apiVersion: v1
kind: Namespace
metadata:
  name: gitea-actions
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitea-act-runner-data
  namespace: gitea-actions
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi
  storageClassName: local-path
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: act-runner-config
  namespace: gitea-actions
data:
  config.yaml: |
    log:
      level: info
    runner:
      file: /data/.runner
      capacity: 1
      timeout: 3h
      labels:
        - "ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest"
    cache:
      enabled: false
    container:
      docker_host: "unix:///var/run/docker.sock"
      force_pull: true
      require_docker: true
      docker_timeout: 60s
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: gitea-act-runner
  namespace: gitea-actions
spec:
  replicas: 1
  selector:
    matchLabels:
      app: gitea-act-runner
  template:
    metadata:
      labels:
        app: gitea-act-runner
    spec:
      volumes:
        - name: runner-data
          persistentVolumeClaim:
            claimName: gitea-act-runner-data
        - name: runner-config
          configMap:
            name: act-runner-config
        - name: dind-socket
          emptyDir: {}
        - name: dind-data
          emptyDir: {}
      initContainers:
        - name: register
          image: gitea/act_runner:0.2.13
          env:
            - name: GITEA_INSTANCE
              value: https://rv32i.pl
            - name: REG_TOKEN
              valueFrom:
                secretKeyRef:
                  name: act-runner-registration-token
                  key: token
          volumeMounts:
            - name: runner-data
              mountPath: /data
            - name: runner-config
              mountPath: /etc/act_runner
          command: ["/bin/sh", "-ec"]
          args:
            - |
              if [ -f /data/.runner ]; then
                echo "runner already registered";
                exit 0;
              fi
              act_runner --config /etc/act_runner/config.yaml register \
                --no-interactive \
                --instance "${GITEA_INSTANCE}" \
                --token "${REG_TOKEN}" \
                --name "k3s-qstack" \
                --labels "ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest"
      containers:
        - name: dind
          image: docker:27-dind
          securityContext:
            privileged: true
          env:
            - name: DOCKER_TLS_CERTDIR
              value: ""
          volumeMounts:
            - name: dind-socket
              mountPath: /var/run
            - name: dind-data
              mountPath: /var/lib/docker
        - name: runner
          image: gitea/act_runner:0.2.13
          env:
            - name: DOCKER_HOST
              value: unix:///var/run/docker.sock
          volumeMounts:
            - name: runner-data
              mountPath: /data
            - name: runner-config
              mountPath: /etc/act_runner
            - name: dind-socket
              mountPath: /var/run
          command: ["act_runner", "--config", "/etc/act_runner/config.yaml", "daemon"]