Last active
December 25, 2021 13:59
-
-
Save zyga/801a0c3e29966a1086a49f2ab6da146b to your computer and use it in GitHub Desktop.
LXD profile for setting up GitLab runner for existing projects. Secrets redacted.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
config: | |
security.nesting: "true" | |
security.syscalls.intercept.mknod: "true" | |
security.syscalls.intercept.setxattr: "true" | |
user.user-data: | | |
#cloud-config | |
--- | |
apt: | |
sources: | |
# This gives us up-to-date docker-ce. | |
docker.list: | |
source: deb https://download.docker.com/linux/ubuntu focal stable | |
keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 | |
# This gives us up-to-date gitlab-runner. | |
gitlab.list: | |
source: deb https://packages.gitlab.com/runner/gitlab-runner/ubuntu/ focal main | |
key: | | |
-----BEGIN PGP PUBLIC KEY BLOCK----- | |
mQINBF5dI2sBEACyGx5isuXqEV2zJGIx8rlJFCGw6A9g5Zk/9Hj50UpXNuOXlvQl | |
7vq91m2CAh88Jad7OiMHIJJhX3ZJEOf/pUx/16QKumsaEyBk9CegxUG9jAQXsjL3 | |
WLyP0/l27UzNrOAFB+IUGjsoP+32gsSPiF5P485mirIJNojIAFzDQl3Uo4FbvqYU | |
9AIRk5kV4nEYz1aKXAovIUsyqrztMtwlAG2xqdwVpGD2A4/w8I143qPGjjhEQmf4 | |
/EeS4CP9ztyLAx+01t2Acwa7Bygsb5KQPuT25UlevuxdDy/Rd5Zn/Lzwr2GQqjUs | |
6GbM0t1HYjh57e4V+p0qMf6jxXfrDCbehgzFvGS0cx/d7hWHm5sXZIt3gxpjBQU2 | |
8MQWtrR8Y3nTBkCHwOKsXdsdD+YHxTq/yuvxl1Bcyshp29cGWv1es3wn2Z6i9tWe | |
asGfVewJZiXFSEqSBGguEmLyCAZcWgXvHOV2kc66wG4d4TGIxmoo9GBqEtBftCVH | |
MGDHt7zeg2hg6EIsx8/nj1duO5nBnbnik5iG8Xv46e/aw2p4DfTdfxHpjvyJudyN | |
+UI5eSuuuXhyTZWedd5K1Q3+0CmACJ39t/NA6g7cZaw3boFKw3fTWIgOVTvC3y5v | |
d7wsuyGUk9xNhHLcu6HjB4VPGzcTwQWMFf6+I4qGAUykU5mjTJchQeqmQwARAQAB | |
tEJHaXRMYWIgQi5WLiAocGFja2FnZSByZXBvc2l0b3J5IHNpZ25pbmcga2V5KSA8 | |
cGFja2FnZXNAZ2l0bGFiLmNvbT6JAlQEEwEKAD4WIQT2QD9lRKOIY9qgtuA/AWGK | |
UTEvPwUCXl0jawIbAwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA/ | |
AWGKUTEvP3/+EACEpR4JwFz7fAZxKoTzq1xkv7JiVC1jDnfZ6U6tumMDSIBLqlZX | |
Jv/lixuXC/GCnyiduqqpO14RCkHrCECzNeu7+lt+eiBUpOKvDgkNid6FLMoulu1w | |
hDhQWss6+40dIWwa5i8maIFg6WOwIiI24PW9T+ywrf2Gfv9mB1YP3ob+8Cx1EVb/ | |
sf5mu1SGHvq2PqNvPeyY3W5vU7rB0Ax5Kcn3e0Z+tUSC8fV7TCg9hm9o2Ou928K4 | |
hmvdFfR0t47cXt1wmZ/pjrWcezVqeIrMJyWtje4hgcO3TSXsfvedEdYn8Q/BgVRw | |
9KL4DkR1HSemSsPB4YyOwLscjV6p5OCPm0PhPPXUGIdImcQH7jYuEXNi5nnN5dX4 | |
197ooTB2UCk8r0QtnhcQUE2ph46mylcksbR0nKhGh5bYW3jfd0X+MP36reo+EFQ7 | |
Sw35f7P7QvZqnEE8rd5fX3GImKm38xJi+9bGb4IH8WuslUZUMapgQqqBfw1k5+mP | |
BBqKWSdEsP1i7LBv9jVOaauMYQPLZcodx5prgjrB89V1hCKu+ZQl/hzoCwmeSruD | |
LUqX/RFeleZO2VeKXh1a/VQ69ThqZ7gyXcrvHopPPGTr9IESoV9/qcZWplEccP9b | |
FuY9t6HuSpcL7SlbsRVQ0NBQrsQeZR2J0YgvRc3JWgZAfcE5MK2jcoWKCLkCDQRe | |
XSNrARAApHc0R4tfPntr5bhTuXU/iVLyxlAlzdEv1XsdDC8YBYehT72Jpvpphtq7 | |
sKVsuC59l8szojgO/gW//yKSuc3Gm5h58+HpIthjviGcvZXf/JcN7Pps0UGkLeQN | |
2+IRZgbA6CAAPh2njE60v5iXgS91bxlSJi8GVHq1h28kbKQeqUYthu9yA2+8J4Fz | |
ivYV2VImKLSxbQlc86tl6rMKKIIOph+N4WujJgd5HZ80n2qp1608X3+9CXvtBasX | |
VCI2ZqCuWjffVCOQzsqRbJ6LQyMbgti/23F4Yqjqp+8eyiDNL6MyWJCBbtkW3Imi | |
