JuKu/docker-compose.yml Secret

## docker-compose.yml
version: '3.8'

networks:
  studymj-network:
    external: true

# see also: https://docs.gitlab.com/ee/install/docker.html#install-gitlab-using-docker-compose

# see also: https://blog.peterge.de/gitlab-ce-docker-hinter-reverse-proxy/

services:
  gitlab:
    image: 'gitlab/gitlab-ce:latest'
    restart: unless-stopped
    hostname: 'gitlab.example.com'
    container_name: gitlab-ce
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'https://gitlab.example.com'
        # for Gitlab Container Registry
        #registry_external_url 'https://registry.example.com'
        #Durch das Setzen von GITLAB_HTTPS=true wird GitLab mitgeteilt, dass es über HTTPS erreichbar ist, auch wenn die interne Kommunikation zwischen dem Proxy und GitLab unverschlüsselt erfolgt.
        #GITLAB_HTTPS=true
        # ADDED
        #gitlab_rails['registry_enabled'] = true
        #gitlab_rails['registry_host'] = "registry.example.com"
        #registry['enable'] = true
        #registry['registry_http_addr'] = "localhost:5000"
        #registry['log_directory'] = "/var/log/gitlab/registry"
        #registry['env_directory'] = "/opt/gitlab/etc/registry/env"
        # See also: https://docs.gitlab.com/ee/administration/packages/container_registry.html?tab=Linux+package+%28Omnibus%29
        #registry_nginx['listen_https'] = false
        #gitlab_rails['registry_path'] = "/path/to/registry/storage"
        # Add any other gitlab.rb configuration here, each on its own line
        gitlab_rails['gitlab_shell_ssh_port'] = 2224
        letsencrypt['enabled'] = false
        nginx['listen_port'] = 80
        #nginx['listen_port'] = 8929
        nginx['listen_https'] = false
        nginx['proxy_set_headers'] = {
          "X-Forwarded-Proto" => "https",
          "X-Forwarded-Ssl" => "on",
          "Host" => "gitlab.example.com",
          "X-Real-IP" => "$$remote_addr",
          "X-Forwarded-For" => "$$proxy_add_x_forwarded_for",
          "Upgrade" => "$$http_upgrade",
          "Connection" => "$$connection_upgrade"
        }
    ports:
      - '8929:80'
      - '2224:22'
    volumes:
      - '/opt/docker/volumes/gitlab/config:/etc/gitlab'
      - '/opt/docker/volumes/gitlab/logs:/var/log/gitlab'
      - '/opt/docker/volumes/gitlab/data:/var/opt/gitlab'
    networks:
      - studymj-network
    shm_size: '256m'
    labels:
#      - traefik.enable=true
#      - traefik.http.routers.gitlab.entrypoints=websecure
#      - traefik.http.routers.gitlab.rule=Host(`gitlab.example.com`)
#      - traefik.http.routers.gitlab.tls=true
#      - traefik.http.routers.gitlab.tls.certresolver=leresolver
#      - traefik.http.routers.gitlab.service=gitlab
#      - traefik.http.services.gitlab.loadbalancer.server.port=80
      - traefik.enable=true
      - traefik.http.routers.gitlab_insecure.entrypoints=web
      - traefik.http.routers.gitlab_insecure.rule=Host(`gitlab.example.com`)
#      - traefik.http.routers.gitlab_insecure.middlewares=redirect@file
      - traefik.http.routers.gitlab.entrypoints=websecure
      - traefik.http.routers.gitlab.rule=Host(`gitlab.example.com`)
      - traefik.http.routers.gitlab.tls=true
      - traefik.http.routers.gitlab.tls.certresolver=leresolver
      - traefik.http.services.gitlab.loadbalancer.server.port=80
      #- traefik.docker.network=studymj-network
      # Can't filter TCP traffic on SNI, see link below
      # https://community.containo.us/t/routing-ssh-traffic-with-traefik-v2/717/6
      #- traefik.tcp.routers.gitlab-ssh.rule=HostSNI(`*`)
      #- traefik.tcp.routers.gitlab-ssh.entrypoints=ssh
      #- traefik.tcp.routers.gitlab-ssh.service=gitlab-ssh-svc
      #- traefik.tcp.services.gitlab-ssh-svc.loadbalancer.server.port=22
      #- traefik.http.routers.registry_insecure.entrypoints=web
      #- traefik.http.routers.registry_insecure.rule=Host(`registry.example.com`)
      #- traefik.http.routers.registry.entrypoints=websecure
      #- traefik.http.routers.registry.rule=Host(`registry.example.com`)
      #- traefik.http.routers.registry.tls=true
      #- traefik.http.routers.registry.tls.certresolver=leresolver
      #- traefik.http.services.registry.loadbalancer.server.port=5000
	version: '3.8'

