southfox/Blog
1
0
Fork 0
mirror of https://github.com/SouthFox-D/SouthFox-D.github.io.git synced 2024-12-01 18:55:20 +01:00
Code Issues Projects Releases Packages Wiki Activity
Blog/2022/07/Gitea:一款自托管的-Git-服务/index.html
SouthFox-D cf299f47e0 GitHub action Auto Builder
2024-11-19 03:05:20 +00:00

328 lines
37 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<title>Gitea:一款自托管的 Git 服务 | Foxhole</title>
<meta name="author" content="SouthFox">
<meta name="description" content="别忘了泡上一杯茶!">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta property="og:title" content="2022/07/Gitea:一款自托管的-Git-服务/">
<meta property="og:site_name" content="Foxhole">
<meta property="og:image" content="https://blog.southfox.me/favicon.png">
<link href="../../.././favicon.png" rel="icon">
<link rel="stylesheet" href="../../.././css/bootstrap.min.css" media="screen" type="text/css">
<link rel="stylesheet" href="../../.././css/style.css" media="screen" type="text/css">
<link rel="stylesheet" href="../../.././css/responsive.css" media="screen" type="text/css">
<link rel="stylesheet" href="../../.././css/highlight.css" media="screen" type="text/css">
<link rel="stylesheet" href="../../.././css/font-awesome.css" media="screen" type="text/css">
<script src="../../.././js/jquery-2.0.3.min.js"> async</script>
<meta name="generator" content="Hexo 6.2.0"><link rel="alternate" href="rss2.xml" title="Foxhole" type="application/rss+xml">
</head>
<body>
<nav id="main-nav" class="navbar navbar-inverse navbar-fixed-top" role="navigation">
<div class="container">
<button type="button" class="navbar-header navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../../.././">Foxhole</a>
<div class="collapse navbar-collapse nav-menu">
<ul class="nav navbar-nav">
<li>
<a href="../../.././archives" title="All the articles.">
<i class=""></i>归档
</a>
</li>
<li>
<a href="../../.././categories" title="All the categories.">
<i class=""></i>分类
</a>
</li>
<li>
<a href="../../.././tags" title="All the tags.">
<i class=""></i>标签
</a>
</li>
<li>
<a href="../../.././rss2.xml" title="Subscribe me.">
<i class=""></i>RSS
</a>
</li>
<li>
<a href="../../.././friends" title="朋友们">
<i class=""></i>友链
</a>
</li>
<li>
<a href="../../.././foxsay" title="狐狸怎么叫?">
<i class=""></i>狐说
</a>
</li>
<li>
<a href="../../.././travellings" title="一群狼走得更远">
<i class="fas fa-subway"></i>开往
</a>
</li>
<li>
<a href="../../.././go" title="十年之约">
<i class="fas fa-bahai"></i>虫洞
</a>
</li>
</ul>
</div>
</div> <!-- container -->
</nav>
<div class="clearfix"></div>
<div class="container">
<div class="content">
<div class="page-header">
<h1> Gitea:一款自托管的 Git 服务</h1>
</div>
<div class="row post">
<!-- cols -->
<div id="top_meta"></div>
<div class="col-md-9">
<!-- content -->
<div class="mypage">
<p>别忘了泡上一杯茶!</p>
<span id="more"></span>
<h2 id="绕不开的存在"><a href="#绕不开的存在" class="headerlink" title="绕不开的存在"></a>绕不开的存在</h2><p>当然,谈到 <code>Git</code> 服务时,肯定绕不过 <code>GitHub</code> 。为什么要大费周章自建呢?<code>GitHub</code> 不好吗?</p>
<p>是很好,但是也没那么好,因为:</p>
<ul>
<li><code>GitHub</code> 是一家商业公司,那么首先盈利肯定是首要目的,为了不倒闭,指不准未来哪天就变质了。</li>
<li>同上,如果还是个自由软件爱好者的话,想必 <code>GitHub</code> 最近一些事件带来的臭味也不必我再提了……</li>
<li><code>Git</code> 是分布式的,那么选择同样也是……不知道现在还有多少人还傻傻认为 <code>Git</code><code>GitHub</code> 是一体的呢?</li>
</ul>
<p>也可参见 <a target="_blank" rel="noopener" href="https://sfconservancy.org/GiveUpGitHub/">GiveUpGitHub</a> 一文章。</p>
<h2 id="Gitea"><a href="#Gitea" class="headerlink" title="Gitea"></a>Gitea</h2><p><code>Gitea</code> 是一个用 <code>Go</code> 编写、面向自建的、轻量级的 <code>Git</code> 服务。其安装十分便捷,直接下载个可执行文件也可快速搭建起来,当然为了后续跟其它服务联动,还是用 <code>docker-compose</code> 方便点。</p>
<p>话不多说,新建一个文件夹然后往里建 <code>docker-compose.yml</code> 文件并写入以下配置:</p>
