Introduction

If you are developing a website or application, it is common today to use a Source Code Management tool such as Git. Your code will be stored there with change management. By adding DroneCI you can automate manual steps such as testing or deploying the code, once committed and pushed to the repository. You record these actions in a ‘pipeline’. By automating development steps you save a lot of time, which you can better spend on improving your product. Also, don’t skip testing your code, for example.

What we describe in this article is the installing part of Gitea (a self-hosted Github service) and DroneCI with a agent that does the work.

gitea

gitea

How to actually use the services and how such a pipeline looks like, is described in another article.

Prerequisites

  • (Basic) knowledge of Docker (swarm) and Docker Compose.
  • You already have a reserved proxy running with Traefik.

Docker compose file

Create a new file and name it docker-compose.yml. Copy and paste the following text but note that you first adjust some things to your own requirements and wishes.

Explanation

  • The network configured in this example is called ‘traefik_public’ with which Traefik can make services available on the Internet. Adjust this to your own network.
  • Also adjust yourvolume and yourdomain to your own wishes.
  • The same goes for the ports, if a certain port is already occupied on your LAN network, you can easily adjust this.
  • At the Middelwares line you can enter your own middleware, this is not mandatory and you can also remove it.
  • Value DRONE_RPC_SECRET must be the same, it is mentioned 3 times. Generate a random string.
  • One last thing, we will generate the value of “DRONE_GITEA_CLIENT_ID” and “DRONE_GITEA_CLIENT_SECRET” later after deployment of Gitea, so for now, use # so the environment will be skipped.
version: "3"
services:
  gitea:
    image: gitea/gitea:1.14.6
    environment:
      - ROOT_URL=https://gitea.yourdomain.com
    networks:
      - traefik_public
    volumes:
      - /yourvolume/gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - 3000:3000
    deploy:
      labels:
        - "traefik.enable=true"
        ## HTTP Routers
        - "traefik.http.routers.gitea-rtr.entrypoints=https"
        - "traefik.http.routers.gitea-rtr.rule=Host(`gitea.yourdomain.com`)"
        ## Middlewares
        - "[email protected]"
        ## HTTP Services
        - "traefik.http.routers.gitea-rtr.service=gitea-svc"
        - "traefik.http.services.gitea-svc.loadbalancer.server.port=3000"

  drone:
    image: drone/drone:2.1.0
    environment:
      - DRONE_DEBUG=true
      - DRONE_ADMIN=admin
      - DRONE_USER_CREATE=username:gitea,admin:true
      - DRONE_SERVER_PORT=:80
      - DRONE_DATABASE_DRIVER=sqlite3
      - DRONE_GIT_ALWAYS_AUTH=false
      - DRONE_GITEA_SERVER=https://gitea.yourdomain.com
      - DRONE_RPC_SECRET=thisisasecret
      - DRONE_SERVER_HOST=drone.yourdomain.com
      - DRONE_HOST=https://drone.yourdomain.com
      - DRONE_SERVER_PROTO=https
      - DRONE_TLS_AUTOCERT=false
      - DRONE_AGENTS_ENABLED=true
#      - DRONE_GITEA_CLIENT_ID=willbechangedlater
#      - DRONE_GITEA_CLIENT_SECRET=willbechangedlater
      - DRONE_NETWORK=traefik_public
      - DRONE_RUNNER_NETWORKS=traefik_public
      - DRONE_LOGS_DEBUG=true
      - DRONE_LOGS_TEXT=true
      - DRONE_LOGS_PRETTY=true
      - DRONE_LOGS_COLOR=true
    ports:
      - 80:80
      - 443:443
    networks:
      - traefik_public
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /yourvolume/drone:/data
    deploy:
      labels:
        - "traefik.enable=true"
        ## HTTP Routers
        - "traefik.http.routers.drone-rtr.entrypoints=https"
        - "traefik.http.routers.drone-rtr.rule=Host(`drone.yourdomain.com`)"
        ## Middlewares
        - "[email protected]"
        ## HTTP Services
        - "traefik.http.routers.drone-rtr.service=drone-svc"
        - "traefik.http.services.drone-svc.loadbalancer.server.port=80"

  drone-runner:
    image: drone/drone-runner-docker:latest
    command: agent
    depends_on:
      - drone
    environment:
      - DRONE_RPC_PROTO=https
      - DRONE_RPC_HOST=drone.yourdomain.com
      - DRONE_RPC_SECRET=thisisasecret
      - DRONE_RUNNER_CAPACITY=2
      - DRONE_RUNNER_NAME=DOCKERRUNNER
      - DRONE_NETWORK=traefik_public
      - DRONE_RUNNER_NETWORKS=traefik_public
      - DRONE_LOGS_DEBUG=true
      - DRONE_LOGS_TEXT=true
      - DRONE_LOGS_PRETTY=true
      - DRONE_LOGS_COLOR=true
    ports:
      - 3002:3000
    networks:
      - traefik_public
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

  drone-runner-ssh:
    image: drone/drone-runner-ssh:latest
    depends_on:
      - drone
    environment:
      - DRONE_RPC_PROTO=https
      - DRONE_RPC_HOST=drone.yourdomain.com
      - DRONE_RPC_SECRET=thisisasecret
    networks:
      - traefik_public

networks:
  traefik_public:
    external: true

Deployment

When you’re ready, we’ll deploy the whole thing. Save the file and run docker-compose up. Keep an eye on the logs to see if the services are up and running properly and if you don’t see any crazy error messages.

Go to https://gitea.yourdomain.com and fill in some details for the initial start. It looks like the screenshot, but in this case we do NOT need to enter any database information. The Gitea service already has a database in it and ensures less complexity for the installation.

gitea-initial-settings

gitea-initial-settings

Connection with DroneCI

Go to the Settings page https://gitea.yourdomain.com/user/settings/applications At the bottom of “Create a new OAuth2 application” we are going to fill in:

Copy the Client-ID and Client-secret and paste these values in the docker-compose file:

  • DRONE_GITEA_CLIENT_ID=
  • DRONE_GITEA_CLIENT_SECRET=

We will stop the serves again by executing Docker-compose down and start by running Docker compose up.

If you go to https://drone.yourdomain.com you will see an authorization message that you can connect to Gitea. Accept this and the services have been successfully linked and ready to use!