Running GitLab in the container with Google G Suite Single Sign-On enabled.

docker-compose.yaml

gitlab:
  container_name: gitlab-example
  image: 'gitlab/gitlab-ce:latest'
  restart: always
  hostname: 'gitlab.example.com'
  environment:
    GITLAB_OMNIBUS_CONFIG: |
      # Gitlab basic configuration
      letsencrypt['enable'] = true
      letsencrypt['contact_emails'] = ['gitlab@example.com']
      external_url 'https://gitlab.example.com'
      gitlab_rails['registry_enabled'] = false
      gitlab_rails['time_zone'] = 'Europe/Sarajevo'
      gitlab_rails['lfs_enabled'] = true
      gitlab_rails['initial_root_password'] = 'Ch4ng3:M3'
      gitlab_rails['gitlab_shell_ssh_port'] = 2224

      # OmniAuth Configuration
      gitlab_rails['omniauth_enabled'] = true
      gitlab_rails['omniauth_external_providers'] = ['saml']
      gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']
      gitlab_rails['omniauth_sync_email_from_provider'] = 'saml'
      gitlab_rails['omniauth_block_auto_created_users'] = false
      gitlab_rails['omniauth_auto_link_ldap_user'] = false
      gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml']
      gitlab_rails['omniauth_sync_profile_attributes'] = ['email']
      gitlab_rails['omniauth_auto_link_saml_user'] = true
      # Uncomment this once you 100% ready to use SSO
      # gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
      gitlab_rails['omniauth_providers'] = [
        {
          # G-Suite
          'name': 'saml',
          'args': {
                  'assertion_consumer_service_url': 'https://gitlab.example.com/users/auth/saml/callback',
                  'idp_cert_fingerprint': 'XX:DD:90:D2:15:9F:12:78:D5:XX:XX:88:XX:6E:XX:FD:XX:60:XX:B1',
                  'idp_sso_target_url': 'https://accounts.google.com/o/saml2/idp?idpid=XXXXXXXXX',
                  'issuer': 'https://gitlab.example.com',
                  'name_identifier_format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
                  'attribute_statements': { 'email': ['emailAddress'] }
                },
          'label': 'G Suite'
        }
      ]

      # Email Settings
      gitlab_rails['gitlab_email_from'] = 'gitlab@example.com'
      gitlab_rails['gitlab_email_display_name'] = 'Example GitLab'
      gitlab_rails['gitlab_email_reply_to'] = 'gitlab@example.com'
      gitlab_rails['gitlab_email_subject_suffix'] = 'Example GitLab'

      # Disable the built-in Postgres
      postgresql['enable'] = false
      # Recommend value is 1/4 of total RAM, up to 14GB.
      postgresql['shared_buffers'] = '2GB'

      # PostgreSQl database configuration
      gitlab_rails['db_adapter'] = 'postgresql'
      gitlab_rails['db_encoding'] = 'utf8'
      gitlab_rails['db_host'] = 'gitlab-db.example.com'
      gitlab_rails['db_port'] = 5432
      gitlab_rails['db_database'] = 'database-name'
      gitlab_rails['db_username'] = 'database-username'
      gitlab_rails['db_password'] = 'database-password'

      # Gmail SMTP configuration
      gitlab_rails['smtp_enable'] = true
      gitlab_rails['smtp_address'] = 'smtp.gmail.com'
      gitlab_rails['smtp_port'] = 587
      gitlab_rails['smtp_user_name'] = 'gitlab@example.com'
      gitlab_rails['smtp_password'] = 'email-password'
      gitlab_rails['smtp_domain'] = 'smtp.gmail.com'
      gitlab_rails['smtp_authentication'] = 'login'
      gitlab_rails['smtp_enable_starttls_auto'] = true
      gitlab_rails['smtp_tls'] = false
      gitlab_rails['smtp_openssl_verify_mode'] = 'peer'       
  ports:
    - '80:80'
    - '443:443'
    - '2224:22'
  volumes:
    # Mount EBS volume
    - '/srv/gitlab/config:/etc/gitlab'
    - '/srv/gitlab/logs:/var/log/gitlab'
    - '/srv/gitlab/data:/var/opt/gitlab'