ansible/woodpecker
ansible/woodpecker
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity

feat: initial woodpecker ci server role setup

Browse source
This commit is contained in:
Simon Cornet 2026-05-10 14:13:09 +02:00
commit eede4f6cc7
13 changed files with 228 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

23
.ansible-lint Normal file
View file

@ -0,0 +1,23 @@
---
exclude_paths:
- ".gitlab/*"
- ".gitlab-ci.yml"
- "defaults/main.yaml"
- "meta/main.yaml"
- "vars/*"
kinds:
- playbook: "**/*.{yml,yaml}"
skip_list:
- "command-shell"
- "experimental"
- "git-latest"
- "no-changed-when"
- "no-handler"
- "name[casing]"
- "name[template]"
- "risky-file-permissions"
- "schema[playbook]"
- "var-naming[no-role-prefix]"

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
.ansible

13
.gitlab-ci.yml Normal file
View file

@ -0,0 +1,13 @@
---
# gitlab stages
stages:
- "gitleaks"
- "linting"
# include components
include:
- component: "$CI_SERVER_FQDN/components/ansible/linting@v3.0.3"
- component: "$CI_SERVER_FQDN/components/gitleaks/gitleaks@v1.0.0"
- component: "$CI_SERVER_FQDN/components/markdownlint/markdownlint@1.0.0"
- component: "$CI_SERVER_FQDN/components/yamllint/yamllint@1.0.2"

12
.markdownlint-cli2.jsonc Normal file
View file

@ -0,0 +1,12 @@
{
// files to lint
"globs": [
"readme.md"
],
// linting rules
"config": {
"MD013": {
"line_length": 120
}
}
}

30
.yamllint Normal file
View file

@ -0,0 +1,30 @@
---
extends: 'default'
rules:
braces:
max-spaces-inside: 1
forbid: true
comments:
min-spaces-from-content: 1
comments-indentation: false
empty-lines:
max: 2
indentation:
spaces: 2
check-multi-line-strings: true
line-length:
max: 120
allow-non-breakable-words: true
allow-non-breakable-inline-mappings: true
new-line-at-end-of-file: 'enable'
octal-values:
forbid-implicit-octal: true
forbid-explicit-octal: true
truthy:
allowed-values:
- 'true'
- 'false'
quoted-strings:
quote-type: 'any'
required: true

8
meta/main.yaml Normal file
View file

@ -0,0 +1,8 @@
---
galaxy_info:
author: "siempie"
description: "install and configure woodpecker ci server"
license: "MIT"
role_name: "woodpecker"
dependencies: []

31
playbook.yaml Normal file
View file

@ -0,0 +1,31 @@
---
# execute this role
- name: "install and configure woodpecker"
hosts: "all"
become: true
tasks:
# due to semaphore bug we need to do this ourselves
- name: "force-update requirements"
ansible.builtin.command:
cmd: "ansible-galaxy install -f -r roles/requirements.yml"
become: false
delegate_to: "localhost"
changed_when: false
failed_when: false
# execute the role
- name: "execute role: docker"
ansible.builtin.include_role:
name: "docker"
# execute the role
- name: "execute role: traefik"
ansible.builtin.include_role:
name: "traefik"
# execute the role
- name: "execute role: woodpecker"
ansible.builtin.include_role:
name: "woodpecker"

3
readme.md Normal file
View file

@ -0,0 +1,3 @@
# Ansible Role: Woodpecker CI
Install and configure [Woodpecker CI](https://woodpecker-ci.org) - a simple yet powerful CI/CD engine with great extensibility.

4
renovate.json Normal file
View file

@ -0,0 +1,4 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [ "local>cicd/renovate:ansible" ]
}

12
roles/requirements.yml Normal file
View file

@ -0,0 +1,12 @@
---
roles:
- name: "docker"
src: "https://gitlab.simoncor.net/ansible/ans-docker.git"
scm: "git"
- name: "traefik"
src: "https://gitlab.simoncor.net/ansible/ans-traefik.git"
scm: "git"
- name: "woodpecker"
src: "https://gitlab.simoncor.net/ansible/ans-woodpecker.git"
scm: "git"

14
tasks/cleanup.yaml Normal file
View file

@ -0,0 +1,14 @@
---
# cleanup
- name: "docker - prune all"
community.docker.docker_prune:
containers: true
images: true
networks: true
volumes: true
builder_cache: true
- name: "docker - force prune"
ansible.builtin.command: "docker system prune --all --force --volumes"
changed_when: false

9
tasks/main.yaml Normal file
View file

@ -0,0 +1,9 @@
---
# install woodpecker
- name: "install woodpecker"
ansible.builtin.import_tasks: "woodpecker.yaml"
# cleanup docker
- name: "cleanup docker"
ansible.builtin.import_tasks: "cleanup.yaml"

68
tasks/woodpecker.yaml Normal file
View file

@ -0,0 +1,68 @@
---
# create directories
- name: "create woodpecker directories"
ansible.builtin.file:
path: "{{ item }}"
state: "directory"
owner: "1000"
group: "1000"
mode: "0755"
loop:
- "/mnt/woodpecker/data"
# run woodpecker server
- name: "run woodpecker server"
community.docker.docker_container:
# docker defaults
auto_remove: "no"
container_default_behavior: "no_defaults"
detach: "yes"
init: "no"
interactive: "no"
log_driver: "json-file"
log_options:
max-size: "10m"
max-file: "3"
memory: "0"
paused: "no"
privileged: "no"
pull: "always"
read_only: "no"
state: "started"
tty: "no"
# woodpecker server
name: "woodpecker-server"
image: "cr.simoncor.net/dockerhub/woodpeckerci/woodpecker-server:v3.5.1"
image_name_mismatch: "recreate"
restart_policy: "unless-stopped"
network_mode: "host"
volumes:
- "/mnt/woodpecker/data:/data"
ports:
- "8000:8000/tcp"
env:
# global
TZ: "{{ timezone }}"
# server
WOODPECKER_HOST: "https://ci.simoncor.net"
WOODPECKER_SERVER_ADDR: ":8000"
# database
WOODPECKER_DATABASE_DRIVER: "sqlite3"
WOODPECKER_DATABASE_DATASOURCE: "/data/woodpecker.db?_journal=WAL"
# forgejo integration
WOODPECKER_FORGEJO: "true"
WOODPECKER_FORGEJO_URL: "https://git.simoncor.net"
WOODPECKER_FORGEJO_CLIENT: "{{ woodpecker_forgejo_client }}"
WOODPECKER_FORGEJO_SECRET: "{{ woodpecker_forgejo_secret }}"
# agent secret
WOODPECKER_AGENT_SECRET: "{{ woodpecker_agent_secret }}"