removed gitea runner setting since runner are running as systemd

This commit is contained in:
Nik Afiq 2026-03-21 15:17:57 +09:00
parent c383ad8db3
commit b667757f5a
3 changed files with 0 additions and 147 deletions

View File

@ -1,27 +0,0 @@
---
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: internal-ca-cert
namespace: gitea-runner
spec:
encryptedData:
ca.crt: AgAVMzIi2tg93APNkBEA+YgEKHRC3f6uonVmYa1hBNWdfBuGMbRBPejeJ5F5g36rlRr1dPJCqXXV30mIqkJ7ipDKrPIv7BcxGaXcmXXnUc3SBuudGch4FeEH+EU11n8CxQx3n/YB/EFpIb0jqePPWBlZW6k9jw3tgHEkT6/+yiphqPCPqgMeqzuu5JwmaMBIQP4DjwPl+TT/l3S15eXYar3WR9Cxl3bmPWn/UPlpXxfKPB703QsrOg8yHKQv1r7C2ig0JH5WlZgpJkrtI7/Er4gEzaUiFYC0nvsu70eqQPmOmvdDUxRzBz0Utp7qQKgk6aroGo5iV1zB4M1daK00W9qnbXsipBFt3hNThhzj6ufE8nulLxDOaJ2XZaAdQjB97pmI2OmK1mT176gEoJ23OwBInJxfWP/258tEX7bgMyZx34kfJIgGlGLkgwiGTzDvp9ZY3J0btzCBFhGTFkLpbYsJ16L0MvKKzJC1mttyEHbBeQrdAPxU2ss45kRW8oe+DCbYta2zI4ZMg+E2byfxDIV2HJrHvoIjg05Ud195f2xLzkEJ0M4M/BF4VtJcBEHFRwS4AowLwFJyJqYh91UQAku0lzskU/SHlhzOQ7t1nq3VTKkmPLKezS6AjT/5u15+bXufTvWcRDdOf+RFamNJ/7c81JJp6CAAvygJzhsqbPcX13ane6L9IJ27aoJSBF7Nc4YHH2m4OJu/RpIp/aHExGq185SCk14aNFJO1x1m9Dnxmy/TwS8n1elRYhAc98H0R5xxfJV/2NZZnv6MRrAj+hUJBE2Dza2rNvi28NwSFAIf/Z3Mh33ngiJJ6mlb3Em3rLDriwztcl1SOTq/6TYCB0f9FUdONhnT3JLyECBh3OEI/m5rLLl/qj/F2CsRp06S63CcvTMzEHyvcF62r7zrDTqW19skEzUjrwzuGDt66/ns3q9rfyScOjQCh1boCA7s0nrIqLsYrS87VvTP0OfqMlU1yTy7YTbkgUzel0hGXlPKE/8D0yMbGEAninbxLNgmeZ2YHXVyfPHW7QzWF6cgQ6ePe+JrOLspDVWtg/uT77Dur7Cz3iK7usRFaihEXgylrGuhEY2zTiDhWN7CYrVdg5+nQe6nLagB06hNiiffXXzvDT5y2hzTbZreznq4Szra/jyCpgpGd1Uc+3id72geTXWuesOwCLwwOKNc3i/35IuJso9fpp1mYk0hb5xuyJSGy5syNcNC0Gv6hKwwVn7kL1+lxhUmSpOmP0n0F0rU+obFImUC7Omwkq7NMMorMnyrGe83bOFK4Nj8fX8Kw0NL7LLZvceQusinYzAhv708FskImdOzy0skHQxz10ep0bdwnbfrqPsIjWm2d52m7qloxaZ+bTfJF+ROnkyaiptMkhTRoGFBxfY9IfvB7Y7na4WAlm0/ZUhUkBd2p2HOVdfeUNDaJ2iVaUrd3BE5ywI/vNLP0aIg4wCIfbd9R9ulDU3ghdGpB/U=
tls.crt: AgB4n33c0IjCoYVQXxMPdbjmVVW/KI9wkQBpmjia1wyiT60wASnTkBtMQxkIUAADC2nyd+KQTiOqtjGomzy1c9ax8z5jJQZGHcxZbPTRFwC6fum3vV6D0i/t4tiOYS7QY18efC7KlEMT8pOACP+HES3u4Z8MUXq+9Pa4sJDa6sa2h9eyI9QmMhQ7Lj/wY6UNKoZZ4y90HCaTD0oHyiQ1bwoUNuIRGLOA/Zug/BE2+DNjK4fOU2A0x6KSGGDK96K1n5c0GmNaHq3+5/N8yIMKXcmQURZ8NAjdikTg1rRMlWXv4un6M3aRImIh9BxrwWfgecx+X0mV981dW60Mxtwd1eyiVFZenlKxYw6DzFYIsj+7lPoATAoZcGBoXPUvil+8cYfSxdh0m7+/uqP4M8p9ypu4jCfooaMy84ojlv990M9Pn0/FedPxXjzjFKWwZjD73vYCKnO+PRmqgbFWmKSb0x/vrrxkyISGWk4o7qzf+5xqgjTG9NJdwLFBAmvqlUE6nZek/rzL++NXLwNqU3h1at//1bT4xoJ1muo7Kk2ASjrOPdwAaiU5WfTHtWIjYq1GjfvFhr7v1gCKHihIKMj0F0AxFIEmBsfVOkJ2jgRFE+S7HpNvs/tKGER3IpSiJITqIpkDCxi15XpnwILzaabW/pAEE7UFbO1NJxXTA75QUhpQoZkWHEMIe90ntdPWO47ZVzQg4ytzhWqWnmGdPSitnixI9+OusIIE+7yAhdiskUD4RBSzKbjyl6Sz6taFQ1t80F0c2WNmdJr2dlbxZXx6Nsm+ILHVOhle7D6T1BtPw98W+AACPZHZkFv7EB5NqD5b6Ea9X5pGPQQdGN/iknpu66sfsMHQVfQFs62Pk+vUOB1Iy7ZtvTCq3fhO3HN998fY+z83BOUNq/eCCTa7ub6kwJtKMVbecpf3V8DeOLAWeSRxGtOAyB+VGt09SoGZjLyCrSHx7bl37Kq/xeMatBqP7I9ENfJxmIb7hTre4B539sAMIjLHH6dIlu0y6TG+XAH3rFS075e79NAcz9fnTsfQ5yd2hNeXTNrdr/Ct4EGBR+lRWTAhRhBwipeXh6OXPBuhU5u2KSPlOcv+uabMeBibCyabWxUp+78lTOHxY5qlRdlhbej6RFtjAvzVmJQ06T1P2ClCrgptNLVrKcCPnmkqss9uUmdkHIKpmCgT7qBh3kfC5P4Z5DnvfmfqHpZNnDbrRYxwkW8aZx1kFFd+1TVokaalAUkRT4QJhUkEzHagHw/PtM1SjXFE2YKHGw7/cdvXoxAMOUWuENgga7IFRwEfexMEQSKQ99Iz/t5ixxd3WDOtkvZRBz602E7Nvvn3rk1X0OSFlh4qmpcHre9NdanKHjUpuNykDQX8QSyMEehCce07hmT6pPL5LgpQng6gqIac9yr/tsH2HchxtFE7TOM4i+PrQdOo73dXfal78YSBFciRX95WF87+SuBztwK+j2PSD6T1q5o=
tls.key: AgB6r7b50sgYU/Ulgk6j98lK5ZqNO/cMVbSsh2prKc1/HX5ZdqSmJ+pI/skVSv0ghSk4Tr6HOXgrr3w2mByc241J2dU4IOf8CqwrUramYQEqmxjyhn/WTunS5/oBEmMY2IwMjHh8RY2F1s7/zGFZcq6vAVkLxzs/wytsYGj1rj/dARCqf+ilkgPYFPwV6+GMsm4usrPBVwcqnRbEisK3A3OOHvKNtUdUwiyhzIupl2wlX/D7UfC6QyGrKoEK6LYUTT0gDGCuD2j6GbkZ+UzfyOE0uEn2raeoeK7lhXcDE45Gkqh9jx8dGFajMQxiI2SE0pp1RHp3VvOSb3R/L5zIFFLlAy6ziWEl09ThFI1rd30W2kUdr68nTv9b4of8WFp5R4YHHw7HBoNOKAxODSIGOxG24oRSMxpSlRQWDK17B/ho4DFLaxDqBKRe9OR3cn0VlnEtrJEpAkjK7D7NrZ7oonH/JUR2wE6dhBnSQdmUpMfJPNuWUNbKZ0ma1xPMJnqHGc7BiaR5nJhplGZNGzx/p/y+LwBSuV9zujp8CzPdi9bTiMIDdFeNUUuMaFxjGTyRuMQ7pPfxi1Pijo70rAgASang8aNx3bdtNsKiZr7dBqA90egerpI9L0l/o8+iChX/1jBAGjBOCBUn8Vt8BGfa9xcOIp2q22iMX1Zw44puh/EYfCRtlaY1ezhUAL2IaxBDJQSYRpam//UPPYQwDRfl527NwXGWhmOPizPDyRiBVR5yhsYyBl6D23eHq2hiPTQd76bsu9DGwHrXcDKbclY561Q4tjP4wC90KV1yeIAh33hycQpzV09lGAyUuf4mEseezwZdQTw5ifG9NqmoQIs6Bc9ThkEgjOEgHJwV01cJMcED+PQzHDG76CKP2psvh5dG+n3lvZdmuf7vUQcASYJngGmSIPPamBS0a2qHz5W2BlxlPv4d11IW/sMpR/0oHinYPRBsM72cMdINQIyzO3ua68f3w9XNpHSS5mYF9UlfAfCKkYZpJA==
template:
metadata:
annotations:
cert-manager.io/alt-names: ""
cert-manager.io/certificate-name: internal-ca-cert
cert-manager.io/common-name: homelab-internal-ca
cert-manager.io/ip-sans: ""
cert-manager.io/issuer-group: cert-manager.io
cert-manager.io/issuer-kind: ClusterIssuer
cert-manager.io/issuer-name: internal-ca
cert-manager.io/uri-sans: ""
labels:
controller.cert-manager.io/fao: "true"
name: internal-ca-cert
namespace: gitea-runner
type: kubernetes.io/tls

