Gitea Drone 代码托管和流水线部署

前置要求

Linux Centos 8
Docker
Docker-Compsoe
Nginx
相关域名SSL 例如 https://git.xxx.com, https://drone.xxx.com

安装Gitea

创建容器文件夹gitea

bash

mkdir gitea 

cd gitea

新建docker-compose.yml 文件

yml

version: "2"
  
services:
  server:
    image: gitea/gitea:1.21.3-rootless
    environment:
      - GITEA__database__DB_TYPE=mysql
      - GITEA__database__HOST=db:3306
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=gitea
    restart: always
    volumes:
      - ./data:/var/lib/gitea
      - ./config:/etc/gitea
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "2222:2222"
    depends_on:
      - db

  db:
    image: mysql:8
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=gitea
      - MYSQL_USER=gitea
      - MYSQL_PASSWORD=gitea
      - MYSQL_DATABASE=gitea
    volumes:
      - ./mysql:/var/lib/mysql

启动Gitea

bash

docker-compose up -d

配置nginx

bash

# git.xxx.com
server {
    listen 443 ssl;
    server_name git.xxx.com;
    ssl_certificate /home/ssl/git.xxx.com.crt;
    ssl_certificate_key /home/ssl/git.xxx.com.key;

    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

重启nginx

nginx -s stop

nginx

访问 git.xxx.com

进行必要的设置和创建管理账户

配置app.ini

bash

vim ./config/app.ini  # 容器文件夹gitea内

根据自己需要修改

bash

APP_NAME = Gitea: Git with a cup of tea
RUN_USER = git
RUN_MODE = prod
WORK_PATH = /var/lib/gitea

[repository]
ROOT = /var/lib/gitea/git/repositories

[repository.local]
LOCAL_COPY_PATH = /tmp/gitea/local-repo

[repository.upload]
TEMP_PATH = /tmp/gitea/uploads

[server]
APP_DATA_PATH = /var/lib/gitea
SSH_DOMAIN = git.xxx.com
HTTP_PORT = 3000
ROOT_URL = https://git.xxx.com
DISABLE_SSH = false
; In rootless gitea container only internal ssh server is supported
START_SSH_SERVER = true
SSH_PORT = 2222
SSH_LISTEN_PORT = 2222
BUILTIN_SSH_SERVER_USER = git
LFS_START_SERVER = true
DOMAIN = git.xxx.com
LFS_JWT_SECRET = 
OFFLINE_MODE = false

[database]
PATH = /var/lib/gitea/data/gitea.db
DB_TYPE = mysql
HOST = db:3306
NAME = gitea
USER = gitea
PASSWD = gitea
SCHEMA =
SSL_MODE = disable
LOG_SQL = false

[session]
PROVIDER_CONFIG = /var/lib/gitea/data/sessions
PROVIDER = file

[picture]
AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /var/lib/gitea/data/repo-avatars

[attachment]
PATH = /var/lib/gitea/data/attachments

[log]
ROOT_PATH = /var/lib/gitea/data/log
MODE = console
LEVEL = info

[security]
INSTALL_LOCK = true
SECRET_KEY =
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = *
INTERNAL_TOKEN = 
PASSWORD_HASH_ALGO = pbkdf2

[service]
# 关闭注册
DISABLE_REGISTRATION = true
# 需要登录才能查看
REQUIRE_SIGNIN_VIEW = true
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.localhost

[lfs]
PATH = /var/lib/gitea/git/lfs

[mailer]
ENABLED = false

[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false

[cron.update_checker]
ENABLED = false

[repository.pull-request]
DEFAULT_MERGE_STYLE = merge

[repository.signing]
DEFAULT_TRUST_MODEL = committer

[oauth2]
JWT_SECRET =

配置完之后重启容器

bash

docker-compose down

docker-compose up -d

安装Drone CI/CD

参考 https://docs.drone.io/

创建容器文件夹drone

bash

mkdir drone 

cd drone

生成drone server 与 drone runner 通信密钥

bash

openssl rand -hex 16

gitea 创建OAuth2应用

https://drone.company.com/login -> https://drone.xxx.com/login

保存获取到的Client ID 和 Client Secret 下一步要用

新建docker-compose.yml 文件

yml

version: '3'
  
