Mirrors/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2026-03-16 17:54:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

Administration articles moved

Browse Source
This commit is contained in:
Laszlo Fogas
2019-11-13 19:50:54 +01:00
parent 64a241ccc8
commit a63a74053e
22 changed files with 474 additions and 593 deletions
Download Patch File Download Diff File Expand all files Collapse all files

186
README.md
View File

@@ -20,13 +20,6 @@ An opinionated fork of the Drone CI system.
- [Pipeline documentation](#pipeline-documentation)
- [Plugins](#plugins)
- [Custom plugins](#custom-plugins)
- [Server setup](#server-setup)
- [Quickstart](#quickstart)
- [Authentication](#authentication)
- [Database](#database)
- [SSL](#ssl)
- [Metrics](#metrics)
- [Behind a proxy](#behind-a-proxy)
- [Contributing](#contributing)
- [License](#license)
@@ -133,185 +126,6 @@ Plugins are Docker containers with their entrypoint set to a predefined script.
## Server setup
#### Quickstart
The below [docker-compose](https://docs.docker.com/compose/) configuration can be used to start the Drone server with a single agent. It relies on a number of environment variables that you must set before running `docker-compose up`. The variables are described below.
Each agent is able to process one build by default. If you have 4 agents installed and connected to the Drone server, your system will process 4 builds in parallel. You can add more agents to increase the number of parallel builds or set the agent's `DRONE_MAX_PROCS=1` environment variable to increase the number of parallel builds for that agent.
```yaml
version: '2'
services:
drone-server:
image: drone/drone:{{% version %}}
ports:
- 80:8000
- 9000
volumes:
- drone-server-data:/var/lib/drone/
restart: always
environment:
- DRONE_OPEN=true
- DRONE_HOST=${DRONE_HOST}
- DRONE_GITHUB=true
- DRONE_GITHUB_CLIENT=${DRONE_GITHUB_CLIENT}
- DRONE_GITHUB_SECRET=${DRONE_GITHUB_SECRET}
- DRONE_SECRET=${DRONE_SECRET}
drone-agent:
image: drone/agent:{{% version %}}
command: agent
restart: always
depends_on:
- drone-server
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- DRONE_SERVER=drone-server:9000
- DRONE_SECRET=${DRONE_SECRET}
volumes:
drone-server-data:
```
Drone needs to know its own address. You must therefore provide the address in `<scheme>://<hostname>` format. Please omit trailing slashes.
```diff
services:
drone-server:
image: drone/drone:{{% version %}}
environment:
- DRONE_OPEN=true
+ - DRONE_HOST=${DRONE_HOST}
- DRONE_GITHUB=true
- DRONE_GITHUB_CLIENT=${DRONE_GITHUB_CLIENT}
- DRONE_GITHUB_SECRET=${DRONE_GITHUB_SECRET}
- DRONE_SECRET=${DRONE_SECRET}
```
Drone agents require access to the host machine Docker daemon.
```diff
services:
drone-agent:
image: drone/agent:{{% version %}}
command: agent
restart: always
depends_on: [ drone-server ]
+ volumes:
+ - /var/run/docker.sock:/var/run/docker.sock
```
Drone agents require the server address for agent-to-server communication.
```diff
services:
drone-agent:
image: drone/agent:{{% version %}}
command: agent
restart: always
depends_on: [ drone-server ]
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
+ - DRONE_SERVER=drone-server:9000
- DRONE_SECRET=${DRONE_SECRET}
```
Drone server and agents use a shared secret to authenticate communication. This should be a random string of your choosing and should be kept private. You can generate such string with `openssl rand -hex 32`.
```diff
services:
drone-server:
image: drone/drone:{{% version %}}
environment:
- DRONE_OPEN=true
- DRONE_HOST=${DRONE_HOST}
- DRONE_GITHUB=true
- DRONE_GITHUB_CLIENT=${DRONE_GITHUB_CLIENT}
- DRONE_GITHUB_SECRET=${DRONE_GITHUB_SECRET}
+ - DRONE_SECRET=${DRONE_SECRET}
drone-agent:
image: drone/agent:{{% version %}}
environment:
- DRONE_SERVER=drone-server:9000
- DRONE_DEBUG=true
+ - DRONE_SECRET=${DRONE_SECRET}
```
Drone registration is closed by default. This example enables open registration for users that are members of approved GitHub organizations.
```diff
services:
drone-server:
image: drone/drone:{{% version %}}
environment:
+ - DRONE_OPEN=true
+ - DRONE_ORGS=dolores,dogpatch
- DRONE_HOST=${DRONE_HOST}
- DRONE_GITHUB=true
- DRONE_GITHUB_CLIENT=${DRONE_GITHUB_CLIENT}
- DRONE_GITHUB_SECRET=${DRONE_GITHUB_SECRET}
- DRONE_SECRET=${DRONE_SECRET}
```
Drone administrators should also be enumerated in your configuration.
```diff
services:
drone-server:
image: drone/drone:{{% version %}}
environment:
- DRONE_OPEN=true
- DRONE_ORGS=dolores,dogpatch
+ - DRONE_ADMIN=johnsmith,janedoe
- DRONE_HOST=${DRONE_HOST}
- DRONE_GITHUB=true
- DRONE_GITHUB_CLIENT=${DRONE_GITHUB_CLIENT}
- DRONE_GITHUB_SECRET=${DRONE_GITHUB_SECRET}
- DRONE_SECRET=${DRONE_SECRET}
```
#### Authentication
Authentication is done using OAuth and is delegated to one of multiple version control providers, configured using environment variables. The example above demonstrates basic GitHub integration.
See the complete reference for [Github](docs/administration/github.md), [Bitbucket Cloud](docs/administration/bitbucket.md), [Bitbucket Server](docs/administration/bitbucket_server.md) and [Gitlab](docs/administration/gitlab.md).
#### Database
Drone mounts a [data volume](https://docs.docker.com/storage/volumes/#create-and-manage-volumes) to persist the sqlite database.
See the [database settings](docs/administration/database.md) page to configure Postgresql or MySQL as database.
```diff
services:
drone-server:
image: drone/drone:{{% version %}}
ports:
- 80:8000
- 9000
+ volumes:
+ - drone-server-data:/var/lib/drone/
restart: always
```
#### SSL
Drone supports ssl configuration by mounting certificates into your container.
See the [SSL guide](docs/administration/ssl.md).
Automated [Lets Encrypt](docs/administration/lets_encrypt.md) is also supported.
#### Metrics
A [Prometheus endpoint](docs/administration/lets_encrypt.md) is exposed.
#### Behind a proxy
See the [proxy guide](docs/administration/proxy.md) if you want to see a setup behind Apache, Nginx, Caddy or ngrok.
## Contributing