From aef09266027d78a8847928a9bc7bf52fa2bac6e7 Mon Sep 17 00:00:00 2001 From: WilliamMiceli Date: Wed, 6 Feb 2019 10:34:37 -0500 Subject: [PATCH 1/8] Major reconfiguring, first test --- templates/GitLab-CE/0/README.md | 1 - templates/GitLab-CE/0/docker-compose.yml | 36 --------------- templates/GitLab/0/README.md | 6 +++ templates/GitLab/0/docker-compose.yml | 44 +++++++++++++++++++ .../0/rancher-compose.yml | 5 +-- .../catalogIcon-gitlab.svg | 0 templates/{GitLab-CE => GitLab}/config.yml | 2 +- 7 files changed, 53 insertions(+), 41 deletions(-) delete mode 100644 templates/GitLab-CE/0/README.md delete mode 100644 templates/GitLab-CE/0/docker-compose.yml create mode 100644 templates/GitLab/0/README.md create mode 100644 templates/GitLab/0/docker-compose.yml rename templates/{GitLab-CE => GitLab}/0/rancher-compose.yml (89%) rename templates/{GitLab-CE => GitLab}/catalogIcon-gitlab.svg (100%) rename templates/{GitLab-CE => GitLab}/config.yml (82%) diff --git a/templates/GitLab-CE/0/README.md b/templates/GitLab-CE/0/README.md deleted file mode 100644 index 4cc1b1b..0000000 --- a/templates/GitLab-CE/0/README.md +++ /dev/null @@ -1 +0,0 @@ -# Gitlab CE \ No newline at end of file diff --git a/templates/GitLab-CE/0/docker-compose.yml b/templates/GitLab-CE/0/docker-compose.yml deleted file mode 100644 index 18fcfbd..0000000 --- a/templates/GitLab-CE/0/docker-compose.yml +++ /dev/null @@ -1,36 +0,0 @@ -version: '2' -services: - gitlab-ce: - image: gitlab/gitlab-ce:latest - dns: - - 1.1.1.1 - - 1.0.0.1 - environment: - GITLAB_OMNIBUS_CONFIG: | - external_url 'https://${TRAEFIK_HOST}:${WEB_PORT}' - hostname: ${TRAEFIK_HOST} - labels: - io.rancher.container.pull_image: always - {{- if .Values.HOST_LABEL}} - io.rancher.scheduler.affinity:host_label: ${HOST_LABEL} - {{- end}} - {{- if .Values.TRAEFIK_HOST}} - traefik.enable: true - traefik.frontend.rule: Host:${TRAEFIK_HOST} - traefik.port: "80" - traefik.frontend.entryPoints: http,https - traefik.frontend.headers.forceSTSHeader: true - traefik.frontend.headers.SSLRedirect: true - traefik.frontend.headers.STSPreload: true - traefik.frontend.headers.STSSeconds: 15552000 - {{- else}} - traefik.enable: false - {{- end}} - ports: - - "${WEB_PORT}:80" -# - "${SSH_PORT}:22" - restart: on-failure - volumes: - - /RancherCattleConfig/${DATA_DIR}/Config:/etc/gitlab - - /RancherCattleConfig/${DATA_DIR}/Logs:/var/log/gitlab - - /RancherCattleData/${DATA_DIR}/Data:/var/opt/gitlab \ No newline at end of file diff --git a/templates/GitLab/0/README.md b/templates/GitLab/0/README.md new file mode 100644 index 0000000..cc2a8c6 --- /dev/null +++ b/templates/GitLab/0/README.md @@ -0,0 +1,6 @@ +# GitLab (Community Edition) + + +## Manually Adding More Environment Variables With Omnibus + +[Available Options Located Here](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template) \ No newline at end of file diff --git a/templates/GitLab/0/docker-compose.yml b/templates/GitLab/0/docker-compose.yml new file mode 100644 index 0000000..663d260 --- /dev/null +++ b/templates/GitLab/0/docker-compose.yml @@ -0,0 +1,44 @@ +version: '2' + +services: + gitlab: + image: gitlab/gitlab-ce:latest + dns: + - 1.1.1.1 + - 1.0.0.1 + environment: + GITLAB_OMNIBUS_CONFIG: | + external_url 'https://${TRAEFIK_HOST}' + gitlab_rails['gitlab_shell_ssh_port'] = 1022 + hostname: ${TRAEFIK_HOST} + labels: + io.rancher.container.pull_image: always + {{- if .Values.HOST_LABEL}} + io.rancher.scheduler.affinity:host_label: ${HOST_LABEL} + {{- end}} + traefik.enable: true + ### Start Web Segment + traefik.web.frontend.entryPoints: http,https + traefik.web.frontend.headers.forceSTSHeader: true + traefik.web.frontend.headers.referrerPolicy: no-referrer # Security enhancement (Prevents leaking of referer information) + traefik.web.frontend.headers.SSLRedirect: true + traefik.web.frontend.headers.STSPreload: true + traefik.web.frontend.headers.STSSeconds: 15552000 + traefik.web.frontend.rule: Host:${TRAEFIK_HOST} + traefik.web.port: "80" + ### End Web Segment + ### Start SSH Segment + traefik.ssh.frontend.entryPoints: ssh + traefik.ssh.frontend.rule: Host:${TRAEFIK_HOST} + traefik.ssh.port: "22" + ### End SSH Segment + ports: + - "${WEB_PORT}:80" + - "1022:22" + restart: on-failure + volumes: + - /etc/localtime:/etc/localtime:ro # Syncronize time of container with the host system + - /etc/timezone:/etc/timezone:ro # Syncronize timezone of container with the host system + - /RancherCattle/${DATA_DIR}/Config:/etc/gitlab + - /RancherCattle/${DATA_DIR}/Logs:/var/log/gitlab + - /RancherCattle/${DATA_DIR}/Data:/var/opt/gitlab \ No newline at end of file diff --git a/templates/GitLab-CE/0/rancher-compose.yml b/templates/GitLab/0/rancher-compose.yml similarity index 89% rename from templates/GitLab-CE/0/rancher-compose.yml rename to templates/GitLab/0/rancher-compose.yml index ec18038..83ad24f 100644 --- a/templates/GitLab-CE/0/rancher-compose.yml +++ b/templates/GitLab/0/rancher-compose.yml @@ -20,9 +20,8 @@ catalog: label: "Public Host Domain" description: | The host that Traefik will use to provide public access. - Leaving this empty will disable Traefik on this stack. default: "subdomain.domain.tld" - required: false + required: true type: string - variable: "WEB_PORT" @@ -37,6 +36,6 @@ catalog: label: "Data Directory" description: | The directory to store persistent data for the stack. - default: "Personal/Gitlab-CE" + default: "Personal/GitLab" required: true type: string \ No newline at end of file diff --git a/templates/GitLab-CE/catalogIcon-gitlab.svg b/templates/GitLab/catalogIcon-gitlab.svg similarity index 100% rename from templates/GitLab-CE/catalogIcon-gitlab.svg rename to templates/GitLab/catalogIcon-gitlab.svg diff --git a/templates/GitLab-CE/config.yml b/templates/GitLab/config.yml similarity index 82% rename from templates/GitLab-CE/config.yml rename to templates/GitLab/config.yml index 11c46a9..0e70d03 100644 --- a/templates/GitLab-CE/config.yml +++ b/templates/GitLab/config.yml @@ -1,4 +1,4 @@ -name: Gitlab (Community Edition) +name: GitLab (Community Edition) description: | Status: NOT READY version: latest From f1a060404f057f9bb0e660614a0d28a121436543 Mon Sep 17 00:00:00 2001 From: WilliamMiceli Date: Wed, 6 Feb 2019 13:58:14 -0500 Subject: [PATCH 2/8] Minor wording fix --- templates/GitLab/0/rancher-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/GitLab/0/rancher-compose.yml b/templates/GitLab/0/rancher-compose.yml index 83ad24f..203f0b5 100644 --- a/templates/GitLab/0/rancher-compose.yml +++ b/templates/GitLab/0/rancher-compose.yml @@ -11,7 +11,7 @@ catalog: - variable: "HOST_LABEL" label: "Host Label Key/Value Pair" description: | - The Label Key/Value pair on the host which containers should be deployed + The Label Key/Value pair of the host which containers should be deployed default: "host.id=Host2" required: false type: string From 8f1ffbe35f82d73518571a2538256efc2d0eb702 Mon Sep 17 00:00:00 2001 From: WilliamMiceli Date: Wed, 6 Feb 2019 13:58:50 -0500 Subject: [PATCH 3/8] Testing fix for using GitLab with Traefik reverse proxy --- templates/GitLab/0/docker-compose.