unom/punktfunk
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases 3 Wiki Activity

ci(windows): setup-windows-runner.ps1 — Gitea Actions host runner provisioner
apple / swift (push) Successful in 54s
Details
ci / rust (push) Failing after 59s
Details
ci / docs-site (push) Successful in 28s
Details
deb / build-publish (push) Successful in 2m23s
Details
decky / build-publish (push) Successful in 11s
Details
android / android (push) Failing after 46s
Details
ci / web (push) Successful in 28s
Details
docker / build-push (--build-arg FEDORA_VERSION=44, ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora44-rpm) (push) Successful in 4s
Details
docker / build-push (., web/Dockerfile, punktfunk-web) (push) Successful in 4s
Details
docker / build-push (ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora-rpm) (push) Successful in 3s
Details
docker / build-push (ci, ci/rust-ci.Dockerfile, punktfunk-rust-ci) (push) Successful in 5s
Details
docker / build-push (docs-site, docs-site/Dockerfile, punktfunk-docs) (push) Successful in 5s
Details
ci / bench (push) Successful in 4m29s
Details
rpm / build-publish (bazzite, punktfunk-fedora-rpm) (push) Successful in 8m8s
Details
rpm / build-publish (fedora-44, punktfunk-fedora44-rpm) (push) Successful in 8m15s
Details
docker / deploy-docs (push) Successful in 20s
Details

Browse Source 
The Windows analogue of scripts/ci/setup-macos-runner.sh: downloads act_runner (gitea-runner)
in host mode, bumps Node 20 via nvm4w (actions/checkout@v4), registers against git.unom.io with
labels windows-amd64:host, and installs a SYSTEM scheduled task that keeps the daemon alive
across reboots. The daemon's env wrapper hard-codes this box's MSVC/WinUI toolchain (cargo/rustup,
NASM, CMake, LLVM, FFmpeg, the ASCII CARGO_HOME SDL3's PCH needs) so the Windows workflow inherits
a working toolchain. Idempotent; token (from org unom -> Settings -> Actions -> Runners) not
persisted.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Enrico Bühler
2026-06-16 06:59:40 +00:00
parent 28ab448a29
commit 627188b4b7
1 changed files with 107 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/ci/setup-windows-runner.ps1
+107
View File
@@ -0,0 +1,107 @@
# Provision this Windows box as the Gitea Actions runner for the Windows client CI/packaging.
# The Windows analogue of scripts/ci/setup-macos-runner.sh. Idempotent — safe to re-run. Run
# ELEVATED (admin) on the box, e.g. over SSH:
#
# ssh "<box>" 'powershell -NoProfile -ExecutionPolicy Bypass -File C:\path\setup-windows-runner.ps1 -Token <registration token>'
