docker-compose 安装gitlab

写在前面的话：docker-compose的文件是通用的，因此可以切换任意版本的gitlab的镜像版本。
往期docker-compose部署系列如：

• docker-compose语法格式
• docker-compose部署openldap
• docker-compose 安装Sonar并集成gitlab

1. 参考文档

docker部署：https://www.runoob.com/docker/centos-docker-install.html

docker-compose部署：https://github.com/docker/compose/releases

2. 环境信息

• System OS：CentOS Linux release 7.9.2009 (Core)

• GitLab：gitlab-jh:14.9.3

• Docker：19.03.4

• Docker-compose：1.29.2

3. 部署docker-compose

sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

chmod +x /usr/local/bin/docker-compose

# 查看版本
[root@gitlabce]# docker-compose version
docker-compose version 1.29.2, build 5becea4c
docker-py version: 5.0.0
CPython version: 3.7.10
OpenSSL version: OpenSSL 1.1.0l  10 Sep 2019

4. 部署docker

4.1 docker安装

# docker源
sudo yum-config-manager \
    --add-repo \
    http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 安装docker
sudo yum install docker-ce-19.03.4 docker-ce-cli-19.03.4 containerd.io
# 启动docker
systemctl start docker 
systemctl enable docker
# docker 版本
[root@gitlabce]# docker -v
Docker version 19.03.4, build 9013bf583a

4.2 创建容器特有的网络

docker network create gitlab --driver bridge  --subnet 10.5.1.1/24 --gateway 10.5.1.1

[root@gitlabce]# docker inspect gitlab
[
    {
        "Name": "gitlab",
        "Id": "3c9dd9e79fec52f04558126de9055faf8696c56a661c37b5e6acfe3ab84abf30",
        "Created": "2023-01-31T12:22:25.263107091+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "10.5.1.1/24",
                    "Gateway": "10.5.1.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]

4.3 创建挂载目录

mkdir -p /data/gitlab/{conf,ssl,logs,data}

5. 编写 docker-compose.yaml文件

cat docker-compose.yaml

version: '3'
services:
  gitlab:
    image: registry.gitlab.cn/omnibus/gitlab-jh:14.9.3
    container_name: GitLab
    restart: always
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'https://gitlabce.bdeet.top'
        gitlab_rails['time_zone'] = 'Asia/Shanghai'
        gitlab_rails['lfs_enabled'] = true
        gitlab_rails['gitlab_shell_ssh_port'] = 2222
        gitlab_rails['gitlab_email_from'] = '[email protected]'
        gitlab_rails['gitlab_email_display_name'] = 'GitLab Administrator'
        gitlab_rails['gitlab_email_reply_to'] = '[email protected]'
        gitlab_rails['gitlab_email_subject_suffix'] = '[gitlab]'
        gitlab_rails['backup_keep_time'] = 14515200
        gitlab_rails['smtp_enable'] = true
        gitlab_rails['smtp_address'] = "smtp.163.com"
        gitlab_rails['smtp_port'] = 465
        gitlab_rails['smtp_user_name'] = "[email protected]"
        gitlab_rails['smtp_password'] = "xxxxxxxxxxx"
        gitlab_rails['smtp_domain'] = "163.com"
        gitlab_rails['smtp_authentication'] = "login"
        gitlab_rails['smtp_enable_starttls_auto'] = true
        gitlab_rails['smtp_tls'] = true
        gitlab_rails['smtp_openssl_verify_mode'] = 'none'
        logging['logrotate_frequency'] = "weekly"
        logging['logrotate_rotate'] = 52
        logging['logrotate_compress'] = "compress"
        logging['logrotate_method'] = "copytruncate"
        logging['logrotate_delaycompress'] = "delaycompress"
        nginx['listen_port'] = 443
        nginx['redirect_http_to_https'] = true
        nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlabce.bdeet.top.crt"
        nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlabce.bdeet.top.key"
        nginx['ssl_protocols'] = "TLSv1.1 TLSv1.2"
        nginx['logrotate_frequency'] = "weekly"
        nginx['logrotate_rotate'] = 52
        nginx['logrotate_compress'] = "compress"
        nginx['logrotate_method'] = "copytruncate"
        nginx['logrotate_delaycompress'] = "delaycompress"
        gitlab_rails['manage_backup_path'] = true
        gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"
        gitlab_rails['ldap_enabled'] = true
        gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
          main: # 'main' is the GitLab 'provider ID' of this LDAP server
            label: 'LDAP'           # 显示在登录页面上的名称
            host: '10.0.10.36'
            port: 389               # LDAP服务端口，如果LDAP基于SSL在端口通常为636
            uid: 'sAMAccountName'   # LDAP中用户名对应的属性，通常为'sAMAccountName'
            bind_dn: 'cn=ldap,dc=wkx,dc=cn'
            password: 'Jh@2022'
            encryption: 'plain'     # 'start_tls' or 'simple_tls' or 'plain'
            verify_certificates: false  # 如果使用SSL，则设为true
            active_directory: false     # 如果是 Active Directory LDAP server 则设为true
            allow_username_or_email_login: false  # 是否允许email登录
            lowercase_usernames: false            # 是否将用户名转为小写
            block_auto_created_users: false       # 是否自动创建用户
            base: 'dc=wkx,dc=cn'
            user_filter: ''
        EOS
    ports:
      - '80:80'
      - '443:443'
      - '2222:22'
    volumes:
      - '/data/gitlab/conf:/etc/gitlab'
      - '/data/gitlab/ssl:/etc/gitlab/ssl'
      - '/data/gitlab/logs:/var/log/gitlab'
      - '/data/gitlab/data:/var/opt/gitlab'
      - '/root/.ssh/:/root/.ssh'
    networks:
      - gitlab
networks:
  gitlab:
    driver: bridge

6. 启动GitLab

docker-compose up -d