refactor: 更新项目结构和文档，移除不再使用的配置文件

- 修改README.md，更新项目特性和目录结构说明 - 重命名基础设施代码目录为tofu，并添加Docker Swarm配置目录 - 移除不再使用的Docker Compose和Traefik配置文件 - 更新Terraform配置，专注于Oracle Cloud支持，移除华为云相关配置 - 清理开发环境变量和示例文件
2025-09-20 16:49:32 +00:00
parent 7eb4a33523
commit 377f176501
45 changed files with 3278 additions and 69 deletions
--- a/configuration/roles/gitea-runner/templates/gitea-runner-config.yml.j2
+++ b/configuration/roles/gitea-runner/templates/gitea-runner-config.yml.j2
@@ -0,0 +1,50 @@
+# Gitea Runner Configuration
+log:
+  level: info
+  file: {{ gitea_runner_log_dir }}/runner.log
+
+runner:
+  # Runner name (will be auto-generated if not specified)
+  name: "{{ inventory_hostname }}-runner"
+  
+  # Runner capacity (number of concurrent jobs)
+  capacity: 2
+  
+  # Runner timeout
+  timeout: 3600
+  
+  # Runner labels (for job targeting)
+  labels:
+    - "ubuntu-latest:docker://ubuntu:22.04"
+    - "ubuntu-20.04:docker://ubuntu:20.04"
+    - "ubuntu-18.04:docker://ubuntu:18.04"
+    - "node:docker://node:18"
+    - "python:docker://python:3.11"
+    - "ansible:docker://quay.io/ansible/ansible-runner:latest"
+    - "opentofu:docker://opentofu/opentofu:latest"
+
+cache:
+  enabled: true
+  dir: {{ gitea_runner_data_dir }}/cache
+  host: ""
+  port: 0
+
+container:
+  # Docker network for runner containers
+  network: "gitea-runner"
+  
+  # Enable privileged containers (needed for Docker-in-Docker)
+  privileged: false
+  
+  # Container options
+  options: "--rm --pull=always"
+  
+  # Valid platforms
+  valid_volumes:
+    - "/tmp"
+    - "{{ gitea_runner_data_dir }}"
+  
+  docker_host: "unix:///var/run/docker.sock"
+
+host:
+  workdir_parent: {{ gitea_runner_data_dir }}/work
--- a/configuration/roles/gitea-runner/templates/gitea-runner.env.j2
+++ b/configuration/roles/gitea-runner/templates/gitea-runner.env.j2
@@ -0,0 +1,18 @@
+# Gitea Runner Environment Variables
+
+# Gitea server configuration
+GITEA_INSTANCE_URL={{ gitea_server_url }}
+GITEA_RUNNER_REGISTRATION_TOKEN={{ gitea_runner_token }}
+
+# Runner configuration
+GITEA_RUNNER_NAME={{ inventory_hostname }}-runner
+GITEA_RUNNER_LABELS=ubuntu-latest,ubuntu-20.04,ubuntu-18.04,node,python,ansible,opentofu
+
+# Docker configuration
+DOCKER_HOST=unix:///var/run/docker.sock
+
+# Logging
+GITEA_RUNNER_LOG_LEVEL=info
+
+# Security
+GITEA_RUNNER_SECURITY_PRIVILEGED=false
--- a/configuration/roles/gitea-runner/templates/gitea-runner.logrotate.j2
+++ b/configuration/roles/gitea-runner/templates/gitea-runner.logrotate.j2
@@ -0,0 +1,12 @@
+{{ gitea_runner_log_dir }}/*.log {
+    daily
+    missingok
+    rotate 30
+    compress
+    delaycompress
+    notifempty
+    create 644 {{ gitea_runner_user }} {{ gitea_runner_user }}
+    postrotate
+        systemctl reload gitea-runner || true
+    endscript
+}
--- a/configuration/roles/gitea-runner/templates/gitea-runner.service.j2
+++ b/configuration/roles/gitea-runner/templates/gitea-runner.service.j2
@@ -0,0 +1,39 @@
+[Unit]
+Description=Gitea Actions Runner
+Documentation=https://docs.gitea.io/en-us/actions/
+After=network.target docker.service
+Wants=docker.service
+
+[Service]
+Type=simple
+User={{ gitea_runner_user }}
+Group={{ gitea_runner_user }}
+WorkingDirectory={{ gitea_runner_data_dir }}
+ExecStart={{ gitea_runner_binary }} daemon --config {{ gitea_runner_config_dir }}/config.yml
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=mixed
+KillSignal=SIGINT
+TimeoutStopSec=5
+Restart=always
+RestartSec=10
+StartLimitInterval=0
+
+# Security settings
+NoNewPrivileges=yes
+PrivateTmp=yes
+ProtectSystem=strict
+ProtectHome=yes
+ReadWritePaths={{ gitea_runner_data_dir }} {{ gitea_runner_log_dir }} /var/run/docker.sock
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+ProtectControlGroups=yes
+
+# Environment
+EnvironmentFile=-/etc/default/gitea-runner
+
+# Logging
+StandardOutput=append:{{ gitea_runner_log_dir }}/gitea-runner.log
+StandardError=append:{{ gitea_runner_log_dir }}/gitea-runner-error.log
+
+[Install]
+WantedBy=multi-user.target
--- a/configuration/roles/gitea-runner/templates/register-runner.sh.j2
+++ b/configuration/roles/gitea-runner/templates/register-runner.sh.j2
@@ -0,0 +1,46 @@
+#!/bin/bash
+# Gitea Runner Registration Script
+
+set -e
+
+echo "🚀 注册 Gitea Runner..."
+
+# 配置变量
+GITEA_URL="{{ gitea_server_url }}"
+REGISTRATION_TOKEN="{{ gitea_runner_token }}"
+RUNNER_NAME="{{ inventory_hostname }}-runner"
+RUNNER_LABELS="ubuntu-latest,ubuntu-20.04,ubuntu-18.04,node,python,ansible,opentofu"
+
+# 切换到数据目录
+cd {{ gitea_runner_data_dir }}
+
+# 检查是否已经注册
+if [ -f ".runner" ]; then
+    echo "✅ Runner 已经注册"
+    exit 0
+fi
+
+echo "📝 注册 Runner: $RUNNER_NAME"
+echo "🔗 Gitea URL: $GITEA_URL"
+echo "🏷️  Labels: $RUNNER_LABELS"
+
+# 注册 Runner
+{{ gitea_runner_binary }} register \
+    --instance "$GITEA_URL" \
+    --token "$REGISTRATION_TOKEN" \
+    --name "$RUNNER_NAME" \
+    --labels "$RUNNER_LABELS"
+
+if [ $? -eq 0 ]; then
+    echo "✅ Runner 注册成功！"
+    
+    # 设置文件权限
+    chown {{ gitea_runner_user }}:{{ gitea_runner_user }} .runner .credentials
+    chmod 600 .runner .credentials
+    
+    echo "📋 Runner 信息:"
+    cat .runner
+else
+    echo "❌ Runner 注册失败"
+    exit 1
+fi
--- a/configuration/roles/gitea-runner/templates/start-runner.sh.j2
+++ b/configuration/roles/gitea-runner/templates/start-runner.sh.j2
@@ -0,0 +1,20 @@
+#!/bin/bash
+# Gitea Runner Startup Script
+
+set -e
+
+echo "🚀 启动 Gitea Runner..."
+
+# 切换到数据目录
+cd {{ gitea_runner_data_dir }}
+
+# 检查注册状态
+if [ ! -f ".runner" ]; then
+    echo "❌ Runner 未注册，请先运行注册脚本"
+    exit 1
+fi
+
+echo "✅ Runner 已注册，启动守护进程..."
+
+# 启动 Runner
+exec {{ gitea_runner_binary }} daemon --config {{ gitea_runner_config_dir }}/config.yml