docker-gitlab: docker-compose can‘t enable 443 https
This is my docker-compose.yml
version: '2'
services:
redis:
restart: always
image: sameersbn/redis:4.0.9-2
command:
- --loglevel warning
volumes:
# - redis-data:/var/lib/redis:Z
- /volumes/gitlab/redis-data:/var/lib/redis:Z
postgresql:
restart: always
image: sameersbn/postgresql:10-2
volumes:
# - postgresql-data:/var/lib/postgresql:Z
- /volumes/gitlab/postgresql-data:/var/lib/postgresql:Z
environment:
- DB_USER=gitlab
- DB_PASS=545D1031-7A10-4A0E-BE62-803E1AF70F92
- DB_NAME=gitlabhq_production
- DB_EXTENSION=pg_trgm
gitlab:
restart: always
image: sameersbn/gitlab:13.0.2
depends_on:
- redis
- postgresql
ports:
# - "127.0.0.1:10080:80"
- "80:80"
- "81:22"
# - "10080:443"
volumes:
# - gitlab-data:/home/git/data:Z
- /volumes/gitlab/gitlab-data:/home/git/data:Z
# - /volumes/gitlab/tlab-data/gitlab.yml:/home/git/gitlab/config/gitlab.yml
# - /volumes/gitlab/gitlab-data:/home/git:Z
environment:
# - DEBUG=false
- DEBUG=true
- DB_ADAPTER=postgresql
- DB_HOST=postgresql
- DB_PORT=5432
- DB_USER=gitlab
- DB_PASS=545D1031-7A10-4A0E-BE62-803E1AF70F92
- DB_NAME=gitlabhq_production
- REDIS_HOST=redis
- REDIS_PORT=6379
- TZ=Asia/Kolkata
- GITLAB_TIMEZONE=Kolkata
- GITLAB_HTTPS=true
# - GITLAB_HTTPS=false
# - SSL_SELF_SIGNED=false
- SSL_SELF_SIGNED=true
- GITLAB_HOST=www.test.com
# - GITLAB_HOST=""
- GITLAB_PORT=443
- GITLAB_SSH_PORT=22
- GITLAB_RELATIVE_URL_ROOT=
- GITLAB_SECRETS_DB_KEY_BASE=9CA8BE9D-6A91-4E6A-B094-2D2F9C4F6943E22893BF-B2B5-4721-9892-94AE01F668BE
- GITLAB_SECRETS_SECRET_KEY_BASE=81FDCF07-19BE-4A86-AF8F-2161A9BC5833CF834411-8064-4377-834A-C226AF2EAA50
- GITLAB_SECRETS_OTP_KEY_BASE=3C022734-34A5-498D-A994-1C608C7265728395327F-96CC-48DE-A1DD-ECAD9A097BCC
- GITLAB_ROOT_PASSWORD=1313537D-E70B-4779-9533-6AF59B913EF6
- GITLAB_ROOT_EMAIL=gitlab@xxxx.com
- GITLAB_NOTIFY_ON_BROKEN_BUILDS=true
- GITLAB_NOTIFY_PUSHER=false
- GITLAB_EMAIL=info.in@starcross.cn
- GITLAB_EMAIL_REPLY_TO=noreply@xxxx.com
- GITLAB_INCOMING_EMAIL_ADDRESS=reply@xxxx.com
- GITLAB_BACKUP_SCHEDULE=daily
- GITLAB_BACKUP_TIME=01:00
- SMTP_ENABLED=true
- SMTP_DOMAIN=exmail.qq.com
- SMTP_HOST=smtp.exmail.qq.com
- SMTP_PORT=465
- SMTP_USER=info.in@xxxx.com
- SMTP_PASS=KNkhi7suwMZJRahK
- SMTP_TLS=true
- SMTP_STARTTLS=false
- SMTP_AUTHENTICATION=login
- IMAP_ENABLED=false
- IMAP_HOST=imap.exmail.qq.com
- IMAP_PORT=993
- IMAP_USER=info.in@xxxx.com
- IMAP_PASS=ufEoa8Z7wPeV5hdz
- IMAP_SSL=true
- IMAP_STARTTLS=false
- OAUTH_ENABLED=false
- OAUTH_AUTO_SIGN_IN_WITH_PROVIDER=
- OAUTH_ALLOW_SSO=
- OAUTH_BLOCK_AUTO_CREATED_USERS=true
- OAUTH_AUTO_LINK_LDAP_USER=false
- OAUTH_AUTO_LINK_SAML_USER=false
- OAUTH_EXTERNAL_PROVIDERS=
- OAUTH_CAS3_LABEL=cas3
- OAUTH_CAS3_SERVER=
- OAUTH_CAS3_DISABLE_SSL_VERIFICATION=false
