Skip to content

Instantly share code, notes, and snippets.

@Cdaprod

Cdaprod/runner-setup.sh

Created August 21, 2025 15:23
Show Gist options
  • Save Cdaprod/ee2b60184ace388bff8066b58dee97d1 to your computer and use it in GitHub Desktop.
Save Cdaprod/ee2b60184ace388bff8066b58dee97d1 to your computer and use it in GitHub Desktop.
Download ZIP
GitHub Self Hosted Runner: Setup Script
Raw
runner-setup.sh
#!/usr/bin/env bash
set -euo pipefail
# ─── Variables (override via environment) ─────────────────────────────────────
RUNNER_USER="${RUNNER_USER:-$USER}"
RUNNER_NAME="${RUNNER_NAME:-repo-runner-ephemeral}"
RUNNER_LABELS="${RUNNER_LABELS:-repo=default,arch=$(uname -m),role=ci,ephemeral}"
RUNNER_ID="${RUNNER_ID:-default}" # used in paths and service name
RUNNER_ROOT="${RUNNER_ROOT:-/opt/actions-runner/$RUNNER_ID}"
RUNNER_WORK="${RUNNER_WORK:-/home/$RUNNER_USER/actions-work/$RUNNER_ID}"
REPO_URL="${REPO_URL:-https://github.com/example/repo}"
RUNNER_VER="${RUNNER_VER:-2.319.1}"
# Expect export GITHUB_RUNNER_TOKEN before running
# ─── Create dirs ─────────────────────────────────────────────────────────────
sudo install -d -o "$RUNNER_USER" -g "$RUNNER_USER" -m 0755 "$RUNNER_ROOT/bin"
install -d -m 0755 "$RUNNER_WORK"
install -d -m 0755 "/home/$RUNNER_USER/.cache"
# ─── Setup script ────────────────────────────────────────────────────────────
sudo tee "$RUNNER_ROOT/bin/setup.sh" > /dev/null <<EOF
#!/usr/bin/env bash
set -euo pipefail
ARCH=\$(uname -m)
case "\$ARCH" in
aarch64|arm64) PKG="actions-runner-linux-arm64-${RUNNER_VER}.tar.gz" ;;
x86_64|amd64) PKG="actions-runner-linux-x64-${RUNNER_VER}.tar.gz" ;;
*) echo "Unsupported arch: \$ARCH" >&2; exit 1 ;;
esac
curl -fsSLo "/tmp/\$PKG" "https://github.com/actions/runner/releases/download/v${RUNNER_VER}/\$PKG"
tar -xzf "/tmp/\$PKG" -C "$RUNNER_ROOT"
rm -f "/tmp/\$PKG"
"$RUNNER_ROOT/bin/installdependencies.sh" || true
if [ -z "\${GITHUB_RUNNER_TOKEN:-}" ]; then
echo "ERROR: export GITHUB_RUNNER_TOKEN first" >&2
exit 1
fi
"$RUNNER_ROOT/config.sh" remove --token "\$GITHUB_RUNNER_TOKEN" >/dev/null 2>&1 || true
"$RUNNER_ROOT/config.sh" \
--url "$REPO_URL" \
--token "\$GITHUB_RUNNER_TOKEN" \
--name "$RUNNER_NAME" \
--labels "$RUNNER_LABELS" \
--work "$RUNNER_WORK" \
--ephemeral \
--unattended
EOF
sudo chmod +x "$RUNNER_ROOT/bin/setup.sh"
# ─── Loop script ─────────────────────────────────────────────────────────────
sudo tee "$RUNNER_ROOT/bin/runner-loop.sh" > /dev/null <<EOF
#!/usr/bin/env bash
set -euo pipefail
cd "$RUNNER_ROOT"
while true; do
./run.sh || true
sleep 2
done
EOF
sudo chmod +x "$RUNNER_ROOT/bin/runner-loop.sh"
# ─── Systemd unit ────────────────────────────────────────────────────────────
sudo tee "/etc/systemd/system/github-runner-$RUNNER_ID.service" > /dev/null <<EOF
[Unit]
Description=GitHub Actions Runner ($RUNNER_ID ephemeral)
After=network-online.target
Wants=network-online.target
[Service]
User=$RUNNER_USER
WorkingDirectory=$RUNNER_ROOT
ExecStart=$RUNNER_ROOT/bin/runner-loop.sh
Restart=always
RestartSec=2s
Environment=GOCACHE=/home/$RUNNER_USER/.cache/go-build
Environment=GOMODCACHE=/home/$RUNNER_USER/.cache/gomod
Environment=PIP_CACHE_DIR=/home/$RUNNER_USER/.cache/pip
Environment=npm_config_cache=/home/$RUNNER_USER/.cache/npm
Environment=YARN_CACHE_FOLDER=/home/$RUNNER_USER/.cache/yarn
Environment=UV_CACHE_DIR=/home/$RUNNER_USER/.cache/uv
NoNewPrivileges=true
PrivateTmp=true
ProtectSystem=full
ProtectHome=false
[Install]
WantedBy=multi-user.target
EOF
# ─── Reload + enable ─────────────────────────────────────────────────────────
sudo systemctl daemon-reload
sudo systemctl enable --now github-runner-$RUNNER_ID.service
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment