Gitlab 通過 traefik 與 Docker-compose

Question

幾天來，我一直在嘗試通過 docker-compose 通過 Traefik 運行 gitlab。 我發現了幾個關於它的話題，但沒有一個能真正解決我的問題。 所以今天想開個話題。

我通過以下示例幫助了自己很多： https://github.com/ambroisemaupate/docker-server-env/blob/master/compose/example-gitlab-traefik/docker-compose.yml

version: '3'
services:
  traefik:
    container_name: traefik
    image: traefik:1.7.3 # The official Traefik docker image
    restart: always
    command: --api --docker # Enables the web UI and tells Traefik to listen to docker
    ports:
      - "80:80"     # The HTTP port
      - "443:443"   # The HTTPS port
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
      - ./conf/traefik.toml:/traefik.toml
      - ./conf/acme.json:/acme.json
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=traefik_network"
      - "traefik.port=80"
      - "traefik.entryPoint=https"
      - "traefik.backend=traefik"
      - "traefik.frontend.rule=Host:traefik.domain.com"
    networks:
      - traefik_network
  gitlab:
    container_name: gitlab
    image: 'gitlab/gitlab-ce:latest'
    restart: always
    hostname: 'gitlab.domain.com'
    labels:
      - "traefik.docker.network=traefik_network"
      - "traefik.enable=true"
      - "traefik.port=80"
      - "traefik.frontend.rule=Host:https://gitlab.domain.com"
      - "traefik.frontend.entryPoints=https"
    healthcheck:
      disable: true
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'https://gitlab.giftdigging.com'
        nginx['redirect_http_to_https'] = false
        nginx['listen_port'] = 80
        nginx['listen_https'] = false
        nginx['proxy_set_headers'] = {
          'X-Forwarded-Proto' => 'https',
          'X-Forwarded-Ssl' => 'on'
        }
        nginx['client_max_body_size'] = '2G'
        unicorn['worker_timeout'] = 60
        unicorn['worker_processes'] = 2
        sidekiq['concurrency'] = 15
        postgresql['shared_buffers'] = "512MB"
        gitlab_rails['artifacts_enabled'] = true
        gitlab_rails['artifacts_path'] = "/var/opt/gitlab/gitlab-artifacts"
        gitlab_rails['lfs_enabled'] = true
        gitlab_rails['backup_keep_time'] = 172600
        gitlab_ci['backup_keep_time'] = 172600
    ports:
      - '22:22'
    volumes:
      - '/srv/gitlab/config:/etc/gitlab'
      - '/srv/gitlab/logs:/var/log/gitlab'
      - '/srv/gitlab/data:/var/opt/gitlab'
    networks:
      - traefik_network
networks:
    traefik_network:
        external: true
    internal_network:
        external: false

和我的 traefik.toml

debug = false

logLevel = "INFO"
defaultEntryPoints = ["https", "http"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
      entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]

[retry]

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "domain.com"
watch = true
exposedByDefault = false

[acme]
email = "contact@monsite.co"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
  entryPoint = "http"

我收到了安全警告和 Traefik 自簽名的證書。

而且，如果我在瀏覽器發出警告的情況下接受風險，我會得到一個 404 頁面未找到。

Answer 1

這是下一行的語法錯誤：

-  "traefik.frontend.rule=Host:https://gitlab.domain.com"

不應指定協議。 該行必須對應於：

- "traefik.frontend.rule=Host:gitlab.domain.com"