[Support] GitLab-CE


Recommended Posts

On 9/22/2018 at 7:53 PM, s33d1ing said:

 

 

I was able to reduce the amount of memory this container uses and fix these messages by adding the following to GITLAB_OMNIBUS_CONFIG:

postgresql['shared_buffers'] = '256MB'; sidekiq['concurrency'] = 15; prometheus_monitoring['enable'] = false;

Thank you for this, I will have to see if this will allow me to run GL again

Link to comment
  • 2 weeks later...

Hello guys!
I've been reading this thread in order to figure out how can I setup my GitLab Docker with my letsencrypt docker. 
 

Right now my letsencrypt docker is like this

  location /gitlab {
                include /config/nginx/proxy.conf;
                proxy_pass http://192.168.1.104:9080;
                proxy_set_header X-Forwarded-Proto https;
                proxy_set_header X-Forwarded-Ssl on;
        }

and my GitLab docker is like this :http://prntscr.com/l1gatc

Extra Parameters:

--env GITLAB_OMNIBUS_CONFIG="external_url 'https://"subdomain".duckdns.org/'; nginx['listen_port'] = 9080; nginx['listen_https'] = false"

 

But for some reason, when I try to connect to my gitlab through  https://"subdomain".duckdns.org/gitlab it show's me 502 bad gateway error. 

 

If someone could help me, I would be very gratefull 
Also I'm still new to this unraid and docker stuff so please be patient with me. 

Edited by TCosta29
Image link
Link to comment
  • 1 month later...
  • 2 weeks later...

I'm trying to configure the Docker container registry on GitLab-CE but I don't seem to be able to add a port for it to listen on.

 

I've added this to my extra parameters:

registry['registry_http_addr']='192.168.69.99:9081';registry_nginx['enable']=false;registry['enable']=true;

and added a redirect for port 9081, but it does not show in the container list after clicking "apply" (see screenshots).


The container's network type is set to "proxynet", as per SpaceInvaderOne's nginx proxy video, so I can access the container registry from outside my own network.

 

What could be going wrong here? Port 9081 doesn't seem to be mapped to any other containers (and, even if it was, I'd expect unRAID to open a dialog telling me this, rather than silently failing : ) and other ports I've tried fail to show up in a similar way.

 


1223113411_Screenshot2018-11-26at10_14_50.png.97e39deb76e659e8a279f2fdb6d423f5.png

 

 

157172471_Screenshot2018-11-26at10_16_47.thumb.png.c34e803a6932a9130db105bea71a2d28.png

Link to comment
On 10/2/2018 at 5:16 PM, TCosta29 said:

Hello guys!
I've been reading this thread in order to figure out how can I setup my GitLab Docker with my letsencrypt docker. 
 

Right now my letsencrypt docker is like this


  location /gitlab {
                include /config/nginx/proxy.conf;
                proxy_pass http://192.168.1.104:9080;
                proxy_set_header X-Forwarded-Proto https;
                proxy_set_header X-Forwarded-Ssl on;
        }

and my GitLab docker is like this :http://prntscr.com/l1gatc

Extra Parameters:

--env GITLAB_OMNIBUS_CONFIG="external_url 'https://"subdomain".duckdns.org/'; nginx['listen_port'] = 9080; nginx['listen_https'] = false"

 

But for some reason, when I try to connect to my gitlab through  https://"subdomain".duckdns.org/gitlab it show's me 502 bad gateway error. 

 

If someone could help me, I would be very gratefull 
Also I'm still new to this unraid and docker stuff so please be patient with me. 

Did you ever get this working?

Link to comment
1 hour ago, ElectricBadger said:

I'm trying to configure the Docker container registry on GitLab-CE but I don't seem to be able to add a port for it to listen on.

 

I've added this to my extra parameters:


registry['registry_http_addr']='192.168.69.99:9081';registry_nginx['enable']=false;registry['enable']=true;

and added a redirect for port 9081, but it does not show in the container list after clicking "apply" (see screenshots).


The container's network type is set to "proxynet", as per SpaceInvaderOne's nginx proxy video, so I can access the container registry from outside my own network.

I've found that the network type is the cause of the problem — when this is set, unRAID allows setting the host port but not the container port. To fix, change the network type to "bridge", add/edit the port setting, then change the network type back to "proxynet".

 

I'm not sure if this is an unRAID bug or not — it doesn't seem like the correct behaviour, but I'm not sure how unRAID is supposed to know what to do with a network created with "docker network create"…

Link to comment
2 hours ago, TCosta29 said:

Not really, I've tried everything I now and I could not make this work. My "solution" atm is to only push my changes when I'm inside the local network.

