When I tried to login to my registry I received "x509 certificate signed by unknown authority"
I have a dockerized gitlab behind a reverse proxy with ssl (cert are on my host)
services:
gitlab:
image: 'gitlab/gitlab-ce:latest'
restart: always
hostname: 'gitlab.example.com'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://gitlab.mydomain.com'
registry_external_url 'https://gitlab.mydomain.com:5555'
registry_nginx['enable'] = true
registry_nginx['listen_port'] = 5555
registry_nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.mydomain.com.pem"
registry_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.mydomain.com.key"
gitlab_rails['gitlab_shell_ssh_port'] = 2222
nginx['listen_port'] = 80
nginx['listen_https'] = false
ports:
- '8088:80'
- '2222:22'
- '5555:5555'
volumes:
- './config:/etc/gitlab'
- './logs:/var/log/gitlab'
- './data:/var/opt/gitlab'
Did you already faced this kind of problem ?
I found the answer, so if anyone have the same issue it could be helpful.
So, copy and paste letsencrypt cert into a directory (here ./ssl) and use it as volume into your docker-compose.yml. Restart your container and It will be fine.
(be sure to do it each time you regenerate your cert with a cron)
services:
gitlab:
image: 'gitlab/gitlab-ce:latest'
restart: always
hostname: 'gitlab.example.com'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://gitlab.mydomain.com'
registry_external_url 'https://gitlab.mydomain.com:5555'
registry_nginx['enable'] = true
registry_nginx['listen_port'] = 5555
registry_nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.mydomain.com.pem"
registry_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.mydomain.com.key"
gitlab_rails['gitlab_shell_ssh_port'] = 2222
nginx['listen_port'] = 80
nginx['listen_https'] = false
ports:
- '8088:80'
- '2222:22'
- '5555:5555'
volumes:
- './config:/etc/gitlab'
- './logs:/var/log/gitlab'
- './data:/var/opt/gitlab'
- './ssl:/etc/gitlab/ssl/'
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.