Drone 1 with Gitea 1.8: how to login the first time?

qdm12 · May 9, 2019, 6:34pm

Hi all,

I am trying to setup Drone 1 with Gitea 1.8, all running in Docker.
I have gitea.domain.com for my Gitea server and drone.domain.com for my Drone, and they both work. I configured everything correctly as far as I can tell. However, I cannot login to Drone and have no idea what the default credentials should be. I tried creating an admin user with the environment variable DRONE_USER_CREATE=username:quentin,admin:true but what would be the password? I have also tried with my Gitea credentials but I still get Login Failed. Forbidden

The debug log is:

{"level":"info","msg":"main: internal scheduler enabled","time":"2019-05-09T18:31:37Z"}
{"build.limit":0,"expires":"0001-01-01T00:00:00Z","kind":"trial","level":"debug","msg":"main: license loaded","repo.limit":0,"time":"2019-05-09T18:31:37Z","user.limit":0}
{"admin":true,"level":"debug","login":"quentin","machine":false,"msg":"bootstrap: create account","time":"2019-05-09T18:31:37Z","token":""}
{"admin":true,"level":"debug","login":"quentin","machine":false,"msg":"bootstrap: updating account","time":"2019-05-09T18:31:37Z","token":""}
{"admin":true,"level":"debug","login":"quentin","machine":false,"msg":"bootstrap: account already up-to-date","time":"2019-05-09T18:31:37Z","token":""}
{"level":"info","msg":"main: starting the local build runner","threads":2,"time":"2019-05-09T18:31:37Z"}
{"arch":"amd64","level":"debug","machine":"48b9347464f8","msg":"runner: polling queue","os":"linux","time":"2019-05-09T18:31:37Z"}
{"arch":"amd64","level":"debug","machine":"48b9347464f8","msg":"runner: polling queue","os":"linux","time":"2019-05-09T18:31:37Z"}
{"arch":"amd64","kernel":"","level":"debug","msg":"manager: request queue item","os":"linux","time":"2019-05-09T18:31:37Z","variant":""}
{"acme":false,"host":"drone.domain.com","level":"info","msg":"starting the http server","port":":80","proto":"http","time":"2019-05-09T18:31:37Z","url":"http://drone.domain.com"}
{"arch":"amd64","kernel":"","level":"debug","msg":"manager: request queue item","os":"linux","time":"2019-05-09T18:31:37Z","variant":""}
{"interval":"30m0s","level":"info","msg":"starting the cron scheduler","time":"2019-05-09T18:31:37Z"}
{"level":"debug","msg":"events: stream opened","request-id":"1L0YtqoKMqXSdi5ttPa47udJ6ZI","time":"2019-05-09T18:31:39Z"}
{"fields.time":"2019-05-09T18:31:42Z","latency":82003,"level":"debug","method":"POST","msg":"","remote":"10.0.0.2:37830","request":"/login","request-id":"1L0YuEo7MIogdwgpMMkXhSMk08e","time":"2019-05-09T18:31:42Z"}
{"fields.time":"2019-05-09T18:31:42Z","latency":24296,"level":"debug","method":"GET","msg":"","remote":"10.0.0.2:37830","request":"/login/form","request-id":"1L0YuDq7AbgWD5lbbhcGm14NnWC","time":"2019-05-09T18:31:42Z"}
{"level":"debug","msg":"events: stream cancelled","request-id":"1L0YtqoKMqXSdi5ttPa47udJ6ZI","time":"2019-05-09T18:31:42Z"}
{"level":"debug","msg":"events: stream closed","request-id":"1L0YtqoKMqXSdi5ttPa47udJ6ZI","time":"2019-05-09T18:31:42Z"}
{"level":"debug","msg":"api: guest access","request-id":"1L0YtqoKMqXSdi5ttPa47udJ6ZI","time":"2019-05-09T18:31:42Z"}
{"fields.time":"2019-05-09T18:31:42Z","latency":3224501104,"level":"debug","method":"GET","msg":"","remote":"10.0.0.2:37762","request":"/api/stream","request-id":"1L0YtqoKMqXSdi5ttPa47udJ6ZI","time":"2019-05-09T18:31:42Z"}
{"level":"debug","msg":"api: authentication required","request-id":"1L0YuIrKn2O039Tvs8Gjb0D2EDN","time":"2019-05-09T18:31:42Z"}
{"level":"debug","msg":"api: guest access","request-id":"1L0YuIrKn2O039Tvs8Gjb0D2EDN","time":"2019-05-09T18:31:42Z"}
{"fields.time":"2019-05-09T18:31:42Z","latency":156904,"level":"debug","method":"GET","msg":"","remote":"10.0.0.2:37830","request":"/api/user","request-id":"1L0YuIrKn2O039Tvs8Gjb0D2EDN","time":"2019-05-09T18:31:42Z"}
{"level":"debug","msg":"events: stream opened","request-id":"1L0YuK2MBqikdYlSP6GtODeRDTV","time":"2019-05-09T18:31:42Z"}

Any suggestion would be greatly appreciated.

Thanks !

bradrydzewski · May 9, 2019, 9:58pm

perhaps you are hitting this issue? https://github.com/go-gitea/gitea/issues/6883

qdm12 · May 11, 2019, 6:39pm

Thanks for the help! Maybe, actually my Gitea logs out:

[Macaron] 2019-05-11 18:37:12: Started GET /api/v1/users/quentin/tokens for 10.0.0.29
[Macaron] 2019-05-11 18:37:12: Completed GET /api/v1/users/quentin/tokens 200 OK in 36.786643ms
[Macaron] 2019-05-11 18:37:12: Started GET /api/v1/user for 10.0.0.29
[Macaron] 2019-05-11 18:37:12: Completed GET /api/v1/user 403 Forbidden in 135.835µs

Although I can login with user quentin and my password on the Gitea webpage.

techknowlogick · May 12, 2019, 5:13pm

Gitea now is an OAuth2 provider, and can more securly offer authentication. Here is some steps on how to connect Drone with Gitea via OAuth2: [Documentation] Document how Gogs/Gitea login works

qdm12 · May 13, 2019, 10:46am

After quite some trouble (bad REDIRECT_URI especially, see Discord), it now works !

The following instructions are for Drone 1.1 and Gitea 1.8

In this example:

GITEA_URL is https://gitea.domain.com
DRONE_URL is https://drone.domain.com

Go to your Gitea webpage in the applications section: GITEA_URL/user/settings/applications
In the Manage OAuth2 Applications section, create an application with name drone and Redirect URI DRONE_URL, then click Create application
Copy the client ID and client secret and put in your Drone configuration as environment variables DRONE_GITEA_CLIENT_ID and DRONE_GITEA_CLIENT_SECRET
If your Drone is behind a proxy, make sure you have the DRONE_SERVER_PROTO=https other you will get the bad redirect URI error from Gitea
Now go to DRONE_URL, and simply Authorize the application

Happy CI !

abackstrom · June 9, 2019, 2:45pm

I had to set “Redirect URI” to <DRONE_URL>/login to get the OAuth flow to work.

iatsiuk · July 20, 2020, 4:00pm

Thank you for sharing your tip, without it i only get an “Unregistered Redirect URI” error.