moved drone to podman

2022-04-30 15:05:46 -04:00
parent cb2001357f
commit 8e373896a6
12 changed files with 37 additions and 47 deletions
--- a/ansible/roles/drone/defaults/main.yml
+++ b/ansible/roles/drone/defaults/main.yml
@@ -1,3 +0,0 @@
---
-drone_server_proto: "https"
-drone_runner_capacity: "1"
--- a/ansible/roles/drone/handlers/main.yml
+++ b/ansible/roles/drone/handlers/main.yml
@@ -1,4 +0,0 @@
---
- name: restorecon drone
-  become: true
-  ansible.builtin.command: sh -c 'restorecon -Firv /var/lib/drone'
--- a/ansible/roles/drone/meta/main.yml
+++ b/ansible/roles/drone/meta/main.yml
@@ -1,4 +0,0 @@
---
-dependencies:
-  - role: http
-  - role: graylog
--- a/ansible/roles/drone/tasks/main.yml
+++ b/ansible/roles/drone/tasks/main.yml
@@ -1,3 +0,0 @@
---
- import_tasks: drone.yml
- import_tasks: selinux.yml
--- a/ansible/roles/drone/tasks/selinux.yml
+++ b/ansible/roles/drone/tasks/selinux.yml
@@ -1,9 +0,0 @@
---
- name: selinux context for drone directory
-  become: true
-  community.general.sefcontext:
-    target: "/var/lib/drone(/.*)?"
-    setype: svirt_sandbox_file_t
-    state: present
-  notify: restorecon drone
-  tags: selinux
--- a/ansible/roles/podman/defaults/main.yml
+++ b/ansible/roles/podman/defaults/main.yml
@@ -1,3 +1,7 @@
 ---
-partkeepr_path: "{{ podman_volumes }}/partkeepr"
+drone_path: "{{ podman_volumes }}/drone"
 hass_path: "{{ podman_volumes }}/hass"
+partkeepr_path: "{{ podman_volumes }}/partkeepr"
+
+drone_server_proto: "https"
+drone_runner_capacity: "4"
--- a/ansible/roles/podman/files/hass/automations.yaml
+++ b/ansible/roles/podman/files/hass/automations.yaml
--- a/ansible/roles/podman/files/hass/configuration.yaml
+++ b/ansible/roles/podman/files/hass/configuration.yaml
--- a/ansible/roles/podman/tasks/container-drone.yml
+++ b/ansible/roles/podman/tasks/container-drone.yml
@@ -1,18 +1,30 @@
 ---
+- name: create required drone volumes
+  become: true
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    owner: "{{ podman_user }}"
+    group: "{{ podman_user }}"
+    mode: 0755
+  notify: restorecon podman
+  with_items:
+    - "{{ drone_path }}/data"
+  tags: drone
+
+- meta: flush_handlers
+  tags: drone
+
 - name: create drone-ci server container
-  diff: false
-  community.general.docker_container:
+  become: true
+  become_user: "{{ podman_user }}"
+  containers.podman.podman_container:
    name: drone
-    image: drone/drone:latest
+    image: docker.io/drone/drone:latest
    recreate: false
    restart: true
    restart_policy: on-failure
-    restart_retries: 3
-    log_driver: syslog
-    log_options:
-      syslog-address: "udp://localhost:{{ syslog_udp_default }}"
-      syslog-facility: daemon
-      tag: "docker/{{'{{'}}.Name{{'}}'}}"
+    log_driver: journald
    env:
      DRONE_GITHUB_CLIENT_ID: "{{ drone_gh_client_id }}"
      DRONE_GITHUB_CLIENT_SECRET: "{{ drone_gh_client_sec }}"
@@ -22,32 +34,28 @@
      DRONE_SERVER_PROTO: "{{ drone_server_proto }}"
      DRONE_USER_FILTER: "{{ drone_user_filter }}"
    volumes:
-      - /var/lib/drone:/data
+      - "{{ drone_path }}/data:/data"
    ports:
      - "8080:80"
  tags: drone

 - name: create drone-ci worker container
-  diff: false
-  community.general.docker_container:
+  become: true
+  become_user: "{{ podman_user }}"
+  containers.podman.podman_container:
    name: drone-runner
-    image: drone/drone-runner-docker:latest
+    image: docker.io/80x86/drone-runner-podman:latest
    recreate: false
    restart: true
    restart_policy: on-failure
-    restart_retries: 3
-    log_driver: syslog
-    log_options:
-      syslog-address: "udp://localhost:{{ syslog_udp_default }}"
-      syslog-facility: daemon
-      tag: "docker/{{'{{'}} .Name {{'}}'}}"
+    log_driver: journald
    env:
      DRONE_RPC_SECRET: "{{ drone_rpc_secret }}"
      DRONE_RPC_HOST: "{{ ci_server_name }}"
      DRONE_RPC_PROTO: "{{ drone_server_proto }}"
      DRONE_RUNNER_CAPACITY: "{{ drone_runner_capacity }}"
    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
+      - /run/user/1002/podman/podman.sock:/run/podman/podman.sock
    ports:
      - "3000:3000"
  tags: drone
--- a/ansible/roles/podman/tasks/container-hass.yml
+++ b/ansible/roles/podman/tasks/container-hass.yml
@@ -16,7 +16,7 @@
 - name: copy configuration and automations
  become: true
  ansible.builtin.copy:
-    src: "files/{{ item }}"
+    src: "files/hass/{{ item }}"
    dest: "{{ hass_path }}/config/{{ item }}"
    owner: "{{ podman_user }}"
    group: "{{ podman_user }}"
--- a/ansible/roles/podman/tasks/main.yml
+++ b/ansible/roles/podman/tasks/main.yml
@@ -1,5 +1,6 @@
 ---
 - import_tasks: podman.yml
 - import_tasks: container-awsddns.yml
- import_tasks: container-partkeepr.yml
+- import_tasks: container-drone.yml
 - import_tasks: container-hass.yml
+- import_tasks: container-partkeepr.yml