init runner compose, add secret version to env file

2025-09-26 02:47:27 -04:00
parent b47095b29b
commit 4dfd52e234
2 changed files with 62 additions and 0 deletions
--- a/.env.sample
+++ b/.env.sample
@ -18,6 +18,7 @@ LETS_ENCRYPT_ENV=production
 GITLAB_ROOT_EMAIL="gitlab_admin@example.com"
 SECRET_INITIAL_ROOT_PASSWORD_VERSION=v1
 SECRET_RUNNER_TOKEN_VERSION=v1
+SECRET_REGISTRATION_TOKEN_VERSION=v1

 SSO=false
 ## Authentik Configuration
--- a/compose.runner.yml
+++ b/compose.runner.yml
@ -0,0 +1,61 @@
+---
+version: "3.8"
+
+services:
+  dind:
+    image: docker:20-dind
+    privileged: true
+    environment:
+      DOCKER_TLS_CERTDIR: ""
+    command:
+      - --storage-driver=overlay2
+    networks:
+      - internal
+    deploy:
+      restart_policy:
+        condition: on-failure
+
+  runner:
+    image: registry.gitlab.com/gitlab-org/gitlab-runner:alpine
+    depends_on:
+      - dind
+    environment:
+      - DOCKER_HOST=tcp://dind:2375
+    volumes:
+      - 'runnner_config:/etc/gitlab-runner'
+    networks:
+      - internal
+    deploy:
+      restart_policy:
+        condition: on-failure
+
+  register-runner:
+    image: registry.gitlab.com/gitlab-org/gitlab-runner:alpine
+    depends_on:
+      - dind
+    environment:
+      - CI_SERVER_URL=${DOMAIN}
+      - REGISTRATION_TOKEN_file=/run/secrets/registration_token
+    command:
+      - register
+      - --non-interactive
+      - --locked=false
+      - --name=${RUNNER_NAME}
+      - --executor=docker
+      - --docker-image=docker:20-dind
+      - --docker-volumes=/var/run/docker.sock:/var/run/docker.sock
+    volumes:
+      - 'runnner_config:/etc/gitlab-runner'
+    networks:
+      - internal
+    deploy:
+      restart_policy:
+        condition: none
+
+volumes:
+  runnner_config:
+
+secrets:
+  registration_token:
+    name: ${STACK_NAME}_registration_token_${SECRET_REGISTRATION_TOKEN_VERSION}
+    external: true