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/templates/GitLab/0/docker-compose.yml b/templates/GitLab/0/docker-compose.yml index 663d260..1df231f 100644 --- a/templates/GitLab/0/docker-compose.yml +++ b/templates/GitLab/0/docker-compose.yml @@ -10,6 +10,11 @@ services: GITLAB_OMNIBUS_CONFIG: | external_url 'https://${TRAEFIK_HOST}' gitlab_rails['gitlab_shell_ssh_port'] = 1022 + nginx['real_ip_trusted_addresses'] = [ '10.42.0.0/16' ] # 10.42.0.0/16 is the default Rancher managed subnet + # nginx['real_ip_header'] = 'X-Real-IP' + # nginx['real_ip_recursive'] = 'on' + nginx['listen_port'] = 80 # Using HTTP between the Traefik container and GitLab + nginx['listen_https'] = false # Traefik is handling HTTPS on outside hostname: ${TRAEFIK_HOST} labels: io.rancher.container.pull_image: always @@ -24,12 +29,14 @@ services: traefik.web.frontend.headers.SSLRedirect: true traefik.web.frontend.headers.STSPreload: true traefik.web.frontend.headers.STSSeconds: 15552000 + traefik.web.frontend.passHostHeader: true traefik.web.frontend.rule: Host:${TRAEFIK_HOST} traefik.web.port: "80" ### End Web Segment ### Start SSH Segment traefik.ssh.frontend.entryPoints: ssh traefik.ssh.frontend.rule: Host:${TRAEFIK_HOST} + traefik.ssh.frontend.passHostHeader: true traefik.ssh.port: "22" ### End SSH Segment ports: From 5d3703b507e20ff9aee9a4e54f789a9b07977151 Mon Sep 17 00:00:00 2001 From: WilliamMiceli Date: Wed, 6 Feb 2019 15:41:40 -0500 Subject: [PATCH 4/8] Added more documentation links --- templates/GitLab/0/README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/templates/GitLab/0/README.md b/templates/GitLab/0/README.md index cc2a8c6..b01e67c 100644 --- a/templates/GitLab/0/README.md +++ b/templates/GitLab/0/README.md @@ -3,4 +3,6 @@ ## Manually Adding More Environment Variables With Omnibus -[Available Options Located Here](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template) \ No newline at end of file +[Main Omnibus Documentation](https://docs.gitlab.com/omnibus/settings/configuration.html) +[All Available Options Located Here](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template) +[NGINX Settings](https://docs.gitlab.com/omnibus/settings/nginx.html) \ No newline at end of file From d3b83fe170491a9f1a778d1f9a86e39be037168d Mon Sep 17 00:00:00 2001 From: WilliamMiceli Date: Wed, 6 Feb 2019 15:41:54 -0500 Subject: [PATCH 5/8] Removed unneeded variables --- templates/GitLab/0/docker-compose.