GitLab

This article explains how to install the Drone server for GitLab. The server is packaged as a minimal Docker image distributed on DockerHub.

Preparation

Create an OAuth Application

Create a GitLab OAuth application. The Consumer Key and Consumer Secret are used to authorize access to GitLab resources.

The authorization callback URL must match the below format and path, and must use your exact server scheme and host.

Application Create Application View

Create a Shared Secret

Create a shared secret to authenticate communication between runners and your central Drone server.

You can use openssl to generate a shared secret:

$ openssl rand -hex 16
bea26a2221fd8090ea38720fc445eca6

Download

The Drone server is distributed as a lightweight Docker image. The image is self-contained and does not have any external dependencies.

$ docker pull drone/drone:2

Configuration

The Drone server is configured using environment variables. This article references a subset of configuration options, defined below. See Configuration for a complete list of configuration options.

  • DRONE_GITLAB_CLIENT_ID
    Required string value provides your GitLab oauth Client ID.
  • DRONE_GITLAB_CLIENT_SECRET
    Required string value provides your GitLab oauth Client Secret.
  • DRONE_GITLAB_SERVER
    Option string value provides your GitLab server url. The default value is the gitlab.com server address at https://gitlab.com.
  • DRONE_GIT_ALWAYS_AUTH
    Optional boolean value configures Drone to authenticate when cloning public repositories. This should only be enabled when using self-hosted GitLab with private mode enable.
  • DRONE_RPC_SECRET
    Required string value provides the shared secret generated in the previous step. This is used to authenticate the rpc connection between the server and runners. The server and runner must be provided the same secret value.
  • DRONE_SERVER_HOST
    Required string value provides your external hostname or IP address. If using an IP address you may include the port. For example, drone.domain.com
  • DRONE_SERVER_PROTO
    Required string value provides your external protocol scheme. This value should be set to http or https. This field defaults to https if you configure ssl or acme.
  • DRONE_USER_FILTER
    Optional comma-separated list of GitLab users or organizations. Registration is limited to users in this list, or users that are members of organizations in this list. Registration is open to the public if this value is unset.

Start the Server

The server container can be started with the below command. The container is configured through environment variables. Remember to replace the placeholder values below with the appropriate values.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

docker run \
  --volume=/var/lib/drone:/data \
  --env=DRONE_GITLAB_SERVER=https://gitlab.com \
  --env=DRONE_GITLAB_CLIENT_ID=05136e57d80189bef462 \
  --env=DRONE_GITLAB_CLIENT_SECRET=7c229228a77d2cbddaa61ddc78d45e \
  --env=DRONE_RPC_SECRET=super-duper-secret \
  --env=DRONE_SERVER_HOST=drone.company.com \
  --env=DRONE_SERVER_PROTO=https \
  --publish=80:80 \
  --publish=443:443 \
  --restart=always \
  --detach=true \
  --name=drone \
  drone/drone:2

Install Runners

Once your server is up and running you will need to install runners to execute your build pipelines. See our runner installation documentation for detailed installation instructions.

Install Runners