I've got this in my nginx config (in proxy-confs/gitlab-ce.subdomain.conf):

server {
  listen *:80;
  server_name  registry.subdomain.duckdns.org;
  server_tokens off;
  return 301 https://$http_host:$request_uri;
  access_log  /config/log/nginx/gitlab_registry_access.log;
  error_log   /config/log/nginx/gitlab_registry_error.log;
}

server {
  listen *:443 ssl;
  server_name  registry.subdomain.duckdns.org;
  server_tokens off;

  include /config/nginx/ssl.conf;
  client_max_body_size 0;
  chunked_transfer_encoding on;

  access_log  /config/log/nginx/gitlab_registry_access.log;
  error_log   /config/log/nginx/gitlab_registry_error.log;

  location / {
    include /config/nginx/proxy.conf;
    proxy_pass http://gitlab:9381;
  }

  location /v2/ {
    include /config/nginx/proxy.conf;
    add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always;
    proxy_pass http://gitlab:9381;
  }
}

and this as the container's extra parameters (minus setup for email, backups and container registry):

--env GITLAB_OMNIBUS_CONFIG="external_url 'https://git.subdomain.duckdns.org';registry_external_url 'https://registry.subdomain.duckdns.org';gitlab_rails['gitlab_ssh_host']='git.subdomain.duckdns.org';nginx['listen_port']=9080;nginx['listen_https']=false;nginx['hsts_max_age']=0;registry_nginx['listen_port']=9381;registry_nginx['listen_https']=false;registry_nginx['enable']=true;registry['enable']=true;"

If you want to use ssh rather than https for cloning/pushing, you'll need to add a port to the container for it: host port 9022 (or whatever you like that isn't being used), container port 22. I then add this in ~/.ssh/config:

Host gitlab
HostName git.subdomain.duckdns.org
Port 9022
User gitlab

although I have to say that, while this works for Mac and Linux/BSD, I have no idea what the equivalent is for Windows!

Edited by ElectricBadger
Updated to better-working config
  • Like 3
Link to comment
34 minutes ago, ElectricBadger said:

I've found that the network type is the cause of the problem — when this is set, unRAID allows setting the host port but not the container port. To fix, change the network type to "bridge", add/edit the port setting, then change the network type back to "proxynet".

 

I'm not sure if this is an unRAID bug or not — it doesn't seem like the correct behaviour, but I'm not sure how unRAID is supposed to know what to do with a network created with "docker network create"…

 

If you set a container to custom network and it's own IP, there are no port mappings anymore. It's like setting the network to host. The ports specified in the application is then used.

Link to comment
6 hours ago, ElectricBadger said:

I've got this in my nginx config (in proxy-confs/gitlab-ce.subdomain.conf):


server {
  listen *:80;
  server_name  registry.subdomain.duckdns.org;
  server_tokens off;
  return 301 https://$http_host:$request_uri;
  access_log  /config/log/nginx/gitlab_registry_access.log;
  error_log   /config/log/nginx/gitlab_registry_error.log;
}

server {
  listen *:443 ssl;
  server_name  registry.subdomain.duckdns.org;
  server_tokens off;

  include /config/nginx/ssl.conf;
  client_max_body_size 0;
  chunked_transfer_encoding on;

  access_log  /config/log/nginx/gitlab_registry_access.log;
  error_log   /config/log/nginx/gitlab_registry_error.log;

  location / {
    include /config/nginx/proxy.conf;
    proxy_pass http://gitlab:9381;
  }

  location /v2/ {
    include /config/nginx/proxy.conf;
    add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always;
    proxy_pass http://gitlab:9381;
  }
}


and this as the container's extra parameters (minus setup for email, backups and container registry):


--env GITLAB_OMNIBUS_CONFIG="external_url 'https://git.subdomain.duckdns.org';registry_external_url 'https://registry.subdomain.duckdns.org';gitlab_rails['gitlab_ssh_host']='git.subdomain.duckdns.org';nginx['listen_port']=9080;nginx['listen_https']=false;nginx['hsts_max_age']=0;registry_nginx['listen_port']=9381;registry_nginx['listen_https']=false;registry_nginx['enable']=true;registry['enable']=true;"

 If you want to use ssh rather than https for cloning/pushing, you'll need to add a port to the container for it: host port 9022 (or whatever you like that isn't being used), container port 22. I then add this in ~/.ssh/config:


Host gitlab
HostName git.subdomain.duckdns.org
Port 9022
User gitlab

although I have to say that, while this works for Mac and Linux/BSD, I have no idea what the equivalent is for Windows!

I changed my git extra parameters to 

 

--env GITLAB_OMNIBUS_CONFIG="external_url 'https://git."MySubdomain".duckdns.org';registry_external_url 'https://registry.subdomain.duckdns.org';gitlab_rails['gitlab_ssh_host']='git."MySubdomain".duckdns.org';nginx['listen_port']=9080;nginx['listen_https']=false;nginx['hsts_max_age']=0;registry_nginx['listen_port']=9381;registry_nginx['listen_https']=false;registry_nginx['enable']=true;registry['enable']=true;"

And I created the file in proxy-confs/gitlab-ce.subdomain.conf with the info that you've provided and I still got this "Not private connection" stuff

 

http://prntscr.com/ln9n0x

 

Am I missing something? 

