NixOS Install Gitlab
Install docker service
virtualisation.docker.enable = true; and optionally
extraGroups= [ "docker" ] to a user who needs to control docker to your configuration.nix file.
Open firewall ports
networking.firewall.allowedTCPPorts = [ 80 443 ]
Adjust paths and ports according to your setup
version: '2' services: web: image: 'gitlab/gitlab-ce:latest' restart: always hostname: 'gitlab' ports: - '80:80' - '443:443' - '50222:22' volumes: - '/srv/gitlab/config:/etc/gitlab' - '/srv/gitlab/logs:/var/log/gitlab' - '/srv/gitlab/data:/var/opt/gitlab'
docker-compose up -d to start the service in the backgroud. You should now be able to access gitlab with your machine's IP
Install openssl and generate certificates
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365
Alternative: Use lets encrypt
The main configuration file is
/srv/gitlab/config/gitlab.rb (adjust your path according to your docker-compose file)
In gitlab.rb put 'external_url "https://gitlab.example.com"'. Gitlab will look after your certificates according to your hostname - here
Note that this is the path inside of the container and won't be permanent - on your docker host the correct path is
Create the ssl directory and copy your previously generated files
cert.key to this folder and rename them. The cert.pem file is the .crt file and the key.pem the .key file.
Now connect to your container with
docker exec -it gitlab_web_1 and run
gitlab-ctl reconfigure inside your container.
After enabling https gitlab does not listen to http anymore. To redirect incoming http traffic to https put
nginx['redirect_http_to_https'] = true in your gitlab.rb file.