304 lines
6.5 KiB
Bash
304 lines
6.5 KiB
Bash
#!/usr/bin/env bash
|
||
set -euo pipefail
|
||
|
||
############################################
|
||
# KrakenTech Gitea Runner Installer
|
||
############################################
|
||
|
||
# Usage:
|
||
# sudo ./install-gitea-runner.sh <GITEA_URL> <REG_TOKEN> <RUNNER_NAME>
|
||
#
|
||
# Example:
|
||
# sudo ./install-gitea-runner.sh \
|
||
# https://git.krkn.tech \
|
||
# ABC123TOKEN \
|
||
# worker-bigben-01
|
||
|
||
############################################
|
||
# Args
|
||
############################################
|
||
|
||
if [ "$#" -ne 3 ]; then
|
||
echo "Usage: $0 <gitea_url> <registration_token> <runner_name>"
|
||
exit 1
|
||
fi
|
||
|
||
GITEA_URL="$1"
|
||
REG_TOKEN="$2"
|
||
RUNNER_NAME="$3"
|
||
|
||
############################################
|
||
# Globals
|
||
############################################
|
||
|
||
RUNNER_USER="gitea-runner"
|
||
INSTALL_DIR="/opt/gitea-runner"
|
||
BIN_PATH="/usr/local/bin/gitea-runner"
|
||
SERVICE_PATH="/etc/systemd/system/gitea-runner.service"
|
||
|
||
############################################
|
||
# Helpers
|
||
############################################
|
||
|
||
log() {
|
||
echo -e "\033[1;32m[*]\033[0m $*"
|
||
}
|
||
|
||
warn() {
|
||
echo -e "\033[1;33m[!]\033[0m $*"
|
||
}
|
||
|
||
err() {
|
||
echo -e "\033[0;31m[✗]\033[0m $*" >&2
|
||
exit 1
|
||
}
|
||
|
||
############################################
|
||
# Root Check
|
||
############################################
|
||
|
||
if [ "$(id -u)" -ne 0 ]; then
|
||
err "Run as root."
|
||
fi
|
||
|
||
############################################
|
||
# OS Check
|
||
############################################
|
||
|
||
if ! command -v apt >/dev/null; then
|
||
err "This script supports Debian/Ubuntu only."
|
||
fi
|
||
|
||
############################################
|
||
# Remove Snap Docker (If Present)
|
||
############################################
|
||
|
||
if command -v snap >/dev/null && snap list | grep -q docker; then
|
||
warn "Snap Docker detected. Removing..."
|
||
snap remove --purge docker || true
|
||
rm -rf /var/snap/docker /snap/docker /var/lib/snapd/snaps/docker*
|
||
fi
|
||
|
||
############################################
|
||
# Install Base Deps
|
||
############################################
|
||
|
||
log "Installing dependencies..."
|
||
|
||
apt update
|
||
|
||
apt install -y \
|
||
ca-certificates \
|
||
curl \
|
||
gnupg \
|
||
lsb-release \
|
||
git \
|
||
jq \
|
||
uidmap \
|
||
unzip \
|
||
tar \
|
||
build-essential \
|
||
apt-transport-https
|
||
|
||
############################################
|
||
# Install Go
|
||
############################################
|
||
|
||
log "Installing Go..."
|
||
|
||
GO_VERSION="1.22.10" # change if you want
|
||
GO_TARBALL="go${GO_VERSION}.linux-amd64.tar.gz"
|
||
GO_URL="https://go.dev/dl/${GO_TARBALL}"
|
||
|
||
if ! command -v go >/dev/null || ! go version | grep -q "go${GO_VERSION}"; then
|
||
rm -rf /usr/local/go
|
||
curl -fL --retry 5 --retry-delay 2 "$GO_URL" -o "/tmp/${GO_TARBALL}"
|
||
tar -C /usr/local -xzf "/tmp/${GO_TARBALL}"
|
||
rm -f "/tmp/${GO_TARBALL}"
|
||
fi
|
||
|
||
# Make Go available system-wide
|
||
cat >/etc/profile.d/go.sh <<'EOF'
|
||
export GOROOT=/usr/local/go
|
||
export GOPATH=/opt/go
|
||
export PATH="$GOROOT/bin:$GOPATH/bin:$PATH"
|
||
EOF
|
||
|
||
chmod 644 /etc/profile.d/go.sh
|
||
mkdir -p /opt/go
|
||
chmod 777 /opt/go
|
||
|
||
# Verify
|
||
/usr/local/go/bin/go version
|
||
|
||
############################################
|
||
# Install Node.js (LTS)
|
||
############################################
|
||
|
||
log "Installing Node.js (LTS)..."
|
||
|
||
if ! command -v node >/dev/null; then
|
||
curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
|
||
|
||
apt install -y nodejs
|
||
fi
|
||
|
||
# Verify
|
||
node -v
|
||
npm -v
|
||
|
||
|
||
############################################
|
||
# Install Docker (Official)
|
||
############################################
|
||
|
||
if ! command -v docker >/dev/null; then
|
||
log "Installing Docker..."
|
||
|
||
curl -fsSL https://get.docker.com | sh
|
||
|
||
systemctl enable docker
|
||
systemctl start docker
|
||
fi
|
||
|
||
############################################
|
||
# NVIDIA Runtime (Optional)
|
||
############################################
|
||
|
||
if command -v nvidia-smi >/dev/null; then
|
||
log "NVIDIA detected. Installing container runtime..."
|
||
|
||
apt install -y nvidia-container-toolkit
|
||
|
||
nvidia-ctk runtime configure --runtime=docker
|
||
|
||
systemctl restart docker
|
||
fi
|
||
|
||
############################################
|
||
# Create Runner User
|
||
############################################
|
||
|
||
if ! id "$RUNNER_USER" &>/dev/null; then
|
||
log "Creating runner user..."
|
||
useradd \
|
||
--system \
|
||
--home "$INSTALL_DIR" \
|
||
--shell /bin/bash \
|
||
"$RUNNER_USER"
|
||
fi
|
||
|
||
usermod -aG docker "$RUNNER_USER"
|
||
|
||
############################################
|
||
# Setup Directory
|
||
############################################
|
||
|
||
log "Setting up directories..."
|
||
|
||
mkdir -p "$INSTALL_DIR"
|
||
chown -R "$RUNNER_USER:$RUNNER_USER" "$INSTALL_DIR"
|
||
|
||
############################################
|
||
# Download Gitea Runner
|
||
############################################
|
||
|
||
log "Downloading Gitea runner..."
|
||
|
||
TMP_FILE="/tmp/gitea-runner.bin"
|
||
|
||
curl -fL --retry 5 --retry-delay 2 \
|
||
https://dl.gitea.com/act_runner/0.2.13/act_runner-0.2.13-linux-amd64 \
|
||
-o "$TMP_FILE"
|
||
|
||
# Ensure it isn’t HTML
|
||
file "$TMP_FILE" | grep -qi "ELF" >/dev/null || { echo "Download failed"; exit 1; }
|
||
|
||
mv "$TMP_FILE" "$BIN_PATH"
|
||
chmod +x "$BIN_PATH"
|
||
|
||
############################################
|
||
# Register Runner
|
||
############################################
|
||
|
||
log "Registering runner..."
|
||
|
||
# Create runner home atomically
|
||
install -d -m 750 -o "$RUNNER_USER" -g "$RUNNER_USER" "$INSTALL_DIR"
|
||
|
||
# Ensure work dir exists
|
||
install -d -m 750 -o "$RUNNER_USER" -g "$RUNNER_USER" "$INSTALL_DIR/work"
|
||
|
||
# Remove any stale identity
|
||
rm -f "$INSTALL_DIR/.runner"
|
||
|
||
# Register as runner user in correct dir
|
||
runuser -u "$RUNNER_USER" -- bash <<EOF
|
||
set -e
|
||
|
||
cd "$INSTALL_DIR"
|
||
|
||
"$BIN_PATH" register \
|
||
--no-interactive \
|
||
--instance "$GITEA_URL" \
|
||
--token "$REG_TOKEN" \
|
||
--name "$RUNNER_NAME" \
|
||
--labels "docker,linux,amd64,krkn-builder"
|
||
EOF
|
||
|
||
############################################
|
||
# Create systemd Service
|
||
############################################
|
||
|
||
log "Creating systemd service..."
|
||
|
||
cat > "$SERVICE_PATH" <<EOF
|
||
[Unit]
|
||
Description=Gitea Actions Runner
|
||
After=network-online.target docker.service
|
||
Wants=network-online.target
|
||
|
||
[Service]
|
||
Type=simple
|
||
User=$RUNNER_USER
|
||
Group=$RUNNER_USER
|
||
WorkingDirectory=$INSTALL_DIR
|
||
|
||
ExecStart=$BIN_PATH daemon
|
||
Restart=always
|
||
RestartSec=5
|
||
|
||
Environment="PATH=/usr/local/go/bin:/usr/local/bin:/usr/bin:/bin"
|
||
Environment=DOCKER_HOST=unix:///var/run/docker.sock
|
||
|
||
LimitNOFILE=1048576
|
||
LimitNPROC=1048576
|
||
|
||
[Install]
|
||
WantedBy=multi-user.target
|
||
EOF
|
||
|
||
############################################
|
||
# Enable Service
|
||
############################################
|
||
|
||
log "Enabling runner service..."
|
||
|
||
systemctl daemon-reload
|
||
systemctl enable gitea-runner
|
||
systemctl start gitea-runner
|
||
|
||
############################################
|
||
# Final Checks
|
||
############################################
|
||
|
||
log "Installation complete."
|
||
|
||
echo
|
||
echo "Status:"
|
||
systemctl status gitea-runner --no-pager
|
||
|
||
echo
|
||
echo "Runner name: $RUNNER_NAME"
|
||
echo "Gitea URL: $GITEA_URL"
|
||
echo |