Installation

Crow CI consists of three components:

Component	Required	Description
Server	Yes	UI, API, webhook handling, pipeline parsing
Agent	Yes	Executes pipelines via Docker, Kubernetes, or local backend
Autoscaler	No	Spins up/down cloud VMs for pending builds

Installation Methods

Method	Best For
Docker Compose	Single-server deployments
Helm Chart	Kubernetes clusters
Binary	Custom deployments
Ansible	Automated provisioning

Database

Crow uses SQLite by default. For production, PostgreSQL or MariaDB is recommended.¹

Container Images

Images are published to the Codeberg Container Registry:

Image Tags

Tag	Description
`vX.Y.Z`	SemVer release (scratch image)
`vX.Y.Z-alpine`	SemVer release (Alpine, rootless)
`vX`, `vX.Y`	Rolling major/minor version
`dev`	Latest from `main` branch
`pull_<ID>`	PR preview builds

Agent Authentication

Agents authenticate with the server using tokens via CROW_AGENT_SECRET.

System Token

Set the same CROW_AGENT_SECRET on both server and agent. On first connection:

Agent connects with system token
Server registers agent and returns unique ID
Agent stores ID in CROW_AGENT_CONFIG_FILE
Subsequent connections use stored ID

Agent Token

For multiple agents with different configurations, create tokens via Settings → Agents → Add agent or the API. Each agent uses its assigned token in CROW_AGENT_SECRET.

Remote Agents

Agents can run on separate machines from the server.

Internal Network

Connect using private IP addresses:

CROW_SERVER: <private-ip>:8000
CROW_GRPC_ADDR: <private-ip>:9000
CROW_AGENT_SECRET: <token>

Public Network

Requires TLS for secure GRPC connection:

CROW_SERVER: crow.mydomain.com
CROW_GRPC_ADDR: grpc.crow.mydomain.com
CROW_GRPC_SECURE: "true"
CROW_AGENT_SECRET: <token>

Requirements:

Subdomain for GRPC service
Valid SSL certificate
TLS-terminating proxy

See Reverse Proxy Setup for ingress configuration examples.

Pipeline logs are stored in the database. External log storage is planned. ↩