#
# Installs: the act_runner (gitea-runner) binary in **host mode** (jobs run directly on Windows,
# no containers — MSVC/WinUI builds need the host toolchain), Node 20 via the box's nvm4w (JS
# actions like actions/checkout run via node on PATH), and a SYSTEM scheduled task that keeps the
# daemon alive across reboots with nobody logged in. Registration happens once (.runner file); the
# token is NOT persisted.
#
# Get the token from Gitea: org **unom** -> Settings -> Actions -> Runners -> "Create new runner".
#
# Env/param knobs: -Instance (default https://git.unom.io), -Token (GITEA_RUNNER_TOKEN; required
# for first registration), -RunnerName (default COMPUTERNAME), -Labels (default windows-amd64:host
# — match the Windows job's runs-on), -Version (act_runner, default 1.0.8).
#
# The daemon's env wrapper hard-codes this box's MSVC build paths (cargo/rustup, NASM, CMake, LLVM,
# FFmpeg, the ASCII CARGO_HOME that SDL3's PCH needs) so the Windows workflow inherits a working
# toolchain without re-deriving dev-box specifics. Per-checkout vars (CARGO_WORKSPACE_DIR for the
# windows-reactor build.rs) are set by the workflow, not here.
param(
[string]$Instance = $(if ($env:GITEA_INSTANCE) { $env:GITEA_INSTANCE } else { "https://git.unom.io" }),
[string]$Version = $(if ($env:ACT_RUNNER_VERSION) { $env:ACT_RUNNER_VERSION } else { "1.0.8" }),
[string]$RunnerName = $(if ($env:RUNNER_NAME) { $env:RUNNER_NAME } else { $env:COMPUTERNAME }),
[string]$Labels = $(if ($env:RUNNER_LABELS) { $env:RUNNER_LABELS } else { "windows-amd64:host" }),
[string]$Token = $env:GITEA_RUNNER_TOKEN
)
$ErrorActionPreference = "Stop"
$RunnerHome = "C:\Users\Public\act-runner"
$Exe = "$RunnerHome\act_runner.exe"
New-Item -ItemType Directory -Force -Path $RunnerHome | Out-Null
# --- act_runner binary (gitea-runner; CLI surface unchanged from act_runner) ---
$need = $true
if (Test-Path $Exe) { try { $need = -not ((& $Exe --version 2>$null) -match [regex]::Escape($Version)) } catch { } }
if ($need) {
$url = "https://dl.gitea.com/gitea-runner/$Version/gitea-runner-$Version-windows-amd64.exe"
Write-Host "==> downloading act_runner $Version"
Invoke-WebRequest -Uri $url -OutFile "$Exe.tmp" -UseBasicParsing
Move-Item -Force "$Exe.tmp" $Exe
}
& $Exe --version
# --- Node 20 (actions/checkout@v4 demands node20) via the box's nvm4w ---
if (Get-Command nvm -ErrorAction SilentlyContinue) {
if (-not ((node --version 2>$null) -match "^v20")) {
nvm install 20.18.0 | Out-Null
nvm use 20.18.0 | Out-Null
}
}
Write-Host "node $(node --version)"
# --- config + host-mode labels (empty the docker defaults so .runner's labels rule) ---
Push-Location $RunnerHome
if (-not (Test-Path config.yaml)) { & $Exe generate-config | Set-Content -Encoding ASCII config.yaml }
(Get-Content config.yaml) |
Where-Object { $_ -notmatch "docker.gitea.com/runner-images" } |
ForEach-Object { $_ -replace '^(\s*)labels:\s*$', '${1}labels: []' } |
Set-Content -Encoding ASCII config.yaml
Pop-Location
# --- one-time registration ---
if (-not (Test-Path "$RunnerHome\.runner")) {
if (-not $Token) {
Write-Warning "Not registered yet. Re-run with -Token <registration token>."
Write-Host " (Gitea: org unom -> Settings -> Actions -> Runners -> Create new runner)"
exit 1
}
& $Exe register --no-interactive --instance $Instance --token $Token --name $RunnerName --labels $Labels
}
# --- daemon env wrapper (the box's MSVC/WinUI/FFmpeg toolchain) ---
$wrapper = "$RunnerHome\run-runner.ps1"
@'
$env:CARGO_HOME = "C:\Users\Public\.cargo"
$env:RUSTUP_HOME = "C:\Users\Enrico Bühler\.rustup"
$env:CMAKE_POLICY_VERSION_MINIMUM = "3.5"
$env:LIBCLANG_PATH = "C:\Program Files\LLVM\bin"
$env:FFMPEG_DIR = "C:\Users\Public\ffmpeg"
$env:PATH = "C:\Users\Public\.cargo\bin;C:\nvm4w\nodejs;C:\Program Files\NASM;C:\Program Files\CMake\bin;C:\Program Files\LLVM\bin;C:\Users\Public\ffmpeg\bin;" + $env:PATH
Set-Location "C:\Users\Public\act-runner"
& "C:\Users\Public\act-runner\act_runner.exe" daemon --config config.yaml
'@ | Set-Content -Encoding UTF8 $wrapper
# --- SYSTEM scheduled task: keep the daemon alive across reboots, no login needed ---
$taskName = "gitea-act-runner"
if (schtasks /Query /TN $taskName 2>$null) {
schtasks /End /TN $taskName 2>$null | Out-Null
schtasks /Delete /TN $taskName /F | Out-Null
}
$action = New-ScheduledTaskAction -Execute "powershell.exe" `
-Argument "-NoProfile -ExecutionPolicy Bypass -File `"$wrapper`""
$trigger = New-ScheduledTaskTrigger -AtStartup
$principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -LogonType ServiceAccount -RunLevel Highest
$settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries `
-RestartCount 999 -RestartInterval (New-TimeSpan -Minutes 1) -ExecutionTimeLimit ([TimeSpan]::Zero)
Register-ScheduledTask -TaskName $taskName -Action $action -Trigger $trigger `
-Principal $principal -Settings $settings -Force | Out-Null
Start-ScheduledTask -TaskName $taskName
Start-Sleep -Seconds 4
Write-Host "==> runner '$RunnerName' labels=$Labels instance=$Instance"
$p = Get-Process act_runner -ErrorAction SilentlyContinue
if ($p) { Write-Host "daemon running (pid $($p.Id), session $($p.SessionId))" }
else { Write-Warning "daemon not running yet — check $RunnerHome\runner task / logs" }