<figure class="highlight yaml"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br><span class="line">52</span><br><span class="line">53</span><br><span class="line">54</span><br><span class="line">55</span><br><span class="line">56</span><br><span class="line">57</span><br><span class="line">58</span><br><span class="line">59</span><br><span class="line">60</span><br><span class="line">61</span><br><span class="line">62</span><br><span class="line">63</span><br><span class="line">64</span><br><span class="line">65</span><br><span class="line">66</span><br><span class="line">67</span><br><span class="line">68</span><br><span class="line">69</span><br><span class="line">70</span><br></pre></td><td class="code"><pre><span class="line"><span class="attr">version:</span> <span class="string">&quot;3.7&quot;</span></span><br><span class="line"></span><br><span class="line"><span class="attr">services:</span></span><br><span class="line"> <span class="attr">gitea:</span></span><br><span class="line"> <span class="attr">image:</span> <span class="string">gitea/gitea:latest</span></span><br><span class="line"> <span class="attr">container_name:</span> <span class="string">gitea</span></span><br><span class="line"> <span class="attr">restart:</span> <span class="string">unless-stopped</span></span><br><span class="line"> <span class="attr">environment:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">USER_UID=1000</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">USER_GID=1000</span></span><br><span class="line"> <span class="attr">volumes:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">./data/gitea:/data</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">/etc/timezone:/etc/timezone:ro</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">/etc/localtime:/etc/localtime:ro</span></span><br><span class="line"> <span class="attr">ports:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">&quot;127.0.0.1:3000:3000&quot;</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">&quot;2222:22&quot;</span></span><br><span class="line"> <span class="attr">networks:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">cicd_net</span></span><br><span class="line"></span><br><span class="line"> <span class="attr">drone:</span></span><br><span class="line"> <span class="attr">container_name:</span> <span class="string">drone</span></span><br><span class="line"> <span class="attr">image:</span> <span class="string">drone/drone:latest</span></span><br><span class="line"> <span class="attr">restart:</span> <span class="string">unless-stopped</span></span><br><span class="line"> <span class="attr">depends_on:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">gitea</span></span><br><span class="line"> <span class="attr">environment:</span></span><br><span class="line"> <span class="comment"># https://docs.drone.io/server/provider/gitea/</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_DATABASE_DRIVER=sqlite3</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_DATABASE_DATASOURCE=/data/database.sqlite</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_GITEA_SERVER=https://my.git.server/</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_GIT_ALWAYS_AUTH=false</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_RPC_SECRET=changeme...</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_SERVER_PROTO=https</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_SERVER_HOST=https://cicd.git.server</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_GITEA_CLIENT_ID=changeme...</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_GITEA_CLIENT_SECRET=changeme...