http works just fine
HTTP should not work, see "Redirect HTTP requests to HTTPS"
By default, when you specify an
external_urlstarting with 'https', NGINX will no longer listen for unencrypted HTTP traffic on port 80.
If you want to redirect all HTTP traffic to HTTPS you can use theredirect_http_to_httpssetting.
external_url "https://gitlab.example.com"
nginx['redirect_http_to_https'] = true
So double-check your gitlab.rb, then sudo gitlab-ctl reconfigure
GitHub
github.com › danieleagle › gitlab-https-docker › blob › master › docker-compose.yml
gitlab-https-docker/docker-compose.yml at master · danieleagle/gitlab-https-docker
GitLab Docker files to support self-hosted instance over HTTPS. - gitlab-https-docker/docker-compose.yml at master · danieleagle/gitlab-https-docker
Author danieleagle
GitHub
github.com › danieleagle › gitlab-https-docker › blob › master › README.md
gitlab-https-docker/README.md at master · danieleagle/gitlab-https-docker
Everything is setup to run on HTTPS using a self-signed certificate(this needs to be created) or a free Let's Encrypt certificate and includes commonly used features specified as environment variables in the included Docker Compose file.
Author danieleagle
HTTP to HTTPS redirection with Docker Compose
Now I want to do an http to https redirection, e.g. I would redirect: http://localhost to https://localhost I have tried with: nginx[‘redirect_http_to_https’] = true accordingly to: https://docs.gitlab.com/omnibus/settings/nginx.html but without luck. This is my docker-compose: web: image: ... More on forum.gitlab.com
0
0
January 5, 2020Gitlab-ce docker container unaccessable over https - Stack Overflow
I am having an issue accessing local gitlab over https. I installed it on Ubuntu/Redhat 8 with the same results, port 443 is not reachable. Under /etc/gitlab/ssl/ I have created a self signed More on stackoverflow.com
dockerfile - Redirect HTTP TO HTTPS for custom HTTPS port for Omnisus Gitlab with Docker Compose - Stack Overflow
I have the newest Omnibus GitLab Docker image, and the docker-compose.yml looks like this: web: image: 'gitlab/gitlab-ce:latest' restart: always hostname: 'some_ip' container_name: 'some_n... More on stackoverflow.com
nginx - Install gitlab in one VM with docker-compose having a proxy adding https in another vm - Unix & Linux Stack Exchange
I used the standard docker-compose file to create gitlab-ce and gitlab-runner · I redirect by domain in the proxy to port 8080 in my docker VM · This all worked fine and I could login in my browser with https://gitlab.mydomain.de. More on unix.stackexchange.com
GitLab
forum.gitlab.com › infrastructure as code & cloud native
Gitlab-ce via docker container, shared CA certificate, SSL setup - Infrastructure as Code & Cloud Native - GitLab Forum
November 20, 2019 - Hi everybody, i am trying to get the following use case implemented: Web access for Gitlab-ce only via https, run as a docker container, with a domestically (distributed) CA certificate and server key/certificate pair. …
GitLab
forum.gitlab.com › gitlab ci/cd
HTTP to HTTPS redirection with Docker Compose - GitLab CI/CD - GitLab Forum
January 5, 2020 - Now I want to do an http to https redirection, e.g. I would redirect: http://localhost to https://localhost I have tried with: nginx[‘redirect_http_to_https’] = true accordingly to: https://docs.gitlab.com/omnibus/settings/nginx.html but without luck. This is my docker-compose: web: image: ...
Mike Polinowski
mpolinowski.github.io › devops › gitops › install gitlab with docker-compose (debian bullseye)
Install Gitlab with Docker-Compose (Debian Bullseye) | Mike Polinowski
docker-compose up -d docker-compose ps Name Command State Ports ---------------------------------------------------------------------------------------------------------- gitlab-ce /assets/wrapper Up (unhealthy) 0.0.0.0:2222->22/tcp,:::2222->22/tcp, 0.0.0.0:8443->443/tcp,:::8443->443/tcp, 0.0.0.0:80->80/tcp,:::80->80/tcp · Visit https...
