Gitea + Drone + Traefik: agent cannot reach git repo

Hi guys - I’ve recently started experimenting with Drone to add a CI functionality to a Gitea server I host. Everything is currently running on the same server, with all traffic going through Traefik.

I have no issue accessing the Drone main UI page. Same goes for gitea webhooks being seen correctly by Drone. However, when a build job starts, it gets stuck on the git repo loading:

Initialized empty Git repository in /drone/src/.git/
+ git fetch origin +refs/heads/master:
fatal: unable to access '': Failed to connect to port 443: Operation timed out

Here is the Drone part of my docker-compose.yml:

    image: drone/drone:1.0.0-rc.6
    container_name: drone
      - drone-data:/var/lib/drone/
      - /var/run/docker.sock:/var/run/docker.sock
    restart: always
      - gitea
      - DRONE_SERVER_HOST=drone:80
      - DRONE_TLS_AUTOCERT=false
      - DRONE_GITEA_SERVER=http://gitea:3001/
      - DRONE_LOGS_DEBUG=true
      - DRONE_LOGS_PRETTY=true
      - DRONE_LOGS_COLOR=true
      - proxy
      - gitea
      - "traefik.enable=true"
      - ""
      - ""
      - "traefik.port=80"

Here “proxy” is the network used by Traefik. Gitea and Drone are talking to each other on the internal “gitea” network.

My Traefik configuration is fairly straightforward:

address = “:80”
entryPoint = “https”
address = “:443”

Note that I have seen in a post here that when using a reverse proxy, I should set the header forwarding correctly and tried to add the Docker bridge subnet to the trusted IPs list following this with no success.

I suspect that the container that the agent is launching is not handled correctly by Traefik but I can’t figure out how to make this work. Any help would be appreciated!


You can pass DRONE_RUNNER_NETWORKS=<name of network> to the agent (or the server if you are not using agents). When Drone spawns containers it will attach all containers to the specified network. You can search the forum for DRONE_RUNNER_NETWORKS to find some examples and threads where others are using this same technique for similar setups.

1 Like

Thanks for your help @bradrydzewski. This didn’t solve the problem in itself since the issue was actually on the Traefik networking side. I had to add network name aliases to the Traefik network otherwise the DNS lookup would fail inside the gitea and drone containers.

In short:

  1. Add aliases for your gitea and drone apps on your Traefik network. Your Traefik config then looks like:

image: traefik:latest
container_name: traefik
restart: always
- “80:80”
- “443:443”
- # or whatever your add header is
- /var/run/docker.sock:/var/run/docker.sock
- /path/to/traefik.toml:/traefik.toml
- /path/to/acme.json:/acme.json
- …

  1. Add DRONE_RUNNER_NETWORKS=proxy to your drone docker-compose environment variables.

Do you know why the alias is needed?