BeeYoop BeeDeepBoom Weeop DEEpaEEya
In general, this article describes how to setup SSL with a Drone Runner. This is part II of a part I series. If you would like to learn how-to setup the Drone Server, please visit: Setup Drone CI Server.
This part II creates a pipeline runner with a Docker machine; what that means is, like GitHub Actions, but with Drone super powers. The configuration file is stored as
.drone.yml in the root of your site directory and drone server uses that application yml file to do a series of commands or actions within the virtual docker machine.
This is empowering because you can automate a fresh build every time. Also, you create a drone trigger for when you push to a branch master as an example. Here is the configuration of all the possible things you can do. Docker Pipelines Overview
Note 1: If you see a [name-goes-here], I am linking to the references I shared below. Note 2: If you want to use Docker Engine without sudo, follow this url: Linux Docker Post-Install
- Basic Linux CLI knowledge
- A hardened remote SSH server see Linux VPS hardening
- A running Gitea server: Git with a cup of tea
- Docker Engine
- a basic understanding of how to use Docker Engine
- basic Nginx, Gitea and Certbot/Let’s Encrypt experience
- a running drone ci server see part I
Pull docker image from Dockerhub
docker pull drone/drone-runner-docker:1
Make public access to repo in drone GUI
For testing, I made sure the repo was publicly available.
Launch a Secure Docker Drone Runner
For the DRONE_RPC_SECRET use the same ssl secret we created in Part I. See Configuration for a complete list of configuration options.
Please see the reference to understand what this docker config is doing. That is important for you to do yourself.
docker run --detach \
A Pipeline Config Example
An example of a custom pipeline I have created. I ain’t going to explain this to you in detail; I expect you to determine your own pipeline and this is only for a reference point. Essentially, what you will be doing is launching your own virtual machine for your specific use case scenario.
In this example, on drone.example.com, I have created a secret pass that needs to be passed to the virtual machine so I can package the build aka _site only, then auto push to www_data branch on my git server. Furthermore, I rsync this data through an ssh tunnel to a Gitea Pages server that serves the WWW or edge data.
Note: 3: The example configuration is a .drone.yml file stored in the root of your site project.
- name: build-website
- name: jekyll
# general vm information for debugging
- gem environment
docker logs st-drone-runner
INFO starting the server
INFO successfully pinged the remote server
Stop & Start Container
sudo docker container stop st-drone-ssl
sudo docker container start st-drone-ssl
Financial Support & Donations
I mainly debug code, drive, yak shave and deep dive into research for Linux base operating systems.
I am a Free Software Associate (FSF), privacy advocate and Cosmopolitan that enjoys philosophie, meta-physics, hacking and debugging computer hardware/software.