Link to comment
2 hours ago, TCosta29 said:

I changed my git extra parameters to 

 


--env GITLAB_OMNIBUS_CONFIG="external_url 'https://git."MySubdomain".duckdns.org';registry_external_url 'https://registry.subdomain.duckdns.org';gitlab_rails['gitlab_ssh_host']='git."MySubdomain".duckdns.org';nginx['listen_port']=9080;nginx['listen_https']=false;nginx['hsts_max_age']=0;registry_nginx['listen_port']=9381;registry_nginx['listen_https']=false;registry_nginx['enable']=true;registry['enable']=true;"

And I created the file in proxy-confs/gitlab-ce.subdomain.conf with the info that you've provided and I still got this "Not private connection" stuff

 

http://prntscr.com/ln9n0x

 

Am I missing something? 

Looks like there's a problem with the SSL certificate, not the GitLab config. Have you added the "git" subdomain to the list of the subdomains in the letsencrypt docker?

 

Link to comment
1 hour ago, ElectricBadger said:

Looks like there's a problem with the SSL certificate, not the GitLab config. Have you added the "git" subdomain to the list of the subdomains in the letsencrypt docker?

 

Thanks! That did solve the cerificate problem, but now it falls back to my Nextcloud docker instead of my git one. Whenever I type git."MyDomain".duckdns.org it falls back to git."MyDomain".duckdns.org/nextcloud :| 

I must be missing something. Do I need to add a new location in the NGINX site-confs/default file? I did create the file inside proxy-confs/gitlab-ce.subdomain.conf but do I need to import this file somewhere? I'm trully confused with all of this.  

Link to comment
12 hours ago, TCosta29 said:

Thanks! That did solve the cerificate problem, but now it falls back to my Nextcloud docker instead of my git one. Whenever I type git."MyDomain".duckdns.org it falls back to git."MyDomain".duckdns.org/nextcloud :| 

I must be missing something. Do I need to add a new location in the NGINX site-confs/default file? I did create the file inside proxy-confs/gitlab-ce.subdomain.conf but do I need to import this file somewhere? I'm trully confused with all of this.  

Are you using the subfolder config for Nextcloud rather than the subdomain — do you normally access it through "MyDomain".duckdns.org/nextcloud?

 

What include do you have at the bottom of site-confs/default? I'm using subdomains throughout, so I have 

include /config/nginx/proxy-confs/*.subdomain.conf;

If you're including *.subfolder.conf instead, it's probably worth adding this line above it — but I'm not sure if there are any issues mixing subfolder and subdomain setups.

Link to comment
11 hours ago, ElectricBadger said:

Are you using the subfolder config for Nextcloud rather than the subdomain — do you normally access it through "MyDomain".duckdns.org/nextcloud?

 

What include do you have at the bottom of site-confs/default? I'm using subdomains throughout, so I have 


include /config/nginx/proxy-confs/*.subdomain.conf;

If you're including *.subfolder.conf instead, it's probably worth adding this line above it — but I'm not sure if there are any issues mixing subfolder and subdomain setups.

Yes I'm using "MyDomain".duckdns.org/nextcloud to acess to my nextcloud and plex. 
I followed this tutorial to setup my letsencrypt docker. 

https://cyanlabs.net/tutorials/the-complete-unraid-reverse-proxy-duck-dns-dynamic-dns-and-letsencrypt-guide/

 

Atm I don't have any include in the site-confs/default file, but I'll add that one that you mentioned and try if it works! 

Link to comment
10 hours ago, TCosta29 said:

Yes I'm using "MyDomain".duckdns.org/nextcloud to acess to my nextcloud and plex. 
I followed this tutorial to setup my letsencrypt docker. 

https://cyanlabs.net/tutorials/the-complete-unraid-reverse-proxy-duck-dns-dynamic-dns-and-letsencrypt-guide/

 

Atm I don't have any include in the site-confs/default file, but I'll add that one that you mentioned and try if it works! 

I set mine up from the Spaceinvaderone video — if you followed a different tutorial, your configs might well be a bit different.

Link to comment
On 11/28/2018 at 9:49 AM, ElectricBadger said:

I set mine up from the Spaceinvaderone video — if you followed a different tutorial, your configs might well be a bit different.

Yeah, well I'll try to use that video to see if it works out :)

 

Update: followed those tutorials and it worked just fine! Thanks for the assist!

Edited by TCosta29
Link to comment
  • 1 month later...

I just installed this docker container and I have a little problem. I did change the parameter --env GITLAB_OMNIBUS_CONFIG="external_url 'http://192.168.178.15:9080/'" to reflect my situation. This works fine, for one exception (I have found so far).

