Fix etc_hosts templating so the runner resolves the gitea domain to
the private IP. Clear runner data volume on deploy to avoid stale
registration errors when the token changes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
## Summary
- Adds a private runner server on the Hetzner private network (no public IP)
- NAT through the gitea server for outbound internet access via `hcloud_network_route` and iptables forwarding rules
- Runner connects to gitea over HTTPS on the private network with TLS verification disabled
- Includes Taskfile commands for runner deployment and SSH access
## Test plan
- [x] Runner registers with gitea instance
- [x] Private network connectivity verified
- [ ] Run a test workflow to confirm end-to-end CI
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Reviewed-on: #6
Co-authored-by: M.V. Hutz <git@maximhutz.me>
Co-committed-by: M.V. Hutz <git@maximhutz.me>
Fixes the following issues with the `web/git` Ansible scripts.
- Updates cache before installing `python3-pip`.
- Forces `terraform init` configuration during provisioning.
- Requires user to set an `endpoint_url` to get the backup file from S3.
In addition, I'm removing the last of AWS from the repository:
- The routing uses Hetzner now, so let's get rid of all of that.
Reviewed-on: #4
Co-authored-by: Max <git@maximhutz.me>
Co-committed-by: Max <git@maximhutz.me>
Adds better logo.
- Re-added back local development.
Reviewed-on: #3
Co-authored-by: M. V. Hutz <git@maximhutz.me>
Co-committed-by: M. V. Hutz <git@maximhutz.me>
- Instance in Hetzner.
- Data stored in Backblaze B2.
Reviewed-on: #2
Co-authored-by: M. V. Hutz <git@maximhutz.me>
Co-committed-by: M. V. Hutz <git@maximhutz.me>
