version: '3.7' services: gitlab: image: ${DOCKER_IMAGE_GITLAB} container_name: ${SERVICE_NAME}_${CONTAINER_NAME_GITLAB} restart: always depends_on: - postgresql - redis ports: - "${GITLAB_SSH_PORT}:22" # - 80:80 # - 443:443 expose: - 80 labels: - "traefik.enable=true" - "traefik.http.routers.gitlab-rm-server.entrypoints=https" - "traefik.http.routers.gitlab-rm-server.rule=Host(`${GITLAB_HOST}`)" - "traefik.http.routers.gitlab-rm-server.tls=true" - "traefik.http.routers.gitlab-rm-server.tls.certresolver=letsEncrypt" - "traefik.http.services.gitlab-rm-server-service.loadbalancer.server.port=80" - "traefik.docker.network=webproxy" volumes: - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab:/home/git/data:Z - ./ssl-certs:/certs environment: - DEBUG=false - DB_ADAPTER=postgresql - DB_HOST=${SERVICE_NAME}_${CONTAINER_NAME_PGSQL} - DB_PORT=5432 - DB_USER=${DB_USER} - DB_PASS=${DB_PASS} - DB_NAME=${DB_NAME} - REDIS_HOST=${SERVICE_NAME}_${CONTAINER_NAME_REDIS} - REDIS_PORT=6379 - TZ=UTC - GITLAB_TIMEZONE=${GITLAB_TIMEZONE} - GITLAB_HTTPS=true - SSL_SELF_SIGNED=false - GITLAB_HOST=${GITLAB_HOST} - GITLAB_PORT=443 - GITLAB_SSH_PORT=${GITLAB_SSH_PORT} - GITLAB_SECRETS_DB_KEY_BASE=${GITLAB_SECRETS_DB_KEY_BASE} - GITLAB_SECRETS_SECRET_KEY_BASE=${GITLAB_SECRETS_SECRET_KEY_BASE} - GITLAB_SECRETS_OTP_KEY_BASE=${GITLAB_SECRETS_OTP_KEY_BASE} - GITLAB_ROOT_PASSWORD=${GITLAB_ROOT_PASSWORD} - GITLAB_ROOT_EMAIL=${GITLAB_ROOT_EMAIL} - GITLAB_NOTIFY_ON_BROKEN_BUILDS=true - GITLAB_NOTIFY_PUSHER=false - GITLAB_EMAIL=${GITLAB_EMAIL} - GITLAB_EMAIL_REPLY_TO=${GITLAB_EMAIL_REPLY_TO} - GITLAB_INCOMING_EMAIL_ADDRESS=${GITLAB_INCOMING_EMAIL_ADDRESS} - GITLAB_PAGES_ENABLED=false - SMTP_ENABLED=${SMTP_ENABLED} # - SMTP_DOMAIN=${SMTP_DOMAIN} # - SMTP_HOST=${SMTP_HOST} # - SMTP_PORT=${SMTP_PORT} # - SMTP_USER=${SMTP_USER} # - SMTP_PASS=${SMTP_PASS} # - SMTP_STARTTLS=${SMTP_STARTTLS} # - SMTP_AUTHENTICATION=${SMTP_AUTHENTICATION} - IMAP_ENABLED=false - LDAP_ENABLED=${LDAP_ENABLED} - LDAP_LABEL=${LDAP_LABEL} - LDAP_HOST=${LDAP_HOST} - LDAP_PORT=${LDAP_PORT} - LDAP_UID=${LDAP_UID} - LDAP_METHOD=${LDAP_METHOD} - LDAP_VERIFY_SSL=${LDAP_VERIFY_SSL} - LDAP_ACTIVE_DIRECTORY=${LDAP_ACTIVE_DIRECTORY} - LDAP_BASE=${LDAP_BASE} - LDAP_USER_FILTER=${LDAP_USER_FILTER} - LDAP_BIND_DN=${LDAP_BIND_DN} - LDAP_PASS=${LDAP_PASS} - GITLAB_REGISTRY_ENABLED=true - GITLAB_REGISTRY_HOST=${REGISTRY_HOST} - GITLAB_REGISTRY_API_URL=http://registry:5000/ - GITLAB_REGISTRY_KEY_PATH=/certs/registry.key healthcheck: test: ["CMD", "/usr/local/sbin/healthcheck"] interval: 1m timeout: 5s retries: 5 start_period: 2m networks: - ${WEBPROXY_NETWORK} - ${SERVICE_NETWORK} registry: image: ${DOCKER_IMAGE_REGISTRY} container_name: ${SERVICE_NAME}_${CONTAINER_NAME_REGISTRY} restart: always expose: - 5000 labels: - "traefik.enable=true" - "traefik.http.routers.gitlab-rm-registry.entrypoints=https" - "traefik.http.routers.gitlab-rm-registry.rule=Host(`${REGISTRY_HOST}`)" - "traefik.http.routers.gitlab-rm-registry.tls=true" - "traefik.http.routers.gitlab-rm-registry.tls.certresolver=letsEncrypt" - "traefik.http.services.gitlab-rm-registry-service.loadbalancer.server.port=5000" - "traefik.docker.network=webproxy" volumes: - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab/shared/registry:/registry - ./ssl-certs:/certs environment: - REGISTRY_AUTH_TOKEN_AUTOREDIRECT=false - REGISTRY_LOG_LEVEL=debug - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/registry - REGISTRY_AUTH_TOKEN_REALM=https://${GITLAB_HOST}/jwt/auth - REGISTRY_AUTH_TOKEN_SERVICE=container_registry - REGISTRY_AUTH_TOKEN_ISSUER=gitlab-issuer - REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/certs/registry.crt - REGISTRY_STORAGE_DELETE_ENABLED=true # - REGISTRY_STORAGE=s3 # - REGISTRY_STORAGE_S3_ACCESSKEY=${REGISTRY_STORAGE_S3_ACCESSKEY} # - REGISTRY_STORAGE_S3_SECRETKEY=${REGISTRY_STORAGE_S3_SECRETKEY} # - REGISTRY_STORAGE_S3_REGIONENDPOINT=${REGISTRY_STORAGE_S3_REGIONENDPOINT} # - REGISTRY_STORAGE_S3_REGION=${REGISTRY_STORAGE_S3_REGION} # - REGISTRY_STORAGE_S3_BUCKET=${REGISTRY_STORAGE_S3_BUCKET} # - REGISTRY_STORAGE_CACHE_BLOBDESCRIPTOR=inmemory networks: - ${WEBPROXY_NETWORK} - ${SERVICE_NETWORK} postgresql: image: ${DOCKER_IMAGE_PGSQL} container_name: ${SERVICE_NAME}_${CONTAINER_NAME_PGSQL} restart: always environment: - POSTGRESQL_USERNAME=${DB_USER} - POSTGRESQL_PASSWORD=${DB_PASS} - POSTGRESQL_DATABASE=${DB_NAME} - POSTGRESQL_SHARED_PRELOAD_LIBRARIES=pg_trgm,btree_gist volumes: - postgresql_data:/bitnami/postgresql/:Z networks: - ${SERVICE_NETWORK} redis: restart: always image: ${DOCKER_IMAGE_REDIS} container_name: ${SERVICE_NAME}_${CONTAINER_NAME_REDIS} command: - --loglevel warning volumes: - ${SERVICE_DATA}/${SERVICE_NAME}/redis:/var/lib/redis:Z networks: - ${SERVICE_NETWORK} runner_1: image: ${DOCKER_IMAGE_RUNNER} container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_1 restart: always depends_on: - gitlab volumes: - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_1:/etc/gitlab-runner - /var/run/docker.sock:/var/run/docker.sock command: --debug run --user=gitlab-runner --working-directory=/home/gitlab-runner environment: - CI_SERVER_URL=https://${GITLAB_HOST} - CI_SERVER_LOCAL_IP=${CI_SERVER_LOCAL_IP} - CI_SERVER_WITH_RUNNER=${CI_SERVER_WITH_RUNNER} - RUNNER_TOKEN=${RUNNER_TOKEN} - RUNNER_DESCRIPTION=gitab-runner_1 - RUNNER_EXECUTOR=docker - DOCKER_IMAGE=gitlab/gitlab-runner-helper:x86_64-latest networks: - ${SERVICE_NETWORK} runner_2: image: ${DOCKER_IMAGE_RUNNER} container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_2 restart: always depends_on: - gitlab volumes: - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_2:/etc/gitlab-runner - /var/run/docker.sock:/var/run/docker.sock command: --debug run --user=gitlab-runner --working-directory=/home/gitlab-runner environment: - CI_SERVER_URL=https://${GITLAB_HOST} - CI_SERVER_WITH_RUNNER=${CI_SERVER_WITH_RUNNER} - CI_SERVER_LOCAL_IP=${CI_SERVER_LOCAL_IP} - RUNNER_TOKEN=${RUNNER_TOKEN} - RUNNER_DESCRIPTION=gitab-runner_2 - RUNNER_EXECUTOR=docker - DOCKER_IMAGE=gitlab/gitlab-runner-helper:x86_64-latest networks: - ${SERVICE_NETWORK} # backup: # image: ${DOCKER_IMAGE_BACKUP} # restart: always # container_name: ${SERVICE_NAME}_${CONTAINER_NAME_BACKUP} # command: gitlab backup --storage S3:///gitlab --online # volumes: # - /var/run/docker.sock:/var/run/docker.sock # - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab/backups:${BACKUP_DIR}:Z # - ${DOCKER_COMPOSE_DIR}:${DOCKER_COMPOSE_DIR} # environment: # - BACKUP_SCHEDULE=${BACKUP_SCHEDULE} # - BACKUP_DIR=${BACKUP_DIR} # - DOCKER_COMPOSE_DIR=${DOCKER_COMPOSE_DIR} # - ${SERVICE_NETWORK} # - CONTAINER_NAME_GITLAB=${CONTAINER_NAME_GITLAB} # - S3_HOST_BASE=${S3_HOST_BASE} # - S3_ACCOUNT_ID=${S3_ACCOUNT_ID} # - S3_APPLICATION_KEY=${S3_APPLICATION_KEY} # networks: # - ${SERVICE_NETWORK} networks: service: name: ${SERVICE_NETWORK} webproxy: external: name: ${WEBPROXY_NETWORK} volumes: postgresql_data: driver: local