When you try to create a new milestone it tries to go to: http://unraid:9080/pim/pimbliek.nl/milestones/new  which is not reachable since that is not resolvable.

 

How to make sure the 192.168.178.15 is used in the *whole* application?

Link to comment
4 hours ago, Pim Bliek said:

I just installed this docker container and I have a little problem. I did change the parameter --env GITLAB_OMNIBUS_CONFIG="external_url 'http://192.168.178.15:9080/'" to reflect my situation. This works fine, for one exception (I have found so far).

When you try to create a new milestone it tries to go to: http://unraid:9080/pim/pimbliek.nl/milestones/new  which is not reachable since that is not resolvable.

 

How to make sure the 192.168.178.15 is used in the *whole* application?

I've had the same issue and have not gotten past it. This makes for erratic behavior in the GUI.

Link to comment

Would someone happen to have a guide on how to set up gitlab pages with the letsencrypt reverse proxy docker?
I'v tried to go through it  a few times, but with it wanting another ip, and another domain (I have one I can use), I'm really not sure how to proceed.

Edited by Ryonez
Link to comment
  • 2 weeks later...

Hi,

 

I'm new here and quite unexperienced with UnRaid and Docker as well... I have been able to install GitLab-CE and running, but after reboot it breaks down and won't be able to start up again. If I nuke the folders etc and reinstall it i works. Yesterday I was able to reboot aswell. Tried to reboot this morning and after that it won't come back up again.

 

The extra parameter field contains this:

--env GITLAB_OMNIBUS_CONFIG="external_url 'http://unraid:9080/'"

 

Please se the attached pictures of the configuration and copied logs.

 

Please help me to solve this problem once and for all... I really like this application and want to be able to host it by my self.... Maybe a backup-config could be something to think about to.....

 

Regards.

 

 

 

image.png

image.png

 

The logs give me the gave message every time this error occurs. 

[0m[0m
Running handlers:[0m
There was an error running gitlab-ctl reconfigure:


execute[/opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8] (postgresql::enable line 80) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'

---- Begin output of /opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8 ----
STDOUT: The files belonging to this database system will be owned by user "gitlab-psql".
This user must also own the server process.

The database cluster will be initialized with locale "C".
The default text search configuration will be set to "english".

Data page checksums are disabled.
STDERR: initdb: directory "/var/opt/gitlab/postgresql/data" exists but is not empty
If you want to create a new database system, either remove or empty
the directory "/var/opt/gitlab/postgresql/data" or run initdb
with an argument other than "/var/opt/gitlab/postgresql/data".
---- End output of /opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8 ----
Ran /opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8 returned 1

Running handlers complete
[0mChef Client failed. 3 resources updated in 15 seconds[0m

The full log looks like this

ErrorWarningSystemArrayLogin



docker exec -it gitlab vim /etc/gitlab/gitlab.rb
docker restart gitlab

For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md

If this container fails to start due to permission problems try to fix it by executing:

docker exec -it gitlab update-permissions
docker restart gitlab

Preparing services...
Starting services...
Configuring GitLab...
/opt/gitlab/embedded/bin/runsvdir-start: line 29: ulimit: open files: cannot modify limit: Operation not permitted
/opt/gitlab/embedded/bin/runsvdir-start: line 34: ulimit: max user processes: cannot modify limit: Operation not permitted
/opt/gitlab/embedded/bin/runsvdir-start: line 37: /proc/sys/fs/file-max: Read-only file system
Starting Chef Client, version 13.6.4[0m

resolving cookbooks for run list: ["gitlab"][0m
Synchronizing Cookbooks:[0m
- gitlab (0.0.1)[0m
- package (0.1.0)[0m
- postgresql (0.1.0)[0m
- redis (0.1.0)[0m
- registry (0.1.0)[0m
- consul (0.0.0)[0m
- mattermost (0.1.0)[0m
- gitaly (0.1.0)[0m
- nginx (0.1.0)[0m
- letsencrypt (0.1.0)[0m
- runit (0.14.2)[0m
- crond (0.1.0)[0m
- acme (3.1.0)[0m
- compat_resource (12.19.0)[0m
Installing Cookbook Gems:[0m
Compiling Cookbooks...[0m
Recipe: gitlab::default[0m
* directory[/etc/gitlab] action create (up to date)
Converging 484 resources[0m
* directory[/etc/gitlab] action create (up to date)
* directory[Create /var/opt/gitlab] action create (up to date)
* directory[/opt/gitlab/embedded/etc] action create (up to date)
* template[/opt/gitlab/embedded/etc/gitconfig] action create (up to date)
Recipe: gitlab::web-server[0m
* account[Webserver user and group] action create (up to date)
Recipe: gitlab::users[0m
* directory[/var/opt/gitlab] action create (up to date)
* account[GitLab user and group] action create (up to date)
* template[/var/opt/gitlab/.gitconfig] action create (up to date)
* directory[/var/opt/gitlab/.bundle] action create (up to date)
Recipe: gitlab::gitlab-shell[0m
* storage_directory[/var/opt/gitlab/.ssh] action create
* ruby_block[directory resource: /var/opt/gitlab/.ssh] action run (skipped due to not_if)
(up to date)
* directory[/var/log/gitlab/gitlab-shell/] action create (up to date)
* directory[/var/opt/gitlab/gitlab-shell] action create (up to date)
* templatesymlink[Create a config.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-shell/config.yml] action create (up to date)
* link[Link /opt/gitlab/embedded/service/gitlab-shell/config.yml to /var/opt/gitlab/gitlab-shell/config.yml] action create (up to date)
(up to date)
* link[/opt/gitlab/embedded/service/gitlab-shell/.gitlab_shell_secret] action create (up to date)
* execute[/opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions] action run
[32m- execute /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions[0m
[0m * bash[Set proper security context on ssh files for selinux] action run (skipped due to only_if)
Recipe: gitlab::gitlab-rails[0m
* storage_directory[/var/opt/gitlab/git-data] action create
* ruby_block[directory resource: /var/opt/gitlab/git-data] action run (skipped due to not_if)
(up to date)
* storage_directory[/var/opt/gitlab/git-data/repositories] action create
* ruby_block[directory resource: /var/opt/gitlab/git-data/repositories] action run (skipped due to not_if)
(up to date)
* directory[/var/log/gitlab] action create (up to date)
* storage_directory[/var/opt/gitlab/gitlab-rails/shared] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared] action run (skipped due to not_if)
(up to date)
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/artifacts] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/artifacts] action run (skipped due to not_if)
(up to date)
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/lfs-objects] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/lfs-objects] action run (skipped due to not_if)
(up to date)
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/packages] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/packages] action run (skipped due to not_if)
(up to date)
* storage_directory[/var/opt/gitlab/gitlab-rails/uploads] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/uploads] action run (skipped due to not_if)
(up to date)
* storage_directory[/var/opt/gitlab/gitlab-ci/builds] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-ci/builds] action run (skipped due to not_if)
(up to date)
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/cache] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/cache] action run (skipped due to not_if)
(up to date)
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/tmp] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/tmp] action run (skipped due to not_if)
(up to date)
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/pages] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/pages] action run (skipped due to not_if)
(up to date)
* directory[create /var/opt/gitlab/gitlab-rails/etc] action create (up to date)
* directory[create /opt/gitlab/etc/gitlab-rails] action create (up to date)
* directory[create /var/opt/gitlab/gitlab-rails/working] action create (up to date)
* directory[create /var/opt/gitlab/gitlab-rails/tmp] action create (up to date)
* directory[create /var/opt/gitlab/gitlab-rails/upgrade-status] action create (up to date)
* directory[create /var/log/gitlab/gitlab-rails] action create (up to date)
* storage_directory[/var/opt/gitlab/backups] action create
* ruby_block[directory resource: /var/opt/gitlab/backups] action run (skipped due to not_if)
(up to date)
* directory[/var/opt/gitlab/gitlab-rails] action create (up to date)
* directory[/var/opt/gitlab/gitlab-ci] action create (up to date)
