runner
+}
+
+setup_data_dir() {
+  mkdir -p "$DATA_DIR"
+  sudo chown "$(id -u forgejo-runner):$(id -g forgejo-runner)" "$DATA_DIR"
+  sudo chmod 0775 "$DATA_DIR"
+
+  test -d "$DATA_DIR/.cache" || mkdir "$DATA_DIR/.cache"
+  sudo chown -R "$(id -u forgejo-runner):$(id -g forgejo-runner)" "$DATA_DIR/.cache"
+  sudo chmod 2775 "$DATA_DIR/.cache"
+}
+
+setup_runner() {
+  if [ -f "$DATA_DIR/.runner" ]; then
+    sudo chown "$(id -u forgejo-runner):$(id -g forgejo-runner)" "$DATA_DIR/.runner"
+    echo "Runner already configured, remove '$DATA_DIR/.runner' to configure again."
+    return
+  fi
+  forgejo_secret="$(openssl rand -hex 20)"
+  cd "$WORK_DIR" || exit 1
+  # Run the runner on a container usign the existing docker-compose file
+  RUNNER_UID="$(id -u forgejo-runner)" RUNNER_GID="$(id -g forgejo-runner)" docker compose run --rm runner \
+    forgejo-runner create-runner-file --instance "$FORGEJO_URL" --name "$RUNNER_NAME" --secret "$forgejo_secret"
+  # Stop the dind container (it is started because it is a dependency of the runner)
+  RUNNER_UID="$(id -u forgejo-runner)" RUNNER_GID="$(id -g forgejo-runner)" docker compose down
+  # Update the labels on the runner config
+  TMP_FILE="$(mktemp)"
+  jq '.labels |= ["docker:docker://node:22-bookworm"]' "$DATA_DIR/.runner" >"$TMP_FILE"
+  sudo sh -c "cat '$TMP_FILE' >'$DATA_DIR/.runner'"
+  rm "$TMP_FILE"
+  # Print message to register the runner with the secret
+  cat <<EOF
+Runner configuration file created. Please register the runner with the following command:
+
+  forgejo forgejo-cli actions register --name "$RUNNER_NAME" --secret "$forgejo_secret"
+EOF
+}
+
+# ====
+# MAIN
+# ====
+
+setup_user
+setup_data_dir
+setup_runner
+cat <<EOF
+Runner setup complete. You can now start the runner with:
+
+  cd "$WORK_DIR"
+  RUNNER_UID="$(id -u forgejo-runner)" RUNNER_GID="$(id -g forgejo-runner)" docker compose up -d
+EOF

docker-compose.yml

@@ -0,0 +1,23 @@
+services:
+  dind:
+    image: docker:dind
+    container_name: 'dind'
+    privileged: 'true'
+    command: ['dockerd', '-H', 'tcp://0.0.0.0:2375', '--tls=false']
+    restart: 'unless-stopped'
+
+  runner:
+    image: 'data.forgejo.org/forgejo/runner:6.2.2'
+    links:
+      - dind
+    depends_on:
+      dind:
+        condition: service_started
+    container_name: 'runner'
+    environment:
+      DOCKER_HOST: tcp://dind:2375
+    user: $RUNNER_UID:$RUNNER_GID
+    volumes:
+      - ./data:/data
+    restart: 'unless-stopped'
+    command: '/bin/sh -c "sleep 5; forgejo-runner daemon"'