[정보] Docker-compose로 Gitlab CE 설정 및 외부 Nginx 사용하기


내용

  • Git­lab 의 offi­cial 이미지인 Dock­er Hub — Git­lab CE를 사용한다.
  • 운용서버엔 Nginx 가 설치되어있고, 운용중이다.
  • smtp 는 Gmail 을 사용한다.

 

docker-Compose.yml

# docker-compose.yml
web:
  image: 'gitlab/gitlab-ce:latest'
  restart: always
  hostname: 'repo.taking.kr'
  container_name: gitlab
  environment:
     GITLAB_OMNIBUS_CONFIG: |
       external_url 'https://repo.taking.kr/'
       gitlab_rails['gitlab_shell_ssh_port'] = 2224
       nginx['listen_port'] = 80
       nginx['listen_https'] = false
       gitlab_rails['smtp_enable'] = true
       gitlab_rails['smtp_address'] = "smtp.gmail.com"
       gitlab_rails['smtp_port'] = 587
       gitlab_rails['smtp_user_name'] = "no-reply@taking.kr"
       gitlab_rails['smtp_password'] = "비번"
       gitlab_rails['smtp_domain'] = "smtp.gmail.com"
       gitlab_rails['smtp_authentication'] = "login"
       gitlab_rails['smtp_enable_starttls_auto'] = true
       gitlab_rails['smtp_tls'] = false
       gitlab_rails['smtp_openssl_verify_mode'] = 'peer'
  ports:
    - '9001:80'
    - '9002:443'
    - '2224:22'
  volumes:
    - './config:/etc/gitlab'
    - './logs:/var/log/gitlab'
    - './data:/var/opt/gitlab'
    - './backups:/var/opt/gitlab/backups' # 백업 폴더 추가

 

Nginx Settings (gitlab.conf)

server {
  listen 80;
  server_name repo.taking.kr;
    if ($host = repo.taking.kr) {
      return 301 https://$host$request_uri;
  }
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  server_name repo.taking.kr;

  # SSL & Security
  include /usr/local/nginx/conf/taking-ssl_include.conf; 
  add_header X-Robots-Tag none;

  client_max_body_size 2048M; # Change this to the max file size you want to allow

  # Error Log
  error_log /500GB/jira/atlassian/git_error.log;

  location / {
    try_files $uri @proxy;
  }
  location @proxy {
    include /usr/local/nginx/conf/proxy.conf;
    proxy_pass http://127.0.0.1:9001;
  }
}

 

proxy.conf

proxy_connect_timeout 59s;
proxy_send_timeout 600;
proxy_read_timeout 600;
proxy_buffer_size 64k;
proxy_buffers 16 32k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 64k;
proxy_pass_header Set-Cookie;
proxy_redirect off;
proxy_set_header Accept-Encoding '';
proxy_ignore_headers Cache-Control Expires;
proxy_set_header Referer $http_referer;
proxy_hide_header X-Powered-By;
#proxy_hide_header Vary;
proxy_set_header Cookie $http_cookie;
proxy_set_header X-Forwarded-Server $host;
proxy_no_cache $http_pragma $http_authorization;
proxy_cache_bypass $http_pragma $http_authorization;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;

proxy_http_version	1.1;
proxy_cache_bypass	$http_upgrade;
proxy_set_header Upgrade			$http_upgrade;
proxy_set_header Connection 		"upgrade";
proxy_set_header Host				$host;
proxy_set_header X-Real-IP			$remote_addr;
proxy_set_header X-Forwarded-For	$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto	$scheme;
proxy_set_header X-Forwarded-Host	$host;
proxy_set_header X-Forwarded-Port	$server_port;

 

문제 해결

Q. 이메일 테스트 시, 500 에러가 발생하는 경우

A. smtp 에 설정한 gmail 이메일의 설정이 ‘보안 수준이 낮은 앱’ 을 허용으로 변경해주어야 된다.

gmail 단에서 차단하기 때문에, 500 에러 발생함

2019.07.24 (수) 오후 14:57 작성 됨.

Tak­ing 올림
포스팅에 대해 표현해보세요! 
Like
Love
Haha
Wow
Sad
Angry
CE 설정 및 외부 Nginx 사용하기”> 
You have react­ed on”[정보] Dock­er-com­pose로 Gitlab  A few sec­onds ago
알림 받기
다음과 같은 방식으로
guest
0 Comments
Inline Feedbacks
View all comments
Menu
0
Would love your thoughts, please comment.x
()
x