ADD: implement migration and backup configurations for Nextcloud with Longhorn support

k3s/apps/gitLab/manifest/runner.yaml

@@ -0,0 +1,139 @@
+# ─── ServiceAccount ───────────────────────────────────────────────
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: gitlab-runner
+  namespace: gitlab
+
+---
+# ─── Role ─────────────────────────────────────────────────────────
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: gitlab-runner
+  namespace: gitlab
+rules:
+  - apiGroups: [""]
+    resources: ["pods", "pods/exec", "pods/attach", "pods/log", "secrets", "configmaps", "services"]
+    verbs: ["get", "list", "watch", "create", "delete", "update", "patch"]
+
+---
+# ─── RoleBinding ──────────────────────────────────────────────────
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: gitlab-runner
+  namespace: gitlab
+subjects:
+  - kind: ServiceAccount
+    name: gitlab-runner
+    namespace: gitlab
+roleRef:
+  kind: Role
+  apiGroup: rbac.authorization.k8s.io
+  name: gitlab-runner
+
+---
+# ─── Secret (Runner Authentication Token, GitLab 16+) ────────────
+apiVersion: v1
+kind: Secret
+metadata:
+  name: gitlab-runner-secret
+  namespace: gitlab
+type: Opaque
+stringData:
+  runner-token: "glrt-3nNma_nEvL1Bq2zc8m5Zu286MQpwOjIKdDozCnU6MTAQ.01.181jg6jja"
+
+---
+# ─── ConfigMap (config.toml) ──────────────────────────────────────
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: gitlab-runner-config
+  namespace: gitlab
+data:
+  config.toml: |
+    concurrent = 4
+    check_interval = 10
+    log_level = "info"
+
+    [session_server]
+      session_timeout = 1800
+
+---
+# ─── Deployment ───────────────────────────────────────────────────
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gitlab-runner
+  namespace: gitlab
+  labels:
+    app: gitlab-runner
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gitlab-runner
+  template:
+    metadata:
+      labels:
+        app: gitlab-runner
+    spec:
+      serviceAccountName: gitlab-runner
+
+      initContainers:
+        - name: register-runner
+          image: gitlab/gitlab-runner:latest
+          imagePullPolicy: IfNotPresent
+          command:
+            - sh
+            - -c
+            - |
+              gitlab-runner register \
+                --non-interactive \
+                --url "$CI_SERVER_URL" \
+                --token "$RUNNER_TOKEN" \
+                --executor kubernetes \
+                --kubernetes-namespace gitlab \
+                --kubernetes-service-account gitlab-runner \
+                --kubernetes-pull-policy if-not-present \
+                --kubernetes-privileged true \
+                --output-limit 4096 \
+                --kubernetes-cpu-request "100m" \
+                --kubernetes-cpu-limit "500m" \
+                --kubernetes-memory-request "256Mi" \
+                --kubernetes-memory-limit "4Gi"
+          env:
+            - name: CI_SERVER_URL
+              value: "https://gitlab.henryathome.home64.de"
+            - name: RUNNER_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: gitlab-runner-secret
+                  key: runner-token
+          volumeMounts:
+            - name: runner-config
+              mountPath: /etc/gitlab-runner
+
+      containers:
+        - name: gitlab-runner
+          image: gitlab/gitlab-runner:latest
+          imagePullPolicy: IfNotPresent
+          command: ["gitlab-runner", "run", "--user=gitlab-runner", "--working-directory=/home/gitlab-runner"]
+          env:
+            - name: CI_SERVER_URL
+              value: "https://gitlab.henryathome.home64.de"
+          resources:
+            requests:
+              memory: "128Mi"
+              cpu: "100m"
+            limits:
+              memory: "512Mi"
+              cpu: "1000m"
+          volumeMounts:
+            - name: runner-config
+              mountPath: /etc/gitlab-runner
+
+      volumes:
+        - name: runner-config
+          emptyDir: {}