ubuntu服务器部署gitlab docker并配置nginx反向代理https访问的过程解析
<p>1.拉取镜像</p><div class="jb51code"><pre class="brush:bash;"> docker pull gitlab/gitlab-ce</pre></div>
<p>2.运行容器</p>
<div class="jb51code"><pre class="brush:bash;">docker run --detach \
--publish 9080:80 --publish 9022:22--publish 9443:443\
--name=gitlab \
--restart=always \
--volume /home/docker/gitlab/config:/etc/gitlab \
--volume /home/docker/gitlab/logs:/var/log/gitlab \
--volume /home/docker/gitlab/data:/var/opt/gitlab \
--volume /home/docker/gitlab/logs/reconfigure:/var/log/gitlab/reconfigure \
--volume /etc/localtime:/etc/localtime:ro\
--privileged=true \
gitlab/gitlab-ce:latest</pre></div>
<p>说明:</p>
<p><code>--publish</code>指定host和容器的端口映射。为了避免gitlab端口与host nginx冲突,最好都映射一下</p>
<p>3.编辑gitlab配置文件</p>
<p>因为挂载,所以不用进入容器就能修改配置文件,</p>
<div class="jb51code"><pre class="brush:bash;">sudo vim /home/docker/gitlab/config/gitlab.rb</pre></div>
<p>修改如下配置并保存:</p>
<div class="jb51code"><pre class="brush:bash;">external_url 'https://你的域名'
nginx['redirect_http_to_https'] = true
# 你需要将你的证书放在 /home/docker/gitlab/config/ssl下
nginx['ssl_certificate'] = "/etc/gitlab/ssl/xxxx.xxxx.com_bundle.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/xxxx.xxxx.com.key"
gitlab_rails['gitlab_shell_ssh_port'] = 9022</pre></div>
<p>4.修改完配置后,重启容器内gitlab服务</p>
<div class="jb51code"><pre class="brush:bash;"># 停止服务
docker exec gitlab sh -c 'gitlab-ctl stop'
# 重新设置gitlab配置
docker exec gitlabsh -c 'gitlab-ctl reconfigure'
# 启动服务
docker exec gitlabsh -c 'gitlab-ctl start'</pre></div>
<p>5.Host主机Nginx配置反向代理</p>
<div class="jb51code"><pre class="brush:bash;">## 请求转发到GitLab容器
server {
listen 443 ssl;
server_namexxxx.xxxx.com; # 你的域名
charset utf-8;
access_loglogs/gitlab.access.log;
error_loglogs/gitlab.error.log;
ssl on;
# 服务的证书
ssl_certificate /root/cert/xxxx.xxxx.com_bundle.crt;
# 服务端key
ssl_certificate_key /root/cert/xxxx.xxxx.key;
# session超时时间
ssl_session_timeout 5m;
# 加密算法
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
# 允许SSL协议
ssl_protocols SSLv3 SSLv2 TLSv1 TLSv1.1 TLSv1.2;
# 启动加密算法
ssl_prefer_server_ciphers on;
location /gitlab {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_pass https://127.0.0.1:9443;
}
}</pre></div>
<p>6.重启nginx</p>
<div class="jb51code"><pre class="brush:bash;"> nginx -s reload</pre></div>
<p>浏览器输入<code>https://域名/gitlab</code>访问,会自动跳转到登录页面,不行的话可以多刷新几次试试。</p>
<p style="text-align:center"><img alt="" src="https://img.jbzj.com/file_images/article/202402/202402171025117.png" /></p>
<p>7.重置初始密码</p>
<p>进入容器</p>
<div class="jb51code"><pre class="brush:bash;">docker exec -it gitlab /bin/bash</pre></div>
<p>登入GitLab后台操作</p>
<div class="jb51code"><pre class="brush:bash;">gitlab-rails console -e production
irb(main):003:0> User.all
=> #<ActiveRecord::Relation [#<User id:1 @root>]>
irb(main):004:0> user=User.where(id:1).first
=> #<User id:1 @root>
irb(main):008:0> user.password='12345678'
=> "12345678"
irb(main):009:0> user.password_confirmation='12345678'
=> "12345678"
irb(main):010:0> user.save!
=> true</pre></div>
<p>登录成功</p>
<p style="text-align:center"><img alt="" src="https://img.jbzj.com/file_images/article/202402/202402171025118.png" /></p>
<p>到此这篇关于ubuntu服务器部署gitlab docker并配置nginx反向代理https访问的文章就介绍到这了,更多相关ubuntu部署gitlab docker内容请搜索琼殿技术社区以前的文章或继续浏览下面的相关文章希望大家以后多多支持琼殿技术社区!</p>
頁:
[1]