docker下实现nginx代理gitlab

环境

阿里云下乌班图18

开放端口: 80, 2222

gitlab的搭建

下载docker, pull一个gitlab镜像

mkdir -p /opt/gitlab/etc
mkdir -p /opt/gitlab/log
mkdir -p /opt/gitlab/data


docker run \
    --detach \
    --publish 2222:22 \
    --publish 8090:80 \
    --name gitlab \
    --privileged=true \
     --restart=always \
    -v /opt/gitlab/etc:/etc/gitlab \
    -v /opt/gitlab/log:/var/log/gitlab \
    -v /opt/gitlab/data:/var/opt/gitlab \
    gitlab/gitlab-ce

修改配置

vi /opt/gitlab/data/gitlab-rails/etc/gitlab.yml

  ## GitLab settings
  gitlab:
    ## Web server settings (note: host is the FQDN, do not include http://)
    host: xxx.xxxx.com
    port: 80
    https: false


vi /opt/gitlab/etc/gitlab.rb

external_url 'http://xxx.xxxx.com'
gitlab_rails['gitlab_shell_ssh_port'] = 2222
nginx['listen_port'] = 80

进入容器, 重启生效

docker exec -it gitlab bash
gitlab-ctl reconfigure
ctrl+D退出容器
docker restart gitlab 重启容器

nginx搭建

pull一个nginx镜像

创建好目录

mkdir -p /opt/nginx/html
mkdir -p /opt/nginx/conf.d

提前给好nginx的配置文件

vi /opt/nginx/nginx.conf

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

给好虚拟主机配置文件

vi /opt/nginx/conf.d/default.conf

server {
    listen       80;
    server_name  localhost;

    location / {
        root /usr/share/nginx/html;
        index  index.html index.htm;
   }
}

起容器

docker run \
  --name nginx \
  -d -p 80:80 \
  --restart=always \
  -v /opt/nginx/html:/usr/share/nginx/html \
  -v /opt/nginx/nginx.conf:/etc/nginx/nginx.conf:ro \
  -v /opt/nginx/conf.d:/etc/nginx/conf.d \
  nginx

反向代理

vi /opt/nginx/conf.d/git.conf

upstream  git{
    # 主机的内网ip, 若写外网IP或域名, 因为端口未对外开放,会无法转发
    server 192.168.11.23:8090; 
}

server{
    listen 80;
    # 此域名是提供给最终用户的访问地址
    server_name xxx.xxxx.com;

    location / {
        # 这个大小的设置非常重要，如果 git 版本库里面有大文件，设置的太小，文件push 会失败，根据情况调整
        client_max_body_size 50m;

        proxy_redirect off;
        #以下确保 gitlab中项目的 url 是域名而不是 http://git，不可缺少
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        # 反向代理到 gitlab 内置的 nginx
        proxy_pass http://git;
        index index.html index.htm;
    }
}

总结

getlab无需做多余配置, 直接写域名和80端口即可, 因为请求是从nginx转发给主机, 主机通过端口映射到docker的
nginx监听server_name为xxx.xxxx.com, 转发地址需要设置为内网ip, 因为对外网来讲, 8090端口并没有开放

docker下实现nginx代理gitlab

环境

gitlab的搭建

nginx搭建

反向代理

总结

示意图