- OAUTH_CAS3_LOGIN_URL=/cas/login
- OAUTH_CAS3_VALIDATE_URL=/cas/p3/serviceValidate
- OAUTH_CAS3_LOGOUT_URL=/cas/logout
- OAUTH_GOOGLE_API_KEY=
- OAUTH_GOOGLE_APP_SECRET=
- OAUTH_GOOGLE_RESTRICT_DOMAIN=
- OAUTH_FACEBOOK_API_KEY=
- OAUTH_FACEBOOK_APP_SECRET=
- OAUTH_TWITTER_API_KEY=
- OAUTH_TWITTER_APP_SECRET=
- OAUTH_GITHUB_API_KEY=
- OAUTH_GITHUB_APP_SECRET=
- OAUTH_GITHUB_URL=
- OAUTH_GITHUB_VERIFY_SSL=
- OAUTH_GITLAB_API_KEY=
- OAUTH_GITLAB_APP_SECRET=
- OAUTH_BITBUCKET_API_KEY=
- OAUTH_BITBUCKET_APP_SECRET=
- OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL=
- OAUTH_SAML_IDP_CERT_FINGERPRINT=
- OAUTH_SAML_IDP_SSO_TARGET_URL=
- OAUTH_SAML_ISSUER=
- OAUTH_SAML_LABEL="Our SAML Provider"
- OAUTH_SAML_NAME_IDENTIFIER_FORMAT=urn:oasis:names:tc:SAML:2.0:nameid-format:transient
- OAUTH_SAML_GROUPS_ATTRIBUTE=
- OAUTH_SAML_EXTERNAL_GROUPS=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_EMAIL=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_NAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_USERNAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_FIRST_NAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_LAST_NAME=
- OAUTH_CROWD_SERVER_URL=
- OAUTH_CROWD_APP_NAME=
- OAUTH_CROWD_APP_PASSWORD=
- OAUTH_AUTH0_CLIENT_ID=
- OAUTH_AUTH0_CLIENT_SECRET=
- OAUTH_AUTH0_DOMAIN=
- OAUTH_AUTH0_SCOPE=
- OAUTH_AZURE_API_KEY=
- OAUTH_AZURE_API_SECRET=
- OAUTH_AZURE_TENANT_ID=
# volumes:
# redis-data:
# postgresql-data:
# gitlab-data:
I run the docker-compose.yml:
docker-compose up -d
I get resault with docker ps
[root@ansible2 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
28203a05dc43 sameersbn/gitlab:13.0.2 "/sbin/entrypoint.sh…" 45 minutes ago Up 45 minutes 0.0.0.0:80->80/tcp, 443/tcp, 0.0.0.0:81->22/tcp root_gitlab_1
21a787e61b63 sameersbn/redis:4.0.9-2 "/sbin/entrypoint.sh…" 45 minutes ago Up 45 minutes 6379/tcp root_redis_1
735979f6feca sameersbn/postgresql:10-2 "/sbin/entrypoint.sh" 45 minutes ago Up 45 minutes 5432/tcp root_postgresql_1
[root@ansible2 ~]#
I confused that the 443 port can’t access What I want to see: I want to enable 443 and enable https
About this issue
- Original URL
- State: open
- Created 3 years ago
- Comments: 15 (5 by maintainers)
The environment variable
SSL_CA_CERTIFICATES_PATHis NOT necessary, butSSL_DHPARAM_PATHis.You can generate the dhparam with this command:
And upload it in
/home/git/data/certs/or other path you like.中文版: 看了一下脚本,不用配置
SSL_CA_CERTIFICATES_PATH,但是要配置SSL_DHPARAM_PATH,可以用以上命令生成一个扔上去。参考脚本此行:https://github.com/sameersbn/docker-gitlab/blob/7665a499af62ddf2f67e49548c6bd6f795b80d84/assets/runtime/functions#L1246
But. I can’t enable 443 port wihe self-sighed certificate
Yes. It has been running for 4 or 5 years in a row, but never with self-signed certificate.