Select Git revision
docker-compose.yml
-
nimrod authored
To make more uniform, use the same location on all hosts. Instead of copying the same tasks over and over in the renew-certs playbook in the homelab repo.
nimrod authoredTo make more uniform, use the same location on all hosts. Instead of copying the same tasks over and over in the renew-certs playbook in the homelab repo.
docker-compose.yml 3.17 KiB
---
version: '3.7'
services:
gitlab:
image: registry.hub.docker.com/gitlab/gitlab-ce:15.8.1-ce.0
restart: always
environment:
# yamllint disable rule:line-length
GITLAB_OMNIBUS_CONFIG: |
#gitlab_rails['initial_root_password'] = "${INITIAL_ROOT_PASSWORD:-qwerty123}" # pragma: allowlist secret
#
# Deal with the Nginx web proxy.
external_url 'https://git.shore.co.il'
gitlab_rails['trusted_proxies'] = ['127.0.0.1/8', "172.16.0.0/12", "192.168.0.0/16"]
nginx['listen_port'] = 80
nginx['listen_https'] = false
nginx['real_ip_trusted_addresses'] = ['127.0.0.1/8', "172.16.0.0/12", "192.168.0.0/16"]
nginx['real_ip_header'] = 'X-Forwarded-For'
nginx['real_ip_recursive'] = 'on'
letsencrypt['enable'] = false
#
# Backups
gitlab_rails['backup_path'] = '/var/backups'
#
# SSH configuration since we already have SSH running on the host.
gitlab_rails['gitlab_ssh_host'] = 'git.shore.co.il'
#
# Allow bigger uploads
nginx['client_max_body_size'] = '250m'
#
# Mail configuration.
#gitlab_rails['smtp_enable'] = true
#gitlab_rails['smtp_address'] = "smtp"
#gitlab_rails['gitlab_email_from'] = 'noreply@shore.co.il'
#gitlab_rails['incoming_email_enabled'] = false
#
# LDAP configuration.
gitlab_rails['ldap_enabled'] = true
gitlab_rails['prevent_ldap_sign_in'] = false
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'LDAP'
host: 'ldap'
port: 389
uid: 'uid'
encryption: 'plain'
base: 'dc=shore,dc=co,dc=il'
allow_username_or_email_login: true
user_filer: '(objectclass=inetOrgPerson)'
EOS
#
# Disable monitoring.
prometheus['enable'] = false
alertmanager['enable'] = false
grafana['enable'] = false
gitlab_exporter['enable'] = false
redis_exporter['enable'] = false
postgres_exporter['enable'] = false
node_exporter['enable'] = false
redis_exporter['enable'] = false
mattermost['enable'] = false
# yamllint enable rule:line-length
# This has been lifted from
# https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/master/docker/Dockerfile
# but with the single change of setting a high start_period.
healthcheck:
test:
- "CMD"