Configure the target

  • Email tip
  • GitHub login is authorized by a third party
  • GitLab Runner
  • Docker private server registration

The official introduction

Under the prevailing microservices environment, Docker mode is preferred for service deployment, which is convenient for migration and elastic scaling

Official image introduction GitLab Docker Images

GitLab Docker images

Both GitLab CE and EE are in Docker Hub:

  • GitLab CE Docker image
  • GitLab EE Docker image

The GitLab Docker images are monolithic images of GitLab running all the necessary services on a single container.

In the following examples we are using the image of GitLab CE. To use GitLab EE instead of GitLab CE, replace the image name to gitlab/gitlab-ee:latest.

If you want to use the latest RC image, use gitlab/gitlab-ce:rc or gitlab/gitlab-ee:rc for GitLab CE and GitLab EE respectively.

The GitLab Docker images can be run in multiple ways:

  • Run the image in Docker Engine
  • Install GitLab into a cluster
  • Install GitLab using docker-compose

Docker – compose script

Community edition (CE) installation is selected here, and docker-compose script file is used to facilitate parameter configuration

Install GitLab using docker-compose

With Docker compose you can easily configure, install, and upgrade your Docker-based GitLab installation.

  1. Install Docker Compose

  2. Create a docker-compose.yml file (or download an example):

     web:
   image: 'gitlab/gitlab-ce:latest'
   restart: always
   hostname: 'gitlab.example.com'
   environment:
     GITLAB_OMNIBUS_CONFIG: | external_url 'https://gitlab.example.com' # Add any other gitlab.rb configuration here, each on its own line   ports:
     - '80:80'
     - '443:443'
     - 'and'
   volumes:
     - '/srv/gitlab/config:/etc/gitlab'
     - '/srv/gitlab/logs:/var/log/gitlab'
     - '/srv/gitlab/data:/var/opt/gitlab'
Copy the code

  3. Make sure you are in the same directory as docker-compose.yml and run docker-compose up -d to start GitLab

Read “Pre-configure Docker container” to see how the GITLAB_OMNIBUS_CONFIG variable works.

Below is another docker-compose.yml example with GitLab running on a custom HTTP and SSH port. Notice how the GITLAB_OMNIBUS_CONFIG variables match the ports section:

web:
  image: 'gitlab/gitlab-ce:latest'
  restart: always
  hostname: 'gitlab.example.com'
  environment:
    GITLAB_OMNIBUS_CONFIG: | external_url 'http://gitlab.example.com:9090' gitlab_rails['gitlab_shell_ssh_port'] = 2224  ports:
    - '9090:9090'
    - '2224:22'
  volumes:
    - '/srv/gitlab/config:/etc/gitlab'
    - '/srv/gitlab/logs:/var/log/gitlab'
    - '/srv/gitlab/data:/var/opt/gitlab'
Copy the code

This is the same as using --publish 9090:9090 --publish 2224:22.

Official note Docker CE version is based on the Omnibus version. Therefore, you can also refer to related documents for environment configuration

Omnibus document directory

Installation and Configuration using omnibus package

Note: This section describes the commonly used configuration settings. Check configuration section of the documentation for complete configuration settings.

  • Installing GitLab
    • Manually downloading and installing a GitLab package
  • Setting up a domain name/URL for the GitLab Instance so that it can be accessed easily
  • Enabling HTTPS
  • Enabling notification EMails
  • Enabling replying via email
    • Installing and configuring postfix
  • Enabling container registry on GitLab
    • You will require SSL certificates for the domain used for container registry
  • Enabling GitLab Pages
    • If you want HTTPS enabled, you will have to get wildcard certificates
  • Enabling Elasticsearch
  • GitLab Mattermost Set up the Mattermost messaging app that ships with Omnibus GitLab package.
  • GitLab Prometheus Set up the Prometheus monitoring included in the Omnibus GitLab package.
  • GitLab High Availability Roles

Write yamL files with configuration goals

Note:

  • Email here uses email box 163 (no official case of email box 163 support is provided)
  • Docker private public key execution is obtained from the private server
  • For special reasons, the target configuration does not enable SSL secure connections, but GitLab can simply configure to support SSL and automatically update certificates

The configuration document

Let ‘s Encrypt Integration

Primary GitLab Instance

Note: Introduced in GitLab version 10.5 and disabled by default. Enabled by default in GitLab version 10.7 and later if external_url is set with the httpsprotocol and no certificates are configured.

Note: In order for Let’s Encrypt verification to work correctly, ports 80 and 443 will need to be accessible to the Let’s Encrypt servers that run the validation. Also note that the validation currently does not work with non-standard ports.

Caution Administrators installing or upgrading to GitLab version 10.7 or later and do not plan on using Let’s Encrypt should set the following in /etc/gitlab/gitlab.rb to disable:

letsencrypt['enable'] = false
Copy the code

Add the following entries to /etc/gitlab/gitlab.rb to enable Let’s Encrypt support for the primary domain:

Letsencrypt [' enable '] = true # GitLab 10.5 and 10.6 the require this option external_url # Must "https://gitlab.example.com"  use https protocol letsencrypt['contact_emails'] = ['[email protected]'] # OptionalCopy the code

Generate email 163 authorization password

Generate the GitHub authorization key

The final configuration

version: '3.1'

services:

  gitlab:
    environment:
      GITLAB_OMNIBUS_CONFIG: | external_url 'external access address gitlab_rails [' gitlab_shell_ssh_port] = 22 registry_external_url' Docker private server address ' Registry_nginx ['ssl_certificate_key'] = "Docker private key pem file" gitlab_rails['smtp_enable'] = true gitlab_rails['smtp_address'] = "smtp.163.com" gitlab_rails['smtp_port'] = 465 Gitlab_rails ['smtp_user_name'] = "Mail sender name" gitlab_rails['gitlab_email_from'] = 'mail sender address' gitlab_rails['smtp_password'] = "Authentication password" gitlab_rails['smtp_domain'] = "163.com" gitlab_rails['smtp_authentication'] = "login" gitlab_rails['smtp_enable_starttls_auto'] = true gitlab_rails['smtp_tls'] = true gitlab_rails['omniauth_enabled'] = true  gitlab_rails['omniauth_allow_single_sign_on'] = true gitlab_rails['omniauth_block_auto_created_users'] = true gitlab_rails['omniauth_providers'] = [ { "name" => "github", "app_id" => "Client ID", "app_secret" => "Client Secret", "url" => "https://github.com/", "args" => { "scope" => "user:email" } } ]    image: gitlab/gitlab-ce:latest
    hostname: The domain name
    restart: always
    networks:
    - devops-service-bridge
    ports:
    - '443:443'
    - '80:8099'
    - 'and'
    volumes:
    - ./srv/gitlab/config:/etc/gitlab
    - ./srv/gitlab/logs:/var/log/gitlab
    - ./srv/gitlab/data:/var/opt/gitlab
    - /etc/docker/certs.d:/etc/docker/certs.d


networks:
  devops-service-bridge:
    driver: bridge
Copy the code