zengxs
commented
5 months ago Here is the docker-compose file I used, you can take it as a reference:
version: '3.9'
x-logging:
&default-logging
driver: json-file
options:
max-size: "100m"
max-file: "3"
services:
gitlab:
image: zengxs/gitlab:16.10.3-ee # You can choose ce (community edition) or ee (enterprise edition) depending on your needs.
container_name: gitlab
restart: unless-stopped
ports:
- 9002:80
- 2222:22
depends_on:
- redis
- postgres
links:
- redis:redis.local
- postgres:postgres.local
environment:
TZ: Asia/Singapore
GITLAB_OMNIBUS_CONFIG: from_file('/etc/gitlab.rb')
volumes:
# Your gitlab configurations file
- ./gitlab.rb:/etc/gitlab.rb:ro
# GitLab data dirs
- ./gl-config:/etc/gitlab
- ./gl-log:/var/log/gitlab
- ./gl-data:/var/opt/gitlab
logging: *default-logging
# gitlab-runner (if needed)
runner:
image: gitlab/gitlab-runner:alpine
container_name: gitlab-runner
restart: unless-stopped
environment:
TZ: Asia/Singapore
volumes:
- ./glr-config:/etc/gitlab-runner
logging: *default-logging
# I'm using an external Redis service (you can also use the one inside the
# GitLab image, which would make this section unnecessary).
redis:
image: redis:7.0.14
restart: unless-stopped
volumes:
- gitlab_redis:/data
command: redis-server --save 60 1 --appendonly yes
logging: *default-logging
# External postgres service (similar to Redis, you can also use the
# internal postgres service inside the GitLab image, If you opt for
# an external service, make sure the version is consistent with what
# GitLab requires).
postgres:
image: postgres:13.13
restart: unless-stopped
volumes:
- gitlab_postgres:/var/lib/postgresql/data
environment:
TZ: Asia/Singapore
POSTGRES_USER: gitlab
POSTGRES_DB: gitlab_db
POSTGRES_PASSWORD: your_database_password
logging: *default-logging
volumes:
gitlab_redis:
driver: local
gitlab_postgres:
driver: localBelow is the configuration file for GitLab, which should be named gitlab.rb and placed in the same directory as the docker-compose.yml:
########## GitLab Configurations ##########
# More configurations see: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template
external_url "https://your-domain.com"
gitlab_rails['gitlab_default_theme'] = 3
gitlab_rails['gitlab_username_changing_enabled'] = false
# postgresql settings (if you use external postgresql service)
postgresql['enable'] = false
postgresql['version'] = 13
gitlab_rails['db_adapter'] = "postgresql"
gitlab_rails['db_database'] = "gitlab_db"
gitlab_rails['db_username'] = "gitlab"
gitlab_rails['db_password'] = "your_database_password"
gitlab_rails['db_host'] = "postgres.local"
gitlab_rails['db_port'] = 5432
# redis settings (if you use external redis service)
redis['enable'] = false
gitlab_rails['redis_host'] = "redis.local"
gitlab_rails['redis_port'] = 6379
# puma settings
puma['enable'] = true
# bundled nginx settings
# This is the internal nginx configuration for GitLab. I'm using an additional
# external nginx to handle SSL. If you want to use the internal nginx to handle
# SSL directly, or if you prefer not to use SSL at all, you can modify it according to your needs.
nginx['redirect_http_to_https'] = false
nginx['listen_addresses'] = ['*']
nginx['listen_port'] = 80
nginx['listen_https'] = false
nginx['gzip_enabled'] = false
# Add custom robots.txt (if needed)
nginx['custom_gitlab_server_config'] = <<EOS
location = /robots.txt {
default_type text/html;
return 200 'User-Agent: *\nDisallow: /\n';
}
EOS
nginx['worker_processes'] = 1
nginx['worker_connections'] = 768
# misc settings
prometheus['enable'] = false
prometheus_monitoring['enable'] = true
gitlab_exporter['listen_address'] = '0.0.0.0'
gitlab_exporter['listen_port'] = '9168'
registry['enable'] = false
# omniauth settings
# I use SAML for implementing SSO. If it's not needed, you can delete the following section.
gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']
gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_auto_link_saml_user'] = true
gitlab_rails['omniauth_providers'] = [
{
name: 'saml',
label: 'Keycloak',
groups_attribute: 'groups',
required_groups: ['gitlab-users', 'gitlab-administrators'],
admin_groups: ['gitlab-administrators'],
args: {
assertion_consumer_service_url: "https://REDACTED",
idp_cert_fingerprint: "REDACTED",
idp_sso_target_url: "https://REDACTED",
issuer: "REDACTED",
name_identifier_format: "urn:oasis:names:tc:SAML:2.0:nameid-format:username",
attribute_statements: { nickname: ['username'] },
},
}
]
# email settings
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'REDACTED'
gitlab_rails['gitlab_email_display_name'] = 'GitLab'
gitlab_rails['gitlab_email_subject_suffix'] = 'GitLab Instance'
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "email-smtp.us-west-2.amazonaws.com"
gitlab_rails['smtp_port'] = 587
gitlab_rails['smtp_user_name'] = "REDACTED"
gitlab_rails['smtp_password'] = "REDACTED"
gitlab_rails['smtp_domain'] = "REDACTED"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = trueI hope this is helpful to you.
kubrickfr
how could write this in compose file?