forked from Deuxfleurs/nixcfg
69 lines
2.7 KiB
Markdown
69 lines
2.7 KiB
Markdown
## Install Debian
|
|
|
|
We recommend Debian Bullseye
|
|
|
|
## Install Docker CE from docker.io
|
|
|
|
Do not use the docker engine shipped by Debian
|
|
|
|
Doc:
|
|
|
|
- https://docs.docker.com/engine/install/debian/
|
|
- https://docs.docker.com/compose/install/
|
|
|
|
On a fresh install, as root:
|
|
|
|
```bash
|
|
apt-get remove -y docker docker-engine docker.io containerd runc
|
|
apt-get update
|
|
apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
|
|
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
|
|
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
|
|
apt-get update
|
|
apt-get install -y docker-ce docker-ce-cli containerd.io
|
|
|
|
curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
|
|
chmod +x /usr/local/bin/docker-compose
|
|
```
|
|
|
|
## Install the runner
|
|
|
|
*This is our Nix runner version 2, previously we had another way to start Nix runners. This one has a proper way to handle concurrency, require less boilerplate, and should be safer and more idiomatic.*
|
|
|
|
|
|
```bash
|
|
wget https://git.deuxfleurs.fr/Deuxfleurs/infrastructure/raw/branch/main/app/drone-ci/integration/nix.conf
|
|
wget https://git.deuxfleurs.fr/Deuxfleurs/infrastructure/raw/branch/main/app/drone-ci/integration/docker-compose.yml
|
|
|
|
# Edit the docker-compose.yml to adapt its variables to your needs,
|
|
# especially the capacitiy value and its name.
|
|
COMPOSE_PROJECT_NAME=drone DRONE_SECRET=xxx docker-compose up -d
|
|
```
|
|
|
|
That's all folks.
|
|
|
|
## Check if a given job is built by your runner
|
|
|
|
```bash
|
|
export URL=https://drone.deuxfleurs.fr
|
|
export REPO=Deuxfleurs/garage
|
|
export BUILD=1312
|
|
curl ${URL}/api/repos/${REPO}/builds/${BUILD} \
|
|
| jq -c '[.stages[] | { name: .name, machine: .machine }]'
|
|
```
|
|
|
|
It will give you the following result:
|
|
|
|
```json
|
|
[{"name":"default","machine":"1686a"},{"name":"release-linux-x86_64","machine":"vimaire"},{"name":"release-linux-i686","machine":"carcajou"},{"name":"release-linux-aarch64","machine":"caribou"},{"name":"release-linux-armv6l","machine":"cariacou"},{"name":"refresh-release-page","machine":null}]
|
|
```
|
|
|
|
## Random note
|
|
|
|
*This part might be deprecated!*
|
|
|
|
This setup is done mainly to allow nix builds with some cache.
|
|
To use the cache in Drone, you must set your repository as trusted.
|
|
The command line tool does not work (it says it successfully set your repository as trusted but it did nothing):
|
|
the only way to set your repository as trusted is to connect on the DB and set the `repo_trusted` field of your repo to true.
|
|
|