forgejo: set up a runner #90
Loading…
Reference in a new issue
No description provided.
Delete branch "forgejo-runner"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Inital runner configuration stacked together from docs and nix defaults.
Needs review whether it works this way:
Docker
git
to thedocker
group or run docker in rootless mode.Native
IP: forgejo: initial runner configurationto WIP: forgejo: initial runner configurationWIP: forgejo: initial runner configurationto WIP: forgejo: set up a runnerSeems like the runner has its own user. I'm a bit torn about adding it to the
docker
group as that basically means root access, which could be bad if someone manages to exploit the runner itself.Maybe it would be best to stick it in a (micro) VM?
It's worth a try. This would also allow the native mode in a nice sandbox.
Systemd containers probably aren't suitable as I'm not sure if they can even run docker containers.
a94ec1eab8
todf66ad3870
WIP: forgejo: set up a runnerto forgejo: set up a runnerSetup without native. Don't have time to set up microvms currently
4fdca3ba1a
tof54d5fd867
merged
Pull request closed