adamf/web_server
1
1
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity

Secure gitea-runner: remove tracked secrets, use SSH for deploy
Some checks failed
Deploy with Docker Compose / deploy (push) Failing after 1s
Details

Browse Source 
- Untrack .runner (contains registration token), act_runner binary, and nohup.out
- Add gitea-runner sensitive files to .gitignore
- Auto-register runner from env var if .runner is missing
- Switch deploy workflow git pull from HTTP to SSH

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Adam French
2026-04-07 13:19:45 +01:00
parent 4d16dd8d17
commit 4c8573767d
6 changed files with 17 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
gitea-runner/.runner
View File

@@ -1,15 +0,0 @@
{
"WARNING": "This file is automatically generated by act-runner. Do not edit it manually unless you know what you are doing. Removing this file will cause act runner to re-register as a new runner.",
"id": 2,
"uuid": "619db79e-39a2-4a92-9840-d6a87cde7d1f",
"name": "stppi",
"token": "7361451ecbbe1719fb071e93a334b6f6a531ac45",
"address": "http://localhost:3000/",
"labels": [
"self-hosted:host",
"ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest",
"ubuntu-24.04:docker://docker.gitea.com/runner-images:ubuntu-24.04",
"ubuntu-22.04:docker://docker.gitea.com/runner-images:ubuntu-22.04"
],
"ephemeral": false
}

BIN
gitea-runner/act_runner
View File

Binary file not shown.

4
gitea-runner/nohup.out
View File

@@ -1,4 +0,0 @@
time="2026-02-18T16:33:27Z" level=info msg="Starting runner daemon"
time="2026-02-18T16:33:27Z" level=info msg="runner: stppi, with version: v0.3.0-1-g0f7efae, with labels: [self-hosted ubuntu-latest ubuntu-24.04 ubuntu-22.04], declare successfully"
time="2026-02-18T16:33:37Z" level=info msg="runner: stppi shutdown initiated, waiting 0s for running jobs to complete before shutting down"
time="2026-02-18T16:33:37Z" level=error msg="failed to fetch task" error="canceled: context canceled"

12
gitea-runner/run.sh
View File

@@ -6,7 +6,17 @@ while ! curl -sf http://localhost:3000 > /dev/null 2>&1; do
sleep 2
done
echo "localhost:3000 is up. Starting act_runner daemon..." >&2
echo "localhost:3000 is up." >&2
if [ ! -f .runner ]; then
echo "No .runner file found. Registering runner..." >&2
./act_runner register --no-interactive \
--instance http://localhost:3000 \
--token "${GITEA_RUNNER_REGISTRATION_TOKEN}" \
--name "${GITEA_RUNNER_NAME:-pi-runner}" \
--labels self-hosted
fi
echo "Starting act_runner daemon..." >&2
exec ./act_runner daemon