-
-
Save JuKu/68727dfd4f627ac66e1b9607cbc0b995 to your computer and use it in GitHub Desktop.
Current Gitlab Docker Config (20.03.2024)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: '3.8' | |
networks: | |
studymj-network: | |
external: true | |
# see also: https://docs.gitlab.com/ee/install/docker.html#install-gitlab-using-docker-compose | |
# see also: https://blog.peterge.de/gitlab-ce-docker-hinter-reverse-proxy/ | |
services: | |
gitlab: | |
image: 'gitlab/gitlab-ce:latest' | |
restart: unless-stopped | |
hostname: 'gitlab.example.com' | |
container_name: gitlab-ce | |
environment: | |
GITLAB_OMNIBUS_CONFIG: | | |
external_url 'https://gitlab.example.com' | |
# for Gitlab Container Registry | |
#registry_external_url 'https://registry.example.com' | |
#Durch das Setzen von GITLAB_HTTPS=true wird GitLab mitgeteilt, dass es über HTTPS erreichbar ist, auch wenn die interne Kommunikation zwischen dem Proxy und GitLab unverschlüsselt erfolgt. | |
#GITLAB_HTTPS=true | |
# ADDED | |
#gitlab_rails['registry_enabled'] = true | |
#gitlab_rails['registry_host'] = "registry.example.com" | |
#registry['enable'] = true | |
#registry['registry_http_addr'] = "localhost:5000" | |
#registry['log_directory'] = "/var/log/gitlab/registry" | |
#registry['env_directory'] = "/opt/gitlab/etc/registry/env" | |
# See also: https://docs.gitlab.com/ee/administration/packages/container_registry.html?tab=Linux+package+%28Omnibus%29 | |
#registry_nginx['listen_https'] = false | |
#gitlab_rails['registry_path'] = "/path/to/registry/storage" | |
# Add any other gitlab.rb configuration here, each on its own line | |
gitlab_rails['gitlab_shell_ssh_port'] = 2224 | |
letsencrypt['enabled'] = false | |
nginx['listen_port'] = 80 | |
#nginx['listen_port'] = 8929 | |
nginx['listen_https'] = false | |
nginx['proxy_set_headers'] = { | |
"X-Forwarded-Proto" => "https", | |
"X-Forwarded-Ssl" => "on", | |
"Host" => "gitlab.example.com", | |
"X-Real-IP" => "$$remote_addr", | |
"X-Forwarded-For" => "$$proxy_add_x_forwarded_for", | |
"Upgrade" => "$$http_upgrade", | |
"Connection" => "$$connection_upgrade" | |
} | |
ports: | |
- '8929:80' | |
- '2224:22' | |
volumes: | |
- '/opt/docker/volumes/gitlab/config:/etc/gitlab' | |
- '/opt/docker/volumes/gitlab/logs:/var/log/gitlab' | |
- '/opt/docker/volumes/gitlab/data:/var/opt/gitlab' | |
networks: | |
- studymj-network | |
shm_size: '256m' | |
labels: | |
# - traefik.enable=true | |
# - traefik.http.routers.gitlab.entrypoints=websecure | |
# - traefik.http.routers.gitlab.rule=Host(`gitlab.example.com`) | |
# - traefik.http.routers.gitlab.tls=true | |
# - traefik.http.routers.gitlab.tls.certresolver=leresolver | |
# - traefik.http.routers.gitlab.service=gitlab | |
# - traefik.http.services.gitlab.loadbalancer.server.port=80 | |
- traefik.enable=true | |
- traefik.http.routers.gitlab_insecure.entrypoints=web | |
- traefik.http.routers.gitlab_insecure.rule=Host(`gitlab.example.com`) | |
# - traefik.http.routers.gitlab_insecure.middlewares=redirect@file | |
- traefik.http.routers.gitlab.entrypoints=websecure | |
- traefik.http.routers.gitlab.rule=Host(`gitlab.example.com`) | |
- traefik.http.routers.gitlab.tls=true | |
- traefik.http.routers.gitlab.tls.certresolver=leresolver | |
- traefik.http.services.gitlab.loadbalancer.server.port=80 | |
#- traefik.docker.network=studymj-network | |
# Can't filter TCP traffic on SNI, see link below | |
# https://community.containo.us/t/routing-ssh-traffic-with-traefik-v2/717/6 | |
#- traefik.tcp.routers.gitlab-ssh.rule=HostSNI(`*`) | |
#- traefik.tcp.routers.gitlab-ssh.entrypoints=ssh | |
#- traefik.tcp.routers.gitlab-ssh.service=gitlab-ssh-svc | |
#- traefik.tcp.services.gitlab-ssh-svc.loadbalancer.server.port=22 | |
#- traefik.http.routers.registry_insecure.entrypoints=web | |
#- traefik.http.routers.registry_insecure.rule=Host(`registry.example.com`) | |
#- traefik.http.routers.registry.entrypoints=websecure | |
#- traefik.http.routers.registry.rule=Host(`registry.example.com`) | |
#- traefik.http.routers.registry.tls=true | |
#- traefik.http.routers.registry.tls.certresolver=leresolver | |
#- traefik.http.services.registry.loadbalancer.server.port=5000 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment