-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkarellen-gha-runner-configure.service
26 lines (24 loc) · 1.33 KB
/
karellen-gha-runner-configure.service
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
[Unit]
Description=Karellen GitHub Actions Runner Configurator
Before=karellen-gha-runner.service
[Service]
Type=oneshot
RemainAfterExit=yes
PassEnvironment=RUNNER_MANUALLY_TRAP_SIG ACTIONS_RUNNER_PRINT_LOG_TO_STDOUT
WorkingDirectory=/home/runner
User=runner
Group=runner
ExecStart=/bin/bash -c 'set -eE -o pipefail; REGISTRATION_TOKEN=$(sudo cat /home/runner/__secure/registration_token); if [ -z "$REGISTRATION_TOKEN" ]; then echo "Failed to read registration token!"; exit 1; fi; /home/runner/config.sh --url https://github.com/karellen --token "$REGISTRATION_TOKEN" --ephemeral --disableupdate --unattended'
ExecStartPost=+/usr/bin/shred -vu /home/runner/__secure/registration_token
# Repeat in StopPost in case we failed to start
ExecStopPost=-+/usr/bin/shred -vu /home/runner/__secure/registration_token
ExecStopPost=-/bin/bash -c 'set -eE -o pipefail; REMOVAL_TOKEN="$(sudo cat /home/runner/__secure/removal_token)"; if [ -z "$REMOVAL_TOKEN" ]; then echo "Failed to read removal token!"; exit 1; fi; /home/runner/config.sh remove --token "$REMOVAL_TOKEN"'
ExecStopPost=-+/usr/bin/shred -vu /home/runner/__secure/removal_token
ExecStopPost=+/bin/bash -c '[ "$SERVICE_RESULT" == success ] || /sbin/halt'
TimeoutStartSec=10
TimeoutStopSec=10
StartLimitInterval=0
StandardOutput=journal
StandardError=journal
[Install]
WantedBy=karellen-gha-runner.service