Stack Overflow
stackoverflow.com › questions › 51084955 › redirect-http-to-https-for-custom-https-port-for-omnisus-gitlab-with-docker-comp
dockerfile - Redirect HTTP TO HTTPS for custom HTTPS port for Omnisus Gitlab with Docker Compose - Stack Overflow
nginx['redirect_http_to_https'] = true nginx['redirect_http_to_https_port'] = 80 gitlab_rails['gitlab_https'] = false gitlab_rails['gitlab_port'] = 443 nginx['ssl'] = 'off' nginx['listen_port'] = 443 nginx['listen_https'] = false · EDIT: In short: I want the user, who connects to the website via some_ip:6312 or http://some_ip:6312, to be redirected to https://some_ip:6312.
Stack Exchange
unix.stackexchange.com › questions › 696924 › install-gitlab-in-one-vm-with-docker-compose-having-a-proxy-adding-https-in-anot
nginx - Install gitlab in one VM with docker-compose having a proxy adding https in another vm - Unix & Linux Stack Exchange
March 26, 2022 - I used the standard docker-compose file to create gitlab-ce and gitlab-runner · I redirect by domain in the proxy to port 8080 in my docker VM · This all worked fine and I could login in my browser with https://gitlab.mydomain.de.
Programster
blog.programster.org › dockerized-gitlab-configure-ssl
Dockerized GitLab - Configure SSL | Programster's Blog
February 21, 2022 - nginx['enable'] = true nginx['client_max_body_size'] = '250m' nginx['redirect_http_to_https'] = true nginx['redirect_http_to_https_port'] = 80 · Then, further down, un-comment the nginx['ssl_certificate'] and nginx['ssl_certificate_key'] lines, and provide values for where your certificate files are (from the first step). E.g. nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.mydomain.com/certificate.pem" nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.mydomain.com/certificate.key"
Top answer 1 of 2
5
I think you are missing the nginx config in your docker-compose.yml.
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://gitlab.example.com'
nginx['listen_port'] = 80
nginx['listen_https'] = false
nginx['proxy_set_headers'] = {
"X-Forwarded-Proto" => "https",
"X-Forwarded-Ssl" => "on"
}
The following gist helped me a lot! https://gist.github.com/netdesk/c1db2985b542f9916995139318e5a7ce
2 of 2
0
I had the same problem and solved it by running GitLab docker on a custom HTTP port.
docker-compose.yaml:
web:
image: 'gitlab/gitlab-ee:latest'
restart: always
hostname: 'git.example.com'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://git.example.com'
gitlab_rails['gitlab_shell_ssh_port'] = 2224
nginx['listen_port'] = 8929
nginx['listen_https'] = false
ports:
- '8929:8929'
- '2224:22'
Nginx config:
server {
server_name git.example.com;
location / {
proxy_pass http://localhost:8929;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
GitHub
github.com › GetchaDEAGLE › gitlab-https-docker
GitHub - danieleagle/gitlab-https-docker: GitLab Docker files to support self-hosted instance over HTTPS.
July 7, 2022 - Everything is setup to run on HTTPS using a self-signed certificate(this needs to be created) or a free Let's Encrypt certificate and includes commonly used features specified as environment variables in the included Docker Compose file.
Starred by 77 users
Forked by 38 users
Docker Hub
hub.docker.com › r › tiredofit › gitlab-ee
tiredofit/gitlab-ee - Docker Image
When the user comes for the first time it sees a header from the server which states for how long from now this site should only be reachable via HTTPS - that's the HSTS max-age value. With NGINX_HSTS_MAXAGE you can configure that value. The default value is 31536000 seconds. If you want to disable a already sent HSTS MAXAGE value, set it to 0. docker run --name gitlab -d \ --env 'GITLAB_HTTPS=true' --env 'SSL_SELF_SIGNED=true' \ --env 'NGINX_HSTS_MAXAGE=2592000' \ --volume /data/gitlab/gitlab:/home/git/data \ tiredofit/gitlab-ee:latest Copy
ComputingForGeeks
computingforgeeks.com › home › run gitlab ce in docker with docker compose
Run GitLab in Docker Containers using Docker Compose [Guide]
1 week ago - The compose syntax is identical either way. ... sudo ufw allow 80/tcp sudo ufw allow 443/tcp sudo ufw allow 2222/tcp sudo ufw allow OpenSSH sudo ufw enable · GitLab should always run behind HTTPS.
