GitLab 安裝相關紀錄

  • 安裝環境 : Alpine 3.20 + docker compose
  • docker-compose.yml

    services:
      gitlab:
        image: gitlab/gitlab-ce
        container_name: gitlab
        restart: always
        hostname: 'git-demo.ichiayi.com'
        environment:
          GITLAB_OMNIBUS_CONFIG: |
            # Add any other gitlab.rb configuration here, each on its own line
            external_url 'https://git-demo.ichiayi.com'
        ports:
          - '80:80'
          - '443:443'
          - '22:22'
        volumes:
          - './config:/etc/gitlab'
          - './logs:/var/log/gitlab'
          - './data:/var/opt/gitlab'
        shm_size: '256m'

  • 啟動服務

    docker compose up -d
    docker compose logs -f

  • 查看自動產生的 root 密碼

    cat config/initial_root_password

  • 目錄配置

    .
    ├── .env
    ├── cloudflare.ini
    ├── docker-compose.yml
    ├── [config]
    ├── [data]
    ├── [logs]
    ├── [ssl]

  • 建立 ssl 目錄與權限

    rm -rf ssl/*
    mkdir -p ssl
    chmod 777 ssl

  • 編輯 docker-compose.yml
    services:
      gitlab:
        image: gitlab/gitlab-ce
        container_name: gitlab
        restart: always
        hostname: '${DOMAIN_NAME}'
        environment:
          GITLAB_OMNIBUS_CONFIG: |
            external_url 'https://${DOMAIN_NAME}'
            letsencrypt['enable'] = false
            nginx['ssl_certificate'] = "/etc/gitlab/ssl/fullchain.pem"
            nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/privkey.pem"
            nginx['enable'] = true
            nginx['redirect_http_to_https'] = true
        ports:
          - '80:80'
          - '443:443'
          - '9022:22'
        volumes:
          - './config:/etc/gitlab'
          - './logs:/var/log/gitlab'
          - './data:/var/opt/gitlab'
          - './ssl:/etc/gitlab/ssl'
        shm_size: '256m'
        networks:
          - gitlab-network
    
      certbot:
        image: certbot/dns-cloudflare:latest
        container_name: certbot
        volumes:
          - ./ssl:/etc/letsencrypt
          - ./cloudflare.ini:/etc/secrets/cloudflare.ini:ro
        entrypoint: "/bin/sh"
        command:
          - -c
          - |
            trap exit TERM;
            while :; do
              certbot certonly --dns-cloudflare --dns-cloudflare-credentials /etc/secrets/cloudflare.ini \
                -d ${DOMAIN_NAME} --non-interactive --agree-tos \
                -m ${CF_EMAIL} || true;
    
              if [ -f /etc/letsencrypt/live/${DOMAIN_NAME}/fullchain.pem ]; then
                cp /etc/letsencrypt/live/${DOMAIN_NAME}/fullchain.pem /etc/letsencrypt/fullchain.pem;
                cp /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem /etc/letsencrypt/privkey.pem;
                chmod 644 /etc/letsencrypt/fullchain.pem /etc/letsencrypt/privkey.pem;
    
                apk add --no-cache curl
                echo "Waiting for GitLab to be ready..."
                until curl -s http://gitlab:80/-/health > /dev/null; do
                  sleep 5
                done
    
                echo "Reloading GitLab configuration..."
                curl -s --show-error --fail -X POST http://gitlab:80/-/api/v4/admin/application/settings/reload_without_downtime
              fi
              sleep 24h;
            done
        networks:
          - gitlab-network
    
    networks:
      gitlab-network:
        driver: bridge
  • 編輯 .env 檔案 Exp.
    DOMAIN_NAME=gitlab.ichiayi.com #Gitlab 網址
    [email protected] #Cloudflare 帳號
  • 編輯 cloudflare.ini 檔案 Exp.
    dns_cloudflare_api_token = kvm8***********************************o

    具有編輯 DNS 權限的 API Token , 不是Global API Key

  • 設定 .env 與 cloudflare.ini 權限

    chmod 600 .env
    chmod 600 cloudflare.ini

  • 啟動服務

    docker compose up -d

  • tech/gitlabtips.txt
  • 上一次變更: 2024/11/16 22:17
  • jonathan