启动命令:
docker run -d \
-p 444:443 \
-p 81:80 \
-p 23:22 \
-v /docker/gitlab/config:/etc/gitlab \
-v /docker/gitlab/logs:/var/log/gitlab \
-v /docker/gitlab/data:/var/opt/gitlab \
--name gitlab \
--restart always \
gitlab/gitlab-ce
用23代替22主要是22端口被用了,这没招儿
81代替80是因为80端口被另一个nginx容器用了,所以需要另一个nginx来代理一下
444代替443原因同上
修改配置文件:vim /docker/gitlab/config/gitlab.rb
external_url 'https://域名'
gitlab_rails['gitlab_ssh_host'] = '域名'
gitlab_rails['gitlab_email_from'] = '邮箱'
gitlab_rails['gitlab_shell_ssh_port'] = 23
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/trusted-certs/xxx.crt" //证书文件在容器内的绝对路径
nginx['ssl_certificate_key'] = "/etc/gitlab/trusted-certs/xxx.key" //证书文件在容器内的绝对路径
nginx['listen_https'] = true
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.exmail.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "邮箱"
gitlab_rails['smtp_password'] = "xxxxxx"
gitlab_rails['smtp_domain'] = "exmail.qq.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true
代理的nginx配置:
server {
listen 80;
server_name 域名;
charset utf-8;
rewrite ^ https://域名;
}
server {
listen 443 ssl;
server_name 域名;
#ssl on;
ssl_certificate xxx.crt;
ssl_certificate_key xxx.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
proxy_pass https://域名:444/;
}
}
最终效果:
gitlab地址:https://域名
项目ssh地址:ssh://git@域名:23/组名/项目名.git (这个23端口还没处理,略有一点不完美)
项目https地址:https://域名/组名/项目名.git
项目公共组件包,gitlab弄好了,建一个public组,弄一个public项目就行了,记得组件包项目的go.mod用“域名/组名/项目名",打好tag。现在的golang支持代理黑名单了,设置自己的gitlab域名为黑名单里,这样即使golang设置了代理域名,自己的gitlab也可以正常访问了