Docker版本Omnibus Gitlab 加Lets Encrypt免费SSL一键搭建

首先使用下列文件gitlab_run.sh生成LetsEncrypt的certificate。

来源：

https://github.com/flasheryu/docker-letsencrypt-nginx-proxy-companion-examples

#!/bin/bash
# This example will run a basic nginx server provisionned with an index.html file
# Make sure to replace "site.example.com" with a public accessible domain poiting to the server you will run this on.

# This nginx container will get a configuration generated by the docker-gen instance and act as a reverse-proxy
echo "Starting nginx instance..."
docker run -d -p 80:80 -p 443:443    --name nginx     -v /etc/nginx/conf.d      -v /etc/nginx/vhost.d     -v /usr/share/nginx/html     -v $(pwd)/../../volumes/proxy/certs:/etc/nginx/certs:ro     nginx

# This nginx-gen container using the docker-gen image will generate a ‘default.conf‘ file from the ‘nginx.tmpl‘ located in volumes/proxy/templates.
echo "Starting docker-gen instance..."
docker run -d     --name nginx-gen     --volumes-from nginx     -v $(pwd)/../../volumes/proxy/templates/nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro     -v /var/run/docker.sock:/tmp/docker.sock:ro     jwilder/docker-gen     -notify-sighup nginx -watch -only-exposed -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf

echo "Starting letsencrypt-nginx-proxy-companion..."
docker run -d     -e "NGINX_DOCKER_GEN_CONTAINER=nginx-gen"     --volumes-from nginx     -v $(pwd)/../../volumes/proxy/certs:/etc/nginx/certs:rw     -v /var/run/docker.sock:/var/run/docker.sock:ro     jrcs/letsencrypt-nginx-proxy-companion

# This an example service that will get picked up and served by the reverse proxy.
# Make sure you change all the default values in this file and in volumes/examples/simple-site
echo "Starting simple-site nginx example..."
docker run -d     --name simple-site     -e "VIRTUAL_HOST=dockeryu.com"     -e "LETSENCRYPT_HOST=dockeryu.com"     -e "[email protected]"     -v $(pwd)/../../volumes/examples/simple-site/conf.d/:/etc/nginx/conf.d     nginx

然后待/volumes/proxy/certs下生成了certs以后，使用如下命令可一键搭建带有LetsEncrypt免费SSL版本的Omnibus版本Gitlab。

docker run --detach --hostname dockeryu.com --env GITLAB_OMNIBUS_CONFIG="registry_external_url ‘https://dockeryu.com:4040‘;registry_nginx[‘ssl_certificate‘]=‘/etc/letsencrypt/live/dockeryu.com/dockeryu.com.crt‘;registry_nginx[‘ssl_certificate_key‘]=‘/etc/letsencrypt/live/dockeryu.com/dockeryu.com.key‘;external_url ‘https://dockeryu.com/‘;nginx[‘redirect_http_to_https‘]=true;nginx[‘ssl_certificate‘]=‘/etc/letsencrypt/live/dockeryu.com/dockeryu.com.crt‘;nginx[‘ssl_certificate_key‘]=‘/etc/letsencrypt/live/dockeryu.com/dockeryu.com.key‘;" --publish 443:443 --publish 80:80 --publish 222:22 --publish 4040:4040 --name gitlab --restart always --volume /srv/gitlab/config:/etc/gitlab --volume /srv/gitlab/logs:/var/log/gitlab --volume /srv/gitlab/data:/var/opt/gitlab --volume /volumes/proxy/certs:/etc/letsencrypt/live/dockeryu.com gitlab/gitlab-ce

两分钟后gitlab可启动成功。

Gitlab更多配置使用方法参考：

http://docs.gitlab.com/omnibus/docker/

注意，使用LetsEncrypt可能超限(limit rates,20次一周)，具体参见：

https://letsencrypt.org/docs/rate-limits/

时间： 2024-10-25 07:45:39

Docker版本Omnibus Gitlab 加Lets Encrypt免费SSL一键搭建的相关文章

申请Let's Encrypt免费SSL证书

沃通及期收购的startssl被封,用不了,只能申请Let's Encrypt免费证书,我就不科普了,免费是免费,时效只有3个月,就得更新,就是这样,喵到下面的网站,一下脚本,可以助力你快速申请证书 https://certbot.eff.org/ 下面以centos 6 - nginx 为例: 打开https://certbot.eff.org/ 选好系统版本,即下面的URL https://certbot.eff.org/#centos6-nginx 1.下载 wget -O /sbin/

windows server使用 LetsEncrypt-Win-Simple来安装和使用用Let's Encrypt免费SSL证书

一.网站部署 LetsEncrypt-Win-Simple可以自动发现已经部署的网站供我们选择要生成证书的网站,而且还需要进行验证.所以在生成证书之前,确保网站已经部署好并可以正常访问. 二.生成证书软件下载地址如下: https://github.com/Lone-Coder/letsencrypt-win-simple/releases 直接下载zip压缩包就好,下载完之后解压运行里面的letsencrypt.exe打开控制台窗口,第一次运行会提示你输入一个邮箱以供后续使用. Let's

Omnibus Gitlab CentOS 7使用Let's Encrypt配置免费ssl

首先安装omnibus gitlab,参照 https://about.gitlab.com/downloads/ 参照以下两篇文章结合配置: https://certbot.eff.org/#centosrhel7-nginx https://webnugget.de/setting-up-gitlab-with-free-ssl-certs-from-lets-encrypt-on-ubuntu-14-04/ 1.安装certbot. $ sudo yum install epel-rele

nginx安装Lets Encrypt SSL免费HTTPS加密证书

Linux Nginx网站:Certbot安装配置Lets Encrypt SSL免费HTTPS加密证书原文地址:https://renwole.com/archives/157 实验环境:CentOS Linux release 7.2内核版本:Linux version 3.10.0-514.26.2.el7.x86_64Nginx版本: Nginx-1.13.0 Let's Encrypt是一个免费的.自动化.开放的证书颁发机构.由Mozilla.Cisco.Chrome.faceboo

Docker中安装Gitlab和gitlab-ci-multi-runner来搭建CI服务器

1 环境 2 镜像地址 3 安装步骤 4 参考环境 ubuntu-16.04-desktop-amd64.iso 镜像地址 https://hub.docker.com/r/sameersbn/gitlab-ci-multi-runner/ 拉取gitlab-ci-multi-runner:docker pull sameersbn/gitlab-ci-multi-runner 安装步骤 1.安装docker 官方apt源公钥:sudo apt-key adv --keyserver hkp:

docker下运行Gitlab CE+Jenkins+Nexus3+docker-registry-frontend

DevOps - Gitlab CE - Jenkins - Nexus Gitlab CE https://hub.docker.com/r/gitlab/gitlab-ce/ https://docs.gitlab.com/omnibus/docker/README.html $ docker pull gitlab/gitlab-ce sudo docker run --detach --hostname gitlab.example.com --publish 443:443 --pub

docker 安装使用gitlab

官方镜像地址 ce版本: https://hub.docker.com/r/gitlab/gitlab-ce 文档地址: https://docs.gitlab.com/omnibus/docker/ 环境: 阿里云 centos 7.4 2核4G 首先创建好存储目录: [root@iZbp1625jeg61bc2zzfcotZ ~]# mkdir /usr/local/gitlab_data[root@iZbp1625jeg61bc2zzfcotZ ~]# cd /usr/local/

docker下部署gitlab

docker用来隔离应用还是很方便的,一来本身的操作较为简单,二来资源占用也比虚拟机要小得多,三来也较为安全,因为像数据库这样的应用不会再全局暴露端口,同时应用间的通信通过加密和端口转发,更加安全. Gitlab是目前比较流行的开源类Github代码管理平台.Gitlab使用Rails开发,使用PostgreSQL或MySQL数据库,Redis做缓存.一般自己搭建私有代码仓库,Gitlab通常是首选.这里简单介绍一下dockerized Gitlab. Gitlab的docker镜像早已有人做好

Let's Encrypt免费通配符 SSL 证书申请教程

1.下载客户端,设置可执行权限: # 下载 Certbot 客户端 (Centos6以上先安装epel)$ wget https://dl.eff.org/certbot-auto # 设为可执行权限$ chmod a+x certbot-auto 2. 申请通配符证书,效验域名所有权: $ ./certbot-auto certonly -d "*.xxx.com" --manual --preferred-challenges dns-01 --server https://ac