Drone
Introduction
This journal entry was written by me, Brandon Nolet. I, within the past two weeks, moved my Gitea server to my homelab and surprisingly, it went off without a hitch! Looks like setting up Drone with it might be just as simple. Let’s hope that’s the case.
Documentation
Luckily the documentation for Gitea integration is using Docker which suits me perfectly! As I mentioned previously, I use Docker and docker-compose for my self-hosting stack. Even though the documentation is specific to Docker, “translating” that to a docker-compose service is trvial.
Anything that’s --env goes under the environment section, anything --volume goes under the volumes section, and..well, basically anything --x goes under the x section. Take the Start the Server section:
docker run \
--volume=/var/run/docker.sock:/var/run/docker.sock \
--volume=/var/lib/drone:/data \
--env=DRONE_GITEA_SERVER=${DRONE_GITEA_SERVER} \
--env=DRONE_GIT_ALWAYS_AUTH=false \
--env=DRONE_RUNNER_CAPACITY=2 \
--env=DRONE_SERVER_HOST=${DRONE_SERVER_HOST} \
--env=DRONE_SERVER_PROTO=${DRONE_SERVER_PROTO} \
--env=DRONE_TLS_AUTOCERT=false \
--publish=80:80 \
--publish=443:443 \
--restart=always \
--detach=true \
--name=drone \
drone/drone:1.0.0-rc.1
This turns into the following as a docker-compose service:
drone:
container_name: drone
image: drone/drone:1.0.0-rc.1
restart: always
ports:
- 80:80
- 443:443
environment:
- DRONE_GITEA_SERVER=${DRONE_GITEA_SERVER}
- DRONE_GIT_ALWAYS_AUTH=false
- DRONE_RUNNER_CAPACITY=2
- DRONE_SERVER_HOST=${DRONE_SERVER_HOST}
- DRONE_SERVER_PROTO=${DRONE_SERVER_PROTO}
- DRONE_TLS_AUTOCERT=false
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./drone:/data
As you can see there was one flag changed and one flag left out. The --name flag turns to container_name. The --publish flag is equivalent to the ports section. There are more explicit ways that you can define this for your own legibility as well. The --detach=true flag isn’t necessary because the detaching with docker-compose happens depending on whether you set the -d flag or not when running docker-compose up. As usual with docker-compose.yml files, all of the above docker-compose config would go under the services section. I also changed the data volume to use a local directory rather than a global one. That’s more of a personal preference.
Setting it Up
Now that I (mostly) have the configuration I need for my docker-compose.yml, it’s time to insert that into my config. There’s a bit of formatting I need to fix but that’s trivial. As well, because I’m using an nginx proxy, I just have to add the internal network plus the required environment variables for the nginx-proxy container.
Then, because I’m using a new subdomain for the drone server, I should add the A record to my DNS nameserver. That’s easy enough, and luckily I have a fast propagation time for new subdomains.
Surprisingly, after running docker-compose up -d, everything started without an issue! So now let’s log in to Drone and get some things configured.
Logging In
Looks like some extra environment variables are needed according to this comment here. I need to also create an Oauth2 application in Gitea as well. I had a feeling that there was at least something missing. But I didn’t think it would be like this.
So to actually log in without having to submit your credentials to the Drone server you have to add the DRONE_GITEA_CLIENT_ID and DRONE_GITEA_CLIENT_SECRET environment variables and set them to the values you created at gitea.domain.example/user/settings/applications/ in the Manage OAuth2 Applications section. The redirect URI has to be set to https://yourdroneserver.example/login. Be sure to not add the extra forward slash to the end of the redirect URI or it won’t work.
After fixing this, I was able to have my drone server automatically authenticate.
Conclusion
It seems that the documentation for this project is lacking as well. I’m noticing a pattern. At least the software works. I’ll update you all on how future builds go when I set those up!