Commit 57205a53 authored by Christian Kuhn's avatar Christian Kuhn
Browse files

[TASK] Prepare cloud-runner switch to gitlab.typo3.org

parent 939bbdc7
......@@ -17,11 +17,11 @@ when they've been idle for too long.
* Copy `terraform.tfvars.dist` to `terraform.tfvars` and edit
* Create a ssh keypair *without passphrase* in keys directory: `ssh-keygen -n 4096 -f ./id_rsa`. This one
* Create a ssh keypair *without passphrase* in keys directory: `ssh-keygen -n 4096 -f ./terraform`. This one
is used during `terraform apply` and `terraform destroy` to stop gitlab-runner and remove machines.
* Put *your* ssh public key to `keys/lolli_b13.pub`. This is currently hard coded to lolli_b13, but does
not matter for now. This key allows login to both the gitlab-runner machine, and all workers via ssh.
* Put Bennis ssh public key to `keys/key1.pub` and your ssh public key to `keys/key2.pub`. These keys allow
login to both the gitlab-runner machine, and all workers via ssh.
## Start / manage cloud
......@@ -40,5 +40,3 @@ drop the volume.
added to the git repository (this is bad practice), so multiple dev's could overlap here in an
ugly way. This is not totally critical since the entire infrastructure is ephermal and can be
created from scratch if needed.
* The hard coded `lolli_b13.pub` should vanish and made more flexible.
\ No newline at end of file
......@@ -112,7 +112,7 @@ write_files:
--docker-volumes "/certs/client" \
--docker-volumes "/cache" \
--docker-volumes "/tmp/daemon.json:/etc/docker/daemon.json:ro" \
--docker-tlsverify="true" \
--docker-tlsverify="false" \
--docker-allowed-images "typo3/core-testing-docker:latest" \
--docker-allowed-images "docker:19.03-dind" \
--machine-idle-nodes ${gitlab_runner_idle_machines} \
......@@ -124,9 +124,11 @@ write_files:
--machine-machine-options "hetzner-api-token=${gitlab_runner_hcloud_token}" \
--machine-machine-options "hetzner-image-id=${gitlab_runner_snapshot_id}" \
--machine-machine-options "hetzner-server-type=cx11" \
--machine-machine-options "hetzner-server-location=hel1" \
--machine-machine-options "engine-registry-mirror=http://$MY_IP:5000" \
--machine-machine-options "hetzner-user-data=$MACHINE_CLOUD_INIT_USER_DATA" \
--machine-machine-options "hetzner-additional-key=${gitlab_runner_additional_ssh}"
--machine-machine-options "hetzner-additional-key=${gitlab_runner_additional_ssh1}" \
--machine-machine-options "hetzner-additional-key=${gitlab_runner_additional_ssh2}"
sed -i 's/concurrent = [0-9]\+/concurrent = ${gitlab_runner_autoscaling_concurrency}/' /etc/gitlab-runner/config.toml
sed -i 's/check_interval = [0-9]\+/check_interval = 7/' /etc/gitlab-runner/config.toml
......
......@@ -24,7 +24,8 @@ data "template_file" "runner_broker_cloudinit" {
gitlab_runner_max_growth_rate = var.gitlab_runner_max_growth_rate
gitlab_runner_runner_registration_token = var.gitlab_runner_runner_registration_token
gitlab_runner_hcloud_token = var.gitlab_runner_hcloud_token
gitlab_runner_additional_ssh = trimspace(file("keys/lolli_b13.pub"))
gitlab_runner_additional_ssh1 = trimspace(file("keys/key1.pub"))
gitlab_runner_additional_ssh2 = trimspace(file("keys/key2.pub"))
gitlab_runner_snapshot_id = data.hcloud_image.gitlab_runner_worker.id
gitlab_runner_autoscaling_concurrency = var.gitlab_runner_autoscaling_concurrency
gitlab_runner_minio_user = var.gitlab_runner_minio_user
......@@ -34,19 +35,23 @@ data "template_file" "runner_broker_cloudinit" {
resource "hcloud_ssh_key" "terraform" {
name = "terraform"
public_key = file("keys/id_rsa.pub")
public_key = file("keys/terraform.pub")
}
resource "hcloud_ssh_key" "lolli_b13" {
name = "lolli b13"
public_key = file("keys/lolli_b13.pub")
resource "hcloud_ssh_key" "key1" {
name = "key1"
public_key = file("keys/key1.pub")
}
resource "hcloud_ssh_key" "key2" {
name = "key2"
public_key = file("keys/key2.pub")
}
resource "hcloud_server" "runner_broker" {
name = "gitlab-runner-broker"
image = "ubuntu-20.04"
server_type = "cx11"
location = "fsn1"
ssh_keys = [ hcloud_ssh_key.terraform.id, hcloud_ssh_key.lolli_b13.id ]
location = "hel1"
ssh_keys = [ hcloud_ssh_key.terraform.id, hcloud_ssh_key.key1.id, hcloud_ssh_key.key2.id ]
user_data = data.template_file.runner_broker_cloudinit.rendered
provisioner "remote-exec" {
......@@ -61,7 +66,7 @@ resource "hcloud_server" "runner_broker" {
type = "ssh"
host = self.ipv4_address
user = "root"
private_key = file("keys/id_rsa")
private_key = file("keys/terraform")
}
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment