发表新帖
发表新帖

gitlab in docker behind traefik proxy fails (usually)

前端 未结
关注
2 908
死守一世寂寞
死守一世寂寞 2021-01-12 05:51

I have several web sites running in docker with LetsEncrypt credentials and routed via traefik. I would like to run a local gitlab-ce in docker similarly with LetsEncrypt an

相关标签:
2条回答
  • 庸人自扰
    2021-01-12 06:04

    i've used sameersbn's docker-compose and added the following docker-compose.override.yml in the same directory.

    version: "2"

services:
    gitlab:
      labels:
        - "traefik.frontend.rule=Host:git.schulz.codes"
        - "traefik.port=80"
        - "traefik.enable=true"
        - "traefik.frontend.entryPoints=http,https"

    this keeps working quiet nicely with the following traefik docker-compose

    version: "2"

services:
  proxy:
    restart: always
    image: traefik
    container_name: traefik
    command: --web --docker --docker.domain=docker.localhost --logLevel=DEBUG
    ports:
      - "8080:8080"
      - "80:80"
      - "443:443"
    volumes:
      - ./traefik.toml:/etc/traefik/traefik.toml
      - /var/run/docker.sock:/var/run/docker.sock
      - ./data:/etc/traefik/acme:rw

    and this traefik.toml

    [entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
defaultEntryPoints = ["http", "https"]
[acme]
email = "yourmail@domain.com"
storageFile = "/etc/traefik/acme/acme.json"
entryPoint = "https"
OnHostRule = true
[[acme.domains]]
  main = "domain.com"
  sans = ["gitlab.domain.com"]
[web]
address = ":8080"
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "docker.localhost"
watch = true
exposedbydefault = true
    0 讨论(0)
  • 佛祖请我去吃肉
    2021-01-12 06:13

    This answer probably comes way too late for you, but I ran into the same issue and was able to solve it.

    The important clue is that the log errors are by the sshd daemon!

    Traefik will, by default, pick the first port exposed by the container (by the Dockerfile, not the ports you manually expose!). In case of the Gitlab container, this is the ssh port 22.

    So Traefik will direct the web requests to Gitlab's SSH daemon.

    To fix this, you need to set the port for Traefik explicitly, with a label:

    Traefik 1.x:

    labels:
    ...
    - traefik.port=80

    Traefik 2.x:

    labels:
    - traefik.http.services.<your-service-name>.loadbalancer.server.port=80
    0 讨论(0)
 看不清?
提交回复
热议问题