Gitea Drone Code Hosting and Pipeline Deployment

Prerequisites

Installing Gitea

Refer to https://docs.gitea.com/category/installation

Create a container folder for Gitea

mkdir gitea


cd gitea

Create a new docker-compose.yml file

version: "2"


services:
  server:
    image: gitea/gitea:1.21.3-rootless
    environment:
      - GITEA__database__DB_TYPE=mysql
      - GITEA__database__HOST=db:3306
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=gitea
    restart: always
    volumes:
      - ./data:/var/lib/gitea
      - ./config:/etc/gitea
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "2222:2222"
    depends_on:
      - db


  db:
    image: mysql:8
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=gitea
      - MYSQL_USER=gitea
      - MYSQL_PASSWORD=gitea
      - MYSQL_DATABASE=gitea
    volumes:
      - ./mysql:/var/lib/mysql

Start Gitea

docker-compose up -d

Configure nginx

# git.xxx.com
server {
    listen 443 ssl;
    server_name git.xxx.com;
    ssl_certificate /home/ssl/git.xxx.com.crt;
    ssl_certificate_key /home/ssl/git.xxx.com.key;


    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Restart nginx

nginx -s stop


nginx

Visit git.xxx.com

Proceed with necessary settings and create an admin account

Configure app.ini

vim ./config/app.ini  # 容器文件夹gitea内

Modify according to your needs

APP_NAME = Gitea: Git with a cup of tea
RUN_USER = git
RUN_MODE = prod
WORK_PATH = /var/lib/gitea


[repository]
ROOT = /var/lib/gitea/git/repositories


[repository.local]
LOCAL_COPY_PATH = /tmp/gitea/local-repo


[repository.upload]
TEMP_PATH = /tmp/gitea/uploads


[server]
APP_DATA_PATH = /var/lib/gitea
SSH_DOMAIN = git.xxx.com
HTTP_PORT = 3000
ROOT_URL = https://git.xxx.com
DISABLE_SSH = false
; In rootless gitea container only internal ssh server is supported
START_SSH_SERVER = true
SSH_PORT = 2222
SSH_LISTEN_PORT = 2222
BUILTIN_SSH_SERVER_USER = git
LFS_START_SERVER = true
DOMAIN = git.xxx.com
LFS_JWT_SECRET =
OFFLINE_MODE = false


[database]
PATH = /var/lib/gitea/data/gitea.db
DB_TYPE = mysql
HOST = db:3306
NAME = gitea
USER = gitea
PASSWD = gitea
SCHEMA =
SSL_MODE = disable
LOG_SQL = false


[session]
PROVIDER_CONFIG = /var/lib/gitea/data/sessions
PROVIDER = file


[picture]
AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /var/lib/gitea/data/repo-avatars


[attachment]
PATH = /var/lib/gitea/data/attachments


[log]
ROOT_PATH = /var/lib/gitea/data/log
MODE = console
LEVEL = info


[security]
INSTALL_LOCK = true
SECRET_KEY =
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = *
INTERNAL_TOKEN =
PASSWORD_HASH_ALGO = pbkdf2


[service]
DISABLE_REGISTRATION = true
REQUIRE_SIGNIN_VIEW = true
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.localhost


[lfs]
PATH = /var/lib/gitea/git/lfs


[mailer]
ENABLED = false


[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false


[cron.update_checker]
ENABLED = false


[repository.pull-request]
DEFAULT_MERGE_STYLE = merge


[repository.signing]
DEFAULT_TRUST_MODEL = committer


[oauth2]
JWT_SECRET =

After configuring, restart the container

docker-compose down


docker-compose up -d

Installing Drone CI/CD

Refer to https://docs.drone.io/

Create a container folder for Drone

mkdir drone


cd drone

Generate a communication key for drone server and drone runner

openssl rand -hex 16

Create an OAuth2 application in Gitea

image.png

https://drone.company.com/login -> https://drone.xxx.com/login

Save the obtained Client ID and Client Secret for the next step image.png

Create a new docker-compose.yml file

version: "3"


services:
  drone-server:
    image: drone/drone:latest
    ports:
      - 8048:80
      - 8044:443
    volumes:
      - ./data:/data
    restart: always
    environment:
      - DRONE_SERVER_HOST=drone.xxx.com
      - DRONE_SERVER_PROTO=https
      - DRONE_RPC_SECRET=<通信密钥>
      - DRONE_USER_CREATE=username:<gitea 管理员账户用户名 注意可能不是邮箱>,admin:true
      - DRONE_GITEA_SERVER=https://git.xxx.com
      - DRONE_GITEA_CLIENT_ID= # the ID obtained from creating the OAuth2 application in Gitea
      - DRONE_GITEA_CLIENT_SECRET= # the secret obtained from creating the OAuth2 application in Gitea
      - DRONE_LOGS_DEBUG=true
      # configure the database
      - DRONE_DATABASE_DRIVER=mysql
      - DRONE_DATABASE_DATASOURCE=root:[email protected]@tcp(xxx.xxx.xxx.x:3306)/drone?parseTime=true


  drone-runner:
    depends_on:
      - drone-server
    image: drone/drone-runner-docker:latest
    ports:
      - 8033:3000
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    restart: always
    environment:
      - DRONE_RPC_PROTO=https
      - DRONE_RPC_HOST=drone.xxx.com
      - DRONE_RPC_SECRET=<communication key>
      - DRONE_RUNNER_CAPACITY=6
      - DRONE_RUNNER_NAME=drone-runner

Start Drone

docker-compose up -d

Configure nginx

# drone.xxx.com
server {
    listen 443 ssl;
    server_name drone.xxx.com;
    ssl_certificate /home/ssl/drone.xxx.com.crt;
    ssl_certificate_key /home/ssl/drone.xxx.com.key;


    location / {
        proxy_pass http://localhost:8048;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'Upgrade';
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Restart nginx

nginx -s stop


nginx

Visit drone.xxx.com

Log in and authorize

image.png

image.png

Rapid Front-end Application Packaging and Deployment

Activate the drone deployment repository

Open drone.xxx.com, then open your front-end project, click Settings and then Activate Repository to create

image.png

Configure the drone deployment repository

Make sure to turn on trusted, to cache node_modules you need to mount the system disk

image.png

Add secrets to the drone deployment repository

Configure the server IP and server SSH access password

image.png

Add a drone deployment repository configuration file

Write .drone.yml in the root directory of the local front-end project and push it to the git repository

kind: pipeline
type: docker
name: build and deploy


steps:
  - name: restore cache
    image: drillster/drone-volume-cache
    settings:
      restore: true
      mount:
        - node_modules
    volumes:
      - name: cache
        path: /cache
  - name: install dependencies
    image: node:16.20.2
    commands:
      - npm config set registry https://registry.npmmirror.com
      - npm install pnpm -g
      - pnpm install


  - name: rebuild cache
    image: drillster/drone-volume-cache
    settings:
      rebuild: true
      mount:
        - node_modules
    volumes:
      - name: cache
        path: /cache


  - name: build
    image: node:16.20.2
    commands:
      - npm run build


  - name: upload to server
    image: appleboy/drone-scp
    settings:
      host:
        from_secret: TARGET_HOST
      username: root
      password:
        from_secret: TARGET_HOST_PASSWORD
      source: dist
      target: /home/www/xxx
      strip_components: 1
      rm: true
volumes:
  - name: cache
    host:
      path: /tmp/cache

View the drone deployment repository build

image.png

image.png

#ci-cd

Read Next

Docker Compose Common Examples

Documenting some common Docker Compose examples.

解决 MacOS 'Too Many Open Files' 错误

如何修改 MacOS 系统的文件描述符限制