gitlab runner von rierms als submodule

Group Vars und Inventory hinzugefügt

Gruppe umbenannt, bindestrich nicht in gruppennamen erlaubt

wip

Einrückung

Datei richtig benannt

playbook mit richtiger rolle

readme

meta

doku dict

collectipn in doku

doku

funktioniert

.gitmodules

@@ -40,3 +40,4 @@
 [submodule "roles/geerlingguy.gitlab"]
 	path = roles/geerlingguy.gitlab
 	url = https://github.com/geerlingguy/ansible-role-gitlab
+

README.md

@@ -1,5 +1,26 @@
 # ansible_heimserver
 
+## collections als Dependency
+- in meta
+```
+collections:
+  - community.general
+```
+
+## defaults in Dictionary
+```bash
+- name: "register_runner"
+  community.general.gitlab_runner:
+    description: "{{ description|default('GitLab-Runner') }}"
+```
+
+```
+description: <-- Original-Variable
+"{{ item.description| <-- Original-Inhalt
+default('GitLab-Runner') }}" <-- wenn Inhalt leer, dann default...
+```
+
+
 ## playbook-grapher
 `ansible-playbook-grapher --include-role-tasks  tests/fixtures/with_roles.yml`
 

group_vars/all.yml

@@ -47,18 +47,18 @@
   ufw_default_outgoing_policy: allow
   ### ryandaniels.create_users
   users:
-  - username: mg
+    - username: mg
-    password: "{{ lookup('keepass', 'linux_mg_user_password_hash', 'password') }}"
+      password: "{{ lookup('keepass', 'linux_mg_user_password_hash', 'password') }}"
-    update_password: on_create
+      update_password: on_create
-    ssh_key: "{{ lookup('keepass', 'ssh_pubkey_mg', 'password') }}"
+      ssh_key: "{{ lookup('keepass', 'ssh_pubkey_mg', 'password') }}"
-    use_sudo: yes
+      use_sudo: yes
-    use_sudo_nopass: yes
+      use_sudo_nopass: yes
-    user_state: present
+      user_state: present
-    groups: ssh, sudo
+      groups: ssh, sudo
-    servers:
+      servers:
-      - production
+        - production
-      - staging
+        - staging
-      - test
+        - test
   ### geerlingguy.dotfiles
   dotfiles_repo: "https://git.mgrote.net/mg/dotfiles"
   dotfiles_repo_local_destination: "/home/mg/dotfiles-repo"

group_vars/docker.yml

@@ -28,9 +28,6 @@
       - production
       - staging
       - test
-      - virt
-      - cephq
-      - k8s
   ### mgrote.restic
   restic_folders_to_backup: /usr/local /etc /root /home /var/lib/docker
   restic_cron_hours: "*"

group_vars/gitlabrunner.yml

@@ -0,0 +1,17 @@
+---
+  ### geerlingguy.docker
+  docker_users:
+    - mg
+    - root
+    - ansible-user
+  ### geerlingguy.pip
+  pip_package: python3-pip
+  pip_install_packages:
+    - name: python-gitlab
+  ### mgrote.gitlab-runner
+  gitlab_runner:
+    - api_url: https://git.mgrote.net
+      registration_token: "{{ lookup('keepass', 'gitlab_runner_registration_token', 'password') }}"
+      api_token: "{{ lookup('keepass', 'gitlab_runner_api_token', 'password') }}" #Token: ansible-gitlab-runner
+      api_username: root
+      description: "{{ ansible_hostname }}"

inventory

@@ -54,12 +54,16 @@ all:
         gitea-staging.grote.lan:
         gitea-test.grote.lan:
         gitea.grote.lan:
-    gitlab:  # immer auch unten in den 2 Gruppen eintragen, sonst schlägt in Bootstrap das verteilen der ssh-keys fehl
+    gitlab:
       hosts:
         gitlab-staging.grote.lan:
         gitlab-test.grote.lan:
         gitlab.grote.lan:
-
+    gitlabrunner:  # immer auch unten in den 2 Gruppen eintragen, sonst schlägt in Bootstrap das verteilen der ssh-keys fehl
+      hosts:
+        gitlab-runner-staging.grote.lan:
+        gitlab-runner-test.grote.lan:
+        gitlab-runner.grote.lan:
 #    wsl:
 #      hosts:
 #        irantu.grote.lan:
@@ -85,6 +89,7 @@ all:
         jenkins.grote.lan:
         gitea.grote.lan:
         gitlab.grote.lan:
+        gitlab-runner.grote.lan:
     staging:
       hosts:
         wireguard-staging.grote.lan:
@@ -98,6 +103,7 @@ all:
         jenkins-staging.grote.lan:
         gitea-staging.grote.lan:
         gitlab-staging.grote.lan:
+        gitlab-runner-staging.grote.lan:
     test:
       hosts:
         wireguard-test.grote.lan:
@@ -113,3 +119,4 @@ all:
         jenkins-test.grote.lan:
         gitea-test.grote.lan:
         gitlab-test.grote.lan:
+        gitlab-runner-test.grote.lan:

playbooks/service/gitlab-runner.yml

@@ -0,0 +1,7 @@
+---
+- hosts: gitlabrunner
+  roles:
+    - { role: geerlingguy.pip, tags: "pip", become: true }
+    - { role: geerlingguy.docker, tags: "docker", become: true }
+    - { role: gantsign.ctop, tags: "ctop", become: true }
+    - { role: mgrote.gitlab-runner, tags: "gitlab-runner", become: true }

roles/mgrote.gitlab-runner/README.md

@@ -0,0 +1,10 @@
+## mgrote.gitlab_runner
+
+### Beschreibung
+Installiert einen Gitlab-Runner.
+
+### Funktioniert auf
+- [X] Ubuntu (>=18.04)
+
+### Variablen + Defaults
+see [defaults](./defaults/main.yml)

roles/mgrote.gitlab-runner/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+  gitlab_runner_arch: amd64 #https://gitlab-runner-downloads.s3.amazonaws.com/latest/index.html
+  gitlab_runner_dl_link: "https://gitlab-runner-downloads.s3.amazonaws.com/latest/deb/gitlab-runner_{{ gitlab_runner_arch }}.deb"

roles/mgrote.gitlab-runner/handlers/main.yml

@@ -0,0 +1,13 @@
+---
+  - name: "register_runner"
+    community.general.gitlab_runner:
+      api_url: "{{ item.api_url }}"
+      registration_token: "{{ item.registration_token }}"
+      api_token: "{{ item.api_token }}"
+      description: "{{ item.description|default('GitLab-Runner') }}"
+      state: "{{ item.state|default('present') }}"
+      active: "{{ item.active|default('True') }}"
+      run_untagged: True
+      locked: "{{ item.locked|default('False') }}"
+    loop: "{{ gitlab_runner }}"
+    no_log: true

roles/mgrote.gitlab-runner/meta/main.yml

@@ -0,0 +1,3 @@
+---
+  collections: # Damit wird die Collection, wenn nicht vorhanden, als Abhängigkeit heruntergeladen.
+    - community.general

roles/mgrote.gitlab-runner/tasks/main.yml

@@ -0,0 +1,6 @@
+---
+  - name: Install deb package
+    apt:
+      deb: "{{ gitlab_runner_dl_link }}"
+      state: present
+    notify: register_runner