pagdot/docker-compose.yml

## docker-compose.yml
version: '3.4'

services:
  gitlab:
    image: gitlab/gitlab-ee:latest
    restart: always
    container_name: gitlab
    environment:
      TZ: Europa/Berlin
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'https://git.example.com'
        gitlab_rails['gitlab_shell_ssh_port'] = 2022
        # Docker registry
        registry_external_url 'https://registry.example.com'
        registry_nginx['ssl_certificate'] = "/etc/letsencrypt/live/example.com/fullchain.pem"
        registry_nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/example.com/privkey.pem"
        registry_nginx['listen_port'] = 5050
        registry_nginx['listen_https'] = true
        # Add any other gitlab.rb configuration here, each on its own line
    expose:
      - 5050  # container registry
    ports:
      - '2022:22' # SSH git access
    volumes:
      - ./config:/etc/gitlab
      - ./logs:/var/log/gitlab
      - ./data:/var/opt/gitlab
      - ./letsencrypt:/etc/letsencrypt:ro # symlink to SWAG letsencrypt folder
    networks:
      - reverse-proxy

networks:
  reverse-proxy:  # To connect with reverse proxy
    external: true


## gitlab.subdomain.conf
# make sure that your dns has a cname set for gitlab and that your gitlab container is not using a base url

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name git.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;

    # enable for Authelia
    # include /config/nginx/authelia-server.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;

        # enable for Authelia
        # include /config/nginx/authelia-location.conf;

        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app gitlab;
        set $upstream_port 443;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
}

## gitlab_registry.subdomain.conf
# make sure that your dns has a cname set for gitlab and that your gitlab container is not using a base url

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name registry.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;

    # enable for Authelia
    # include /config/nginx/authelia-server.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;

        # enable for Authelia
        # include /config/nginx/authelia-location.conf;

        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app gitlab;
        set $upstream_port 5050;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
}
	version: '3.4'

	services:
	gitlab:
	image: gitlab/gitlab-ee:latest
	restart: always
	container_name: gitlab
	environment:
	TZ: Europa/Berlin
	GITLAB_OMNIBUS_CONFIG: \|
	external_url 'https://git.example.com'
	gitlab_rails['gitlab_shell_ssh_port'] = 2022
	# Docker registry
	registry_external_url 'https://registry.example.com'
	registry_nginx['ssl_certificate'] = "/etc/letsencrypt/live/example.com/fullchain.pem"
	registry_nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/example.com/privkey.pem"
	registry_nginx['listen_port'] = 5050
	registry_nginx['listen_https'] = true
	# Add any other gitlab.rb configuration here, each on its own line
	expose:
	- 5050 # container registry
	ports:
	- '2022:22' # SSH git access
	volumes:
	- ./config:/etc/gitlab
	- ./logs:/var/log/gitlab
	- ./data:/var/opt/gitlab
	- ./letsencrypt:/etc/letsencrypt:ro # symlink to SWAG letsencrypt folder
	networks:
	- reverse-proxy

	networks:
	reverse-proxy: # To connect with reverse proxy
	external: true
	# make sure that your dns has a cname set for gitlab and that your gitlab container is not using a base url

	server {
	listen 443 ssl;
	listen [::]:443 ssl;

	server_name git.*;

	include /config/nginx/ssl.conf;

	client_max_body_size 0;

	# enable for ldap auth, fill in ldap details in ldap.conf
	#include /config/nginx/ldap.conf;

	# enable for Authelia
	# include /config/nginx/authelia-server.conf;

	location / {
	# enable the next two lines for http auth
	#auth_basic "Restricted";
	#auth_basic_user_file /config/nginx/.htpasswd;

	# enable the next two lines for ldap auth
	#auth_request /auth;
	#error_page 401 =200 /ldaplogin;

	# enable for Authelia
	# include /config/nginx/authelia-location.conf;

	include /config/nginx/proxy.conf;
	resolver 127.0.0.11 valid=30s;
	set $upstream_app gitlab;
	set $upstream_port 443;
	set $upstream_proto https;
	proxy_pass $upstream_proto://$upstream_app:$upstream_port;
	}
	}