services:
  drone-server:
    image: drone/drone:latest
    ports:
      - 8048:80
      - 8044:443
    volumes:
      - ./data:/data
    restart: always
    environment:
      - DRONE_SERVER_HOST=drone.xxx.com
      - DRONE_SERVER_PROTO=https
      - DRONE_RPC_SECRET=<通信密钥>
      - DRONE_USER_CREATE=username:<gitea 管理员账户用户名 注意可能不是邮箱>,admin:true
      - DRONE_GITEA_SERVER=https://git.xxx.com
      - DRONE_GITEA_CLIENT_ID= # 在gitea内创建OAuth2应用获取
      - DRONE_GITEA_CLIENT_SECRET= # 在gitea内创建OAuth2应用获取
      - DRONE_LOGS_DEBUG=true
      # 配置数据库连接
      - DRONE_DATABASE_DRIVER=mysql
      - DRONE_DATABASE_DATASOURCE=root:SSS@.232309@tcp(xxx.xxx.xxx.x:3306)/drone?parseTime=true

  drone-runner:
    depends_on:
      - drone-server
    image: drone/drone-runner-docker:latest
    ports:
      - 8033:3000
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    restart: always
    environment:
      - DRONE_RPC_PROTO=https
      - DRONE_RPC_HOST=drone.xxx.com
      - DRONE_RPC_SECRET=<通信密钥>
      - DRONE_RUNNER_CAPACITY=6
      - DRONE_RUNNER_NAME=drone-runner

启动Drone

bash

docker-compose up -d

配置nginx

bash

# drone.xxx.com
server {
    listen 443 ssl;
    server_name drone.xxx.com;
    ssl_certificate /home/ssl/drone.xxx.com.crt;
    ssl_certificate_key /home/ssl/drone.xxx.com.key;

    location / {
        proxy_pass http://localhost:8048;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'Upgrade';
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

重启nginx

nginx -s stop

nginx

访问drone.xxx.com

登录授权

前端应用秒速打包部署

激活drone部署仓库

打开drone.xxx.com，然后打开自己的前端项目，打开Settings 点击 Activate Repository 创建

设置drone部署仓库

设置一下一定要打开trusted，缓存node_modules需要挂载系统磁盘

添加drone部署仓库密钥

配置一下密钥服务器IP 和服务器SSH访问密码

添加drone部署仓库配置文件

在本地前端项目根目录编写 .drone.yml 并推送到git仓库

yml

kind: pipeline
type: docker
name: build and deploy

steps:
  - name: restore cache
    image: drillster/drone-volume-cache
    settings:
      restore: true
      mount:
        - node_modules
    volumes:
      - name: cache
        path: /cache
  - name: install dependencies
    image: node:16.20.2
    commands:
      - npm config set registry https://registry.npmmirror.com
      - npm install pnpm -g
      - pnpm install

  - name: rebuild cache
    image: drillster/drone-volume-cache
    settings:
      rebuild: true
      mount:
        - node_modules
    volumes:
      - name: cache
        path: /cache

  - name: build
    image: node:16.20.2
    commands:
      - npm run build

  - name: upload to server
    image: appleboy/drone-scp
    settings:
      host:
        from_secret: TARGET_HOST
      username: root
      password:
        from_secret: TARGET_HOST_PASSWORD
      source: dist
      target: /home/www/xxx
      strip_components: 1
      rm: true
volumes:
  - name: cache
    host:
      path: /tmp/cache

Gitea Drone 代码托管和流水线部署

前置要求 ​

安装Gitea ​

创建容器文件夹gitea ​

新建docker-compose.yml 文件 ​

启动Gitea ​

配置nginx ​

访问 git.xxx.com ​

配置app.ini ​

安装Drone CI/CD ​

创建容器文件夹drone ​

生成drone server 与 drone runner 通信密钥 ​

gitea 创建OAuth2应用 ​

新建docker-compose.yml 文件 ​

启动Drone ​

配置nginx ​

访问drone.xxx.com ​

前端应用秒速打包部署 ​

激活drone部署仓库 ​

设置drone部署仓库 ​

添加drone部署仓库密钥 ​

添加drone部署仓库配置文件 ​

查看drone部署仓库构建 ​

前置要求

安装Gitea

创建容器文件夹gitea

新建docker-compose.yml 文件

启动Gitea

配置nginx

访问 git.xxx.com

配置app.ini

安装Drone CI/CD

创建容器文件夹drone

生成drone server 与 drone runner 通信密钥

gitea 创建OAuth2应用

新建docker-compose.yml 文件

启动Drone

配置nginx

访问drone.xxx.com

前端应用秒速打包部署

激活drone部署仓库

设置drone部署仓库

添加drone部署仓库密钥

添加drone部署仓库配置文件

查看drone部署仓库构建