我厌倦了使用docker compose设置gitea和drone.io的本地实例。
我使用traefik路由自定义本地子域。docker.localdev,dnsmasq和本地可信证书与mkcert,如本文所述:https://medium.com/soulweb-academy/docker-local-dev-stack-with-traefik-https-dnsmasq-locally-trusted-certificate-for-ubuntu-20-04-5f036c9af83d
我在gitea中添加了OAuth2应用程序,并添加了重定向URIhttps://droneio.docker.localdev/login。客户端ID&添加到docker-compose.yaml.的客户端机密
当我验证无人机时,它会在最终重定向后导致错误:
Login Failed. Post "https://gitea.docker.localdev/login/oauth/access_token": dial tcp: lookup gitea.docker.localdev on 127.0.0.11:53: no such host
我只是设法使用带有端口的专用局域网地址而不是treafik子域来进行工作设置。
如何配置docker以使treafik子域可以在这些容器之间访问
我当前的docker-compose.yaml:
---
version: '3'
services:
gitea:
image: gitea/gitea
environment:
- SSH_DOMAIN=gitea.docker.localdev
- SSH_PORT=222
- SSH_LISTEN_PORT=22
- ROOT_URL=gitea.docker.localdev
volumes:
- ./gitea_data:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.gitea-web.entrypoints=web"
- "traefik.http.routers.gitea-web.rule=Host(`gitea.docker.localdev`)"
- "traefik.http.routers.gitea-web.service=gitea-web-svc"
- "traefik.http.services.gitea-web-svc.loadbalancer.server.port=3000"
- traefik.http.routers.gitea-http.middlewares=gitea-https
- traefik.http.middlewares.gitea-https.redirectscheme.scheme=https
- traefik.http.routers.gitea-https.entrypoints=websecure
- traefik.http.routers.gitea-https.rule=Host(`gitea.docker.localdev`)
- traefik.http.routers.gitea-https.tls=true
- "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
- "traefik.tcp.routers.gitea-ssh.entrypoints=ssh"
- "traefik.tcp.routers.gitea-ssh.service=gitea-ssh-svc"
- "traefik.tcp.services.gitea-ssh-svc.loadbalancer.server.port=22"
networks:
- web
droneio:
image: drone/drone:latest
container_name: droneio
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- /var/docker/droneio-data:/data
environment:
- DRONE_SERVER_HOST=droneio.docker.localdev
- DRONE_SERVER_PROTO=https
- DRONE_RPC_SECRET=4810ef8120663ffa960dfa1d78c5d437
# Gitea Config
- DRONE_GITEA_SERVER=https://gitea.docker.localdev/
- DRONE_GITEA_CLIENT_ID=0828a8c9-02f5-459e-9804-8b37ea0b3eb7
- DRONE_GITEA_CLIENT_SECRET=gto_p6pydy3m5j6jetbcyz6oqzoslrpil7evsi7xbx5xgwngxywn6scq
- DRONE_LOGS_PRETTY=true
- DRONE_LOGS_COLOR=true
- DRONE_DEBUG=true
- DRONE_TRACE=true
labels:
- traefik.enable=true
- traefik.http.routers.droneio-http.entrypoints=web
- traefik.http.routers.droneio-http.rule=Host(`droneio.docker.localdev`)
- traefik.http.routers.droneio-http.middlewares=droneio-https
- traefik.http.middlewares.droneio-https.redirectscheme.scheme=https
- traefik.http.routers.droneio-https.entrypoints=websecure
- traefik.http.routers.droneio-https.rule=Host(`droneio.docker.localdev`)
- traefik.http.routers.droneio-https.tls=true
networks:
- web
depends_on:
- gitea
drone-runner:
image: drone/drone-runner-docker:1
container_name: drone-runner
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- /var/run/docker.sock:/var/run/docker.sock
environment:
- DRONE_RPC_PROTO=https
- DRONE_RPC_HOST=droneio.docker.localdev
- DRONE_RPC_SECRET=4810ef8120663ffa960dfa1d78c5d437 # random string generated by openssl rand -hex 16
- DRONE_RUNNER_CAPACITY=2
- DRONE_RUNNER_NAME=droneio.docker.localdev
ports:
- 3500:3000
depends_on:
- droneio
networks:
web:
external: true
volumes:
git:
db:
无人机容器无法知道gitea容器中发生了什么。这确实包括任何本地设置的dns记录,因为您没有以全局可用的方式设置这些记录。你需要添加一种方法,让你的无人机容器使用gitea容器,包括traefik,作为你的dns解析器。
Docker compose让我们使用以下结构来完成:
services:
droneio:
dns:
- 8.8.8.8
- gitea
我的工作docker-compose.yaml
---
version: '3'
volumes:
git:
db:
services:
gitea:
image: gitea/gitea:latest
ports:
# - '22:22'
- '3555:3000'
restart: unless-stopped
environment:
- SSH_DOMAIN=gitea.docker.localdev
- SSH_PORT=222
- SSH_LISTEN_PORT=22
volumes:
