Drone
Needs Gitea to be deployed. Authenticates against the Gitea itself.
In order to deploy Drone against Gitea, you must set up some variables. Follow the next steps:
Create an OAuth Application
Create a Gitea OAuth application. You mus go you profile Settings and go to Applications. Set up Applicaction Name with a simple name, and Redirect URI with the drone subdomain.
The Consumer Key and Consumer Secret are used to authorize access to Gitea resources.
The authorization callback URL must match the below format and path, and must use your exact server scheme and host.
Copy the content of Client ID field on gitea_oauth_client_id variable.
Copy the content of Client Secret field on gitea_oauth_client_secret variable.
Create a Shared Secret
Create a shared secret to authenticate communication between runners and your central Drone server.
You can use openssl to generate a shared secret:
$ openssl rand -hex 16
bea26a2221fd8090ea38720fc445eca6
drone_rpc_scret
Deploy Drone with Anarres
$ ansible-playbook --ask-vault-pass -i custom/KLK/hosts.yml --tags "drone" full.yml
Deploying Drone Docker Runner with Anarres
The Docker runner is a daemon that executes pipelines steps inside ephemeral Docker containers. Docs of Drone Docker Runner can be found here.
$ ansible-playbook --ask-vault-pass -i custom/KLK/hosts.yml --tags "drone_docker_runner" full.yml
Deploying Drone SSH Runner with Anarres
The SSH runner executes pipeline commands on a static, remote server using the SSH protocol. The pipeline commands are executed directly on the remote server without isolation, using the default shell. Docs of Drone SSH Runner can be found here
Important. We strongly suggest using Docker Runner instead this runner because SSH Runner is not very stable, and more secure.
$ ansible-playbook --ask-vault-pass -i custom/KLK/hosts.yml --tags "drone_ssh_runner" full.yml