环境描述:

[root@ops-drone-cicd-1 drone]# cat /etc/redhat-release

CentOS Linux release 7.4.1708 (Core)

[root@ops-drone-cicd-1 drone]# systemctl status firewalld.service

● firewalld.service - firewalld - dynamic firewall daemon

   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)

   Active: inactive (dead)

     Docs: man:firewalld(1)

[root@ops-drone-cicd-1 drone]# getenforce

Disabled

gitlab前置配置:

image.png

安装dockerdocker-compose

#!/bin/sh

 

# 安装docker

curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun

 

# 配置docker镜像加速器

mkdir -p /etc/docker

tee /etc/docker/daemon.json <<-'EOF'

{

  "registry-mirrors": ["https://z0t9e31x.mirror.aliyuncs.com"]

}

EOF

systemctl daemon-reload

systemctl restart docker

systemctl enable docker


# 安装docker-compose

wget -P /usr/local/bin/ -c http://私有镜像仓库/others/docker-compose

chmod +x /usr/local/bin/docker-compose

ln -s /usr/local/bin/docker-compose /usr/bin

我这里需要修改docker存储的路径,因为根下面磁盘比较小

systemctl stop docker.service

mv /var/lib/docker /data/

vi /usr/lib/systemd/system/docker.service

# 找到ExecStart这行,在后面加上--graph /data/docker

ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --graph /data/docker

systemctl daemon-reload

systemctl start docker.service

docker info |grep Dir


drone-ci的服务端官方建议直接使用容器启动,但是容器启动管理不是很方便,大多数用docker-compose来管理:

[root@ops-drone-cicd-1 drone]# cat docker-compose.yaml

version: '3'

services:

    drone-server:

        image: drone/drone:latest

        container_name: drone-server

        ports:

            - 8090:80

        volumes:

            - /data/drone/drone-data:/var/lib/drone/

            - /etc/localtime:/etc/localtime

            - /var/run/docker.sock:/var/run/docker.sock

        restart: always

            - DRONE_SERVER_HOST=your.drone.com

            - DRONE_SERVER_PROTO=http

            - DRONE_TLS_AUTOCERT=false

            - DRONE_RUNNER_CAPACITY=2

            - DRONE_GIT_ALWAYS_AUTH=false

还有三个关键配置说啥不让发,这就截个图吧。。。

image.png


nginx配置,用80来代理8090端口

upstream drone {

    server 127.0.0.1:8090;

}

 

server {

    listen 80;

    server_name your.drone.com;

 

    location / {

        proxy_set_header Host $host;

        proxy_set_header X-Real-IP $remote_addr;

        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_set_header X-Forwarded-For $remote_addr;

        proxy_redirect off;

        proxy_pass http://drone;

    }

}