1. gitlab镜像拉取
# gitlab-ce为稳定版本,后面不填写版本则默认pull最新latest版本
$ docker pull gitlab/gitlab-ce2. 创建映射文件夹
$ sudo mkdir -p /home/gitlab/etc
$ sudo mkdir -p /home/gitlab/log
$ sudo mkdir -p /home/gitlab/data3. 运行容器
docker run \
--detach \
--publish 8001:80 \ # 映射宿主机8090端口到容器中80端口
--publish 8002:22 \ # 映射22端口, 可不配
--publish 8003:443 \ # 映射https端口, 不过本文中没有用到
--name gitlab \
--restart unless-stopped \
--hostname gitlab.yuezhisan.com \ # 局域网宿主机的ip, 如果是公网主机可以写域名
-v /home/gitlab/etc:/etc/gitlab \ # 挂载gitlab的配置文件
-v /home/gitlab/log:/var/log/gitlab \ # 挂载gitlab的日志文件
-v /home/gitlab/data:/var/opt/gitlab \ # 挂载gitlab的数据
-v /etc/localtime:/etc/localtime:ro \ # 保持宿主机和容器时间同步
--privileged=true gitlab/gitlab-ce # 在容器中能以root身份执行操作4. 修改配置文件支持https
1)下载放置证书
腾讯云或阿里云上下载免费证书,解压后
gitlab.yuezhisan.com.key: 证书私钥gitlab.yuezhisan.com.crt: 公钥;腾讯提供的是crt,阿里云提供的是pem格式
在/home/gitlab/etc下面新建ssl文件夹,把上面的证书复制过去,只支持crt格式
2)配置gitlab.rb文件
去掉配置项注释#,并修改部分内容
29 external_url 'https://gitlab.yuezhisan.com'
1207 nginx['enable'] = true
1208 nginx['client_max_body_size'] = '250m'
1209 nginx['redi1210rect_http_to_https'] = true
1210 nginx['redirect_http_to_https_port'] = 80
1221 nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.yuezhisan.com.crt"
1222 nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.yuezhisan.com.key"
1262 nginx['proxy_set_headers'] = {
"Host" => "$http_host_with_default",
"X-Real-IP" => "$remote_addr",
"X-Forwarded-For" => "$proxy_add_x_forwarded_for",
"X-Forwarded-Proto" => "https",
"X-Forwarded-Ssl" => "on",
"Upgrade" => "$http_upgrade",
"Connection" => "$connection_upgrade"
}配置完成,docker restart gitlab容器
