Drone with gitea, unable to connect to drone on port 443

dominik-lenda · May 20, 2022, 10:11am

hi

problem: unable to connect to drone on port 443

i tried a new deploy of drone for gitea, following the documentation
after installing drone i also deployed a runner, the runner is online and connected to the drone container.
now we browse to https://drone.ourlocaldomain.ourId and we get connection refused. if we browse with http instead of https we are met with drone welcome landing page
we verify the gitea oath key in drone following the wizard, after this we are redirected to https://drone.ourlocaldomain.ourtld which meets connection refused, if we rewrite this url to http:// the drone page loads but we get “http: named cookie not present” error.

i believe the problem lies within the 443 unavailability.

Looking at the docker container host netstat: 0.0.0.0:443 0.0.0.0:80 both ports are listening, this is a fresh ubuntu ser ver 20.04 host with no other services running on these ports before docker deploy.

looking at tcpdump in docker0 nic we can see that client tcp handshake traffic reaches container, but container replies with tcp reset:

14:13:37.989271 IP .62029 > 172.17.0.2.https: Flags [S], seq 3121427575, win 65535, options [mss 1310,nop,wscale 6,nop,nop,TS val 1118774138 ecr 0,sackOK,eol], length 0

14:13:37.989348 IP 172.17.0.2.https > .62029: Flags [R.], seq 0, ack 3121427576, win 0, length 0

drone and runner build(copied from documentation):

sudo docker run \
  --volume=/var/lib/drone:/data \
  --env=DRONE_GITEA_SERVER=https://<our_gitea_uri> \
  --env=DRONE_GITEA_CLIENT_ID=<our_client_id> \
  --env=DRONE_GITEA_CLIENT_SECRET=<our_client_secret>= \
  --env=DRONE_RPC_SECRET=<our_rpc_secret> \
  --env=DRONE_SERVER_HOST=<our_domain> \
  --env=DRONE_SERVER_PROTO=https \
  --publish=80:80 \
  --publish=443:443 \
  --restart=always \
  --detach=true \
  --name=drone \
  drone/drone:2

sudo docker run --detach \
  --volume=/var/run/docker.sock:/var/run/docker.sock \
  --env=DRONE_RPC_PROTO=http \
  --env=DRONE_RPC_HOST=<our_rpc_host> \
  --env=DRONE_RPC_SECRET=<our_rpc_secret> \
  --env=DRONE_RUNNER_CAPACITY=2 \
  --env=DRONE_RUNNER_NAME=my-first-runner \
  --publish=3000:3000 \
  --restart=always \
  --name=runner \
  drone/drone-runner-docker:1

Topic		Replies	Views
Drone CI + Gitea + nginx proxy Drone Support	0	717	July 21, 2022
[SOLVED] Making drone listen on port different than 443 Drone Support	6	1349	November 6, 2020
Unable to login to Drone (Docker with LetsEncrypt Nginx proxy) Drone Support	3	1117	February 11, 2020
Pipeline clone falied with connection refused Drone Support	3	1278	November 24, 2019
Cannot connect drone to gitea Drone Support	1	380	November 6, 2021

Drone with gitea, unable to connect to drone on port 443

Related topics