Docker 安装 Gitea + Drone 开源代码仓库及 CI/CD 教程
source link: https://www.ioiox.com/archives/148.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Docker 安装 Gitea + Drone 开源代码仓库及 CI/CD 教程
早期写过一篇Gitlab的代码仓库安装教程,但是 Gitlab 还是太重,不太适合个人或者小型团队使用.于是最近尝试使用了一下gitea,并结合drone来实现CI/CD需求.
注意:本文示例是将服务器22端口预留给Gitea的SSH使用,如果22端口已被其他程序占用,可以参考官方文档配置端口转发.
docker-compose 部署 Gitea
本节仅部署Gitea代码仓库和MariaDB数据库,如需搭配Drone,请继续阅读下文.
docker-compose.yml
version: "3"
services:
server:
image: gitea/gitea:1.15.7
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
- DB_TYPE=mysql
- DB_HOST=db:3306
- DB_NAME=gitea
- DB_USER=gitea
- DB_PASSWD=your_database_passwd
restart: always
volumes:
- ./gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "22:22"
depends_on:
- db
db:
image: mariadb
restart: always
environment:
- MYSQL_ROOT_PASSWORD=your_root_passwd
- MYSQL_USER=gitea
- MYSQL_PASSWORD=your_database_passwd
- MYSQL_DATABASE=gitea
volumes:
- ./db:/var/lib/mysqlnginx 反向代理
配置nginx反向代理,本文以dnmp环境的配置为例,请根据实际环境来修改相关路径配置.
upstream gitea {
server 172.17.0.1:3000;
}
server {
listen 80;
server_name git.ioiox.com;
return 301 https://git.ioiox.com$request_uri;
}
server {
listen 443 ssl;
server_name git.ioiox.com;
gzip on;
ssl_certificate /ssl/ioiox.com.cer;
ssl_certificate_key /ssl/ioiox.com.key;
ssl_trusted_certificate /ssl/ioiox.com.cer;
ssl_stapling on;
ssl_stapling_verify on;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4;
ssl_ecdh_curve secp384r1;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_session_tickets off;
resolver 8.8.8.8 8.8.4.4 valid=60s ipv6=off;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000" always;
location / {
proxy_redirect off;
proxy_pass http://gitea;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
client_max_body_size 100m;
client_body_buffer_size 128k;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}docker-compose 部署 Gitea 及 Drone
docker-compose.yml
version: "3"
services:
server:
image: gitea/gitea:1.15.7
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
- DB_TYPE=mysql
- DB_HOST=db:3306
- DB_NAME=gitea
- DB_USER=gitea
- DB_PASSWD=your_database_passwd
restart: always
volumes:
- ./gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "22:22"
depends_on:
- db
db:
image: mariadb
restart: always
environment:
- MYSQL_ROOT_PASSWORD=your_root_passwd
- MYSQL_USER=gitea
- MYSQL_PASSWORD=your_database_passwd
- MYSQL_DATABASE=gitea
volumes:
- ./db:/var/lib/mysql
drone:
image: drone/drone
container_name: drone
ports:
- "44480:80"
- "44443:443"
volumes:
- ./drone:/data
environment:
- DRONE_GITEA_SERVER=https://git.ioiox.com
- DRONE_GITEA_CLIENT_ID=ecb4b239-3c2d-4f23-b914-8e947843eb17
- DRONE_GITEA_CLIENT_SECRET=CqOwAaAhvZRKV3PdI0GLgbrZSSNWF0cgwiNr5PfHpIl8
- DRONE_RPC_SECRET=your_drone_rpc_scret
- DRONE_SERVER_HOST=drone.ioiox.com
- DRONE_SERVER_PROTO=https
restart: always
depends_on:
- server
runner:
image: drone/drone-runner-docker:1
container_name: runner
ports:
- "43000:3000"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- DRONE_RPC_PROTO=https
- DRONE_RPC_HOST=drone.ioiox.com
- DRONE_RPC_SECRET=your_drone_rpc_scret
- DRONE_RUNNER_CAPACITY=2
- DRONE_RUNNER_NAME=IOIOX-RUNNER
restart: always
depends_on:
- dronenginx 反向代理
配置nginx反向代理,本文以dnmp环境的配置为例,请根据实际环境来修改相关路径配置.Gitea的git.ioiox.com反向代理配置参考上节.Drone的drone.ioiox.com反向代理配置参考如下:
upstream drone {
server 172.17.0.1:44480;
}
server {
listen 80;
server_name drone.ioiox.com;
return 301 https://drone.ioiox.com$request_uri;
}
server {
listen 443 ssl;
server_name drone.ioiox.com;
gzip on;
ssl_certificate /ssl/ioiox.com.cer;
ssl_certificate_key /ssl/ioiox.com.key;
ssl_trusted_certificate /ssl/ioiox.com.cer;
ssl_stapling on;
ssl_stapling_verify on;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4;
ssl_ecdh_curve secp384r1;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_session_tickets off;
resolver 8.8.8.8 8.8.4.4 valid=60s ipv6=off;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000" always;
location / {
proxy_redirect off;
proxy_pass http://gitea;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
client_max_body_size 100m;
client_body_buffer_size 128k;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}Gitea 配置
访问域名https://git.ioiox.com开始配置Gitea.
