From 2a1cd3cc8bd884b1765cd86f9b3aaea77812eb25 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 28 Jun 2026 01:59:15 +0800 Subject: [PATCH] fix(reboot): fail closed host runner startup --- scripts/reboot-recovery/awoooi-startup-110.sh | 20 +++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/scripts/reboot-recovery/awoooi-startup-110.sh b/scripts/reboot-recovery/awoooi-startup-110.sh index 607e7464..d7e0ac12 100644 --- a/scripts/reboot-recovery/awoooi-startup-110.sh +++ b/scripts/reboot-recovery/awoooi-startup-110.sh @@ -190,12 +190,17 @@ fi log "[6/6] 檢查 Gitea Act Runner(預設不自動啟動)..." RUNNER_DIR="/home/wooo/act-runner" RUNNER_SERVICE="gitea-act-runner-host.service" +RUNNER_ENABLE_SENTINEL="/run/awoooi-runner-host-enabled" START_GITEA_RUNNER_ON_BOOT="${AWOOOI_START_GITEA_RUNNER_ON_BOOT:-0}" +START_GITEA_RUNNER_ALLOWED=0 +if [ "$START_GITEA_RUNNER_ON_BOOT" = "1" ] && [ -e "$RUNNER_ENABLE_SENTINEL" ]; then + START_GITEA_RUNNER_ALLOWED=1 +fi if [ -x "$RUNNER_DIR/act_runner" ] && [ -f "$RUNNER_DIR/config.yaml" ]; then # 若舊的 .runner 配置指向過期 hostname,只有在明確允許啟動 runner # 時才清除重新註冊;預設降壓模式不得碰 registration 狀態。 RUNNER_FILE="$RUNNER_DIR/data/.runner" - if [ "$START_GITEA_RUNNER_ON_BOOT" = "1" ] && [ -f "$RUNNER_FILE" ]; then + if [ "$START_GITEA_RUNNER_ALLOWED" = "1" ] && [ -f "$RUNNER_FILE" ]; then OLD_URL=$(python3 -c "import json; d=json.load(open('$RUNNER_FILE')); print(d.get('address',''))" 2>/dev/null || echo "") if [ "$OLD_URL" != "http://192.168.0.110:3001" ]; then log "⚠️ runner 配置過期 ($OLD_URL),清除重新註冊..." @@ -251,14 +256,21 @@ while idx < len(lines): path.write_text("\n".join(output) + "\n") PY - if [ "$START_GITEA_RUNNER_ON_BOOT" = "1" ]; then + if [ "$START_GITEA_RUNNER_ALLOWED" = "1" ]; then if systemctl list-unit-files "$RUNNER_SERVICE" >/dev/null 2>&1; then systemctl enable --now "$RUNNER_SERVICE" >/dev/null 2>&1 || true elif ! pgrep -f "$RUNNER_DIR/act_runner daemon" >/dev/null; then nohup "$RUNNER_DIR/run-host-runner.sh" >> "$RUNNER_DIR/host-runner.log" 2>&1 & fi else - log "⏸️ Gitea host runner 維持停用;設定 AWOOOI_START_GITEA_RUNNER_ON_BOOT=1 才允許 startup 啟動" + if [ "$START_GITEA_RUNNER_ON_BOOT" = "1" ]; then + log "⛔ AWOOOI_START_GITEA_RUNNER_ON_BOOT=1 但缺少 $RUNNER_ENABLE_SENTINEL;runner fail-closed" + else + log "⏸️ Gitea host runner 維持停用;需同時設定 AWOOOI_START_GITEA_RUNNER_ON_BOOT=1 與建立 $RUNNER_ENABLE_SENTINEL 才允許 startup 啟動" + fi + systemctl disable --now "$RUNNER_SERVICE" >/dev/null 2>&1 || true + systemctl kill -s SIGKILL "$RUNNER_SERVICE" >/dev/null 2>&1 || true + pkill -KILL -f "$RUNNER_DIR/act_runner daemon" >/dev/null 2>&1 || true fi # 已停用 Docker-wrapped runner;避免它搶走 host label job。 @@ -277,7 +289,7 @@ PY # 驗證 runner 已連線 Gitea if pgrep -f "$RUNNER_DIR/act_runner daemon" >/dev/null; then log "⚠️ Gitea host act_runner 目前正在執行;請確認是否為受控限流 / 搬遷後狀態" - elif [ "$START_GITEA_RUNNER_ON_BOOT" = "1" ]; then + elif [ "$START_GITEA_RUNNER_ALLOWED" = "1" ]; then log "⚠️ Gitea host act_runner 可能尚未啟動,查看: $RUNNER_DIR/host-runner.log" else log "✅ Gitea host act_runner 維持 inactive 降壓狀態"