</span></span><br><span class="line"> <span class="attr">ports:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">&quot;127.0.0.1:3001:80&quot;</span></span><br><span class="line"> <span class="attr">volumes:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">/var/run/docker.sock:/var/run/docker.sock</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">./data/drone:/data</span></span><br><span class="line"> <span class="attr">networks:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">cicd_net</span></span><br><span class="line"></span><br><span class="line"> <span class="attr">drone-runner:</span></span><br><span class="line"> <span class="attr">container_name:</span> <span class="string">drone-runner</span></span><br><span class="line"> <span class="attr">image:</span> <span class="string">drone/drone-runner-docker:latest</span></span><br><span class="line"> <span class="attr">restart:</span> <span class="string">unless-stopped</span></span><br><span class="line"> <span class="attr">depends_on:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">drone</span></span><br><span class="line"> <span class="attr">environment:</span></span><br><span class="line"> <span class="comment"># https://docs.drone.io/runner/docker/installation/linux/</span></span><br><span class="line"> <span class="comment"># https://docs.drone.io/server/metrics/</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_RPC_PROTO=http</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_RPC_HOST=drone</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_RPC_SECRET=changeme...</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_RUNNER_NAME=&quot;action-runner&quot;</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_RUNNER_CAPACITY=2</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_RUNNER_NETWORKS=cicd_net</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_DEBUG=false</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">DRONE_TRACE=false</span></span><br><span class="line"> <span class="attr">networks:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">cicd_net</span></span><br><span class="line"> <span class="attr">volumes:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">/var/run/docker.sock:/var/run/docker.sock</span></span><br><span class="line"></span><br><span class="line"><span class="attr">networks:</span></span><br><span class="line"> <span class="attr">cicd_net:</span></span><br><span class="line"> <span class="attr">name:</span> <span class="string">cicd_net</span></span><br></pre></td></tr></table></figure>
<p>因为预想场景是私人自用,所以选择了 <code>SQlite3</code> 数据库,觉得别扭可以自己改掉……</p>
<p>然后准备两个域名,这里用 <code>my.git.server</code> 域名指定用来运行 <code>Gitea</code> 服务的域名,一个 <code>cicd.git.server</code> 域名用来指定运行后续的自动构建服务的域名(可选)。</p>
<p>首先为 <code>my.git.server</code> 域名设定<code>DNS</code> 后申请证书,<code>certbot certonly --nginx -d my.git.server</code></p>
<p>,申请后写入 <code>nginx</code> 配置:</p>
<figure class="highlight nginx"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br><span class="line">52</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment">#不要忘了替换成自己的域名</span></span><br><span class="line"><span class="section">server</span> &#123;</span><br><span class="line"> <span class="attribute">listen</span> <span class="number">80</span>;</span><br><span class="line"> <span class="attribute">listen</span> [::]:<span class="number">80</span>;</span><br><span class="line"> <span class="attribute">server_name</span> my.git.server;</span><br><span class="line"></span><br><span class="line"> <span class="section">location</span> /.well-known/acme-challenge &#123;&#125;</span><br><span class="line"> <span class="section">location</span> / &#123;</span><br><span class="line"> <span class="attribute">return</span> <span class="number">301</span> https://<span class="variable">$host</span><span class="variable">$request_uri</span>;</span><br><span class="line"> &#125;</span><br><span class="line">&#125;</span><br><span class="line"></span><br><span class="line"><span class="section">server</span> &#123;</span><br><span class="line"> <span class="attribute">listen</span> <span class="number">443</span> ssl http2;</span><br><span class="line"> <span class="attribute">listen</span> [::]:<span class="number">443</span> ssl http2;</span><br><span class="line"> <span class="attribute">server_name</span> my.git.server;</span><br><span class="line"></span><br><span class="line"> <span class="attribute">access_log</span> /var/log/nginx/access.log;</span><br><span class="line"> <span class="comment">#root /home/plume/Plume/ ;</span></span><br><span class="line"></span><br><span class="line"> <span class="attribute">ssl_certificate</span> /etc/letsencrypt/live/my.git.server/fullchain.pem;</span><br><span class="line"> <span class="attribute">ssl_certificate_key</span> /etc/letsencrypt/live/my.git.server/privkey.pem;</span><br><span class="line"></span><br><span class="line"> <span class="comment"># for ssl conf: https://cipherli.st/</span></span><br><span class="line"> <span class="attribute">ssl_protocols</span> TLSv1.<span class="number">2</span> TLSv1.<span class="number">3</span>;<span class="comment"># Requires nginx &gt;= 1.13.0 else use TLSv1.2</span></span><br><span class="line"> <span class="attribute">ssl_prefer_server_ciphers</span> <span class="literal">on</span>;</span><br><span class="line"> <span class="attribute">ssl_dhparam</span> /etc/letsencrypt/ssl-dhparams.pem;<span class="comment"># openssl dhparam -out /etc/letsencrypt/ssl-dhparam.pem 4096</span></span><br><span class="line"> <span class="attribute">ssl_ciphers</span> ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;</span><br><span class="line"> <span class="attribute">ssl_ecdh_curve</span> secp384r1; <span class="comment"># Requires nginx &gt;= 1.1.0</span></span><br><span class="line"> <span class="attribute">ssl_session_timeout</span> <span class="number">10m</span>;</span><br><span class="line"> <span class="attribute">ssl_session_cache</span> shared:SSL:<span class="number">10m</span>;</span><br><span class="line"> <span class="attribute">ssl_session_tickets</span> <span class="literal">off</span>; <span class="comment"># Requires nginx &gt;= 1.5.9</span></span><br><span class="line"> <span class="attribute">ssl_stapling</span> <span class="literal">on</span>; <span class="comment"># Requires nginx &gt;= 1.3.7</span></span><br><span class="line"> <span class="attribute">ssl_stapling_verify</span> <span class="literal">on</span>; <span class="comment"># Requires nginx =&gt; 1.3.7</span></span><br><span class="line"> <span class="attribute">resolver</span> <span class="number">9.9.9.9</span> <span class="number">80.67.169.12</span> valid=<span class="number">300s</span>;</span><br><span class="line"> <span class="attribute">resolver_timeout</span> <span class="number">5s</span>;</span><br><span class="line"> <span class="attribute">add_header</span> Strict-Transport-Security <span class="string">&quot;max-age=63072000; includeSubDomains; preload&quot;</span>;</span><br><span class="line"> <span class="attribute">add_header</span> X-Frame-Options DENY;</span><br><span class="line"> <span class="attribute">add_header</span> X-Content-Type-Options nosniff;</span><br><span class="line"> <span class="attribute">add_header</span> X-XSS-Protection <span class="string">&quot;1; mode=block&quot;</span>;</span><br><span class="line"> <span class="comment">#如果不想显示外链图片可把 img-src 一栏改掉</span></span><br><span class="line"> <span class="attribute">add_header</span> Content-Security-Policy <span class="string">&quot;default-src &#x27;self&#x27;; img-src *; frame-ancestors &#x27;self&#x27;; frame-src https:&quot;</span>;</span><br><span class="line"></span><br><span class="line"> <span class="section">location</span> / &#123;</span><br><span class="line"> <span class="attribute">proxy_pass</span> http://localhost:3000/;</span><br><span class="line"> <span class="attribute">proxy_set_header</span> Host <span class="variable">$http_host</span>;</span><br><span class="line"> <span class="attribute">proxy_set_header</span> X-Real-IP <span class="variable">$remote_addr</span>;</span><br><span class="line"> <span class="attribute">proxy_set_header</span> X-Forwarded-For <span class="variable">$proxy_add_x_forwarded_for</span>;</span><br><span class="line"> <span class="attribute">proxy_set_header</span> X-Forwarded-Proto <span class="variable">$scheme</span>;</span><br><span class="line"> <span class="attribute">client_max_body_size</span> <span class="number">50m</span>;</span><br><span class="line"> &#125;</span><br><span class="line">&#125;</span><br></pre></td></tr></table></figure>
<p>之后 <code>nginx -s reload</code> 重载配置,然后 <code>docker-compose up -d gitea</code><code>Gitea</code> 服务启动,之后前往 <code>my.git.server</code> 地址进行配置并新建一个管理员账户。</p>
<h3 id="Drone"><a href="#Drone" class="headerlink" title="Drone"></a>Drone</h3><p>到此服务就基本可用了,但是我相信很多人割舍不下 <code>GitHub</code> 的一个原因就是因为它的 <code>Actions</code> 很香。不过可以选择 <code>Drone</code> ,一个同样用 <code>GO</code> 编写的、轻量级的自动构建服务,也可以让体验往 <code>GitHub Actions</code> 靠拢。</p>
<p>首先为 <code>cicd.git.server</code> 域名申请证书并写入 <code>nginx</code> 配置文件,配置文件可复用上面的,只需要更改相关域名和 <code>nginx</code> 配置文件里的 <code>location /</code> 里的 <code>proxy_pass</code> 端口号就行(本例子是 <code>3001</code>)。</p>
<p>之后为 <code>Drone</code><code>Gitea</code> 联动做准备,登陆自己 <code>Gitea</code> 实例的帐号→设置→应用→创建新的 OAuth2 应用程序,应用名称随意填(本例子填 drone重定向 URI 填入 <code>https://cicd.git.server/login</code> (替换成自己的域名)。</p>
<p>点击创建应用→会生成一个客户端 ID 和一个客户端密钥→替换到上述 <code>docker-compose.yml</code><code>drone</code> 一栏的 <code>DRONE_GITEA_CLIENT_ID</code><code>DRONE_GITEA_CLIENT_SECRET</code></p>
<p>之后再使用 <code>openssl rand -hex 16</code> 命令生成一串随机字符串给 <code>DRONE_RPC_SECRET</code> 使用(有两个地方需要替换)。</p>
<p>确认无误后使用 <code>docker-compose up -d</code> 启动全部服务,之后前往 <code>https://cicd.git.server</code> 地址查看是否正常运行,是的话点击登陆,看是否能够和 <code>Gitea</code> 进行联动,如果显示错误请检查是否与上述配置一致(例如我之前就遇到了无法验证的错误,排查后发现是某个路径多带了一个 <code>/</code> 导致之后生成的验证路径出错,去掉 <code>/</code> 之后就正常了)。</p>
<h3 id="仓库操作"><a href="#仓库操作" class="headerlink" title="仓库操作"></a>仓库操作</h3><p>因为宿主机的 <code>22</code> 端口已被占用,所以克隆或者 <code>PUSH</code> 仓库使用的端口应该为 <code>2222</code>,觉得别扭也有其他教程教如何与宿主机共用端口,我就不折腾了(反正 <code>Just work!</code> )。</p>
<p>还有如果为网站使用了 <code>Cloudflare</code> 之类的 <code>CDN</code> 服务的话,那么 <code>SSH</code> 协议也是不能用的,得用网站域名下的真实 <code>IP</code> 地址克隆或 <code>PUSH</code> 仓库。</p>
<p>如果像我什么都没改的话,想要克隆仓库就会得到这么一个奇怪的地址:</p>
<p><code>git clone ssh://git@机子真实IP:2222/用户名/仓库名.git</code></p>
<p>反正 <code>Just work</code> </p>
<h3 id="一个案例"><a href="#一个案例" class="headerlink" title="一个案例"></a>一个案例</h3><p>那么接下来就讲讲我用这套服务的案例吧,自动生成文件并推送一个 <code>HUGO</code> 博客。</p>
<p>首先为仓库根目录写下 <code>.drone.yml</code> 文件:</p>
<figure class="highlight yaml"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br></pre></td><td class="code"><pre><span class="line"><span class="attr">kind:</span> <span class="string">pipeline</span></span><br><span class="line"><span class="attr">name:</span> <span class="string">build</span></span><br><span class="line"></span><br><span class="line"><span class="attr">steps:</span></span><br><span class="line"><span class="bullet">-</span> <span class="attr">name:</span> <span class="string">build</span></span><br><span class="line"> <span class="attr">image:</span> <span class="string">klakegg/hugo:alpine</span></span><br><span class="line"> <span class="attr">commands:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">hugo</span></span><br><span class="line"></span><br><span class="line"><span class="bullet">-</span> <span class="attr">name:</span> <span class="string">deploy</span></span><br><span class="line"> <span class="attr">image:</span> <span class="string">node</span></span><br><span class="line"> <span class="attr">environment:</span></span><br><span class="line"> <span class="attr">CLOUDFLARE_API_TOKEN:</span></span><br><span class="line"> <span class="attr">from_secret:</span> <span class="string">api_token</span></span><br><span class="line"> <span class="attr">CLOUDFLARE_ACCOUNT_ID:</span></span><br><span class="line"> <span class="attr">from_secret:</span> <span class="string">account_id</span></span><br><span class="line"> <span class="attr">commands:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">npm</span> <span class="string">install</span> <span class="string">-g</span> <span class="string">wrangler</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">npx</span> <span class="string">wrangler</span> <span class="string">pages</span> <span class="string">publish</span> <span class="string">public</span> <span class="string">--project-name</span> <span class="string">项目名</span> <span class="string">--commit-dirty=true</span></span><br></pre></td></tr></table></figure>
<p>可以见到和 <code>GitHub Actions</code> 的配置还是挺像的,琢磨琢磨还是挺快上手的。</p>
<p>其中 <code>steps</code> 指定了所需步骤,<code>image</code> 指定了需要什么样的 <code>docker</code> 镜像,第一栏拉取了 <code>klakegg/hugo</code> 镜像并使用 <code>hugo</code> 命令生成静态文件。</p>
<p>之后是 <code>deploy</code> 一栏里的 <code>environment</code> ,像 <code>GitHub</code> 一样,密钥相关可以使用 <code>secret</code> 功能导入到环境变量中,可在自己的 <code>cicd.git.server</code> →相关仓库→ <code>Settings</code><code>Secrets</code> 里进行导入。</p>
<p>接下来使用 <code>node</code> 镜像安装了个 <code>wrangler</code> 包,这是 <code>Cloudflare Pages</code> 部署要用的,如果也用 <code>Cloudflare Pages</code> 部署的话可以参考:</p>
<p><a target="_blank" rel="noopener" href="https://developers.cloudflare.com/workers/wrangler/commands/#pages">Wrangler pages commands</a></p>
<p><a target="_blank" rel="noopener" href="https://developers.cloudflare.com/workers/wrangler/ci-cd/">Running Wrangler in CI&#x2F;CD</a></p>
<p>PS不得不吐槽相关操作首先必须要用 <code>project create</code> 命令里的 <code>--production-branch</code> 显式指定部署分支否则接下来的部署都会被识别为预览而不会真正部署到……被这个坑卡了好一会……</p>
<p>之后再进行相关操作后应该能看见自己 <code>Gitea</code> 实例也有小绿勾了(小红叉也行,至少证实自动部署服务有在用了)!</p>
<h3 id="加主题"><a href="#加主题" class="headerlink" title="加主题"></a>加主题</h3><p>默认主题还挺程序员风格的,既然都自建了,肯定要加点主题快乐一下了。</p>
<p><a target="_blank" rel="noopener" href="https://codeberg.org/Freeplay/Gitea-Modern/">现代主题</a>为例。</p>
<p>如果是以上面的配置文件搭建起来的话要在自己文件夹下找到 <code>./data/gitea/gitea</code> 路径,并在里头新建 <code>public/css</code><code>wget https://codeberg.org/Freeplay/Gitea-Modern/raw/branch/main/Gitea/theme-gitea-modern.css</code> 获取主题文件。</p>
<p>之后再编辑 <code>./data/gitea/gitea/conf/app.ini</code> 文件,在最后面加上:</p>
<figure class="highlight ini"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">请自己想象下……</span><br><span class="line">因为现在我服务器炸了……</span><br></pre></td></tr></table></figure>
<p>之后再用 <code>docker-compose down</code><code>docker-compose up -d</code> 重启服务。</p>
<h3 id="安全"><a href="#安全" class="headerlink" title="安全"></a>安全</h3><p>如果没有相关要求,请务必关闭实例的注册功能。</p>
<p>参见,<a target="_blank" rel="noopener" href="https://imlonghao.com/59.html">记一次自建 Gitea + Drone 实例被挖矿的经历</a></p>
<p>也是修改 <code>./data/gitea/gitea/conf/app.ini</code> 里的:</p>
<figure class="highlight ini"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">请自己查阅……</span><br><span class="line">因为我现在服务器炸了</span><br></pre></td></tr></table></figure>
<p>之后再用 <code>docker-compose down</code><code>docker-compose up -d</code> 重启服务,然后再检查站点是否关闭了注册入口。</p>
<h3 id="参考"><a href="#参考" class="headerlink" title="参考"></a>参考</h3><p><a target="_blank" rel="noopener" href="https://blog.ruanbekker.com/blog/2021/03/09/cicd-with-droneci-and-gitea-using-docker-compose/">CICD With DroneCI and Gitea Using Docker Compose</a></p>
<p><a target="_blank" rel="noopener" href="https://docs.gitea.io/en-us/">Gitea Docs</a></p>
<p><a target="_blank" rel="noopener" href="https://docs.drone.io/">Drone Docs</a></p>
<p><a target="_blank" rel="noopener" href="https://tech.ray247k.com/blog/202106-drone-cicd-3-advanced-cron-job/">透過 Drone 建立自動部署流程,部署排程設定與權限管理 - 薛丁格的工程師</a></p>
</div>
<div>
<center>
<div class="pagination">
<a href="../../.././2022/08/如何改变自己/" type="button" class="btn btn-default"><i
class="fa fa-arrow-circle-o-left"></i> 上一页</a>
<a href="../../.././" type="button" class="btn btn-default"><i class="fa fa-home"></i>主页</a>
<a href="../../.././2022/06/二二年六月梦记/" type="button" class="btn btn-default ">下一页<i
class="fa fa-arrow-circle-o-right"></i></a>
</div>
</center>
</div>
<!-- comment -->
<blockquote>如不想授权 Giscus 应用,也可以点击下方<strong>左上角数字</strong>直接跳转到 Github Discussions 进行评论。</blockquote>
<script src="https://giscus.app/client.js"
data-repo="SouthFox-D/SouthFox-D.github.io"
data-repo-id="MDEwOlJlcG9zaXRvcnkyMjg3NDM0MjQ="
data-category="博客评论"
data-category-id="DIC_kwDODaJZAM4CA7bf"
data-mapping="og:title"
data-reactions-enabled="0"
data-emit-metadata="0"
data-input-position="top"
data-theme="dark_dimmed"
data-lang="zh-CN"
crossorigin="anonymous"
async>
</script>
</div> <!-- col-md-9/col-md-12 -->
<div id="side_meta">
<div class="col-md-3" id="post_meta">
<!-- date -->
<div class="meta-widget">
<i class="fa fa-clock-o"></i>
2022-07-17
</div>
<!-- categories -->
<div class="meta-widget">
<a data-toggle="collapse" data-target="#categorys"><i class="fa fa-folder"></i></a>
<ul id="categorys" class="tag_box list-unstyled collapse in">
<li>
<li><a href="/categories/技术/">技术<span>18</span></a></li>
</li>
</ul>
</div>
<!-- tags -->
<div class="meta-widget">
<a data-toggle="collapse" data-target="#tags"><i class="fa fa-tags"></i></a>
<ul id="tags" class="tag_box list-unstyled collapse in">
<li><a href="/tags/技术/">技术<span>14</span></a></li> <li><a href="/tags/建站/">建站<span>3</span></a></li>
</ul>
</div>
<!-- toc -->
<div class="meta-widget">
<a data-toggle="collapse" data-target="#toc"><i class="fa fa-bars"></i></a>
<div id="toc" class="toc collapse in">
<span class="toc-title">目录</span>
<ol class="toc-article"><li class="toc-article-item toc-article-level-2"><a class="toc-article-link" href="#%E7%BB%95%E4%B8%8D%E5%BC%80%E7%9A%84%E5%AD%98%E5%9C%A8"><span class="toc-article-text">绕不开的存在</span></a></li><li class="toc-article-item toc-article-level-2"><a class="toc-article-link" href="#Gitea"><span class="toc-article-text">Gitea</span></a><ol class="toc-article-child"><li class="toc-article-item toc-article-level-3"><a class="toc-article-link" href="#Drone"><span class="toc-article-text">Drone</span></a></li><li class="toc-article-item toc-article-level-3"><a class="toc-article-link" href="#%E4%BB%93%E5%BA%93%E6%93%8D%E4%BD%9C"><span class="toc-article-text">仓库操作</span></a></li><li class="toc-article-item toc-article-level-3"><a class="toc-article-link" href="#%E4%B8%80%E4%B8%AA%E6%A1%88%E4%BE%8B"><span class="toc-article-text">一个案例</span></a></li><li class="toc-article-item toc-article-level-3"><a class="toc-article-link" href="#%E5%8A%A0%E4%B8%BB%E9%A2%98"><span class="toc-article-text">加主题</span></a></li><li class="toc-article-item toc-article-level-3"><a class="toc-article-link" href="#%E5%AE%89%E5%85%A8"><span class="toc-article-text">安全</span></a></li><li class="toc-article-item toc-article-level-3"><a class="toc-article-link" href="#%E5%8F%82%E8%80%83"><span class="toc-article-text">参考</span></a></li></ol></li></ol>
</div>
</div>
<hr>
</div><!-- col-md-3 -->
</div>
</div><!-- row -->
</div>
</div>
<div class="container-narrow">
<footer> <p>
&copy; 2024 SouthFox
Font by <a href="https://github.com/SolidZORO/zpix-pixel-font" target="_blank">Zpix</a>,
Theme by <a href="https://github.com/blackshow/hexo-theme-freemind.386" target="_blank">Freemind.386</a>. <br> <a href="../../.././Privacy-Policy" target="_blank">隐私政策</a>
</p>
</footer>
</div> <!-- container-narrow -->
<a id="gotop" href="#">
<span>TOP</span>
</a>
<script src="../../.././js/jquery.imagesloaded.min.js"></script>
<!-- <script src="../../.././js/gallery.js"></script> -->
<script src="../../.././js/bootstrap.min.js"></script>
<script src="../../.././js/main.js"></script>
<script src="../../.././js/search.js"></script>
<script src="../../.././js/cursor-effects.js"> async</script>
</body>
</html>
Reference in a new issue View git blame Copy permalink