首次访问首页会自动填充数据库密码,参考下图继续配置:
SSH 服务域名 参考下图仅填写域名,注意不要填写https协议.
SSH 服务端口 填写22端口,由于本文示例是将22端口给Gitea使用,所以此处无需修改.
HTTP 服务端口 默认3000,根据上文docker-compose.yml配置,无需修改,由nginx反向代理即可.
基础URL 填写完整的https://git.ioiox.com域名.
配置电子邮件设置,此处需要注意的是 SMTP 主机名 需要指定端口,同时创建管理员账号.
点击立即安装即可完成初始化配置并登陆.
Drone 配置
创建仓库
设置 - 应用 - 创建新的 OAuth2 应用程序
应用名称 - 随意命名
重定向 URI - 按照下图填写域名地址
创建应用获取客户端D和客户端密钥
此时需要docker-compose down停止容器,并修改docker-compose.yml中的:
- DRONE_GITEA_CLIENT_ID=ecb4b239-3c2d-4f23-b914-8e947843eb17
- DRONE_GITEA_CLIENT_SECRET=CqOwAaAhvZRKV3PdI0GLgbrZSSNWF0cgwiNr5PfHpIl8
替换为上文生成的客户端D和客户端密钥,再次执行docker-compose up -d启动容器.
访问drone.ioiox.com
登陆过Gitea后可以直接开始应用授权
完善信息
成功登陆并显示了Gitea里创建的仓库.
点击进去激活仓库
回到Gitea仓库,创建一个测试工作流,并提交代码.
Drone监测到代码提交开始进行工作流.
测试完毕
其他相关配置
管理后台 - 应用配置
检查邮件服务是否成功,如配置有误,可以在gitea/gitea/conf/app.ini修改[mailer]
设置 - SSH / GPG 密钥
将本地的id_rsa.pub添加到密钥中,即可使用git clone [email protected]:stille/test.git来管理代码仓库.
博客: https://www.ioiox.com
RSS: https://www.ioiox.com/feed
微信公众号: 思有云 / ioioxcom
本站提供免费和付费的技术支持.你可以通过留言,邮件,TG群的方式来技术交流和免费咨询.同时也可以付费支持的方式获得相关的技术支持,项目部署配置等服务.具体相关详情请点击查看 技术支持页面
Recommend
-
6
使用Gitea+Drone打造自己的CI/CD系统 有些代码我放本地了,因此搭建了一个Gitea,再加上家里有个老机器,闲着也是闲着,就搭建一个Drone CI来跑测试。 首先可以直接安装: $ sudo pacman -S gitea 配置好...
-
5
Gitea: "#Gitea is joining the fediverse 🎉 We can now anno…" Follow #Gitea is joining the fediverse
-
9
Zero-Fuss Docker Database Backup A simple tool to create backup of all databases on a host. Supports postgres and mysql/mariadb. Successor to this script.
-
7
关于代码托管,公司是基于Gitlab自建的,它功能全而强大,但是也比较重,我个人偏向于开源、小巧、轻便、实用,所以就排除了Github,在Gogs和Gitea中选者。Gogs在Github有38k+Star,Gitea在Github要偏少一些,只有27k+Star,但是Gitea更新更快,功能更多,Gogs...
-
8
Gitea 与 GitHub 仓库同步 · 2022-01-19 ·
-
3
手把手教你玩转 Gitea|使用 Docker 安装 Gitea
-
6
Gitea 支持在 Windows 系统上安装和使用。Gitea 本身作为一个单体应用程序,即点即用,如需长期驻留作为后台服务并开机运行就要依靠 Windows 服务工具
-
2
gitea 如何在debian 11安装gitea Gitea是用Go语言编写的自托管开源git服务器。它是Gogs的分支。Gitea包括存储库文件编辑器,项目问题跟踪,用户管...
-
4
docker安装gitea ronow2cn · 大约20小时之前 · 224 次点击 · 预计...
-
3
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK