Drone CI + Gitea + nginx proxy

Drone Support
1

Hello to all,

I’m here to try to find some help,
I am trying to set up Drone CI + Gitea integration with Docker and Portainer. I am also using a nginx reverse proxy.

Here are my configurations and ENV:

DRONE_GITEA_SERVER=https:// git.xxxx.fr
DRONE_GITEA_CLIENT_ID=xxxx
DRONE_GITEA_CLIENT_SECRET=xxxxx
DRONE_RPC_SECRET=xxx
DRONE_SERVER_HOST=drone.xxxx.fr
DRONE_SERVER_PROTO=https
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
XDG_CACHE_HOME=/data
DRONE_DATABASE_DRIVER=sqlite3
DRONE_DATABASE_DATASOURCE=/data/database.sqlite
DRONE_RUNNER_OS=linux
DRONE_RUNNER_ARCH=amd64
DRONE_SERVER_PORT=:80
DRONE_DATADOG_ENABLED=true
DRONE_DATADOG_ENDPOINT=https:// stats.drone.ci/api/v1/series
DRONE_GIT_ALWAYS_AUTH=true
DRONE_LOGS_DEBUG=true
DRONE_AGENTS_ENABLED=true
DRONE_GIT_ALWAYS_AUTH=true
DRONE_RUNNER_NETWORKS=drone
DRONE_RPC_DEBUG=true
GODEBUG=netdns=go

The two containers are on the same bridged network.

When I try to connect on Drone with Oauth2 via Gitea, I get a connection error:

Post “https:// git.xxx.fr/login/oauth/access_token”: dial tcp 172.19.0.214:443: connect: connection refused

there are the drone logs:

{"level":"error","msg":"oauth: cannot exchange code: xxxxxx : Post \"https:// git.xxx.fr/login/oauth/access_token\": dial tcp 172.19.0.214:443: connect: connection refused","time":"2022-07-21T13:42:00Z"}

There is my Nginx proxy configuration (with Let’s encrypt):

location / {
  proxy_pass        http:// 192.168.9.111:8020; // the IP of my docker host, 8020 port are the container web port
  proxy_redirect    off;
 # proxy_set_header  Host $host;
  proxy_set_header  X-Real-IP $remote_addr;
  #proxy_set_header  X-Forwarded-Proto $scheme;
 # proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header  X-Forwarded-Host $server_name;
  proxy_set_header  X-Forwarded-Port $server_port;
  proxy_set_header X-Forwarded-For $remote_addr;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_set_header Host drone.xxx.fr;
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_buffering off;
  chunked_transfer_encoding off;
  # Include SSOWAT user panel.
  include conf.d/yunohost_panel.conf.inc;
  more_clear_input_headers 'Accept-Encoding';
}

Thanks for help !