rethinkdb · gabor-boros · Oct 9, 2025
diff --git a/README.md b/README.md
@@ -11,6 +11,10 @@ This repository contains ansible deployment scripts for deploying a variety of R
 
 _**macOS notes: On macOS, add `export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES` to your `zshrc`, as ansible have a process forking bug: https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#running-on-macos-as-a-control-node. Also, make sure your `tar` command is `GNU tar`. On macOS, install it by executing `brew install gnu-tar`._
 
+## Initial playbook runs
+
+For DigitalOcean Droplets, use `ansible_user=root` in the inventory or CLI until the common playbook is not applied. Once it is done, remove the parameter.
+
 ## Working with Ansible Vault
 
 Before inlining any encrypted passwords, carefully consider whether it's truly necessary. Ansible Vault allows you to encrypt strings or files directly within Ansible without needing additional installations.

diff --git a/group_vars/private_github_runner.yml b/group_vars/private_github_runner.yml
@@ -0,0 +1,5 @@
+---
+COMMON_SSH_KEY_GITHUB_USERS:
+  - gabor-boros
+  - srh
+
diff --git a/inventory.ini b/inventory.ini
@@ -3,3 +3,5 @@ download.rethinkdb.com
 
 [update_checker]
 update.rethinkdb.com
+
+[github_runner]
diff --git a/playbooks/private-github-runner.yml b/playbooks/private-github-runner.yml
@@ -0,0 +1,12 @@
+---
+- name: Set up private GitHub runner
+  hosts: github_runner
+  become: true
+  roles:
+    - role: common
+      tags:
+        - common
+
+    - role: github-runner
+      tags:
+        - github-runner
diff --git a/playbooks/roles/github-runner/defaults/main.yml b/playbooks/roles/github-runner/defaults/main.yml
@@ -0,0 +1,8 @@
+---
+GITHUB_RUNNER_TOKEN: "{{ lookup('env', 'GITHUB_ACCESS_TOKEN') }}"
+GITHUB_RUNNER_VERSION: "latest"
+GITHUB_RUNNER_USER: runner
+GITHUB_RUNNER_DIRECTORY: "{{ 'C:\\actions-runner' if ansible_facts.system == 'Win32NT' else '/opt/actions-runner' }}"
+GITHUB_RUNNER_LABELS:
+  - "pre-release"
+  - "rethinkdb-{{ ansible_facts.architecture }}"
diff --git a/playbooks/roles/github-runner/tasks/main.yml b/playbooks/roles/github-runner/tasks/main.yml
@@ -0,0 +1,25 @@
+---
+- name: "Ensure {{ GITHUB_RUNNER_USER }} user exists"
+  user:
+    name: "{{ GITHUB_RUNNER_USER }}"
+    shell: /bin/bash
+    state: present
+
+- name: "Ensure {{ GITHUB_RUNNER_DIRECTORY }} exists and owned"
+  file:
+    path: "{{ GITHUB_RUNNER_DIRECTORY }}"
+    state: directory
+    owner: "{{ GITHUB_RUNNER_USER }}"
+
+- name: "Install GitHub runner"
+  import_role:
+    name: monolithprojects.github_actions_runner
+  vars:
+    github_account: rethinkdb
+    github_repo: rethinkdb
+    access_token: "{{ GITHUB_RUNNER_TOKEN }}"
+    runner_name: "rethinkdb-runner-{{ ansible_facts.architecture }}"
+    runner_version: "{{ GITHUB_RUNNER_VERSION }}"
+    runner_user: "{{ GITHUB_RUNNER_USER }}"
+    runner_dir: "{{ GITHUB_RUNNER_DIRECTORY }}"
+    runner_labels: "{{ GITHUB_RUNNER_LABELS }}"
diff --git a/requirements.yml b/requirements.yml
@@ -15,3 +15,8 @@ roles:
     src: https://github.com/geerlingguy/ansible-role-certbot.git
     version: 3b3cc546d123c06b294182c747cacaab83174fca
     scm: git
+
+  - name: monolithprojects.github_actions_runner
+    src: https://github.com/MonolithProjects/ansible-github_actions_runner.git
+    version: ed4b47a28940824d5b25822df41c638e5eba96a5
+    scm: git
Original file line number	Diff line number	Diff line change
Expand Up		@@ -3,3 +3,5 @@ download.rethinkdb.com

		[update_checker]
		update.rethinkdb.com

		[github_runner]