Prerequisites
- Linux Centos 8
- Docker
- Docker-Compose
- Nginx
- Relevant domain SSL For example https://git.xxx.com, https://drone.xxx.com
Installing Gitea
Refer to https://docs.gitea.com/en-us/
Create a container folder for Gitea
bash
mkdir gitea
cd giteaCreate a new docker-compose.yml file
yml
version: "2"
services:
server:
image: gitea/gitea:1.21.3-rootless
environment:
- GITEA__database__DB_TYPE=mysql
- GITEA__database__HOST=db:3306
- GITEA__database__NAME=gitea
- GITEA__database__USER=gitea
- GITEA__database__PASSWD=gitea
restart: always
volumes:
- ./data:/var/lib/gitea
- ./config:/etc/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "2222:2222"
depends_on:
- db
db:
image: mysql:8
restart: always
environment:
- MYSQL_ROOT_PASSWORD=gitea
- MYSQL_USER=gitea
- MYSQL_PASSWORD=gitea
- MYSQL_DATABASE=gitea
volumes:
- ./mysql:/var/lib/mysqlStart Gitea
bash
docker-compose up -dConfigure nginx
bash
# git.xxx.com
server {
listen 443 ssl;
server_name git.xxx.com;
ssl_certificate /home/ssl/git.xxx.com.crt;
ssl_certificate_key /home/ssl/git.xxx.com.key;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}Restart nginx
nginx -s stop
nginxVisit git.xxx.com
Proceed with necessary settings and create an admin account
Configure app.ini
bash
vim ./config/app.ini # 容器文件夹gitea内Modify according to your needs
bash
APP_NAME = Gitea: Git with a cup of tea
RUN_USER = git
RUN_MODE = prod
WORK_PATH = /var/lib/gitea
[repository]
ROOT = /var/lib/gitea/git/repositories
[repository.local]
LOCAL_COPY_PATH = /tmp/gitea/local-repo
[repository.upload]
TEMP_PATH = /tmp/gitea/uploads
[server]
APP_DATA_PATH = /var/lib/gitea
SSH_DOMAIN = git.xxx.com
HTTP_PORT = 3000
ROOT_URL = https://git.xxx.com
DISABLE_SSH = false
; In rootless gitea container only internal ssh server is supported
START_SSH_SERVER = true
SSH_PORT = 2222
SSH_LISTEN_PORT = 2222
BUILTIN_SSH_SERVER_USER = git
LFS_START_SERVER = true
DOMAIN = git.xxx.com
LFS_JWT_SECRET =
OFFLINE_MODE = false
[database]
PATH = /var/lib/gitea/data/gitea.db
DB_TYPE = mysql
HOST = db:3306
NAME = gitea
USER = gitea
PASSWD = gitea
SCHEMA =
SSL_MODE = disable
LOG_SQL = false
[session]
PROVIDER_CONFIG = /var/lib/gitea/data/sessions
PROVIDER = file
[picture]
AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /var/lib/gitea/data/repo-avatars
[attachment]
PATH = /var/lib/gitea/data/attachments
[log]
ROOT_PATH = /var/lib/gitea/data/log
MODE = console
LEVEL = info
[security]
INSTALL_LOCK = true
SECRET_KEY =
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = *
INTERNAL_TOKEN =
PASSWORD_HASH_ALGO = pbkdf2
[service]
DISABLE_REGISTRATION = true
REQUIRE_SIGNIN_VIEW = true
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.localhost
[lfs]
PATH = /var/lib/gitea/git/lfs
[mailer]
ENABLED = false
[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false
[cron.update_checker]
ENABLED = false
[repository.pull-request]
DEFAULT_MERGE_STYLE = merge
[repository.signing]
DEFAULT_TRUST_MODEL = committer
[oauth2]
JWT_SECRET =After configuring, restart the container
bash
docker-compose down
docker-compose up -dInstalling Drone CI/CD
Refer to https://docs.drone.io/
Create a container folder for Drone
bash
mkdir drone
cd droneGenerate a communication key for drone server and drone runner
bash
openssl rand -hex 16Create an OAuth2 application in Gitea
https://drone.company.com/login -> https://drone.xxx.com/loginSave the obtained Client ID and Client Secret for the next step 
Create a new docker-compose.yml file
yml
version: '3'
services:
drone-server:
image: drone/drone:latest
ports:
- 8048:80
- 8044:443
volumes:
- ./data:/data
restart: always
environment:
- DRONE_SERVER_HOST=drone.xxx.com
- DRONE_SERVER_PROTO=https
- DRONE_RPC_SECRET=<通信密钥>
- DRONE_USER_CREATE=username:<gitea 管理员账户用户名 注意可能不是邮箱>,admin:true
- DRONE_GITEA_SERVER=https://git.xxx.com
- DRONE_GITEA_CLIENT_ID= # the ID obtained from creating the OAuth2 application in Gitea
- DRONE_GITEA_CLIENT_SECRET= # the secret obtained from creating the OAuth2 application in Gitea
- DRONE_LOGS_DEBUG=true
# configure the database
- DRONE_DATABASE_DRIVER=mysql
- DRONE_DATABASE_DATASOURCE=root:SSS@.232309@tcp(xxx.xxx.xxx.x:3306)/drone?parseTime=true
drone-runner:
depends_on:
- drone-server
image: drone/drone-runner-docker:latest
ports:
- 8033:3000
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: always
environment:
- DRONE_RPC_PROTO=https
- DRONE_RPC_HOST=drone.xxx.com
- DRONE_RPC_SECRET=<communication key>
- DRONE_RUNNER_CAPACITY=6
- DRONE_RUNNER_NAME=drone-runnerStart Drone
bash
docker-compose up -dConfigure nginx
bash
# drone.xxx.com
server {
listen 443 ssl;
server_name drone.xxx.com;
ssl_certificate /home/ssl/drone.xxx.com.crt;
ssl_certificate_key /home/ssl/drone.xxx.com.key;
location / {
proxy_pass http://localhost:8048;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'Upgrade';
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}Restart nginx
nginx -s stop
nginxVisit drone.xxx.com
Log in and authorize
Rapid Front-end Application Packaging and Deployment
Activate the drone deployment repository
Open drone.xxx.com, then open your front-end project, click Settings and then Activate Repository to create
Configure the drone deployment repository
Make sure to turn on trusted, to cache node_modules you need to mount the system disk
Add secrets to the drone deployment repository
Configure the server IP and server SSH access password
Add a drone deployment repository configuration file
Write .drone.yml in the root directory of the local front-end project and push it to the git repository
yml
kind: pipeline
type: docker
name: build and deploy
steps:
- name: restore cache
image: drillster/drone-volume-cache
settings:
restore: true
mount:
- node_modules
volumes:
- name: cache
path: /cache
- name: install dependencies
image: node:16.20.2
commands:
- npm config set registry https://registry.npmmirror.com
- npm install pnpm -g
- pnpm install
- name: rebuild cache
image: drillster/drone-volume-cache
settings:
rebuild: true
mount:
- node_modules
volumes:
- name: cache
path: /cache
- name: build
image: node:16.20.2
commands:
- npm run build
- name: upload to server
image: appleboy/drone-scp
settings:
host:
from_secret: TARGET_HOST
username: root
password:
from_secret: TARGET_HOST_PASSWORD
source: dist
target: /home/www/xxx
strip_components: 1
rm: true
volumes:
- name: cache
host:
path: /tmp/cacheView the drone deployment repository build
