version: '3.9' networks: gitlab-net: name: ${SERVICE_NETWORK} webproxy: name: ${WEBPROXY_NETWORK} services: gitlab: image: ${DOCKER_IMAGE_GITLAB} container_name: ${SERVICE_NAME}_${CONTAINER_NAME_GITLAB} restart: always depends_on: - postgresql - redis labels: - "traefik.enable=true" - "traefik.http.routers.gitlab-learn-server.entrypoints=https" - "traefik.http.routers.gitlab-learn-server.rule=Host(`${GITLAB_HOST}`)" - "traefik.http.routers.gitlab-learn-server.tls=true" - "traefik.http.routers.gitlab-learn-server.tls.certresolver=letsEncrypt" - "traefik.http.services.gitlab-learn-server-service.loadbalancer.server.port=80" - "traefik.docker.network=webproxy" environment: - DEBUG=false - DB_ADAPTER=postgresql - DB_HOST=${SERVICE_NAME}_${CONTAINER_NAME_PGSQL} - DB_PORT=5432 - DB_USER - DB_PASS - DB_NAME - REDIS_HOST=${SERVICE_NAME}_${CONTAINER_NAME_REDIS} - REDIS_PORT=6379 - TZ - GITLAB_TIMEZONE - GITLAB_HTTPS=false - SSL_SELF_SIGNED=false - GITLAB_HOST - GITLAB_PORT=80 - GITLAB_SSH_PORT - GITLAB_RELATIVE_URL_ROOT - GITLAB_SECRETS_DB_KEY_BASE - GITLAB_SECRETS_SECRET_KEY_BASE - GITLAB_SECRETS_OTP_KEY_BASE - GITLAB_ROOT_PASSWORD - GITLAB_ROOT_EMAIL - GITLAB_NOTIFY_ON_BROKEN_BUILDS=true - GITLAB_NOTIFY_PUSHER=false - GITLAB_EMAIL - GITLAB_EMAIL_REPLY_TO # - GITLAB_BACKUP_SCHEDULE=daily # - GITLAB_BACKUP_TIME=01:00 # - GITLAB_BACKUP_EXPIRY=172800 # - GITLAB_BACKUP_SKIP=registry,builds - GITLAB_PAGES_ENABLED - SMTP_ENABLED - SMTP_DOMAIN - SMTP_HOST - SMTP_PORT - SMTP_USER - SMTP_PASS - SMTP_STARTTLS - SMTP_AUTHENTICATION - LDAP_ENABLED - LDAP_LABEL - LDAP_HOST - LDAP_PORT - LDAP_UID - LDAP_METHOD - LDAP_VERIFY_SSL - LDAP_ACTIVE_DIRECTORY - LDAP_BASE - LDAP_USER_FILTER - LDAP_BIND_DN - LDAP_PASS - GITLAB_REGISTRY_ENABLED=true - GITLAB_REGISTRY_HOST=${REGISTRY_HOST} - GITLAB_REGISTRY_API_URL=http://registry:5000/ - GITLAB_REGISTRY_KEY_PATH=/certs/registry.key healthcheck: test: ["CMD", "/usr/local/sbin/healthcheck"] interval: 1m timeout: 5s retries: 5 start_period: 2m ports: - "${GITLAB_SSH_PORT}:22" expose: - 80 networks: - ${WEBPROXY_NETWORK} - ${SERVICE_NETWORK} volumes: - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab:/home/git/data:Z - ${SERVICE_DATA}/${SERVICE_NAME}/certs:/certs registry: image: ${DOCKER_IMAGE_REGISTRY} container_name: ${SERVICE_NAME}_${CONTAINER_NAME_REGISTRY} restart: always labels: - "traefik.enable=true" - "traefik.http.routers.gitlab-learn-registry.entrypoints=https" - "traefik.http.routers.gitlab-learn-registry.rule=Host(`${REGISTRY_HOST}`)" - "traefik.http.routers.gitlab-learn-registry.tls=true" - "traefik.http.routers.gitlab-learn-registry.tls.certresolver=letsEncrypt" - "traefik.http.services.gitlab-learn-registry-service.loadbalancer.server.port=5000" - "traefik.docker.network=webproxy" environment: - REGISTRY_AUTH_TOKEN_AUTOREDIRECT=false - REGISTRY_LOG_LEVEL=debug - REGISTRY_AUTH_TOKEN_REALM=https://${GITLAB_HOST}/jwt/auth - REGISTRY_AUTH_TOKEN_SERVICE=container_registry - REGISTRY_AUTH_TOKEN_ISSUER=gitlab-issuer - REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/certs/registry.crt - REGISTRY_STORAGE_DELETE_ENABLED=true - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/registry # - REGISTRY_STORAGE=s3 # - REGISTRY_STORAGE_S3_ACCESSKEY # - REGISTRY_STORAGE_S3_SECRETKEY # - REGISTRY_STORAGE_S3_REGIONENDPOINT # - REGISTRY_STORAGE_S3_REGION # - REGISTRY_STORAGE_S3_BUCKET # - REGISTRY_STORAGE_CACHE_BLOBDESCRIPTOR=inmemory expose: - 5000 networks: - ${WEBPROXY_NETWORK} - ${SERVICE_NETWORK} volumes: - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab/shared/registry:/registry - ${SERVICE_DATA}/${SERVICE_NAME}/certs:/certs postgresql: image: ${DOCKER_IMAGE_PGSQL} container_name: ${SERVICE_NAME}_${CONTAINER_NAME_PGSQL} restart: always environment: - DB_USER - DB_PASS - DB_NAME - DB_EXTENSION=pg_trgm,btree_gist networks: - ${SERVICE_NETWORK} expose: - 5432 volumes: - ${SERVICE_DATA}/${SERVICE_NAME}/postgresql:/var/lib/postgresql:Z redis: restart: always image: ${DOCKER_IMAGE_REDIS} container_name: ${SERVICE_NAME}_${CONTAINER_NAME_REDIS} command: - --loglevel warning networks: - ${SERVICE_NETWORK} volumes: - ${SERVICE_DATA}/${SERVICE_NAME}/redis:/var/lib/redis:Z # runner_1: &runner # image: ${DOCKER_IMAGE_RUNNER} # container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_1 # restart: always # depends_on: # - gitlab # command: --debug run --user=gitlab-runner --working-directory=/home/gitlab-runner # environment: # - CI_SERVER_URL=https://${GITLAB_HOST} # - CI_SERVER_LOCAL_IP=${CI_SERVER_LOCAL_IP} # - CI_SERVER_WITH_RUNNER=${CI_SERVER_WITH_RUNNER} # - RUNNER_TOKEN=${RUNNER_TOKEN} # - RUNNER_DESCRIPTION=gitab-runner_1 # - RUNNER_EXECUTOR=docker # - DOCKER_IMAGE=gitlab/gitlab-runner-helper:x86_64-latest # networks: # - ${SERVICE_NETWORK} # volumes: # - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_1:/etc/gitlab-runner # - /var/run/docker.sock:/var/run/docker.sock # runner_2: # <<: *runner # container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_2 # environment: # - RUNNER_DESCRIPTION=gitab-runner_2 # volumes: # - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_2:/etc/gitlab-runner # runner_3: # <<: *runner # container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_3 # environment: # - RUNNER_DESCRIPTION=gitab-runner_3 # volumes: # - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_3:/etc/gitlab-runner # runner_4: # <<: *runner # container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_4 # environment: # - RUNNER_DESCRIPTION=gitab-runner_4 # volumes: # - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_4:/etc/gitlab-runner