Standalone Terraform config for an EC2-based GitHub Actions runner. Solves the "no space left on device" error when building large Docker images (e.g. HuggingFace TGI base images) that exceed GitHub-hosted runner disk limits.
Apply when you need to build, destroy when you're done. Zero cost when destroyed.
- AWS CLI configured with appropriate credentials
- Terraform >= 1.5
- A fine-grained GitHub PAT scoped to the target repo with Administration: Read and write
terraform init
terraform apply \
-var="github_repo=your-org/your-repo" \
-var="github_pat=ghp_..."
# Runner appears in repo Settings > Actions > Runners within ~2-3 min.
# Trigger workflow_dispatch or push container changes to main.
terraform destroy \
-var="github_repo=your-org/your-repo" \
-var="github_pat=ghp_..."Alternatively, supply variables via TF_VAR_github_pat env var or a .tfvars file (gitignored).
| Resource | Details |
|---|---|
| EC2 instance | t3.large, 200 GB gp3 root volume, Ubuntu 22.04 LTS |
| Security group | All egress, zero ingress |
| IAM role | SSM Session Manager access only — no ECR/AWS permissions (the workflow's OIDC role handles that) |
~$2/day while running. $0 when destroyed.
If the runner doesn't appear in GitHub after apply, check the bootstrap log:
# Connect via SSM (command shown in terraform output)
aws ssm start-session --target <instance-id> --region eu-central-1
# Inside the instance
cat /var/log/runner-setup.logCommon issues: expired PAT, missing Administration scope, GitHub API rate limiting.