Skip to content
Snippets Groups Projects
Commit aff9d6b9 authored by void's avatar void
Browse files

Container registry für Gitlab aktiviert

parent 5b055b4d
No related branches found
No related tags found
No related merge requests found
......@@ -135,7 +135,8 @@
- {
role: webserver/docker_gitlab, tags: gitlab,
servicename: "gitlab",
domain: "gitlab.warpzone.ms"
domain: "gitlab.warpzone.ms",
domain_registry: "gitlab-registry.warpzone.ms"
}
- {
role: webserver/docker_icinga, tags: icinga,
......
......@@ -29,7 +29,7 @@
##! On AWS EC2 instances, we also attempt to fetch the public hostname/IP
##! address from AWS. For more details, see:
##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
external_url 'https://gitlab.warpzone.ms/'
external_url 'https://{{ domain }}/'
## Roles for multi-instance GitLab
##! The default is to have no roles enabled, which results in GitLab running as an all-in-one instance.
......@@ -147,11 +147,13 @@ gitlab_rails['gitlab_username_changing_enabled'] = false
# gitlab_rails['gitlab_default_projects_features_snippets'] = true
# gitlab_rails['gitlab_default_projects_features_builds'] = true
# gitlab_rails['gitlab_default_projects_features_container_registry'] = true
gitlab_rails['gitlab_default_projects_features_issues'] = false
gitlab_rails['gitlab_default_projects_features_merge_requests'] = true
gitlab_rails['gitlab_default_projects_features_wiki'] = false
gitlab_rails['gitlab_default_projects_features_snippets'] = false
gitlab_rails['gitlab_default_projects_features_builds'] = false
gitlab_rails['gitlab_default_projects_features_issues'] = false
gitlab_rails['gitlab_default_projects_features_container_registry'] = false
### Automatic issue closing
###! See https://docs.gitlab.com/ee/customization/issue_closing.html for more
......@@ -749,13 +751,14 @@ gitlab_rails['gitlab_shell_ssh_port'] = 444
##! Docs: https://docs.gitlab.com/ee/administration/container_registry.html
################################################################################
# registry_external_url 'https://registry.example.com'
registry_external_url 'https://{{ domain_registry }}'
### Settings used by GitLab application
# gitlab_rails['registry_enabled'] = true
# gitlab_rails['registry_host'] = "registry.gitlab.example.com"
# gitlab_rails['registry_port'] = "5005"
# gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"
gitlab_rails['registry_enabled'] = true
# Notification secret, it's used to authenticate notification requests to GitLab application
# You only need to change this when you use external Registry service, otherwise
......@@ -769,7 +772,7 @@ gitlab_rails['gitlab_shell_ssh_port'] = 444
# gitlab_rails['registry_issuer'] = "omnibus-gitlab-issuer"
### Settings used by Registry application
# registry['enable'] = true
registry['enable'] = true
# registry['username'] = "registry"
# registry['group'] = "registry"
# registry['uid'] = nil
......@@ -1728,6 +1731,7 @@ mattermost['enable'] = false
# Below you can find settings that are exclusive to "Registry NGINX"
# registry_nginx['enable'] = false
registry_nginx['enable'] = true
# registry_nginx['proxy_set_headers'] = {
# "Host" => "$http_host",
......@@ -1741,6 +1745,17 @@ mattermost['enable'] = false
# it listens on this port
# registry_nginx['listen_port'] = 5050
registry_nginx['listen_port'] = 5005
registry_nginx['listen_https'] = false
registry_nginx['proxy_set_headers'] = {
"Host" => "$http_host",
"X-Real-IP" => "$remote_addr",
"X-Forwarded-For" => "$proxy_add_x_forwarded_for",
"X-Forwarded-Proto" => "https",
"X-Forwarded-Ssl" => "on"
}
################################################################################
## Prometheus
##! Docs: https://docs.gitlab.com/ee/administration/monitoring/prometheus/
......
......@@ -17,9 +17,14 @@ services:
- traefik.enable=true
- traefik.http.routers.{{ servicename }}.rule=Host(`{{ domain }}`)
- traefik.http.routers.{{ servicename }}.entrypoints=websecure
- traefik.http.routers.{{ servicename }}.service={{ servicename }}
- traefik.http.services.{{ servicename }}.loadbalancer.server.port=80
- traefik.http.routers.{{ servicename }}.middlewares={{ servicename }}-cors-headers
- traefik.http.middlewares.{{ servicename }}-cors-headers.headers.accesscontrolalloworiginlist=*
- traefik.http.routers.{{ servicename }}_registry.rule=Host(`{{ domain_registry }}`)
- traefik.http.routers.{{ servicename }}_registry.entrypoints=websecure
- traefik.http.routers.{{ servicename }}_registry.service={{ servicename }}_registry
- traefik.http.services.{{ servicename }}_registry.loadbalancer.server.port=5005
networks:
- default
- web
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment