Skip to content

Gitea Drone Code Hosting and Pipeline Deployment

🕒 Posted at: 2024-01-17 ( 10 months ago )
droneci/cdgitea
Recently been deploying pipeline workflows again, documenting the experience.

Prerequisites

Installing Gitea

Refer to https://docs.gitea.com/en-us/

Create a container folder for Gitea

bash
mkdir gitea 

cd gitea

Create a new docker-compose.yml file

yml
version: "2"
  
services:
  server:
    image: gitea/gitea:1.21.3-rootless
    environment:
      - GITEA__database__DB_TYPE=mysql
      - GITEA__database__HOST=db:3306
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=gitea
    restart: always
    volumes:
      - ./data:/var/lib/gitea
      - ./config:/etc/gitea
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "2222:2222"
    depends_on:
      - db

  db:
    image: mysql:8
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=gitea
      - MYSQL_USER=gitea
      - MYSQL_PASSWORD=gitea
      - MYSQL_DATABASE=gitea
    volumes:
      - ./mysql:/var/lib/mysql

Start Gitea

bash
docker-compose up -d

Configure nginx

bash
# git.xxx.com
server {
    listen 443 ssl;
    server_name git.xxx.com;
    ssl_certificate /home/ssl/git.xxx.com.crt;
    ssl_certificate_key /home/ssl/git.xxx.com.key;

    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Restart nginx

nginx -s stop

nginx

Visit git.xxx.com

Proceed with necessary settings and create an admin account

Configure app.ini

bash
vim ./config/app.ini  # 容器文件夹gitea内

Modify according to your needs

bash
APP_NAME = Gitea: Git with a cup of tea
RUN_USER = git
RUN_MODE = prod
WORK_PATH = /var/lib/gitea

[repository]
ROOT = /var/lib/gitea/git/repositories

[repository.local]
LOCAL_COPY_PATH = /tmp/gitea/local-repo

[repository.upload]
TEMP_PATH = /tmp/gitea/uploads

[server]
APP_DATA_PATH = /var/lib/gitea
SSH_DOMAIN = git.xxx.com
HTTP_PORT = 3000
ROOT_URL = https://git.xxx.com
DISABLE_SSH = false
; In rootless gitea container only internal ssh server is supported
START_SSH_SERVER = true
SSH_PORT = 2222
SSH_LISTEN_PORT = 2222
BUILTIN_SSH_SERVER_USER = git
LFS_START_SERVER = true
DOMAIN = git.xxx.com
LFS_JWT_SECRET = 
OFFLINE_MODE = false

[database]
PATH = /var/lib/gitea/data/gitea.db
DB_TYPE = mysql
HOST = db:3306
NAME = gitea
USER = gitea
PASSWD = gitea
SCHEMA =
SSL_MODE = disable
LOG_SQL = false

[session]
PROVIDER_CONFIG = /var/lib/gitea/data/sessions
PROVIDER = file

[picture]
AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /var/lib/gitea/data/repo-avatars

[attachment]
PATH = /var/lib/gitea/data/attachments

[log]
ROOT_PATH = /var/lib/gitea/data/log
MODE = console
LEVEL = info

[security]
INSTALL_LOCK = true
SECRET_KEY =
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = *
INTERNAL_TOKEN = 
PASSWORD_HASH_ALGO = pbkdf2

[service]
DISABLE_REGISTRATION = true
REQUIRE_SIGNIN_VIEW = true
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.localhost

[lfs]
PATH = /var/lib/gitea/git/lfs

[mailer]
ENABLED = false

[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false

[cron.update_checker]
ENABLED = false

[repository.pull-request]
DEFAULT_MERGE_STYLE = merge

[repository.signing]
DEFAULT_TRUST_MODEL = committer

[oauth2]
JWT_SECRET =

After configuring, restart the container

bash
docker-compose down

docker-compose up -d

Installing Drone CI/CD

Refer to https://docs.drone.io/

Create a container folder for Drone

bash
mkdir drone 

cd drone

Generate a communication key for drone server and drone runner

bash
openssl rand -hex 16

Create an OAuth2 application in Gitea

image.png

https://drone.company.com/login -> https://drone.xxx.com/login

Save the obtained Client ID and Client Secret for the next step image.png

Create a new docker-compose.yml file

yml
version: '3'
  
services:
  drone-server:
    image: drone/drone:latest
    ports:
      - 8048:80
      - 8044:443
    volumes:
      - ./data:/data
    restart: always
    environment:
      - DRONE_SERVER_HOST=drone.xxx.com
      - DRONE_SERVER_PROTO=https
      - DRONE_RPC_SECRET=<通信密钥>
      - DRONE_USER_CREATE=username:<gitea 管理员账户用户名 注意可能不是邮箱>,admin:true
      - DRONE_GITEA_SERVER=https://git.xxx.com
      - DRONE_GITEA_CLIENT_ID= # the ID obtained from creating the OAuth2 application in Gitea
      - DRONE_GITEA_CLIENT_SECRET= # the secret obtained from creating the OAuth2 application in Gitea
      - DRONE_LOGS_DEBUG=true
      # configure the database
      - DRONE_DATABASE_DRIVER=mysql
      - DRONE_DATABASE_DATASOURCE=root:SSS@.232309@tcp(xxx.xxx.xxx.x:3306)/drone?parseTime=true

  drone-runner:
    depends_on:
      - drone-server
    image: drone/drone-runner-docker:latest
    ports:
      - 8033:3000
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    restart: always
    environment:
      - DRONE_RPC_PROTO=https
      - DRONE_RPC_HOST=drone.xxx.com
      - DRONE_RPC_SECRET=<communication key>
      - DRONE_RUNNER_CAPACITY=6
      - DRONE_RUNNER_NAME=drone-runner

Start Drone

bash
docker-compose up -d

Configure nginx

bash
# drone.xxx.com
server {
    listen 443 ssl;
    server_name drone.xxx.com;
    ssl_certificate /home/ssl/drone.xxx.com.crt;
    ssl_certificate_key /home/ssl/drone.xxx.com.key;

    location / {
        proxy_pass http://localhost:8048;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'Upgrade';
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Restart nginx

nginx -s stop

nginx

Visit drone.xxx.com

Log in and authorize

image.png

image.png

Rapid Front-end Application Packaging and Deployment

Activate the drone deployment repository

Open drone.xxx.com, then open your front-end project, click Settings and then Activate Repository to create

image.png

Configure the drone deployment repository

Make sure to turn on trusted, to cache node_modules you need to mount the system disk

image.png

Add secrets to the drone deployment repository

Configure the server IP and server SSH access password

image.png

Add a drone deployment repository configuration file

Write .drone.yml in the root directory of the local front-end project and push it to the git repository

yml
kind: pipeline
type: docker
name: build and deploy

steps:
  - name: restore cache
    image: drillster/drone-volume-cache
    settings:
      restore: true
      mount:
        - node_modules
    volumes:
      - name: cache
        path: /cache
  - name: install dependencies
    image: node:16.20.2
    commands:
      - npm config set registry https://registry.npmmirror.com
      - npm install pnpm -g
      - pnpm install

  - name: rebuild cache
    image: drillster/drone-volume-cache
    settings:
      rebuild: true
      mount:
        - node_modules
    volumes:
      - name: cache
        path: /cache

  - name: build
    image: node:16.20.2
    commands:
      - npm run build

  - name: upload to server
    image: appleboy/drone-scp
    settings:
      host:
        from_secret: TARGET_HOST
      username: root
      password:
        from_secret: TARGET_HOST_PASSWORD
      source: dist
      target: /home/www/xxx
      strip_components: 1
      rm: true
volumes:
  - name: cache
    host:
      path: /tmp/cache

View the drone deployment repository build

image.png

image.png

Copyright © RyChen 2024