	networks:
	studymj-network:
	external: true

	# see also: https://docs.gitlab.com/ee/install/docker.html#install-gitlab-using-docker-compose

	# see also: https://blog.peterge.de/gitlab-ce-docker-hinter-reverse-proxy/

	services:
	gitlab:
	image: 'gitlab/gitlab-ce:latest'
	restart: unless-stopped
	hostname: 'gitlab.example.com'
	container_name: gitlab-ce
	environment:
	GITLAB_OMNIBUS_CONFIG: \|
	external_url 'https://gitlab.example.com'
	# for Gitlab Container Registry
	#registry_external_url 'https://registry.example.com'
	#Durch das Setzen von GITLAB_HTTPS=true wird GitLab mitgeteilt, dass es über HTTPS erreichbar ist, auch wenn die interne Kommunikation zwischen dem Proxy und GitLab unverschlüsselt erfolgt.
	#GITLAB_HTTPS=true
	# ADDED
	#gitlab_rails['registry_enabled'] = true
	#gitlab_rails['registry_host'] = "registry.example.com"
	#registry['enable'] = true
	#registry['registry_http_addr'] = "localhost:5000"
	#registry['log_directory'] = "/var/log/gitlab/registry"
	#registry['env_directory'] = "/opt/gitlab/etc/registry/env"
	# See also: https://docs.gitlab.com/ee/administration/packages/container_registry.html?tab=Linux+package+%28Omnibus%29
	#registry_nginx['listen_https'] = false
	#gitlab_rails['registry_path'] = "/path/to/registry/storage"
	# Add any other gitlab.rb configuration here, each on its own line
	gitlab_rails['gitlab_shell_ssh_port'] = 2224
	letsencrypt['enabled'] = false
	nginx['listen_port'] = 80
	#nginx['listen_port'] = 8929
	nginx['listen_https'] = false
	nginx['proxy_set_headers'] = {
	"X-Forwarded-Proto" => "https",
	"X-Forwarded-Ssl" => "on",
	"Host" => "gitlab.example.com",
	"X-Real-IP" => "$$remote_addr",
	"X-Forwarded-For" => "$$proxy_add_x_forwarded_for",
	"Upgrade" => "$$http_upgrade",
	"Connection" => "$$connection_upgrade"
	}
	ports:
	- '8929:80'
	- '2224:22'
	volumes:
	- '/opt/docker/volumes/gitlab/config:/etc/gitlab'
	- '/opt/docker/volumes/gitlab/logs:/var/log/gitlab'
	- '/opt/docker/volumes/gitlab/data:/var/opt/gitlab'
	networks:
	- studymj-network
	shm_size: '256m'
	labels:
	# - traefik.enable=true
	# - traefik.http.routers.gitlab.entrypoints=websecure
	# - traefik.http.routers.gitlab.rule=Host(`gitlab.example.com`)
	# - traefik.http.routers.gitlab.tls=true
	# - traefik.http.routers.gitlab.tls.certresolver=leresolver
	# - traefik.http.routers.gitlab.service=gitlab
	# - traefik.http.services.gitlab.loadbalancer.server.port=80
	- traefik.enable=true
	- traefik.http.routers.gitlab_insecure.entrypoints=web
	- traefik.http.routers.gitlab_insecure.rule=Host(`gitlab.example.com`)
	# - traefik.http.routers.gitlab_insecure.middlewares=redirect@file
	- traefik.http.routers.gitlab.entrypoints=websecure
	- traefik.http.routers.gitlab.rule=Host(`gitlab.example.com`)
	- traefik.http.routers.gitlab.tls=true
	- traefik.http.routers.gitlab.tls.certresolver=leresolver
	- traefik.http.services.gitlab.loadbalancer.server.port=80
	#- traefik.docker.network=studymj-network
	# Can't filter TCP traffic on SNI, see link below
	# https://community.containo.us/t/routing-ssh-traffic-with-traefik-v2/717/6
	#- traefik.tcp.routers.gitlab-ssh.rule=HostSNI(`*`)
	#- traefik.tcp.routers.gitlab-ssh.entrypoints=ssh
	#- traefik.tcp.routers.gitlab-ssh.service=gitlab-ssh-svc
	#- traefik.tcp.services.gitlab-ssh-svc.loadbalancer.server.port=22
	#- traefik.http.routers.registry_insecure.entrypoints=web
	#- traefik.http.routers.registry_insecure.rule=Host(`registry.example.com`)
	#- traefik.http.routers.registry.entrypoints=websecure
	#- traefik.http.routers.registry.rule=Host(`registry.example.com`)
	#- traefik.http.routers.registry.tls=true
	#- traefik.http.routers.registry.tls.certresolver=leresolver
	#- traefik.http.services.registry.loadbalancer.server.port=5000