How to Set Up a CI/CD Pipeline with Gitea and Drone

How to Set Up a CI/CD Pipeline with Gitea and Drone

Running your own CI/CD pipeline gives you full control over your build and deployment workflow. Gitea is a lightweight self-hosted Git service, and Drone is a container-native CI/CD platform that integrates seamlessly with it. Together they form a powerful automation stack on your Breeze server.

Prerequisites

• A Breeze instance with at least 2 GB RAM and 20 GB disk
• Docker and Docker Compose installed
• A domain or subdomain with DNS pointing to your Breeze IP

Deploying Gitea

Create a docker-compose.yml that includes both Gitea and its database:

services:
  gitea:
    image: gitea/gitea:latest
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__database__DB_TYPE=mysql
      - GITEA__database__HOST=gitea-db:3306
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=SecureGiteaPass
    volumes:
      - gitea_data:/data
    ports:
      - "3000:3000"
      - "2222:22"
    depends_on:
      - gitea-db

  gitea-db:
    image: mysql:8.0
    environment:
      MYSQL_ROOT_PASSWORD: RootPass123
      MYSQL_DATABASE: gitea
      MYSQL_USER: gitea
      MYSQL_PASSWORD: SecureGiteaPass
    volumes:
      - gitea_mysql:/var/lib/mysql

volumes:
  gitea_data:
  gitea_mysql:

Start Gitea with docker compose up -d and complete the web installer at http://your-breeze-ip:3000.

Creating an OAuth2 Application in Gitea

Drone authenticates via OAuth2. In Gitea, go to Site Administration → Applications and create a new OAuth2 application:

• Application Name: Drone CI
• Redirect URI: https://drone.yourdomain.com/login

Note the Client ID and Client Secret for the next step.

Deploying Drone Server and Runner

Add Drone services to your compose file:

  drone:
    image: drone/drone:latest
    environment:
      - DRONE_GITEA_SERVER=http://gitea:3000
      - DRONE_GITEA_CLIENT_ID=your-client-id
      - DRONE_GITEA_CLIENT_SECRET=your-client-secret
      - DRONE_RPC_SECRET=shared-rpc-secret-here
      - DRONE_SERVER_HOST=drone.yourdomain.com
      - DRONE_SERVER_PROTO=https
    ports:
      - "8080:80"
    volumes:
      - drone_data:/data

  drone-runner:
    image: drone/drone-runner-docker:latest
    environment:
      - DRONE_RPC_PROTO=http
      - DRONE_RPC_HOST=drone
      - DRONE_RPC_SECRET=shared-rpc-secret-here
      - DRONE_RUNNER_CAPACITY=2
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

volumes:
  drone_data:

Writing a .drone.yml Pipeline

In your Gitea repository, create a .drone.yml file:

kind: pipeline
type: docker
name: default

steps:
  - name: test
    image: node:20-alpine
    commands:
      - npm ci
      - npm test

  - name: build
    image: plugins/docker
    settings:
      repo: registry.yourdomain.com/myapp
      tags: latest
    when:
      branch: main

trigger:
  branch:
    - main
    - develop

Best Practices

• Use a strong, unique DRONE_RPC_SECRET shared between server and runner
• Place Drone behind a reverse proxy with HTTPS for secure webhook delivery
• Limit runner capacity based on your Breeze instance resources
• Use Drone secrets for sensitive values like registry passwords
• Enable Gitea webhooks to trigger builds automatically on push

With Gitea and Drone running on your Breeze server, you have a fully self-hosted CI/CD platform with no external dependencies.