- ${DOCKER_DATA_DIR}/gitea_data:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.gitea-web.entrypoints=web"
- "traefik.http.routers.gitea-web.rule=Host(`gitea.docker.localdev`)"
- "traefik.http.routers.gitea-web.service=gitea-web-svc"
- "traefik.http.services.gitea-web-svc.loadbalancer.server.port=3000"
- traefik.http.routers.gitea-http.middlewares=gitea-https
- traefik.http.middlewares.gitea-https.redirectscheme.scheme=https
- traefik.http.routers.gitea-https.entrypoints=websecure
- traefik.http.routers.gitea-https.rule=Host(`gitea.docker.localdev`)
- traefik.http.routers.gitea-https.tls=true
- "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
- "traefik.tcp.routers.gitea-ssh.entrypoints=ssh"
- "traefik.tcp.routers.gitea-ssh.service=gitea-ssh-svc"
- "traefik.tcp.services.gitea-ssh-svc.loadbalancer.server.port=22"
networks:
- web
dns:
- 8.8.8.8
- 000.000.0.000 # change it to local LAN adress
- 1.1.1.1
- gitea
extra_hosts:
- "gitea.docker.localdev:000.000.0.000" # change it to local LAN adress
- "droneio.docker.localdev:000.000.0.000" # change it to local LAN adress
droneio:
image: drone/drone:latest
container_name: droneio
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- ${DOCKER_DATA_DIR}/droneio-data:/data
environment:
- DRONE_SERVER_HOST=droneio.docker.localdev
- DRONE_SERVER_PROTO=https
- DRONE_RPC_SECRET=4810ef8120663ffa960dfa1d78c5d437
# Gitea Config
- DRONE_GITEA_SERVER=https://gitea.docker.localdev/
- DRONE_GITEA_CLIENT_ID=${DRONE_GITEA_CLIENT_ID}
- DRONE_GITEA_CLIENT_SECRET=${DRONE_GITEA_CLIENT_SECRET}
- DRONE_GITEA_SKIP_VERIFY=true
- DRONE_LOGS_PRETTY=true
- DRONE_LOGS_COLOR=true
- DRONE_DEBUG=true
- DRONE_OPEN=true
- DRONE_TRACE=true
- DRONE_NETWORK=default
depends_on:
- gitea
labels:
- traefik.enable=true
- traefik.http.routers.droneio-http.entrypoints=web
- traefik.http.routers.droneio-http.rule=Host(`droneio.docker.localdev`)
- traefik.http.routers.droneio-http.middlewares=droneio-https
- traefik.http.middlewares.droneio-https.redirectscheme.scheme=https
- traefik.http.routers.droneio-https.entrypoints=websecure
- traefik.http.routers.droneio-https.rule=Host(`droneio.docker.localdev`)
- traefik.http.routers.droneio-https.tls=true
networks:
- web
dns:
- 8.8.8.8
- 000.000.0.000 # change it to local LAN adress
- 1.1.1.1
- gitea
drone-runner:
image: drone/drone-runner-docker:latest
container_name: drone-runner
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- /var/run/docker.sock:/var/run/docker.sock
ports:
- "3556:3000"
labels:
- traefik.enable=true
- traefik.http.routers.dronerunner-http.entrypoints=web
- traefik.http.routers.dronerunner-http.rule=Host(`dronerunner.docker.localdev`)
- traefik.http.routers.dronerunner-http.middlewares=dronerunner-https
- traefik.http.middlewares.dronerunner-https.redirectscheme.scheme=https
- traefik.http.routers.dronerunner-https.entrypoints=websecure
- traefik.http.routers.dronerunner-https.rule=Host(`dronerunner.docker.localdev`)
- traefik.http.routers.dronerunner-https.tls=true
depends_on:
- droneio
# - gitea
networks:
- web
dns:
- 8.8.8.8
- 000.000.0.000 # change it to local LAN adress
- 1.1.1.1
- gitea
environment:
- DRONE_RPC_PROTO=https
- DRONE_RPC_HOST=droneio.docker.localdev
- DRONE_RPC_SECRET=4810ef8120663ffa960dfa1d78c5d437 # PRC SECRET random string generated by openssl rand -hex 16
- DRONE_RUNNER_CAPACITY=2
- DRONE_RPC_SKIP_VERIFY=true
- DRONE_DEBUG=true
- DRONE_RUNNER_NAME=drone-runner-docker
- DRONE_RUNNER_NETWORKS=web,proxy
networks:
proxy:
external: true
web:
external: true
而且这些别名应该添加到traefik的docker-compose.yaml 中
services:
traefik:
...
...
networks:
# Define the network on which traefik is going to operate.
proxy:
aliases:
- gitea.docker.localdev
- droneio.docker.localdev
web: