T

Bastian de Byl 2640d09cb5 gitea-actions: run CI jobs in rootless-podman containers

Switch the act_runners from :host execution to docker:// images backed by
a rootless podman socket under the gitea-runner user, so each job runs in
its own ephemeral container with per-job Go caches. This eliminates the
cross-repo GOMODCACHE/go-build poisoning that forced the debyl runner to
capacity:1.

- deps.yml: enable the rootless --user podman.socket, ensure subuid/subgid,
  register gitea_runner_uid; drop the rootful system socket override,
  podman-docker and host golang
- images.yml + Containerfile.ci/.espidf: build localhost/gitea-ci and
  localhost/gitea-ci-espidf into the runner's rootless image store
- config.yaml.j2: docker:// labels (per-runner overridable), docker_host
  -> rootless socket, force_pull false
- act_runner.service.j2: XDG_RUNTIME_DIR + DOCKER_HOST -> user socket
- defaults: uniform capacity:4 (drop the debyl capacity:1 workaround);
  esp_idf_version now tags the espressif/idf-based image
- main.yml: import images.yml, drop the host esp-idf install (firmware jobs
  use the espressif/idf job container instead)

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-06-06 00:16:54 -04:00

.git-crypt

Initial working commit

2020-09-24 21:06:56 -04:00

.vscode

added sshpass_cron, updates, secrets

2023-07-21 17:54:58 -04:00

ansible

gitea-actions: run CI jobs in rootless-podman containers

2026-06-06 00:16:54 -04:00

scripts

graylog updates, test.debyl.io, scripts for reference

2026-01-13 16:08:38 -05:00

.drone.yml

add --list-files and specify config file for yamllint in ci

2023-07-24 15:32:21 -04:00

.gitattributes

added home-assistant container

2022-04-04 20:26:45 -04:00

.gitignore

noticket - updates, cleanup, housekeeping

2026-05-27 11:19:09 -04:00

.gitmodules

noticket - version bumps and github actions runner

2023-11-14 15:54:57 -05:00

.lint-vars.sh

Updated lint commands for CI

2020-09-25 14:22:54 -04:00

.pass.sh

Initial working commit

2020-09-24 21:06:56 -04:00

.yamllint.yml

updated fulfillr tag

2023-05-03 12:30:14 -04:00

ansible.cfg

moved ddns, partkeepr, hass to podman, selinux

2022-04-30 03:44:55 -04:00

CLAUDE.md

noticket - updates, cleanup, housekeeping

2026-05-27 11:19:09 -04:00

LICENSE

Added README and LICENSE files

2020-09-25 12:04:21 -04:00

Makefile

feat: switch FISTO to dolphin-mistral with dolphin-phi fallback

2026-02-12 14:56:52 -05:00

README.md

updated yamllint in ci

2023-07-24 15:25:47 -04:00

requirements.txt

bumped cloud versions, remove signup, venv improvements, ansible bump

2025-11-17 15:31:36 -05:00

README.md

Deploy Home

There's no place like home!

Just as Dorothy managed the simple task of clicking her heels together, the desire for an equally simple one-button push deployment was in my heart. Thus, this repository was made.

Ansible

Ansible, along with double encrypted secrets, deploys the necessary configurations to make the home fit for certain needs and desires. Namely, having access to my home from anywhere, securely, and a self-hosted CI server that easily ties into existing workflows.

Makefile

The makefile is primarily used as a wrapper script to ensure that necessary files, such as the secret vault password file, are provisioned as part of this. One such addition to the task is utilizing dependency pinning through the utilization of Python's virtualenv to lock down the specific dependency versions within the requirements.txt file. This, ideally, prevents any deployment issues with dependency version woes (e.g. version conflicts, major updates in newest versions, etc.)

Target Name	Description
`lint`	(default) Runs `yamllint` and `ansible-lint` on all YAML files in `ansible/`
`deploy`	Deploys everything, or only tasks specified in `TAGS=` environment variable
`check`	Runs `deploy` in a "dry-run", showing diff-style outputs on tasks indicating changes
`vault`	Opens the Ansible vault file for editing