942d58d41c
Rather than setting up volumes and starting the pipglr container manually, utilize quadlet + systemd. Retain the old setup and execution method, but move them into separate documentation. Signed-off-by: Chris Evich <cevich@redhat.com>
34 lines
1.1 KiB
Plaintext
34 lines
1.1 KiB
Plaintext
[Unit]
|
|
Description=Podman-in-podman GitLab Runner
|
|
Documentation=https://gitlab.com/qontainers/pipglr/-/blob/main/README.md
|
|
After=pipglr-storage-volume.service pipglr-cache-volume.service
|
|
Requires=podman.socket pipglr-storage-volume.service pipglr-cache-volume.service
|
|
|
|
[Container]
|
|
ContainerName=pipglr
|
|
Image=registry.gitlab.com/qontainers/pipglr
|
|
|
|
# Required to run containers inside a container and ensure
|
|
# container can be managed with podman-restart.service
|
|
# Note: See https://github.com/containers/podman/issues/20418
|
|
PodmanArgs=--privileged --restart=always
|
|
|
|
# A nested systemd is used to manage nested podman & gitlab runner services
|
|
Systemd=true
|
|
|
|
# Allow jobs access to utilize fuse-overlayfs, for example to build container images.
|
|
Device=/dev/fuse
|
|
|
|
# Must be owned by the gitlab-runner user
|
|
Secret config.toml,uid=1001,gid=1001
|
|
|
|
# Add network isolation from other containers
|
|
Network=pipglr.network
|
|
|
|
# Storage for nested container images and job cache
|
|
Volume=pipglr-storage:/home/podman/.local/share/containers
|
|
Volume=pipglr-cache:/cache
|
|
|
|
# No need to preserve this between runs
|
|
VolatileTmp=true
|