View File

@ -1,14 +0,0 @@
---
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: gitea-runner-secret
namespace: gitea-runner
spec:
encryptedData:
token: AgAAPVI7QWXJlxJRA22hoVaQc9hlBXZiudfF7eVaHKVZR4Y8zGdjBa2sLRn7YjyKCZ9Pe6+939VN4d9p3QxgMe+HjdTSLVE0HwrdR5hBwbCKtffoYPjNGFZZWvdMPSBLe6OVRp8KTROIq87wZc2Zr2AFU0vhmGD0xbp+YhxCc6NIaMDgj7FBoZt/c9QQ/Un1090L8Cm8koQvH77XTddxLCFQAEvbpJqCwP8TX8VNB3TbRb5VTTNg7N+ky3CCpjZgfQp8eFFht75Irn64N5kyZUjJeFJtPLoTclCsXeVChQTwJocmAoi/2poDJGo40oxyx7G+AswV2OKv1xbYgwX25/BuQXnr2xS85v/xKDV1RsbtdV/KnMslHu5I9itg9ty+qrUjMBpp55cXIsp+q6W10sPzhiGdU4A4/Aj8CqXDS2hgF9kBcBdGysDJDR/NaWX8fBKbo/ajvXk7UJ2D5dxH6LIeIKkG3O0mRJj4FvFjqKvO6b/3+mouCBvz4QnHIwxnKJBGGcN4X8/1b6htORLMo2be+lKYgS2JdJjtF/NVq3PV2Tbtdab2mVYD8hHnPpufLXtGt5GeTDB0FuUvLvMAOf7H0aKbyqH7hFkLpXv09yldlc3PNpxEa4c7dKtdM6EB/UMGuCivLNdOCZPZ8wQeUzeRMzd6mepckfLfv7Aam1FupxeLeYblj/stnToMDIlZZB5MrJ0BDhGx7apTXSU8sKRx1U6u8JaaENYysWC/hhvLLFZDi636+18d
template:
metadata:
name: gitea-runner-secret
namespace: gitea-runner
type: Opaque

View File

@ -1,106 +0,0 @@
# Apply: kubectl apply -f manifests/gitea/gitea-runner.yaml
# Delete: kubectl delete -f manifests/gitea/gitea-runner.yaml
# Description: Gitea Actions runner deployment with host Docker socket and internal CA trust.
apiVersion: v1
kind: Namespace
metadata:
name: gitea-runner
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: gitea-runner
namespace: gitea-runner
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gitea-runner
namespace: gitea-runner
spec:
replicas: 1
selector:
matchLabels:
app: gitea-runner
template:
metadata:
labels:
app: gitea-runner
spec:
serviceAccountName: gitea-runner
nodeSelector:
node-role: primary
containers:
- name: runner
image: gitea/act_runner:latest
env:
- name: GITEA_INSTANCE_URL
value: "https://gitea.nik4nao.com"
- name: GITEA_RUNNER_REGISTRATION_TOKEN
valueFrom:
secretKeyRef:
name: gitea-runner-secret
key: token
- name: GITEA_RUNNER_NAME
value: "minisforum"
- name: GITEA_RUNNER_LABELS
value: "ubuntu-latest:host,ubuntu-22.04:host"
- name: CONFIG_FILE
value: /config/config.yaml
- name: NODE_EXTRA_CA_CERTS
value: /certs/ca.crt
- name: SSL_CERT_FILE
value: /certs/ca.crt
volumeMounts:
- name: config
mountPath: /config
- name: containerd-sock
mountPath: /var/run/docker.sock
- name: runner-data
mountPath: /data
- name: internal-ca
mountPath: /certs
- name: usr-bin
mountPath: /usr/local/bin/node
subPath: node
dnsConfig:
nameservers:
- 192.168.7.77
volumes:
- name: config
configMap:
name: gitea-runner-config
- name: containerd-sock
hostPath:
path: /run/k3s/containerd/containerd.sock
- name: runner-data
emptyDir: {}
- name: internal-ca
secret:
secretName: internal-ca-cert
- name: usr-bin
hostPath:
path: /usr/bin/node
---
apiVersion: v1
kind: ConfigMap
metadata:
name: gitea-runner-config
namespace: gitea-runner
data:
config.yaml: |
log:
level: info
runner:
fetch_timeout: 5s
fetch_interval: 2s
env_vars:
PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
SSL_CERT_FILE: "/certs/ca.crt"
GIT_SSL_CAINFO: "/certs/ca.crt"
container:
network: host
privileged: true
options: "--add-host=gitea.nik4nao.com:192.168.7.77"
valid_volumes:
- "**"