一、安装docker-compose步骤可参考本博客其他文章
二、这里的ssl证书是使用letsencrypt生成,
可参考文档https://my.oschina.net/u/3042999/blog/1858891
https://wzfou.com/letsencrypt/
三、创建容器网络
docker network create netgitlab
如何自定义gitlab的url访问端口,参考下面配置
四、docker-compose.yml文件如下,注意因为我这里启用了https,且使用的是非标准443端口,故需要
在external_url参数的域名后带上端口号,注意需要把非标准的端口号暴露出来,即3001:3001 如不在域名后面带上端口,可以传入参数:nginx['listen_port'] = 端口号,来指定nginx的监听端口 值得注意的是不要忘记将自定义端口号进行映射,如使用非标准的80或443端口,不按照上述方式配置 在git clone界面域名之后将不带端口号,配置正确如下图所示
[root@hadoop01 gitlab]# more docker-compose.yml version: "2.4" networks: netgitlab: external: true services: ol-gitlab: image: gitlab/gitlab-ce:11.11.0-ce.0 container_name: ol-gitlab hostname: ol-gitlab ports: - "3088:80" - "3001:3001" - "10022:22" networks: - netgitlab volumes: - "/etc/localtime:/etc/localtime" - "./config:/etc/gitlab" - "./logs:/var/log/gitlab" - "./data:/var/opt/gitlab" - "./data/gitlab-backup:/data/gitlab-backup" environment: GITLAB_OMNIBUS_CONFIG: | unicorn['worker_timeout'] = 60 unicorn['worker_processes'] = 5 unicorn['worker_memory_limit_min'] = "200 * 1 << 20" unicorn['worker_memory_limit_max'] = "300 * 1 << 20" sidekiq['concurrency'] = 10 external_url 'https://git.xxxxx.com:3001' gitlab_rails['backup_path'] = "/data/gitlab-backup" gitlab_rails['backup_keep_time'] = 1296000 gitlab_rails['time_zone'] = 'Asia/Shanghai' gitlab_rails['backup_archive_permissions'] = 0644 gitlab_rails['gitlab_shell_ssh_port'] = 10022 nginx['enable'] = true nginx['client_max_body_size'] = '10240m' nginx['redirect_http_to_https'] = true nginx['ssl_certificate'] = "/etc/gitlab/ssl/fullchain.cer" nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/git.xxxx.com.key" nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256" nginx['ssl_prefer_server_ciphers'] = "on" nginx['ssl_protocols'] = "TLSv1.1 TLSv1.2" nginx['ssl_session_cache'] = "builtin:1000 shared:SSL:10m" nginx['listen_addresses'] = ["0.0.0.0"] nginx['http2_enabled'] = true postgresql['max_worker_processes'] = 8 postgresql['shared_buffers'] = "256MB" mem_limit: 4096m restart: always user: root
启动容器并拉取相关镜像
docker-compose up -d
这里使用docker-compose部署的优点在于方便gitlab后期版本升级,只需要替换images镜像地址重建容器即可,且数据迁移方便
参考:https://blog.51cto.com/191226139/2362894