* file[/var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key] action create (skipped due to only_if)
* template[/opt/gitlab/etc/gitlab-rails/gitlab-rails-rc] action create (up to date)
* file[/opt/gitlab/embedded/service/gitlab-rails/.secret] action delete (up to date)
* file[/var/opt/gitlab/gitlab-rails/etc/secret] action delete (up to date)
* templatesymlink[Create a database.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/database.yml] action create (up to date)
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/database.yml to /var/opt/gitlab/gitlab-rails/etc/database.yml] action create (up to date)
(up to date)
* templatesymlink[Create a secrets.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/secrets.yml] action create (up to date)
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/secrets.yml to /var/opt/gitlab/gitlab-rails/etc/secrets.yml] action create (up to date)
(up to date)
* templatesymlink[Create a resque.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/resque.yml] action create (up to date)
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/resque.yml to /var/opt/gitlab/gitlab-rails/etc/resque.yml] action create (up to date)
(up to date)
* templatesymlink[Create a redis.cache.yml and create a symlink to Rails root] action create (skipped due to not_if)
* templatesymlink[Create a redis.queues.yml and create a symlink to Rails root] action create (skipped due to not_if)
* templatesymlink[Create a redis.shared_state.yml and create a symlink to Rails root] action create (skipped due to not_if)
* templatesymlink[Create a smtp_settings.rb and create a symlink to Rails root] action delete
* file[/var/opt/gitlab/gitlab-rails/etc/smtp_settings.rb] action delete (up to date)
* link[/opt/gitlab/embedded/service/gitlab-rails/config/initializers/smtp_settings.rb] action delete (up to date)
(up to date)
* templatesymlink[Create a gitlab.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/gitlab.yml] action create (up to date)
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml to /var/opt/gitlab/gitlab-rails/etc/gitlab.yml] action create (up to date)
(up to date)
* templatesymlink[Create a rack_attack.rb and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/rack_attack.rb] action create (up to date)
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/initializers/rack_attack.rb to /var/opt/gitlab/gitlab-rails/etc/rack_attack.rb] action create (up to date)
(up to date)
* templatesymlink[Create a gitlab_workhorse_secret and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/gitlab_workhorse_secret] action create (up to date)
* link[Link /opt/gitlab/embedded/service/gitlab-rails/.gitlab_workhorse_secret to /var/opt/gitlab/gitlab-rails/etc/gitlab_workhorse_secret] action create (up to date)
(up to date)
* templatesymlink[Create a gitlab_shell_secret and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/gitlab_shell_secret] action create (up to date)
* link[Link /opt/gitlab/embedded/service/gitlab-rails/.gitlab_shell_secret to /var/opt/gitlab/gitlab-rails/etc/gitlab_shell_secret] action create (up to date)
(up to date)
* templatesymlink[Create a gitlab_pages_secret and create a symlink to Rails root] action create (skipped due to only_if)
* link[/opt/gitlab/embedded/service/gitlab-rails/config/initializers/relative_url.rb] action delete (up to date)
* file[/var/opt/gitlab/gitlab-rails/etc/relative_url.rb] action delete (up to date)
* env_dir[/opt/gitlab/etc/gitlab-rails/env] action create
* directory[/opt/gitlab/etc/gitlab-rails/env] action create (up to date)
* file[/opt/gitlab/etc/gitlab-rails/env/HOME] action create (up to date)
* file[/opt/gitlab/etc/gitlab-rails/env/RAILS_ENV] action create (up to date)
* file[/opt/gitlab/etc/gitlab-rails/env/LD_PRELOAD] action create (up to date)
* file[/opt/gitlab/etc/gitlab-rails/env/SIDEKIQ_MEMORY_KILLER_MAX_RSS] action create (up to date)
* file[/opt/gitlab/etc/gitlab-rails/env/BUNDLE_GEMFILE] action create (up to date)
* file[/opt/gitlab/etc/gitlab-rails/env/PATH] action create (up to date)
* file[/opt/gitlab/etc/gitlab-rails/env/ICU_DATA] action create (up to date)
* file[/opt/gitlab/etc/gitlab-rails/env/PYTHONPATH] action create (up to date)
* file[/opt/gitlab/etc/gitlab-rails/env/EXECJS_RUNTIME] action create (up to date)
* file[/opt/gitlab/etc/gitlab-rails/env/TZ] action create (up to date)
(up to date)
* link[/opt/gitlab/embedded/service/gitlab-rails/tmp] action create (up to date)
* link[/opt/gitlab/embedded/service/gitlab-rails/public/uploads] action create (up to date)
* link[/opt/gitlab/embedded/service/gitlab-rails/log] action create (up to date)
* link[/var/log/gitlab/gitlab-rails/sidekiq.log] action create (skipped due to not_if)
* file[/opt/gitlab/embedded/service/gitlab-rails/db/schema.rb] action create (up to date)
* remote_file[/var/opt/gitlab/gitlab-rails/VERSION] action create (up to date)

* remote_file[/var/opt/gitlab/gitlab-rails/REVISION] action create (up to date)
* file[/var/opt/gitlab/gitlab-rails/RUBY_VERSION] action create (up to date)
* execute[clear the gitlab-rails cache] action nothing (skipped due to action :nothing)
* file[/var/opt/gitlab/gitlab-rails/config.ru] action delete (up to date)
Recipe: gitlab::add_trusted_certs[0m
* directory[/etc/gitlab/trusted-certs] action create (up to date)
* directory[/opt/gitlab/embedded/ssl/certs] action create (up to date)
* file[/opt/gitlab/embedded/ssl/certs/README] action create (up to date)
* ruby_block[Move existing certs and link to /opt/gitlab/embedded/ssl/certs] action run (skipped due to only_if)
Recipe: gitlab::default[0m
* service[create a temporary unicorn service] action nothing (skipped due to action :nothing)
* service[create a temporary puma service] action nothing (skipped due to action :nothing)
* service[create a temporary sidekiq service] action nothing (skipped due to action :nothing)
* service[create a temporary mailroom service] action nothing (skipped due to action :nothing)
Recipe: redis::enable[0m
* account[user and group for redis] action create (up to date)
* group[Socket group] action create (up to date)
* directory[/var/opt/gitlab/redis] action create (up to date)
* directory[/var/log/gitlab/redis] action create (up to date)
* template[/var/opt/gitlab/redis/redis.conf] action create (up to date)
* directory[/opt/gitlab/sv/redis] action create (up to date)
* directory[/opt/gitlab/sv/redis/log] action create (up to date)
* directory[/opt/gitlab/sv/redis/log/main] action create (up to date)
* template[/opt/gitlab/sv/redis/run] action create (up to date)
* template[/opt/gitlab/sv/redis/log/run] action create (up to date)
* template[/var/log/gitlab/redis/config] action create (up to date)
* ruby_block[reload redis svlogd configuration] action nothing (skipped due to action :nothing)
* ruby_block[restart redis svlogd configuration] action nothing (skipped due to action :nothing)
* file[/opt/gitlab/sv/redis/down] action delete (up to date)
* link[/opt/gitlab/init/redis] action create (up to date)
* link[/opt/gitlab/service/redis] action create
[32m- create symlink at /opt/gitlab/service/redis to /opt/gitlab/sv/redis[0m
[0m * ruby_block[supervise_redis_sleep] action run (skipped due to not_if)
* directory[/opt/gitlab/sv/redis/supervise] action create (up to date)
* directory[/opt/gitlab/sv/redis/log/supervise] action create (up to date)
* file[/opt/gitlab/sv/redis/supervise/ok] action touch (skipped due to only_if)
* file[/opt/gitlab/sv/redis/log/supervise/ok] action touch (skipped due to only_if)
* file[/opt/gitlab/sv/redis/supervise/control] action touch (skipped due to only_if)
* file[/opt/gitlab/sv/redis/log/supervise/control] action touch (skipped due to only_if)
* service[redis] action nothing (skipped due to action :nothing)
* execute[/opt/gitlab/bin/gitlab-ctl start redis] action run
[execute] fail: redis: runsv not running
[execute] fail: redis: runsv not running
[execute] ok: run: redis: (pid 450) 3s
[32m- execute /opt/gitlab/bin/gitlab-ctl start redis[0m
[0mRecipe: postgresql::user[0m
* account[Postgresql user and group] action create (up to date)
Recipe: postgresql::enable[0m
* directory[/var/opt/gitlab/postgresql] action create (up to date)
* directory[/var/opt/gitlab/postgresql/data] action create (up to date)
* directory[/var/log/gitlab/postgresql] action create (up to date)
* link[/var/opt/gitlab/postgresql/data] action create (skipped due to not_if)
* file[/var/opt/gitlab/postgresql/.profile] action create (up to date)
* sysctl[kernel.shmmax] action create
* directory[create /etc/sysctl.d for kernel.shmmax] action create (up to date)
* file[create /opt/gitlab/embedded/etc/90-omnibus-gitlab-kernel.shmmax.conf kernel.shmmax] action create (up to date)
* link[/etc/sysctl.d/90-omnibus-gitlab-kernel.shmmax.conf] action create (up to date)
* file[delete /etc/sysctl.d/90-postgresql.conf kernel.shmmax] action delete (skipped due to only_if)
* file[delete /etc/sysctl.d/90-unicorn.conf kernel.shmmax] action delete (skipped due to only_if)
* file[delete /opt/gitlab/embedded/etc/90-omnibus-gitlab.conf kernel.shmmax] action delete (skipped due to only_if)
* file[delete /etc/sysctl.d/90-omnibus-gitlab.conf kernel.shmmax] action delete (skipped due to only_if)
* execute[load sysctl conf kernel.shmmax] action nothing (skipped due to action :nothing)
(up to date)
* sysctl[kernel.shmall] action create
* directory[create /etc/sysctl.d for kernel.shmall] action create (up to date)
* file[create /opt/gitlab/embedded/etc/90-omnibus-gitlab-kernel.shmall.conf kernel.shmall] action create (up to date)
* link[/etc/sysctl.d/90-omnibus-gitlab-kernel.shmall.conf] action create (up to date)
* file[delete /etc/sysctl.d/90-postgresql.conf kernel.shmall] action delete (skipped due to only_if)
* file[delete /etc/sysctl.d/90-unicorn.conf kernel.shmall] action delete (skipped due to only_if)
* file[delete /opt/gitlab/embedded/etc/90-omnibus-gitlab.conf kernel.shmall] action delete (skipped due to only_if)
* file[delete /etc/sysctl.d/90-omnibus-gitlab.conf kernel.shmall] action delete (skipped due to only_if)
* execute[load sysctl conf kernel.shmall] action nothing (skipped due to action :nothing)
(up to date)
* sysctl[kernel.sem] action create
* directory[create /etc/sysctl.d for kernel.sem] action create (up to date)
* file[create /opt/gitlab/embedded/etc/90-omnibus-gitlab-kernel.sem.conf kernel.sem] action create (up to date)
* link[/etc/sysctl.d/90-omnibus-gitlab-kernel.sem.conf] action create (up to date)
* file[delete /etc/sysctl.d/90-postgresql.conf kernel.sem] action delete (skipped due to only_if)
* file[delete /etc/sysctl.d/90-unicorn.conf kernel.sem] action delete (skipped due to only_if)
* file[delete /opt/gitlab/embedded/etc/90-omnibus-gitlab.conf kernel.sem] action delete (skipped due to only_if)
* file[delete /etc/sysctl.d/90-omnibus-gitlab.conf kernel.sem] action delete (skipped due to only_if)
* execute[load sysctl conf kernel.sem] action nothing (skipped due to action :nothing)
(up to date)
* execute[/opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8] action run
[execute] The files belonging to this database system will be owned by user "gitlab-psql".
This user must also own the server process.

