Drone + Gitea over docker compose: OAuth cannot exchange code

Hi,

I want to deploy a gitea + drone environment using docker-compose (in a first step for an local develop and test environment). Therefore I’ve created the following docker-compose.yaml:

version: '3'

services:
  postgres:
    container_name: postgres-gitea
    image: postgres:13
    environment:
      POSTGRES_DB: gitea-db
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: password
    ports:
      - "5432:5432"
    networks:
      - cicdnet
    restart: always

  gitea:
    container_name: gitea
    image: gitea/gitea:1.15
    environment:
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=postgres:5432
      - GITEA__database__NAME=gitea-db
      - GITEA__database__USER=postgres
      - GITEA__database__PASSWD=password
    ports:
      - "22:22"
      - "3000:3000"
    networks:
      - cicdnet
    depends_on:
      - postgres
    restart: always

  drone-server:
    container_name: drone-server
    image: drone/drone:2.4
    ports:
      - 80:80
      - 443:443
      - 8000:8000
    environment:
      - DRONE_GITEA_SERVER=http://localhost:3000
      - DRONE_RPC_SECRET=very-secret
      - DRONE_SERVER_PROTO=http
      - DRONE_SERVER_HOST=localhost:80
      - DRONE_GITEA_CLIENT_ID=xxx #from Gitea OAuth Client-ID
      - DRONE_GITEA_CLIENT_SECRET=xxx #from Gitea OAuth Client-Secret
      - DRONE_GITEA_SKIP_VERIFY=true
    networks:
      - cicdnet
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./drone:/var/lib/drone
    depends_on:
      - gitea
    restart: always

  drone-runner:
    container_name: drone-runner
    image: drone/drone-runner-docker:1.7
    ports:
      - "3001:3000"
    environment:
      - DRONE_RPC_PROTO=http
      - DRONE_RPC_HOST=drone-server:80
      - DRONE_RPC_SECRET=very-secret
      - DRONE_RUNNER_NAME=drone-runner
    networks:
      - cicdnet
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    depends_on:
      - gitea
    restart: always

networks:
  cicdnet:

For configuring the OAuth application, I first start the postgres and gitea containers:
docker-compose up postgres-gitea gitea

Then I create my admin user and go to settings - applications, where I create a new OAuth application with the following values:

After that I take Client-ID and Client-Secret from Gitea and fill it into the docker-compose.yaml. Now the rest of the containers can be started:
docker-compose up drone-server drone-runner

Now I should be able to go to localhost:3000 and authorize drone to gitea, but after clicking the authorize-button and the redirect happens, I get the following error message in the Drone UI:
Post "http://localhost:80/login/oauth/access_token": dial tcp 127.0.0.1:80: connect: connection refused

And the log error message states:
oauth: cannot exchange code: xxx: Post \"http://localhost:80/login/oauth/access_token\": dial tcp 127.0.0.1:80: connect: connection refused

I have already tried using Gitea version 1.8.1 instead, but the same issue happens. Volumes for gitea and postgres have no impact on the result. I have also already tried it with different ports. Using network_mode: host I was able to authorize Drone to Gitea with OAuth, but I don’t want the docker containers to run on my host.

What am I missing here?

1 Like

I can’t really analyze the problem because there are details missing and I can’t reproduce your setup on my laptop. However there is one thing that is most certainly a problem: localhost/127.0.0.1 is local to the container/host and since the containers run on their own network this is bound to create communication problems. You would probably have better luck specifying the actual IP of the target container, which you can obtain with something like:

docker inspect -f "{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}" nameofcontainer