davrot/pages.git.neuro.uni-bremen.de
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
23 commits 1 branch 0 tags 49 KiB
Find a file
Exact
davrot a0ed1c9351 Update README.md
2025-06-12 17:30:13 +02:00
post_register Update post_register/compose.yaml 2025-06-10 15:00:03 +02:00
pre_register Update pre_register/compose.yaml 2025-06-10 15:00:18 +02:00
daemon.json Add daemon.json 2025-06-10 14:51:56 +02:00
down.sh Add down.sh 2025-06-10 13:58:40 +02:00
README.md Update README.md 2025-06-12 17:30:13 +02:00
up.sh Add up.sh 2025-06-10 13:58:15 +02:00

README.md

Basis

apt update
apt -y upgrade
apt -y install jq git pkg-config libssl-dev curl mc ca-certificates net-tools ufw

Docker

install -m 0755 -d /etc/apt/keyrings

curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc

chmod a+r /etc/apt/keyrings/docker.asc

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
  
apt-get update

apt-get -y install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

cd /etc/docker/
\rm -rf daemon.json
wget https://git.fb1.uni-bremen.de/davrot/pages.git.neuro.uni-bremen.de/raw/branch/main/daemon.json

systemctl restart docker

sed -i -e 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/g' /etc/default/ufw

ufw reload

ifconfig | grep "inet 172."

iptables -t nat -A POSTROUTING ! -o docker0 -s 172.17.0.0/16 -j MASQUERADE

ufw allow in on docker0
ufw route allow in on docker0
ufw route allow out on docker0

eMail

# Add root to the /etc/aliases file and add the msmtprc file to /etc
apt -y install msmtp msmtp-mta mailutils

vi /etc/msmtprc
vi /etc/aliases
chmod 644 /etc/msmtprc
touch /var/log/msmtp.log
chmod 666 /var/log/msmtp.log

# echo "Test message" | mail -s "Test subject" root

Firewall

ufw allow 443
ufw allow 80
ufw allow 22
ufw enable

Forgejo runner

docker run --rm data.forgejo.org/forgejo/runner:6 forgejo-runner --version
docker run --rm data.forgejo.org/forgejo/runner:6 id

mkdir docker
cd docker
mkdir compose
cd compose
mkdir -p data
touch data/.runner
mkdir -p data/.cache
chown -R 1001:1001 data/.runner
chown -R 1001:1001 data/.cache
chmod 775 data/.runner
chmod 775 data/.cache
chmod g+s data/.runner
chmod g+s data/.cache
wget https://git.fb1.uni-bremen.de/davrot/pages.git.neuro.uni-bremen.de/raw/branch/main/pre_register/compose.yaml 
wget https://git.fb1.uni-bremen.de/davrot/pages.git.neuro.uni-bremen.de/raw/branch/main/down.sh
wget https://git.fb1.uni-bremen.de/davrot/pages.git.neuro.uni-bremen.de/raw/branch/main/up.sh

Register

docker exec -it runner /bin/sh
forgejo-runner register

URL https://git.fb1.uni-bremen.de/
TOKEN: [TOKEN from https://git.fb1.uni-bremen.de/admin/actions/runners]
LABEL: runner1

After register

cd /docker/compose
sh down.sh
\rm -rf compose.yaml
wget https://git.fb1.uni-bremen.de/davrot/pages.git.neuro.uni-bremen.de/raw/branch/main/post_register/compose.yaml
sh up.sh

Forgejo

The /etc/forgejo/app.ini needs:

[actions]
ENABLED = true