runner

Ansible role that deployes services on my runner machine

4.1 KBYML
DirectoryView in Forgejo
harbor.yml
4.1 KB121 lines • yaml
1---
2# ========================================
3# HARBOR CONTAINER REGISTRY DEPLOYMENT
4# ========================================
5# Special deployment for Harbor registry using official installer
6# Requires: Download installer, run install.sh, then fix permissions
7
8- name: "Display Harbor deployment information"
9  ansible.builtin.debug:
10    msg:
11      - "Deploying Harbor Container Registry"
12      - "Config Directory: {{ harbor_config_dir }}"
13      - "NFS Storage: {{ runner_nfs_mount_dir }}/harbor"
14      - "Registry Domain: {{ harbor_hostname | default('registry.local') }}"
15  tags: [harbor, info]
16
17- name: "Create Harbor configuration directory"
18  ansible.builtin.file:
19    path: "{{ harbor_config_dir }}"
20    state: directory
21    owner: "{{ runner_user }}"
22    group: "{{ runner_group }}"
23    mode: "0755"
24  tags: [harbor, setup]
25
26- name: "Create Harbor configuration template"
27  ansible.builtin.template:
28    src: harbor.yml.j2
29    dest: "{{ harbor_config_dir }}/harbor.yml"
30    owner: "{{ runner_user }}"
31    group: "{{ runner_group }}"
32    mode: "0644"
33  tags: [harbor, config]
34
35- name: "Download Harbor offline installer"
36  ansible.builtin.get_url:
37    url: "https://github.com/goharbor/harbor/releases/download/v{{ harbor_version | default('2.13.0') }}/harbor-offline-installer-v{{ harbor_version | default('2.13.0') }}.tgz"
38    dest: "/tmp/harbor-offline-installer-v{{ harbor_version | default('2.13.0') }}.tgz"
39    checksum: "sha256:{{ harbor_checksum | default('b4a3b0e7d8e3a8b1c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1') }}"
40    timeout: 300
41  tags: [harbor, download]
42  check_mode: no
43
44- name: "Extract Harbor installer"
45  ansible.builtin.unarchive:
46    src: "/tmp/harbor-offline-installer-v{{ harbor_version | default('2.13.0') }}.tgz"
47    dest: "/tmp"
48    remote_src: yes
49    creates: "/tmp/harbor"
50  tags: [harbor, extract]
51  check_mode: no
52
53- name: "Copy Harbor files to config directory"
54  ansible.builtin.copy:
55    src: "/tmp/harbor/"
56    dest: "{{ harbor_config_dir }}"
57    owner: "{{ runner_user }}"
58    group: "{{ runner_group }}"
59    mode: "0755"
60    remote_src: yes
61  tags: [harbor, setup]
62  check_mode: no
63
64- name: "Run Harbor installer with sudo"
65  ansible.builtin.command:
66    cmd: sudo ./install.sh
67    chdir: "{{ harbor_config_dir }}"
68  environment:
69    HARBOR_CONFIG: "{{ harbor_config_dir }}/harbor.yml"
70  when: not ansible_check_mode  # SAFETY: Prevent actual installer execution in check mode
71  tags: [harbor, install]
72
73- name: "Stop Harbor services after installation"
74  ansible.builtin.command:
75    cmd: docker compose down
76    chdir: "{{ harbor_config_dir }}"
77  ignore_errors: yes
78  when: not ansible_check_mode  # SAFETY: Prevent service stoppage in check mode
79  tags: [harbor, setup]
80
81- name: "Fix Harbor directory permissions"
82  ansible.builtin.file:
83    path: "{{ harbor_config_dir }}"
84    state: directory
85    owner: "{{ runner_user }}"
86    group: "{{ runner_group }}"
87    mode: "0775"
88    recurse: yes
89  tags: [harbor, permissions]
90
91- name: "Start Harbor services with proper user"
92  community.docker.docker_compose:
93    project_src: "{{ harbor_config_dir }}"
94    state: present
95  tags: [harbor, services]
96  check_mode: no
97
98- name: "Wait for Harbor to be ready"
99  ansible.builtin.wait_for:
100    port: "{{ harbor_http_port | default(8080) }}"
101    host: "{{ ansible_default_ipv4.address }}"
102    delay: 10
103    timeout: 120
104  tags: [harbor, verification]
105
106- name: "Verify Harbor container is running"
107  community.docker.docker_container_info:
108    name: harbor-core
109  register: harbor_container_status
110  tags: [harbor, verify]
111
112- name: "Display Harbor deployment status"
113  ansible.builtin.debug:
114    msg:
115      - "Harbor Container Registry deployed successfully"
116      - "Status: {{ harbor_container_status.container.State.Status | default('unknown') }}"
117      - "Web UI: http://{{ ansible_default_ipv4.address }}:{{ harbor_http_port | default(8080) }}"
118      - "Admin User: admin"
119      - "Admin Password: {{ harbor_admin_password | default('Harbor12345') }}"
120      - "Registry: {{ ansible_default_ipv4.address }}:{{ harbor_registry_port | default(5000) }}"
121  tags: [harbor, info]