I'm trying to get self hosted Gitea instance and a self hosted drone.io (version 2) instance to work together.
Gitea is running. I added a drone.io OAuth application in Gitea settings with "https://drone.mydomain/login" as url.
When I open drone.io url (https://drone.mydomain) in my browser I get a welcome page. Clicking the "Continue" button I get a message after a few seconds:
Post "https://gitea.mydomain/login/oauth/access_token": dial tcp 192.168.82.146:443: connect: no route to host
Logs in gitea look normal to me:
router: completed GET /login/oauth/authorize?client_id=f999e784-f351-43db-a491-d0a90d8a2c57&redirect_uri=https%3A%2F%2Fdrone.mydomain%2Flogin&response_type=code&state=b80704bb7b4d7c03 for 192.168.82.40:0, 303 See Other in 20.2ms @ auth/oauth.go:361(auth.AuthorizeOAuth)
Logs in dronio container look as expected:
{
"level": "error",
"msg": "oauth: cannot exchange code: gta_cgbk727fe32plbnahnok4u3543ql2xv4q3fvnfgaxwtkknafb5gq: Post \"https://gitea.mydomain/login/oauth/access_token\": dial tcp 192.168.82.146:443: connect: no route to host",
"time": "2022-12-31T01:39:18+01:00"
}
To me it looks like "https://gitea.mydomain/login/oauth/access_token" was resolved via DNS and the IP was inserted for the domain but some header informations are missing so that Traefik does not know to which service to forward the request.
I added dns information (gitea, local DNS) to drone service which did not help.
Here is my docker-compose file:
version: '3.3'
services:
gitea-db:
# Left out to shorten this file
gitea:
image: gitea/gitea:latest
container_name: gitea
restart: always
depends_on:
gitea-db:
condition: service_started
gitea-cache:
condition: service_healthy
secrets:
- mysql_user
- mysql_user_password
volumes:
- /share/Container/gitea/data:/data
environment:
- APP_NAME=Gitea
- USER_UID=1000
- USER_GID=1000
- USER=git
- HTTP_PORT=3000
- DOMAIN=`${GITEA_URL}`
- SSH_DOMAIN=`${GITEA_URL}`
- SSH_PORT=222
- SSH_LISTEN_PORT=22
- DB_TYPE=mysql
- DB_HOST=gitea-db:3306
- DB_NAME=${MYSQL_DATABASE}
- DB_USER_FILE=/run/secrets/mysql_user
- DB_PASSWD_FILE=/run/secrets/mysql_user_password
- TZ=Europe/Berlin
- RUN_MODE=prod
- APP_NAME=My Gitea
- REQUIRE_SIGNIN_VIEW=true
- ROOT_URL=`https://${GITEA_URL}`
- GITEA__cache__ENABLED=true
- GITEA__cache__ADAPTER=redis
- GITEA__cache__HOST=redis://gitea-cache:6379/0?pool_size=100&idle_timeout=180s
- GITEA__cache__ITEM_TTL=24h
labels:
- "traefik.enable=true"
- "traefik.http.routers.gitea.entrypoints=web-secure"
- "traefik.http.routers.gitea.rule=Host(`${GITEA_URL}`)"
- "traefik.http.routers.gitea.tls=true"
- "traefik.http.routers.gitea.service=gitea-service"
- "traefik.http.services.gitea-service.loadbalancer.server.port=3000"
- "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
- "traefik.tcp.routers.gitea-ssh.entrypoints=ssh"
- "traefik.tcp.routers.gitea-ssh.service=gitea-ssh-svc"
- "traefik.tcp.services.gitea-ssh-svc.loadbalancer.server.port=22"
networks:
- traefik_proxy
- default
gitea-cache:
# Left out to shorten this file
droneio:
image: drone/drone:2
container_name: droneio
restart: unless-stopped
dns: # trying to fix my issue by adding this section
- 192.168.82.153 # local DNS
- gitea
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- /share/Container/drone/data:/data
- /var/run/docker.sock:/var/run/docker.sock
environment:
- DRONE_SERVER_HOST=${DRONE_URL}
- DRONE_SERVER_PROTO=https
- DRONE_RPC_SECRET=${PRC_SECRET}
- DRONE_GITEA_SERVER=https://${GITEA_URL}/
- DRONE_GITEA_CLIENT_ID=${GITEA_CLIENT_ID} # need to change to docker secret
- DRONE_GITEA_CLIENT_SECRET=${GITEA_CLIENT_SECRET} # need to change to docker secret
- DRONE_LOGS_PRETTY=true
- DRONE_LOGS_COLOR=true
- DRONE_DEBUG=true
- DRONE_TRACE=true
labels:
- traefik.enable=true
- traefik.http.routers.drone-http.entrypoints=web
- traefik.http.routers.drone-http.rule=Host(`${DRONE_URL}`)
- traefik.http.routers.drone.entrypoints=web-secure
- traefik.http.routers.drone.rule=Host(`${DRONE_URL}`)
- traefik.http.routers.drone.tls=true
networks:
- traefik_proxy
- default
depends_on:
- gitea
drone-runner:
image: drone/drone-runner-docker:1
container_name: drone-runner
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- /var/run/docker.sock:/var/run/docker.sock
environment:
- DRONE_RPC_PROTO=https
- DRONE_RPC_HOST=${DRONE_URL}
- DRONE_RPC_SECRET=${PRC_SECRET}
- DRONE_RUNNER_CAPACITY=1
- DRONE_RUNNER_NAME=drone-runner-1
ports:
- 3000:3000
depends_on:
- droneio
networks:
- default
secrets:
mysql_root_password:
file: ./secrets/mysql_root_pw.txt
mysql_user:
file: ./secrets/mysql_user.txt
mysql_user_password:
file: ./secrets/mysql_user_pw.txt
networks:
traefik_proxy:
external:
name: traefik_proxy
default:
driver: bridge
I'd be grateful if somebody has a hint. Thank you in advance.
