Jump to content
thomast_88

[Support] GitLab-CE

145 posts in this topic Last Reply

Recommended Posts

On 9/22/2018 at 7:53 PM, s33d1ing said:

 

 

I was able to reduce the amount of memory this container uses and fix these messages by adding the following to GITLAB_OMNIBUS_CONFIG:

postgresql['shared_buffers'] = '256MB'; sidekiq['concurrency'] = 15; prometheus_monitoring['enable'] = false;

Thank you for this, I will have to see if this will allow me to run GL again

Share this post


Link to post

Hello guys!
I've been reading this thread in order to figure out how can I setup my GitLab Docker with my letsencrypt docker. 
 

Right now my letsencrypt docker is like this

  location /gitlab {
                include /config/nginx/proxy.conf;
                proxy_pass http://192.168.1.104:9080;
                proxy_set_header X-Forwarded-Proto https;
                proxy_set_header X-Forwarded-Ssl on;
        }

and my GitLab docker is like this :http://prntscr.com/l1gatc

Extra Parameters:

--env GITLAB_OMNIBUS_CONFIG="external_url 'https://"subdomain".duckdns.org/'; nginx['listen_port'] = 9080; nginx['listen_https'] = false"

 

But for some reason, when I try to connect to my gitlab through  https://"subdomain".duckdns.org/gitlab it show's me 502 bad gateway error. 

 

If someone could help me, I would be very gratefull 
Also I'm still new to this unraid and docker stuff so please be patient with me. 

Edited by TCosta29
Image link

Share this post


Link to post

This is one memory hungry boi.
32gb of ram and Gitlab wants 27% of it with zero repos. Wow.

Share this post


Link to post

I'm trying to configure the Docker container registry on GitLab-CE but I don't seem to be able to add a port for it to listen on.

 

I've added this to my extra parameters:

registry['registry_http_addr']='192.168.69.99:9081';registry_nginx['enable']=false;registry['enable']=true;

and added a redirect for port 9081, but it does not show in the container list after clicking "apply" (see screenshots).


The container's network type is set to "proxynet", as per SpaceInvaderOne's nginx proxy video, so I can access the container registry from outside my own network.

 

What could be going wrong here? Port 9081 doesn't seem to be mapped to any other containers (and, even if it was, I'd expect unRAID to open a dialog telling me this, rather than silently failing : ) and other ports I've tried fail to show up in a similar way.

 


1223113411_Screenshot2018-11-26at10_14_50.png.97e39deb76e659e8a279f2fdb6d423f5.png

 

 

157172471_Screenshot2018-11-26at10_16_47.thumb.png.c34e803a6932a9130db105bea71a2d28.png

Share this post


Link to post
On 10/2/2018 at 5:16 PM, TCosta29 said:

Hello guys!
I've been reading this thread in order to figure out how can I setup my GitLab Docker with my letsencrypt docker. 
 

Right now my letsencrypt docker is like this


  location /gitlab {
                include /config/nginx/proxy.conf;
                proxy_pass http://192.168.1.104:9080;
                proxy_set_header X-Forwarded-Proto https;
                proxy_set_header X-Forwarded-Ssl on;
        }

and my GitLab docker is like this :http://prntscr.com/l1gatc

Extra Parameters:

--env GITLAB_OMNIBUS_CONFIG="external_url 'https://"subdomain".duckdns.org/'; nginx['listen_port'] = 9080; nginx['listen_https'] = false"

 

But for some reason, when I try to connect to my gitlab through  https://"subdomain".duckdns.org/gitlab it show's me 502 bad gateway error. 

 

If someone could help me, I would be very gratefull 
Also I'm still new to this unraid and docker stuff so please be patient with me. 

Did you ever get this working?

Share this post


Link to post
12 minutes ago, Kash76 said:

Did you ever get this working?

Not really, I've tried everything I now and I could not make this work. My "solution" atm is to only push my changes when I'm inside the local network.

Share this post


Link to post
1 hour ago, ElectricBadger said:

I'm trying to configure the Docker container registry on GitLab-CE but I don't seem to be able to add a port for it to listen on.

