Work on drone runner as VM

2 files changed, 134 insertions, 0 deletions

diff --git a/app/drone-ci/deploy/runner-insecure.hcl b/app/drone-ci/deploy/runner-insecure.hcl
new file mode 100644
index 0000000..2ea5638
--- /dev/null
+++ b/app/drone-ci/deploy/runner-insecure.hcl
@@ -0,0 +1,91 @@
+job "drone-runner" {
+  datacenters = ["neptune"]
+  type = "system"
+
+  group "runner" {
+
+    task "populate-nix-store" {
+      lifecycle {
+        hook = "prestart"
+        sidecar = false
+      }
+
+      driver = "docker"
+      config {
+        image = "nixpkgs/nix:nixos-21.05"
+        command = "sh"
+        args = [
+          "-c", "cp -rv /nix/{store,var} /mnt/"
+        ]
+        volumes = [
+          "/var/lib/drone/nix:/mnt",
+        ]
+      }
+
+      resources {
+        memory = 100
+        cpu = 100
+      }
+    }
+
+    task "drone-runner" {
+      driver = "docker"
+      config {
+        image = "drone/drone-runner-docker:1.4.0"
+
+        volumes = [
+          "/var/lib/drone/nix:/nix",
+          "/var/run/docker.sock:/var/run/docker.sock"
+        ]
+      }
+
+      template {
+        data = <<EOH
+DRONE_RPC_PROTO=https
+DRONE_RPC_HOST=drone.deuxfleurs.fr
+DRONE_RPC_SECRET={{ key "secrets/drone-ci/rpc_secret" | trimSpace }}
+DRONE_RUNNER_CAPACITY=1
+DRONE_DEBUG=true
+DRONE_LOGS_TRACE=true
+DRONE_RPC_DUMP_HTTP=true
+DRONE_RPC_DUMP_HTTP_BODY=true
+DRONE_RUNNER_NAME={{ env "attr.unique.hostname" }}
+DRONE_RUNNER_LABELS=nix:1
+EOH
+        destination = "secrets/env"
+        env = true
+      }
+
+      resources {
+        memory = 200
+        cpu = 100
+      }
+    }
+  
+    task "drone-gc" {
+      driver = "docker"
+      config {
+        image = "drone/gc:latest"
+
+        volumes = [
+          "/var/run/docker.sock:/var/run/docker.sock"
+        ]
+      }
+
+      template {
+        data = <<EOH
+GC_DEBUG=true
+GC_CACHE=10gb
+GC_INTERVAL=10m
+EOH
+        destination = "secrets/env"
+        env = true
+      }
+
+      resources {
+        memory = 100
+        cpu = 100
+      }
+    }
+  }
+}
diff --git a/app/drone-ci/deploy/runner-vm.hcl b/app/drone-ci/deploy/runner-vm.hcl
new file mode 100644
index 0000000..28beeb8
--- /dev/null
+++ b/app/drone-ci/deploy/runner-vm.hcl
@@ -0,0 +1,43 @@
+job "drone-runner" {
+  datacenters = ["neptune"]
+  type = "system"
+
+  group "runner-vm" {
+    network {
+      port "ssh" { }
+    }
+
+    task "drone-runner-vm" {
+      driver = "qemu"
+
+      config {
+        image_path = "local/drone-runner.qcow2"
+        accelerator = "kvm"
+        args = [
+          "-object", "secret,id=dronesecret0,file=secrets/secret_env"
+        ]
+        port_map {
+          ssh = 22
+        }
+      }
+
+      artifact {
+        source = "https://alex.web.deuxfleurs.fr/drone-runner.qcow2.zst"
+        destination = "local/drone-runner.qcow2"
+        mode = "file"
+      }
+
+      template {
+        data = <<EOH
+DRONE_RPC_SECRET={{ key "secrets/drone-ci/rpc_secret" | trimSpace }}
+DRONE_RUNNER_NAME={{ env "attr.unique.hostname" }}
+EOH
+        destination = "secrets/secret_env"
+      }
+
+      resources {
+        memory = 2000
+      }
+    }
+  }
+}