1.创建自定义网络
docker network create --subnet=172.72.0.0/24 docker-net
- 移除网桥
docker network rm docker-net
- 显示所有容器IP地址
docker inspect --format='{{.Name}} - {{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $(docker ps -aq)
2.启动nginx容器
# 创建nginx数据卷
mkdir /srv/nginx
chmod -R 777 /srv/nginx
# 创建临时容器拷贝容器的初始数据
docker run -d --name=dynginx nginx
docker cp dynginx:/etc/nginx// /srv/nginx/etc
docker cp dynginx:/usr/share/nginx/html// /srv/nginx/html
docker stop dynginx
docker rm dynginx
# 启动容器
docker run -d \
--net docker-net --ip 172.72.0.2 \
-p 80:80 -p 443:443 -p 22:22 \
-v /srv/nginx/etc:/etc/nginx \
-v /srv/nginx/logs:/var/log/nginx \
-v /srv/nginx/html:/usr/share/nginx/html \
--restart=always \
--name=dynginx \
nginx
3.启动gitlab容器
# 创建gitlab数据卷
mkdir /srv/gitlab
chmod -R 777 /srv/gitlab
#启动gitlab容器
docker run -d \
--net docker-net --ip 172.72.0.3 \
-v /srv/gitlab/etc:/etc/gitlab \
-v /srv/gitlab/log:/var/log/gitlab \
-v /srv/gitlab/data:/var/opt/gitlab \
--restart=always \
--name dygitlab \
beginor/gitlab-ce
4.配置nginx反向代理
vim /srv/nginx/etc/nginx.conf
#添加 stream模块
stream {
upstream ssh {
server 172.72.0.3:22;
}
server {
listen 22;
proxy_pass ssh;
proxy_connect_timeout 1h;
proxy_timeout 1h;
}
}
vim /srv/nginx/etc/conf.d/gitlab.conf
## 将HTTP请求全部重定向至HTTPS
server {
listen 80;
server_name gitlab.weidyg.cn;
charset utf-8;
rewrite ^ https://gitlab.weidyg.cn;
}
## 请求转发到GitLab容器
server {
listen 443 ssl;
server_name gitlab.weidyg.cn;
charset utf-8;
ssl_certificate /etc/nginx/ssl/weidyg.cn.crt;
ssl_certificate_key /etc/nginx/ssl/weidyg.cn.key;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_pass https://172.72.0.3:443;
}
}
在/srv/nginx/etc下新建ssl目录并将https证书文件 weidyg.cn.crt 和 weidyg.cn.key 放到该目录下。
5.编辑gitlab配置
vim /srv/gitlab/etc/gitlab.rb
external_url 'https://gitlab.weidyg.cn' #gitlab访问路径配置
gitlab_rails['gitlab_shell_ssh_port'] = 822
#邮箱配置
gitlab_rails['gitlab_email_from'] = 'weidyg_admin@163.com'
gitlab_rails['gitlab_email_reply_to'] = 'weidyg_admin@163.com'
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.163.com"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "weidyg_admin@163.com" #邮箱账号
gitlab_rails['smtp_password'] = "xxxxxx" #邮箱密码
gitlab_rails['smtp_domain'] = "163.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = false
user['git_user_name'] = "GitLab "
user['git_user_email'] = "weidyg_admin@163.com"
nginx['redirect_http_to_https'] = true #启用https
nginx['ssl_certificate'] = "/etc/gitlab/ssl/weidyg.cn.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/weidyg.cn.key"
在/srv/gitlab/etc下新建ssl目录并将https证书文件 weidyg.cn.crt 和 weidyg.cn.key 放到该目录下。
6.重启容器
docker restart dynginx
docker restart dygitlab
