init

.drone.yml

@@ -0,0 +1,39 @@
+---
+kind: pipeline
+name: deploy to swarm-test.autonomic.zone
+steps:
+  - name: deployment
+    image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
+    settings:
+      host: swarm-test.autonomic.zone
+      stack: example_com  # UPDATE ME
+      generate_secrets: true
+      purge: true
+      deploy_key:
+        from_secret: drone_ssh_swarm_test
+      networks:
+        - proxy
+    environment:
+      DOMAIN: example.swarm-test.autonomic.zone # UPDATE ME
+      STACK_NAME: example_com  # UPDATE ME
+      LETS_ENCRYPT_ENV: staging
+      # Also set any config versions from abra.sh
+trigger:
+  branch:
+    - main
+---
+kind: pipeline
+name: generate recipe catalogue
+steps:
+  - name: release a new version
+    image: plugins/downstream
+    settings:
+      server: https://build.coopcloud.tech
+      token:
+        from_secret: drone_abra-bot_token
+      fork: true
+      repositories:
+        - toolshed/auto-recipes-catalogue-json
+
+trigger:
+  event: tag

.env.sample

@@ -0,0 +1,14 @@
+TYPE=gitlab-runner
+
+DOMAIN=gitlab-runner.example.com
+LETS_ENCRYPT_ENV=production
+
+
+## Runner options
+
+# The number of allowed jobs to run simultaneously 
+RUNNER_CONCURENCY=1 
+# How often (in seconds) will the runner look for new jobs
+RUNNER_CHECK_INTERVAL=3
+# How long (in seconds) until the runner will kill the current job for taking too long
+RUNNER_JOB_TIMEOUT=3600

.gitignore

@@ -0,0 +1 @@
+.envrc

README.md

@@ -0,0 +1,24 @@
+# gitlab-runner
+
+> One line description of the recipe
+
+<!-- metadata -->
+
+* **Category**: Apps
+* **Status**: 0
+* **Image**: [`gitlab-runner`](https://hub.docker.com/r/gitlab-runner), 4, upstream
+* **Healthcheck**: No
+* **Backups**: No
+* **Email**: No
+* **Tests**: No
+* **SSO**: No
+
+<!-- endmetadata -->
+
+## Quick start
+
+* `abra app new gitlab-runner --secrets`
+* `abra app config <app-name>`
+* `abra app deploy <app-name>`
+
+For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).

abra.sh

@@ -0,0 +1 @@
+RUNNER_CONF_VERSION=v1

compose.yml

@@ -0,0 +1,77 @@
+---
+version: "3.8"
+
+services:
+  runner:
+    image: registry.gitlab.com/gitlab-org/gitlab-runner:alpine
+    depends_on:
+      - dind
+    environment:
+      - CI_SERVER_URL=${DOMAIN}
+      - DOCKER_HOST=tcp://socket-proxy:2375
+      - RUNNER_CHECK_INTERVAL
+      - RUNNER_JOB_TIMEOUT
+      - RUNNER_CONCURENCY
+      - TEMPLATE_CONFIG_FILE=/etc/gitlab-runner/config.toml
+    configs:
+      - source: runner_conf
+        target: /etc/gitlab-runner/config.toml
+    volumes:
+      - "runnner_config:/etc/gitlab-runner"
+    networks:
+      - internal
+    deploy:
+      restart_policy:
+        condition: on-failure
+
+  socket-proxy:
+    image: lscr.io/linuxserver/socket-proxy:3.2.6
+    environment:
+      - PROXY_READ_TIMEOUT=5000
+      - ALLOW_START=1
+      - ALLOW_STOP=1
+      - ALLOW_RESTARTS=1
+      - AUTH=1
+      - BUILD=1
+      - COMMIT=1
+      - CONFIGS=1
+      - CONTAINERS=1
+      - DISABLE_IPV6=0
+      - DISTRIBUTION=0
+      - EVENTS=1
+      - EXEC=1
+      - IMAGES=1
+      - INFO=1
+      - NETWORKS=1
+      - NODES=1
+      - PING=1
+      - POST=1
+      - PLUGINS=1
+      - SECRETS=1
+      - SERVICES=1
+      - SESSION=1
+      - SWARM=1
+      - SYSTEM=1
+      - TASKS=1
+      - VERSION=1
+      - VOLUMES=1
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    networks:
+      - internal
+    ports:
+      - "2375:2375"
+
+volumes:
+  runnner_config:
+
+secrets:
+  registration_token:
+    name: ${STACK_NAME}_registration_token_${SECRET_REGISTRATION_TOKEN_VERSION}
+    external: true
+
+configs:
+  runner_conf:
+    name: ${STACK_NAME}_runner_config_${RUNNER_CONF_VERSION}
+    file: runner-config.toml.tmpl
+    template_driver: golang

runner-config.toml.tmpl

@@ -0,0 +1,20 @@
+concurrent = {{ env RUNNER_CONCURENCY }}
+check_interval = {{ env RUNNER_CHECK_INTERVAL }}
+
+[[runners]]
+  timeout = {{ env RUNNER_JOB_TIMEOUT }}
+  name = "{{ env RUNNER_TITLE }}"
+  url = "https://{{ env GITLAB_URL }}"
+  token = "{{ secret "registration_token" }}"
+  executor = "docker"
+  
+  [runners.docker]
+    host = "tcp://socket-proxy:2375"
+    bearer_token_overwrite_allowed = false
+    image = ""
+    namespace = ""
+    namespace_overwrite_allowed = ""
+    privileged = false
+    service_account_overwrite_allowed = ""
+    pod_labels_overwrite_allowed = ""
+    pod_annotations_overwrite_allowed = ""