GitLab
docs.gitlab.com › install › docker › configuration
Configure GitLab running in a Docker container | GitLab Docs
# For HTTP external_url "http://gitlab.example.com:8929" or # For HTTPS (notice the https) external_url "https://gitlab.example.com:8929" The port specified in this URL must match the port published to the host by Docker. Additionally, if the NGINX listen port is not explicitly set in nginx['listen_port'], the external_url is used instead. For more information, see the NGINX documentation. ... Following the previous example, your web browser can reach your GitLab instance at <hostIP>:8929 and push over SSH on port 2424. You can see a docker-compose.yml example that uses different ports in the Docker compose section.
DevOps in the clouds
czerniga.it › strona główna › how to install gitlab using docker compose?
How to install GitLab using Docker Compose?
September 26, 2022 - For convenience, we will also set an environment variable that will contain the path to our Gitlab directory: ... # docker-compose.yml version: '3.7' services: web: image: 'gitlab/gitlab-ce:latest' restart: always hostname: 'localhost' container_name: gitlab-ce environment: GITLAB_OMNIBUS_CONFIG: | external_url 'http://localhost' ports: - '8080:80' - '8443:443' volumes: - '$GITLAB_HOME/config:/etc/gitlab' - '$GITLAB_HOME/logs:/var/log/gitlab' - '$GITLAB_HOME/data:/var/opt/gitlab' networks: - gitlab gitlab-runner: image: gitlab/gitlab-runner:alpine container_name: gitlab-runner restart: always depends_on: - web volumes: - /var/run/docker.sock:/var/run/docker.sock - '$GITLAB_HOME/gitlab-runner:/etc/gitlab-runner' networks: - gitlab networks: gitlab: name: gitlab-network
Reddit
reddit.com › r/gitlab › docker compose gitlab-ce 14.7.0 proper setup with docker container registry
r/gitlab on Reddit: Docker compose GitLab-CE 14.7.0 proper setup with docker container registry
March 2, 2022 -
Can someone give a hand and help properly configure container registry in Gitlab? I'm trying to use it with self signed certificates on localhost, used tons of different script to generate *.crt and *.key but nothing seem to work and I can't log in to the registry:
docker login localhost:5005 gives me certificate errors:
Error response from daemon: Get https://localhost:5005/v2/: x509: certificate signed by unknown authority.
I've also tried to copy generated certificate and move it to:
/etc/docker/certs.d/localhost:5005/ca.cert /etc/docker/certs.d/localhost:5005/ca.key
Restarted docker service after with: sudo service docker restart
I've also added insecure registry entry to:
/etc/default/docker DOCKER_OPTS="--insecure-registry localhost:5005"
Above error seem common error but I googled tons of different threads and nothing seem to work. Below docker-compose file I use to spin it up:
version: '3.7'
services:
web:
image: 'gitlab/gitlab-ce:latest'
restart: always
hostname: 'localhost'
container_name: gitlab-ce
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://localhost'
registry_external_url 'https://localhost:5005'
gitlab_rails['lfs_enabled'] = true
gitlab_rails['gitlab_shell_ssh_port'] = 2222
registry_nginx['enable'] = true
registry_nginx['listen_port'] = 5005
registry_nginx['redirect_http_to_https'] = true
registry_nginx['ssl_certificate'] = "/ssl_certs/localhost.crt"
registry_nginx['ssl_certificate_key'] = "/ssl_certs/localhost.key"
ports:
- '8084:80'
- '8443:443'
- '2222:22'
- '5005:5005'
volumes:
- './vol/config:/etc/gitlab'
- './vol/logs:/var/log/gitlab'
- './vol/data:/var/opt/gitlab'
- './vol/ssl_certs:/ssl_certs'
networks:
- gitlab
gitlab-runner:
image: gitlab/gitlab-runner:alpine
container_name: gitlab-runner
restart: always
depends_on:
- web
