gitlab容器–带https配置

#2.gitlab
重要目录
/home/maks/gitlab/config /etc/gitlab
/home/maks/gitlab/logs /var/log/gitlab
/home/maks/gitlab/data /var/opt/gitlab

生成证书到/home/maks/gitlab/config/ssl/目录:
openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj “/C=FR/ST=Charente/L=Mornac/O=Office/CN=dev.mdde.com” -keyout /home/maks/gitlab/config/ssl/dev.mdde.com.key -out /home/maks/gitlab/config/ssl/dev.mdde.com.crt

先启动容器
docker run –detach
–hostname dev.mdde.com
–publish 44380:44380 –publish 40022:40022
–name gitlab
–restart always
–volume /home/maks/gitlab/config:/etc/gitlab
–volume /home/maks/gitlab/data:/var/opt/gitlab
gitlab/gitlab-ce:latest

$ docker stop gitlab
停止容器后,修改配置文件:
$ vi /home/maks/gitlab/config/gitlab.rb

external_url “https://dev.mdde.com”

nginx[‘listen_port’] = 44380
nginx[‘redirect_http_to_https’] = true
nginx[‘ssl_certificate’] = “/etc/gitlab/ssl/dev.mdde.com.crt”
nginx[‘ssl_certificate_key’] = “/etc/gitlab/ssl/server.key”
nginx[‘proxy_set_headers’] = {
“X-Forwarded-Proto” => “https”,
“X-Forwarded-Ssl” => “on”,
}

gitlab_rails[‘ldap_enabled’] = true
gitlab_rails[‘ldap_servers’] = YAML.load <<-‘EOS’
main: # ‘main’ is the GitLab ‘provider ID’ of this LDAP server
label: ‘LDAP’
host: ‘ad01.mdde.com’
port: 389
uid: ‘sAMAccountName’
method: ‘plain’
bind_dn: ‘CN=gitlabadmin,CN=Users,DC=mdde,DC=com’
password: ‘Mdddt88’
active_directory: true
allow_username_or_email_login: true
base: ‘OU=maksad,DC=mdde,DC=com’
EOS

gitlab_rails[‘gitlab_shell_ssh_port’] = 40022

gitlab_rails[‘smtp_enable’] = true
gitlab_rails[‘smtp_address’] = “mail.mdde.com”
gitlab_rails[‘smtp_port’] = 25
gitlab_rails[‘smtp_user_name’] = “syssin@mdde.com”
gitlab_rails[‘smtp_password’] = “Masss”
gitlab_rails[‘smtp_domain’] = “mail.mdde.com”
gitlab_rails[‘smtp_authentication’] = “login”
gitlab_rails[‘smtp_enable_starttls_auto’] = true
gitlab_rails[‘smtp_tls’] = false
gitlab_rails[‘smtp_openssl_verify_mode’] = ‘none’

$ docker start gitlab

第一次访问http://dev.mdde.com:44380/ 可能需要用Mozilla Firefox浏览器才可以,然后会提示修改密码。

=================================================================================================

启用了防火墙和SELINUX的时候需带Z
docker run –detach
–hostname dev.mdde.com
–publish 44380:44380
–publish 40022:22
–publish 80:80
–name gitlab
–restart always
–volume /home/maks/gitlab/config:/etc/gitlab:Z
–volume /home/maks/gitlab/logs:/var/log/gitlab:Z
–volume /home/maks/gitlab/data:/var/opt/gitlab:Z
gitlab/gitlab-ce:latest

https://docs.gitlab.com/omnibus/docker/
https://docs.gitlab.com/omnibus/settings/nginx.html#enable-https
https://gitlab.com/gitlab-org/gitlab-ce/issues?scope=all&utf8=%E2%9C%93&state=all

Published by

风君子

独自遨游何稽首 揭天掀地慰生平

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注