fix: WP CI agent gRPC: use host networking to bypass Docker bridge (#813)
Docker bridge networking inside LXD (and potentially other nested container environments) breaks gRPC/HTTP2 between containers. The gRPC handshake times out because HTTP/2 frames are not properly forwarded. Fix: run the WP agent with network_mode: host + privileged, connecting to the server via localhost:9000 (port mapped from the server container). - Add port 9000 mapping to woodpecker server - Switch agent to network_mode: host with privileged: true - Connect agent to localhost:9000 instead of woodpecker:9000 - Add WOODPECKER_GRPC_SECURE=false - Move healthcheck to port 3333 (avoid clash with Forgejo on 3000) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
johba
parent
883cdc812c
commit
38a7253c11
1 changed files with 6 additions and 5 deletions
11
bin/disinto
11
bin/disinto
|
|
@ -183,6 +183,7 @@ services:
|
|||
- apparmor=unconfined
|
||||
ports:
|
||||
- "8000:8000"
|
||||
- "9000:9000"
|
||||
volumes:
|
||||
- woodpecker-data:/var/lib/woodpecker
|
||||
environment:
|
||||
|
|
@ -203,18 +204,18 @@ services:
|
|||
woodpecker-agent:
|
||||
image: woodpeckerci/woodpecker-agent:v3
|
||||
restart: unless-stopped
|
||||
security_opt:
|
||||
- apparmor=unconfined
|
||||
network_mode: host
|
||||
privileged: true
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
environment:
|
||||
WOODPECKER_SERVER: woodpecker:9000
|
||||
WOODPECKER_SERVER: localhost:9000
|
||||
WOODPECKER_AGENT_SECRET: ${WOODPECKER_AGENT_SECRET:-}
|
||||
WOODPECKER_GRPC_SECURE: "false"
|
||||
WOODPECKER_HEALTHCHECK_ADDR: ":3333"
|
||||
WOODPECKER_MAX_WORKFLOWS: 1
|
||||
depends_on:
|
||||
- woodpecker
|
||||
networks:
|
||||
- disinto-net
|
||||
|
||||
agents:
|
||||
build: ./docker/agents
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue