---
{{ ansible_managed | comment }}
services:
  docker:
    image: docker:dind
    privileged: true
    restart: always
    volumes:
      - certs:/certs

{% for runner in forgejo_runners %}
  runner-{{ runner }}:
    image: code.forgejo.org/forgejo/runner:{{ forgejo_runners_version }}
    user: {{ ansible_facts.getent_passwd.forgejo[1] }}:{{ ansible_facts.getent_passwd.forgejo[2] }}
    environment:
      DOCKER_HOST: tcp://docker:2376
      DOCKER_TLS_VERIFY: 1
      DOCKER_CERT_PATH: /certs/client
    restart: always
    volumes:
      - {{ forgejo_runners_config_dir }}/{{ runner }}:/data
      - certs:/certs
    command: 'forgejo-runner --config config.yml daemon'
{% endfor %}

volumes:
  certs: