version: "3.8" networks: drone-network: external: true traefik-network: external: true services: drone-service: image: docker.io/drone/drone:2 hostname: drone-service-host tty: true environment: - DS_NODE_NAME={{.Node.Hostname}} - DS_SERVICE_NAME={{.Service.Name}} - DS_TASK_NAME={{.Task.Name}} ## unable to use the internal DNS name as this URL is shown to ## the user for oauth login. ##- DRONE_GITEA_SERVER=http://gitea-service-host:3000 - DRONE_GITEA_SERVER=https://code.miflux.com - DRONE_GITEA_CLIENT_ID=272c7bf0-b081-4e3a-a9bf-4e39231fb162 - DRONE_GITEA_CLIENT_SECRET=gto_najtmt4bnfo37x7egy45s4g7esvhgs2b26wcfskvwn6bjajz672a - DRONE_RPC_SECRET=bd7c7058fd60caa00b86f7ea944c913d - DRONE_SERVER_HOST=ci.miflux.com - DRONE_SERVER_PROTO=https - DRONE_USER_CREATE=username:hyung-hwan,admin:true networks: - drone-network - traefik-network volumes: - type: bind source: /home/gfs-data/drone target: /data - type: bind source: /etc/timezone target: /etc/timezone read_only: true - type: bind source: /etc/localtime target: /etc/localtime read_only: true # ports: # - target: 80 # published: 80 # protocol: tcp # - target: 443 # published: 443 # protocol: tcp deploy: mode: replicated replicas: 1 placement: max_replicas_per_node: 1 ##constraints: ## - node.labels.location == home ## - node.hostname == rose resources: limits: memory: 1GB restart_policy: condition: on-failure labels: - traefik.enable=true ##- traefik.docker.network=traefik-network - traefik.http.routers.drone-https.entrypoints=websec - traefik.http.routers.drone-https.rule=Host(`ci.miflux.com`) - traefik.http.routers.drone-https.tls=true # - traefik.http.routers.drone-http.entrypoints=web # - traefik.http.routers.drone-http.rule=Host(`ci.miflux.com`) # - traefik.http.routers.drone-http.tls=false - traefik.http.services.drone-service.loadbalancer.server.port=80 - traefik.http.services.drone-service.loadbalancer.sticky.cookie=true - traefik.http.services.drone-service.loadbalancer.sticky.cookie.name=drone-sticker