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/templates/GitLab/0/docker-compose.yml b/templates/GitLab/0/docker-compose.yml index 1df231f..4c68746 100644 --- a/templates/GitLab/0/docker-compose.yml +++ b/templates/GitLab/0/docker-compose.yml @@ -11,8 +11,6 @@ services: external_url 'https://${TRAEFIK_HOST}' gitlab_rails['gitlab_shell_ssh_port'] = 1022 nginx['real_ip_trusted_addresses'] = [ '10.42.0.0/16' ] # 10.42.0.0/16 is the default Rancher managed subnet - # nginx['real_ip_header'] = 'X-Real-IP' - # nginx['real_ip_recursive'] = 'on' nginx['listen_port'] = 80 # Using HTTP between the Traefik container and GitLab nginx['listen_https'] = false # Traefik is handling HTTPS on outside hostname: ${TRAEFIK_HOST} From 9cbf475be56bdc2ada64fffc1fdb731b6875a20f Mon Sep 17 00:00:00 2001 From: WilliamMiceli Date: Wed, 6 Feb 2019 16:00:00 -0500 Subject: [PATCH 6/8] Added links for GitLab Runner (future project) --- templates/GitLab/0/README.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/templates/GitLab/0/README.md b/templates/GitLab/0/README.md index b01e67c..ff50006 100644 --- a/templates/GitLab/0/README.md +++ b/templates/GitLab/0/README.md @@ -5,4 +5,9 @@ [Main Omnibus Documentation](https://docs.gitlab.com/omnibus/settings/configuration.html) [All Available Options Located Here](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template) -[NGINX Settings](https://docs.gitlab.com/omnibus/settings/nginx.html) \ No newline at end of file +[NGINX Settings](https://docs.gitlab.com/omnibus/settings/nginx.html) + +# GitLab Runner (future project) +[https://docs.gitlab.com/runner/install/docker.html] +[https://hub.docker.com/r/gitlab/gitlab-runner/tags] +[https://medium.freecodecamp.org/how-to-setup-ci-on-gitlab-using-docker-66e1e04dcdc2] \ No newline at end of file From 1d7581f6211f26f16dcb5c810f64904da0af6402 Mon Sep 17 00:00:00 2001 From: William Miceli <1-WilliamMiceli@users.noreply.git.williammiceli.systems> Date: Wed, 6 Feb 2019 19:58:26 -0500 Subject: [PATCH 7/8] Removed ports, disabled SSH --- templates/GitLab/0/docker-compose.yml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/templates/GitLab/0/docker-compose.yml b/templates/GitLab/0/docker-compose.yml index 4c68746..fd6abf1 100644 --- a/templates/GitLab/0/docker-compose.yml +++ b/templates/GitLab/0/docker-compose.yml @@ -32,14 +32,11 @@ services: traefik.web.port: "80" ### End Web Segment ### Start SSH Segment - traefik.ssh.frontend.entryPoints: ssh - traefik.ssh.frontend.rule: Host:${TRAEFIK_HOST} - traefik.ssh.frontend.passHostHeader: true - traefik.ssh.port: "22" + # traefik.ssh.frontend.entryPoints: ssh + # traefik.ssh.frontend.rule: Host:${TRAEFIK_HOST} + # traefik.ssh.frontend.passHostHeader: true + # traefik.ssh.port: "22" ### End SSH Segment - ports: - - "${WEB_PORT}:80" - - "1022:22" restart: on-failure volumes: - /etc/localtime:/etc/localtime:ro # Syncronize time of container with the host system From 65762e0c3dc768b7618876bd518a2cde3fc4b442 Mon Sep 17 00:00:00 2001 From: WilliamMiceli Date: Fri, 8 Feb 2019 21:23:04 -0500 Subject: [PATCH 8/8] Removed web_port --- templates/GitLab/0/rancher-compose.yml | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/templates/GitLab/0/rancher-compose.yml b/templates/GitLab/0/rancher-compose.yml index 203f0b5..7606f17 100644 --- a/templates/GitLab/0/rancher-compose.yml +++ b/templates/GitLab/0/rancher-compose.yml @@ -1,6 +1,6 @@ version: '2' catalog: - name: Gitlab-CE + name: GitLab version: latest # description: # minimum_rancher_version: @@ -24,14 +24,6 @@ catalog: required: true type: string - - variable: "WEB_PORT" - label: "Web Port" - description: | - The port to access the web interface on. - default: "20300" - required: true - type: string - - variable: "DATA_DIR" label: "Data Directory" description: |