From 67e6b4ebb9435c5830c36a41c4479d04524a93ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20G=C3=BCttler?= Date: Fri, 8 May 2026 12:55:16 +0200 Subject: [PATCH] chore: unify runner naming to sharedinbox-runner --- .gitignore | 2 +- codeberg-runner/Dockerfile | 18 ------------- codeberg-runner/codeberg-runner.service | 18 ------------- sharedinbox-runner/Dockerfile | 26 +++++++++++++++++++ .../docker-compose.yml | 0 sharedinbox-runner/sharedinbox-runner.service | 18 +++++++++++++ 6 files changed, 45 insertions(+), 37 deletions(-) delete mode 100644 codeberg-runner/Dockerfile delete mode 100644 codeberg-runner/codeberg-runner.service create mode 100644 sharedinbox-runner/Dockerfile rename {codeberg-runner => sharedinbox-runner}/docker-compose.yml (100%) create mode 100644 sharedinbox-runner/sharedinbox-runner.service diff --git a/.gitignore b/.gitignore index 283163e..c6bfb10 100644 --- a/.gitignore +++ b/.gitignore @@ -61,4 +61,4 @@ linux/flutter/generated_plugins.cmake *.log runner-data/ -codeberg-runner/runner-data/ +sharedinbox-runner/runner-data/ diff --git a/codeberg-runner/Dockerfile b/codeberg-runner/Dockerfile deleted file mode 100644 index 528cc7d..0000000 --- a/codeberg-runner/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -# Dockerfile for a Codeberg Runner with Nix installed -FROM gitea/act_runner:latest - -# Install Nix requirements and basic tools -RUN apt-get update && apt-get install -y curl xz-utils sudo && rm -rf /var/lib/apt/lists/* - -# Install Nix in single-user mode (suitable for container) -# We use the Determinate Systems installer for reliability -RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux \ - --init none \ - --no-confirm - -# Add Nix to PATH -ENV PATH="/nix/var/nix/profiles/default/bin:${PATH}" -ENV NIX_PATH="nixpkgs=channel:nixos-unstable" - -# Ensure the runner user can use Nix -RUN echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf diff --git a/codeberg-runner/codeberg-runner.service b/codeberg-runner/codeberg-runner.service deleted file mode 100644 index 3cc6040..0000000 --- a/codeberg-runner/codeberg-runner.service +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=Codeberg CI Runner (Docker Compose) -Requires=docker.service -After=docker.service network-online.target - -[Service] -Type=simple -User=root -Group=root -WorkingDirectory=/ -ExecStartPre=-/usr/bin/docker compose -f /opt/sharedinbox-runner/codeberg-runner/docker-compose.yml down -ExecStart=/usr/bin/docker compose -f /opt/sharedinbox-runner/codeberg-runner/docker-compose.yml up --build -ExecStop=/usr/bin/docker compose -f /opt/sharedinbox-runner/codeberg-runner/docker-compose.yml down -Restart=always -RestartSec=10 - -[Install] -WantedBy=multi-user.target diff --git a/sharedinbox-runner/Dockerfile b/sharedinbox-runner/Dockerfile new file mode 100644 index 0000000..494571d --- /dev/null +++ b/sharedinbox-runner/Dockerfile @@ -0,0 +1,26 @@ +# Dockerfile for a Codeberg Runner with Nix and a non-root worker +FROM gitea/act_runner:latest + +# Install Nix requirements and basic tools +RUN apt-get update && apt-get install -y curl xz-utils sudo && rm -rf /var/lib/apt/lists/* + +# Install Nix in single-user mode +RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux \ + --init none \ + --no-confirm + +ENV PATH="/nix/var/nix/profiles/default/bin:${PATH}" +RUN echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf + +# Create a restricted 'worker' user for running the actual CI jobs +RUN useradd -m -s /bin/bash worker && \ + mkdir -p /home/worker && \ + chown -R worker:worker /home/worker + +# Allow the worker user to use Nix +RUN chown -R worker:worker /nix/var/nix/profiles/per-user/worker || true && \ + chmod -R 777 /nix/store /nix/var/nix/db + +# We still start as root so the act_runner entrypoint can initialize, +# but the 'act_runner' is configured to run jobs as a specific user if requested. +# However, by default, act_runner executes inside this container. diff --git a/codeberg-runner/docker-compose.yml b/sharedinbox-runner/docker-compose.yml similarity index 100% rename from codeberg-runner/docker-compose.yml rename to sharedinbox-runner/docker-compose.yml diff --git a/sharedinbox-runner/sharedinbox-runner.service b/sharedinbox-runner/sharedinbox-runner.service new file mode 100644 index 0000000..9336b27 --- /dev/null +++ b/sharedinbox-runner/sharedinbox-runner.service @@ -0,0 +1,18 @@ +[Unit] +Description=SharedInbox CI Runner (Docker Compose) +Requires=docker.service +After=docker.service network-online.target + +[Service] +Type=simple +User=root +Group=root +WorkingDirectory=/ +ExecStartPre=-/usr/bin/docker compose -f /opt/sharedinbox-runner/sharedinbox-runner/docker-compose.yml down +ExecStart=/usr/bin/docker compose -f /opt/sharedinbox-runner/sharedinbox-runner/docker-compose.yml up --build +ExecStop=/usr/bin/docker compose -f /opt/sharedinbox-runner/sharedinbox-runner/docker-compose.yml down +Restart=always +RestartSec=10 + +[Install] +WantedBy=multi-user.target