FHfR0sQIM6I7fk0hvt9ljx9SG6az/s3qWK5ceQ7XbJgCAVS4yVixfgIjWvNE5ggE | |
QNOmeF9r76t0+0xsdMYJR6lxdaQI8AAYaoMXTkCXX2DrASOjjEP65Oq/d42xpSf9 | |
tG6XIq+xtRQyFWSMc+HfTlEHbfGReAEBlJBZhNoAwpuDckOC08vw7v2ybS5PYjJ4 | |
5Kzdwej0ga03Wg9hrAFd/lVa5eO4pzMLuexLplhpIbJjYwCUGS4cc/LQ2jq4fue5 | |
oxDpWPN+JrBH8oyqy91b10e70ohHppN8dQoCa79ySgMxDim92oHCkGnaVyULYDqJ | |
zy0zqbi3tJu639c4pbcggxtAAr0I3ot8HPhKiNJRA6u8HTm//xEAEQEAAYkCPAQY | |
AQoAJhYhBPZAP2VEo4hj2qC24D8BYYpRMS8/BQJeXSNrAhsMBQkDwmcAAAoJED8B | |
YYpRMS8/vzQP/iO0poRR9ZYjonP5GGIARRnF+xpWCRTZVSHLcAfS0ujZ7ekXoeeS | |
JNMJ/7T4Yk1EJ9MTFZ83Jj4UybKO3Rw+/iPmcPpqUQGaEReYLlx7SyxmsOBXf+Q9 | |
PtyUmGO47tL+eAPInYyxsWGib/EeOw4KQrfByAIPWu0aeNeXadzxBLIkqD863H5q | |
nTDrXOw6SLprlGt2zlc+XQKDv3DZez6wTcp205xdaNs55Bfk9pmKUS/ey3ZP7GvC | |
CDEGxuWulVSKL2DYtq0sEZD7pQYSy8gBTqXLQAyfmPDcxe9Lczhk3UYrUUomN1/w | |
+VE09q75yNqkaHdckVt+aYAHMgQ0ilmwTg6+OlEK+ZQkUT94viB6YW7B0M4uzols | |
9FSDxXea/uKn75jTSkA3GAXf7O5hqbkDDctJbtO2pPdLDxbXN95iZ9xpgRE3exGl | |
ucjgV5XGpLO4XXf0GTzug/TJAtNljJ/44+6meO0WwOwLMMhAJVxcp1fpbtgRmrcJ | |
8bAsCkV5EO8SeQZDu2C8I9tMGlJ1VLTAfv6Lv2Z89B1AOOweGz4I48i9lux+HdXd | |
HewnA37zx0XNjNQmqiG85UWUusnDxF0Je2jEhGIpHK/KdyI1BfNzX3d5HVoM1VE3 | |
THtRZHnetoMek8L5x/ciYQNIt40rQ6MHtPEo1ZC4346DP6eJmeX1DGGI | |
=91uZ | |
-----END PGP PUBLIC KEY BLOCK----- | |
packages: | |
- docker-ce | |
- gitlab-runner | |
package_update: true | |
package_upgrade: true | |
package_reboot_if_required: true | |
runcmd: | |
# GitLab runner cache. Unclear if this matters when s3 is used. | |
- mkdir -p /var/cache/gitlab-runner/sysota | |
- mkdir -p /var/cache/gitlab-runner/netota | |
- > | |
gitlab-runner register \ | |
--docker-devices /dev/kvm \ | |
--docker-image ubuntu:20.04 \ | |
--docker-volumes "/var/cache/gitlab-runner/sysota:/cache" \ | |
--executor docker \ | |
--non-interactive \ | |
--output-limit 100000 \ | |
--registration-token @REDACTED_GITLAB_TOKEN_SYSOTA@ \ | |
--run-untagged \ | |
--tag-list odo,kvm,amd64 \ | |
--url https://gitlab.com/ | |
- > | |
gitlab-runner register \ | |
--docker-devices /dev/kvm \ | |
--docker-image ubuntu:20.04 \ | |
--docker-volumes "/var/cache/gitlab-runner/netota:/cache" \ | |
--executor docker \ | |
--non-interactive \ | |
--output-limit 100000 \ | |
--registration-token @REDACTED_GITLAB_TOKEN_NETOTA@ \ | |
--run-untagged \ | |
--tag-list odo,kvm,amd64 \ | |
--url https://gitlab.com/ | |
# https://gitlab.com/gitlab-org/gitlab-runner/-/issues/1539 | |
- sed -i -e 's/concurrent = 1/concurrent = 4/' /etc/gitlab-runner/config.toml | |
description: Profile for gitlab-runner instances, using upstream docker-ce and gitlab-runner, | |
with kvm support and local cache packages | |
devices: | |
kvm: | |
gid: "108" | |
path: /dev/kvm | |
source: /dev/kvm | |
type: unix-char | |
name: gitlab-runner | |
used_by: | |
- /1.0/instances/dashing-yeti | |
- /1.0/instances/elegant-werewolf | |
- /1.0/instances/optimum-drake | |
- /1.0/instances/actual-garfish |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment