Gitlab 通过 traefik 和 Docker-compose

Question

我已经尝试了几天通过 docker-compose 通过 Traefik 运行 gitlab。我发现了几个关于它的话题，但没有一个能真正解决我的问题。所以今天想开个话题。

以下示例对我有很大帮助：https://github.com/ambroisemaupate/docker-server-env/blob/master/compose/example-gitlab-traefik/docker-compose.yml

version: '3'
services:
  traefik:
    container_name: traefik
    image: traefik:1.7.3 # The official Traefik docker image
    restart: always
    command: --api --docker # Enables the web UI and tells Traefik to listen to docker
    ports:
      - "80:80"     # The HTTP port
      - "443:443"   # The HTTPS port
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
      - ./conf/traefik.toml:/traefik.toml
      - ./conf/acme.json:/acme.json
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=traefik_network"
      - "traefik.port=80"
      - "traefik.entryPoint=https"
      - "traefik.backend=traefik"
      - "traefik.frontend.rule=Host:traefik.domain.com"
    networks:
      - traefik_network
  gitlab:
    container_name: gitlab
    image: 'gitlab/gitlab-ce:latest'
    restart: always
    hostname: 'gitlab.domain.com'
    labels:
      - "traefik.docker.network=traefik_network"
      - "traefik.enable=true"
      - "traefik.port=80"
      - "traefik.frontend.rule=Host:https://gitlab.domain.com"
      - "traefik.frontend.entryPoints=https"
    healthcheck:
      disable: true
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'https://gitlab.giftdigging.com'
        nginx['redirect_http_to_https'] = false
        nginx['listen_port'] = 80
        nginx['listen_https'] = false
        nginx['proxy_set_headers'] = {
          'X-Forwarded-Proto' => 'https',
          'X-Forwarded-Ssl' => 'on'
        }
        nginx['client_max_body_size'] = '2G'
        unicorn['worker_timeout'] = 60
        unicorn['worker_processes'] = 2
        sidekiq['concurrency'] = 15
        postgresql['shared_buffers'] = "512MB"
        gitlab_rails['artifacts_enabled'] = true
        gitlab_rails['artifacts_path'] = "/var/opt/gitlab/gitlab-artifacts"
        gitlab_rails['lfs_enabled'] = true
        gitlab_rails['backup_keep_time'] = 172600
        gitlab_ci['backup_keep_time'] = 172600
    ports:
      - '22:22'
    volumes:
      - '/srv/gitlab/config:/etc/gitlab'
      - '/srv/gitlab/logs:/var/log/gitlab'
      - '/srv/gitlab/data:/var/opt/gitlab'
    networks:
      - traefik_network
networks:
    traefik_network:
        external: true
    internal_network:
        external: false

还有我的 traefik.toml

debug = false

logLevel = "INFO"
defaultEntryPoints = ["https", "http"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
      entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]

[retry]

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "domain.com"
watch = true
exposedByDefault = false

[acme]
email = "contact@monsite.co"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
  entryPoint = "http"

我收到了安全警告和 Traefik 自签名的证书。

而且，如果我在浏览器发出警告的情况下接受风险，我会得到一个 404 页面未找到。

Answer 1

这是下一行的语法错误：

-  "traefik.frontend.rule=Host:https://gitlab.domain.com"

不应指定协议。 该行必须对应于：

- "traefik.frontend.rule=Host:gitlab.domain.com"