This guide deploys Drone server and runner as native system services using systemd.
drone account- name: Deploy Drone CI (Native)
hosts: drone
become: true
vars:
drone_user: drone
drone_home: /opt/drone
drone_server_host: ci.example.com
drone_server_proto: https
drone_rpc_secret: change-this-secret
drone_github_client_id: change-me
drone_github_client_secret: change-me
tasks:
- name: Install dependencies on Debian family
ansible.builtin.apt:
update_cache: true
name:
- curl
- ca-certificates
state: present
when: ansible_os_family == "Debian"
- name: Install dependencies on RHEL family
ansible.builtin.dnf:
name:
- curl
- ca-certificates
state: present
when: ansible_os_family == "RedHat"
- name: Ensure Drone user exists
ansible.builtin.user:
name: "{{ drone_user }}"
system: true
create_home: true
home: "{{ drone_home }}"
shell: /usr/sbin/nologin
- name: Create Drone directories
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: "{{ drone_user }}"
group: "{{ drone_user }}"
mode: "0755"
loop:
- "{{ drone_home }}"
- "{{ drone_home }}/data"
- name: Download Drone server binary
ansible.builtin.get_url:
url: https://github.com/harness/drone/releases/download/v2.27.0/drone-server-linux-amd64
dest: "{{ drone_home }}/drone-server"
mode: "0755"
become_user: "{{ drone_user }}"
- name: Download Drone runner binary
ansible.builtin.get_url:
url: https://github.com/harness/drone/releases/download/v2.27.0/drone-runner-linux-amd64
dest: "{{ drone_home }}/drone-runner"
mode: "0755"
become_user: "{{ drone_user }}"
- name: Write Drone environment file
ansible.builtin.copy:
dest: "{{ drone_home }}/.env"
mode: "0600"
owner: "{{ drone_user }}"
content: |
DRONE_SERVER_HOST={{ drone_server_host }}
DRONE_SERVER_PROTO={{ drone_server_proto }}
DRONE_RPC_SECRET={{ drone_rpc_secret }}
DRONE_GITHUB_CLIENT_ID={{ drone_github_client_id }}
DRONE_GITHUB_CLIENT_SECRET={{ drone_github_client_secret }}
- name: Install Drone server systemd unit
ansible.builtin.copy:
dest: /etc/systemd/system/drone-server.service
mode: "0644"
content: |
[Unit]
Description=Drone CI Server
After=network.target
[Service]
User={{ drone_user }}
Group={{ drone_user }}
WorkingDirectory={{ drone_home }}
EnvironmentFile={{ drone_home }}/.env
ExecStart={{ drone_home }}/drone-server
Restart=on-failure
[Install]
WantedBy=multi-user.target
- name: Install Drone runner systemd unit
ansible.builtin.copy:
dest: /etc/systemd/system/drone-runner.service
mode: "0644"
content: |
[Unit]
Description=Drone CI Runner
After=network.target drone-server.service
[Service]
User={{ drone_user }}
Group={{ drone_user }}
WorkingDirectory={{ drone_home }}
EnvironmentFile={{ drone_home }}/.env
ExecStart={{ drone_home }}/drone-runner
Restart=on-failure
[Install]
WantedBy=multi-user.target
- name: Enable and start Drone services
ansible.builtin.systemd:
name: "{{ item }}"
enabled: true
state: started
daemon_reload: true
loop:
- drone-server
- drone-runner
ansible-playbook -i inventory.ini drone-native-install.yml