 

I've added this to my extra parameters:


registry['registry_http_addr']='192.168.69.99:9081';registry_nginx['enable']=false;registry['enable']=true;

and added a redirect for port 9081, but it does not show in the container list after clicking "apply" (see screenshots).


The container's network type is set to "proxynet", as per SpaceInvaderOne's nginx proxy video, so I can access the container registry from outside my own network.

I've found that the network type is the cause of the problem — when this is set, unRAID allows setting the host port but not the container port. To fix, change the network type to "bridge", add/edit the port setting, then change the network type back to "proxynet".

 

I'm not sure if this is an unRAID bug or not — it doesn't seem like the correct behaviour, but I'm not sure how unRAID is supposed to know what to do with a network created with "docker network create"…

Share this post


Link to post
2 hours ago, TCosta29 said:

Not really, I've tried everything I now and I could not make this work. My "solution" atm is to only push my changes when I'm inside the local network.

I've got this in my nginx config (in proxy-confs/gitlab-ce.subdomain.conf):

server {
  listen *:80;
  server_name  registry.subdomain.duckdns.org;
  server_tokens off;
  return 301 https://$http_host:$request_uri;
  access_log  /config/log/nginx/gitlab_registry_access.log;
  error_log   /config/log/nginx/gitlab_registry_error.log;
}

server {
  listen *:443 ssl;
  server_name  registry.subdomain.duckdns.org;
  server_tokens off;

  include /config/nginx/ssl.conf;
  client_max_body_size 0;
  chunked_transfer_encoding on;

  access_log  /config/log/nginx/gitlab_registry_access.log;
  error_log   /config/log/nginx/gitlab_registry_error.log;

  location / {
    include /config/nginx/proxy.conf;
    proxy_pass http://gitlab:9381;
  }

  location /v2/ {
    include /config/nginx/proxy.conf;
    add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always;
    proxy_pass http://gitlab:9381;
  }
}

and this as the container's extra parameters (minus setup for email, backups and container registry):

--env GITLAB_OMNIBUS_CONFIG="external_url 'https://git.subdomain.duckdns.org';registry_external_url 'https://registry.subdomain.duckdns.org';gitlab_rails['gitlab_ssh_host']='git.subdomain.duckdns.org';nginx['listen_port']=9080;nginx['listen_https']=false;nginx['hsts_max_age']=0;registry_nginx['listen_port']=9381;registry_nginx['listen_https']=false;registry_nginx['enable']=true;registry['enable']=true;"

If you want to use ssh rather than https for cloning/pushing, you'll need to add a port to the container for it: host port 9022 (or whatever you like that isn't being used), container port 22. I then add this in ~/.ssh/config:

Host gitlab
HostName git.subdomain.duckdns.org
Port 9022
User gitlab

although I have to say that, while this works for Mac and Linux/BSD, I have no idea what the equivalent is for Windows!

Edited by ElectricBadger
Updated to better-working config

Share this post


Link to post
34 minutes ago, ElectricBadger said:

I've found that the network type is the cause of the problem — when this is set, unRAID allows setting the host port but not the container port. To fix, change the network type to "bridge", add/edit the port setting, then change the network type back to "proxynet".

 

I'm not sure if this is an unRAID bug or not — it doesn't seem like the correct behaviour, but I'm not sure how unRAID is supposed to know what to do with a network created with "docker network create"…

 

If you set a container to custom network and it's own IP, there are no port mappings anymore. It's like setting the network to host. The ports specified in the application is then used.

Share this post


Link to post
6 hours ago, ElectricBadger said:

I've got this in my nginx config (in proxy-confs/gitlab-ce.subdomain.conf):


server {
  listen *:80;
  server_name  registry.subdomain.duckdns.org;
  server_tokens off;
  return 301 https://$http_host:$request_uri;
  access_log  /config/log/nginx/gitlab_registry_access.log;
  error_log   /config/log/nginx/gitlab_registry_error.log;
}

server {
  listen *:443 ssl;
  server_name  registry.subdomain.duckdns.org;
  server_tokens off;

  include /config/nginx/ssl.conf;
  client_max_body_size 0;
  chunked_transfer_encoding on;

  access_log  /config/log/nginx/gitlab_registry_access.log;
  error_log   /config/log/nginx/gitlab_registry_error.log;

  location / {
    include /config/nginx/proxy.conf;
    proxy_pass http://gitlab:9381;
  }

  location /v2/ {
    include /config/nginx/proxy.conf;
    add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always;
    proxy_pass http://gitlab:9381;
  }
}


and this as the container's extra parameters (minus setup for email, backups and container registry):


--env GITLAB_OMNIBUS_CONFIG="external_url 'https://git.subdomain.duckdns.org';registry_external_url 'https://registry.subdomain.duckdns.org';gitlab_rails['gitlab_ssh_host']='git.subdomain.duckdns.org';nginx['listen_port']=9080;nginx['listen_https']=false;nginx['hsts_max_age']=0;registry_nginx['listen_port']=9381;registry_nginx['listen_https']=false;registry_nginx['enable']=true;registry['enable']=true;"

 If you want to use ssh rather than https for cloning/pushing, you'll need to add a port to the container for it: host port 9022 (or whatever you like that isn't being used), container port 22. I then add this in ~/.ssh/config:


Host gitlab
HostName git.subdomain.duckdns.org
Port 9022
User gitlab

although I have to say that, while this works for Mac and Linux/BSD, I have no idea what the equivalent is for Windows!

I changed my git extra parameters to 

 

--env GITLAB_OMNIBUS_CONFIG="external_url 'https://git."MySubdomain".duckdns.org';registry_external_url 'https://registry.subdomain.duckdns.org';gitlab_rails['gitlab_ssh_host']='git."MySubdomain".duckdns.org';nginx['listen_port']=9080;nginx['listen_https']=false;nginx['hsts_max_age']=0;registry_nginx['listen_port']=9381;registry_nginx['listen_https']=false;registry_nginx['enable']=true;registry['enable']=true;"

And I created the file in proxy-confs/gitlab-ce.subdomain.conf with the info that you've provided and I still got this "Not private connection" stuff

 

http://prntscr.com/ln9n0x

 

Am I missing something? 

Share this post


Link to post
2 hours ago, TCosta29 said:

I changed my git extra parameters to 

 


--env GITLAB_OMNIBUS_CONFIG="external_url 'https://git."MySubdomain".duckdns.org';registry_external_url 'https://registry.subdomain.duckdns.org';gitlab_rails['gitlab_ssh_host']='git."MySubdomain".duckdns.org';nginx['listen_port']=9080;nginx['listen_https']=false;nginx['hsts_max_age']=0;registry_nginx['listen_port']=9381;registry_nginx['listen_https']=false;registry_nginx['enable']=true;registry['enable']=true;"

And I created the file in proxy-confs/gitlab-ce.subdomain.conf with the info that you've provided and I still got this "Not private connection" stuff

 

http://prntscr.com/ln9n0x

 

Am I missing something? 

Looks like there's a problem with the SSL certificate, not the GitLab config. Have you added the "git" subdomain to the list of the subdomains in the letsencrypt docker?

 

Share this post


Link to post
1 hour ago, ElectricBadger said:

Looks like there's a problem with the SSL certificate, not the GitLab config. Have you added the "git" subdomain to the list of the subdomains in the letsencrypt docker?

 

Thanks! That did solve the cerificate problem, but now it falls back to my Nextcloud docker instead of my git one. Whenever I type git."MyDomain".duckdns.org it falls back to git."MyDomain".duckdns.org/nextcloud :| 

I must be missing something. Do I need to add a new location in the NGINX site-confs/default file? I did create the file inside proxy-confs/gitlab-ce.subdomain.conf but do I need to import this file somewhere? I'm trully confused with all of this.  

Share this post


Link to post
12 hours ago, TCosta29 said:

Thanks! That did solve the cerificate problem, but now it falls back to my Nextcloud docker instead of my git one. Whenever I type git."MyDomain".duckdns.org it falls back to git."MyDomain".duckdns.org/nextcloud :| 

I must be missing something. Do I need to add a new location in the NGINX site-confs/default file? I did create the file inside proxy-confs/gitlab-ce.subdomain.conf but do I need to import this file somewhere? I'm trully confused with all of this.  

Are you using the subfolder config for Nextcloud rather than the subdomain — do you normally access it through "MyDomain".duckdns.org/nextcloud?

 

What include do you have at the bottom of site-confs/default? I'm using subdomains throughout, so I have 

include /config/nginx/proxy-confs/*.subdomain.conf;

If you're including *.subfolder.conf instead, it's probably worth adding this line above it — but I'm not sure if there are any issues mixing subfolder and subdomain setups.

Share this post


Link to post
11 hours ago, ElectricBadger said:

Are you using the subfolder config for Nextcloud rather than the subdomain — do you normally access it through "MyDomain".duckdns.org/nextcloud?

 

What include do you have at the bottom of site-confs/default? I'm using subdomains throughout, so I have 


include /config/nginx/proxy-confs/*.subdomain.conf;

If you're including *.subfolder.conf instead, it's probably worth adding this line above it — but I'm not sure if there are any issues mixing subfolder and subdomain setups.

Yes I'm using "MyDomain".duckdns.org/nextcloud to acess to my nextcloud and plex. 
I followed this tutorial to setup my letsencrypt docker. 

https://cyanlabs.net/tutorials/the-complete-unraid-reverse-proxy-duck-dns-dynamic-dns-and-letsencrypt-guide/

 

Atm I don't have any include in the site-confs/default file, but I'll add that one that you mentioned and try if it works! 

Share this post


Link to post
10 hours ago, TCosta29 said:

Yes I'm using "MyDomain".duckdns.org/nextcloud to acess to my nextcloud and plex. 
I followed this tutorial to setup my letsencrypt docker. 

https://cyanlabs.net/tutorials/the-complete-unraid-reverse-proxy-duck-dns-dynamic-dns-and-letsencrypt-guide/

 

Atm I don't have any include in the site-confs/default file, but I'll add that one that you mentioned and try if it works! 

I set mine up from the Spaceinvaderone video — if you followed a different tutorial, your configs might well be a bit different.

Share this post


Link to post
On 11/28/2018 at 9:49 AM, ElectricBadger said:

I set mine up from the Spaceinvaderone video — if you followed a different tutorial, your configs might well be a bit different.

Yeah, well I'll try to use that video to see if it works out :)

 

Update: followed those tutorials and it worked just fine! Thanks for the assist!

Edited by TCosta29

Share this post


Link to post

I just installed this docker container and I have a little problem. I did change the parameter --env GITLAB_OMNIBUS_CONFIG="external_url 'http://192.168.178.15:9080/'" to reflect my situation. This works fine, for one exception (I have found so far).

When you try to create a new milestone it tries to go to: http://unraid:9080/pim/pimbliek.nl/milestones/new  which is not reachable since that is not resolvable.

 

How to make sure the 192.168.178.15 is used in the *whole* application?

Share this post


Link to post
4 hours ago, Pim Bliek said:

I just installed this docker container and I have a little problem. I did change the parameter --env GITLAB_OMNIBUS_CONFIG="external_url 'http://192.168.178.15:9080/'" to reflect my situation. This works fine, for one exception (I have found so far).

When you try to create a new milestone it tries to go to: http://unraid:9080/pim/pimbliek.nl/milestones/new  which is not reachable since that is not resolvable.

 

How to make sure the 192.168.178.15 is used in the *whole* application?

I've had the same issue and have not gotten past it. This makes for erratic behavior in the GUI.

Share this post


Link to post
Posted (edited)

Would someone happen to have a guide on how to set up gitlab pages with the letsencrypt reverse proxy docker?
I'v tried to go through it  a few times, but with it wanting another ip, and another domain (I have one I can use), I'm really not sure how to proceed.

Edited by Ryonez

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now