docke-composer实现gitlab私有化部署

docker-compose实现gitlab私有化部署

docker-compose.yml文件

version: "3"

services:
  dnmp_nginx:
    build:
      context: ./services/nginx
      args:
        NGINX_VERSION: nginx:${NGINX_VERSION}
        CONTAINER_PACKAGE_URL: ${CONTAINER_PACKAGE_URL}
        NGINX_INSTALL_APPS: ${NGINX_INSTALL_APPS}
    container_name: dnmp_nginx
    ports:
      - "${NGINX_HTTP_HOST_PORT}:80"
      - "${NGINX_HTTPS_HOST_PORT}:443"
    volumes:
      - ${SOURCE_DIR}:/www/:rw
      - ${NGINX_SSL_CERTIFICATE_DIR}:/ssl:rw
      - ${NGINX_CONFD_DIR}:/etc/nginx/conf.d/:rw
      - ${NGINX_CONF_FILE}:/etc/nginx/nginx.conf:ro
      - ${NGINX_FASTCGI_PHP_CONF}:/etc/nginx/fastcgi-php.conf:ro
      - ${NGINX_FASTCGI_PARAMS}:/etc/nginx/fastcgi_params:ro
      - ${NGINX_LOG_DIR}:/var/log/nginx/:rw
    environment:
      TZ: "$TZ"
    restart: always
    networks:
      default:
        ipv4_address: 192.168.208.10

  dnmp_gitlab:
    image: gitlab/gitlab-ce
    restart: always
    container_name: dnmp_gitlab
    ports:
      - "1443:443"
      - "1180:80"
      - "1122:22"
    volumes:
      - ${DATA_DIR}/gitlab/config:/etc/gitlab
      - ${DATA_DIR}/gitlab/logs:/var/log/gitlab
      - ${DATA_DIR}/gitlab/data:/var/opt/gitlab
    networks:
      default:
        ipv4_address: 192.168.208.13

networks:
  default:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 192.168.208.0/24

产生容器：

docker-compose down && docker-compose up -d

nginx配置

upstream gitlab_server {
    server xxxxxxxx:1180; 
    # 因为nginx是容器，所以要改为内网ip，而不是127.0.0.1
}

server {
    listen       80;
    server_name  gitlab.xxxxxxx.icu;
    charset utf-8;
    access_log  /var/log/nginx/gitlab.access.log;
    error_log  /var/log/nginx/gitlab.error.log;

    # 启用反向代理
    location / {
        proxy_pass              http://gitlab_server/;
        proxy_redirect          off;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Real-IP       $remote_addr;

        proxy_next_upstream http_502 http_504 error timeout invalid_header;

        #后端的Web服务器可以通过X-Forwarded-For获取用户真实IP
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

此时可以通过网页访问到gitlab的登录页了，但是不知道root的密码；

.rb文件可以指定密码

external_url 'http://gitlab.xxxx.icu'
nginx['enable'] = true
nginx['client_max_body_size'] = '100m'
nginx['redirect_http_to_https'] = true
puma['per_worker_max_memory_mb'] = 2048
sidekiq['concurrency'] = 8
postgresql['shared_buffers'] = '128MB'
postgresql['max_worker_processes'] = 4
prometheus_monitoring['enable'] = false
gitlab_rails['time_zone'] = 'Asia/Shanghai'
gitlab_rails['initial_root_password'] = 'XAvw5vlzQ5U6U8jw'

修改root密码,rb文件指定了密码，一般不用修改

1、进入容器
docker exec -it dnmp_gitlab     /bin/bash
2、执行了这个命令之后需要等待一会，因为gitlab吃内存，反应会慢一点
gitlab-rails console -e production   
3、类似sql的语句，找到用户，修改密码
user = User.where(id:1).first
user.password='XAvw5vlzQ5U6U8jw'
4、保存、退出
user.save!
exit

权限问题

docker exec -it dnmp_gitlab update-permissions
docker restart dnmp_gitlab

此时就可以通过页面访问，并且用root登录了。