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- './vol/gitlab-runner:/etc/gitlab-runner'
networks:
- gitlab
networks:
gitlab:
name: gitlab-networkScript to generate my certificates:
#!/usr/bin/env bash # Set the TLD domain we want to use BASE_DOMAIN="localhost" # Days for the cert to live DAYS=1095 # A blank passphrase PASSPHRASE="" # Generated configuration file CONFIG_FILE="config.txt" cat > $CONFIG_FILE <<-EOF [req] default_bits = 2048 prompt = no default_md = sha256 x509_extensions = v3_req distinguished_name = dn [dn] C = CA ST = BC L = Vancouver O = Example Corp OU = Testing Domain emailAddress = webmaster@$BASE_DOMAIN CN = $BASE_DOMAIN [v3_req] subjectAltName = @alt_names [alt_names] DNS.1 = *.$BASE_DOMAIN DNS.2 = $BASE_DOMAIN EOF # The file name can be anything FILE_NAME=$BASE_DOMAIN echo "Generating certs for $BASE_DOMAIN" # Generate our Private Key, CSR and Certificate # Use SHA-2 as SHA-1 is unsupported from Jan 1, 2017 openssl req -new -x509 -newkey rsa:2048 -sha256 -nodes -keyout "$FILE_NAME.key" -days $DAYS -out "$FILE_NAME.crt" -passin pass:$PASSPHRASE -config "$CONFIG_FILE" # OPTIONAL - write an info to see the details of the generated crt openssl x509 -noout -fingerprint -text < "$FILE_NAME.crt" > "$FILE_NAME.info" # Protect the key chmod 400 "$FILE_NAME.key"
EDIT:
I finally found working configuration:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://gitlab.gitlabenv.com:8443'
registry_external_url 'https://registry.gitlabenv.com:5005'
gitlab_rails['time_zone'] = 'America/Chicago'
gitlab_rails['gitlab_shell_ssh_port'] = 2222
gitlab_rails['lfs_enabled'] = true
registry_nginx['enable'] = true
registry_nginx['ssl_certificate'] = "/etc/ssl/certs/gitlab/server-cert.pem"
registry_nginx['ssl_certificate_key'] = "/etc/ssl/certs/gitlab/server-key.pem"
nginx['listen_port'] = 443
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/ssl/certs/gitlab/server-cert.pem"
nginx['ssl_certificate_key'] = "/etc/ssl/certs/gitlab/server-key.pem"GitHub
github.com › hutchgrant › gitlab-docker-local
GitHub - hutchgrant/gitlab-docker-local: Install, configure, and run Gitlab CE and Gitlab-Runner in local docker containers via docker-compose. · GitHub
Our gitlab omnibus config environment variable in our docker-compose.yml file by default is using the hostname my.gitlab for this example. You can use whichever you'd like, but if you change it you'll need to change the hostname everywhere else, including the host machine. GITLAB_OMNIBUS_CONFIG: | external_url 'https...
Starred by 30 users
Forked by 14 users
Languages Shell 73.4% | Dockerfile 26.6%
GitHub
github.com › sameersbn › docker-gitlab › blob › master › docker-compose.yml
docker-gitlab/docker-compose.yml at master · sameersbn/docker-gitlab
Dockerized GitLab. Contribute to sameersbn/docker-gitlab development by creating an account on GitHub.
Author sameersbn
GitLab
docs.gitlab.com › install › docker › installation
Install GitLab in a Docker container | GitLab Docs
This command downloads and starts a GitLab container, and publishes ports needed to access SSH, HTTP and HTTPS. All GitLab data are stored as subdirectories of $GITLAB_HOME. The container automatically restarts after a system reboot. ... sudo docker run --detach \ --hostname gitlab.example.com ...
Stack Overflow
stackoverflow.com › questions › 61537703 › gitlab-ce-installation-using-docker-compose-file-ssh-git-user-asking-password
GitLab-CE installation using Docker-Compose file - Ssh git user asking password - Stack Overflow
In one of my Ubuntu client system when I run ssh -T -p 2223 [email protected] it works (It shows Welcome to GitLab). Whereas in my docker host if I remove the following - gitlab_rails['gitlab_shell_ssh_port'] = 2223 in my gitlab.rb file after running gitlab-ctl reconfigure.