The database cluster will be initialized with locale "C".
The default text search configuration will be set to "english".

Data page checksums are disabled.

initdb: directory "/var/opt/gitlab/postgresql/data" exists but is not empty
If you want to create a new database system, either remove or empty
the directory "/var/opt/gitlab/postgresql/data" or run initdb
with an argument other than "/var/opt/gitlab/postgresql/data".
[0m
================================================================================[0m
[31mError executing action `run` on resource 'execute[/opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8]'[0m
================================================================================[0m

[0m Mixlib::ShellOut::ShellCommandFailed[0m
------------------------------------[0m
Expected process to exit with [0], but received '1'
[0m ---- Begin output of /opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8 ----
[0m STDOUT: The files belonging to this database system will be owned by user "gitlab-psql".
[0m This user must also own the server process.
[0m
[0m The database cluster will be initialized with locale "C".
[0m The default text search configuration will be set to "english".
[0m
[0m Data page checksums are disabled.
[0m STDERR: initdb: directory "/var/opt/gitlab/postgresql/data" exists but is not empty
[0m If you want to create a new database system, either remove or empty
[0m the directory "/var/opt/gitlab/postgresql/data" or run initdb
[0m with an argument other than "/var/opt/gitlab/postgresql/data".
[0m ---- End output of /opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8 ----
[0m Ran /opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8 returned 1[0m

[0m Resource Declaration:[0m
---------------------[0m
# In /opt/gitlab/embedded/cookbooks/cache/cookbooks/postgresql/recipes/enable.rb
[0m
[0m 80: execute "/opt/gitlab/embedded/bin/initdb -D #{node['gitlab']['postgresql']['data_dir']} -E UTF8" do
[0m 81: user postgresql_username
[0m 82: not_if { pg_helper.bootstrapped? }
[0m 83: end
[0m 84:
[0m
[0m Compiled Resource:[0m
------------------[0m
# Declared in /opt/gitlab/embedded/cookbooks/cache/cookbooks/postgresql/recipes/enable.rb:80:in `from_file'
[0m
[0m execute("/opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8") do
[0m action [:run]
[0m default_guard_interpreter :execute
[0m command "/opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8"
[0m backup 5
[0m returns 0
[0m user "gitlab-psql"
[0m declared_type :execute
[0m cookbook_name "postgresql"
[0m recipe_name "enable"
[0m domain nil
[0m not_if { #code block }
[0m end
[0m
[0m System Info:[0m
------------[0m
chef_version=13.6.4
[0m platform=ubuntu
[0m platform_version=16.04
[0m ruby=ruby 2.5.3p105 (2018-10-18 revision 65156) [x86_64-linux]
[0m program_name=/opt/gitlab/embedded/bin/chef-client
[0m executable=/opt/gitlab/embedded/bin/chef-client[0m

[0m[0m
Running handlers:[0m
There was an error running gitlab-ctl reconfigure:


execute[/opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8] (postgresql::enable line 80) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'

---- Begin output of /opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8 ----
STDOUT: The files belonging to this database system will be owned by user "gitlab-psql".
This user must also own the server process.

The database cluster will be initialized with locale "C".
The default text search configuration will be set to "english".

Data page checksums are disabled.
STDERR: initdb: directory "/var/opt/gitlab/postgresql/data" exists but is not empty
If you want to create a new database system, either remove or empty
the directory "/var/opt/gitlab/postgresql/data" or run initdb
with an argument other than "/var/opt/gitlab/postgresql/data".
---- End output of /opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8 ----
Ran /opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8 returned 1

Running handlers complete
[0mChef Client failed. 3 resources updated in 15 seconds[0m

 

Edited by blomster
Link to comment
  • 2 months later...

Hi, I recently set up my Unraid server to serve some conatiners up over a reverse nginx proxy (see video below).

I'm curious whether this GitLab application is safe to expose to the internet via something like "gitlab.mydomain.com".

What could/should I do to protect it?  I just installed it and signed in once, then created a user.  I noticed that anyone could just register and it didn't do any kind of email validation.  Is there a way to disable registration?  I want to manually create all users, will be just a handful.

 

 

Link to comment
  • 3 weeks later...
2 hours ago, shaunmccloud said:

Just set this up and the SSH service on the container runs on port 22, but the template is configured to use 9022.  I used P.ortainer to resolve the issue

What does portainer have to do with the ports of the template and inside the container? 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.