diff --git a/.forgejo/workflows/deploy-rs.yml b/.forgejo/workflows/deploy-rs.yml index 37a78564..3da61402 100644 --- a/.forgejo/workflows/deploy-rs.yml +++ b/.forgejo/workflows/deploy-rs.yml @@ -7,12 +7,13 @@ on: jobs: deploy-rs: - runs-on: self-hosted + runs-on: docker + container: + image: alpine:edge + options: --mount type=bind,src=/dev/net/tun,dst=/dev/net/tun --privileged steps: - name: "Runner: Info" run: | - echo "============= PATH" - echo $PATH echo "============= pwd" pwd echo "============= ls -lah" @@ -31,24 +32,44 @@ jobs: echo "============= cat /etc/resolv.conf" cat /etc/resolv.conf + - name: "Setup: Runner" + run: | + apk update + apk add git nodejs nix openssh-client qemu tailscale sudo --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing/ + + - name: "Setup: SSH" + run: | + mkdir /root/.ssh + echo "${{ secrets.SSH_PUBLIC_KEY }}" > /root/.ssh/id_ed25519.pub + echo "${{ secrets.SSH_PRIVATE_KEY }}" > /root/.ssh/id_ed25519 + chmod 700 /root/.ssh + chmod 600 /root/.ssh/id_ed25519 + chmod 644 /root/.ssh/id_ed25519.pub + echo "Public Key: " + cat /root/.ssh/id_ed25519.pub + - name: "Setup: Headscale" run: | - echo "tailscale status" - tailscale status - echo "tailscale netcheck" - tailscale netcheck + echo "tailscaled --cleanup" + sudo tailscaled --cleanup + echo "" + echo "tailscaled --state=mem 2> ~/tailscaled.log &" + sudo tailscaled --state=mem: 2> ~/tailscaled.log & + echo "" + echo "tailscale up" + sudo tailscale up \ + --login-server=https://headscale.sysctl.io \ + --accept-routes \ + --accept-dns \ + --authkey ${{ secrets.TAILSCALE_KEY }} \ + --hostname forgejo-runner \ + --advertise-tags "tag:forgejo,tag:container,tag:ephemeral" + sudo tailscale status + sudo tailscale netcheck - - uses: actions/checkout@v3 - - name: "Directory Structure" - run: | - ls -lah ${{ github.workspace }}/* - - - name: "Nix Versions" - run: | - echo "nix --version" - nix --version - echo "nixos-Version" - nixos-version + - name: "Setup: Headscale" + run: | + ssh albert@framework-server "cd /etc/nixos/git && ls -lah" - if: success() uses: https://git.sysctl.io/actions/gotify-action@master