From fa00fadccfba6e6e571d3bcef4d141295c912dfa Mon Sep 17 00:00:00 2001 From: jaydee Date: Mon, 8 Dec 2025 16:06:47 +0100 Subject: [PATCH] build --- __swarm/gitlab/docker-compose.yml | 22 +++- __swarm/gitlab/gitlab-swarm.yml | 182 ++++++++++++++++-------------- 2 files changed, 115 insertions(+), 89 deletions(-) diff --git a/__swarm/gitlab/docker-compose.yml b/__swarm/gitlab/docker-compose.yml index 9ba87fb..058fc38 100755 --- a/__swarm/gitlab/docker-compose.yml +++ b/__swarm/gitlab/docker-compose.yml @@ -1,5 +1,16 @@ services: + runner: + container_name: gitlab-runner + restart: always + volumes: + - runner:/etc/gitlab-runner + - /var/run/docker.sock:/var/run/docker.sock + image: ${DOCKER_REGISTRY:-}gitlab/gitlab-runner:latest + labels: + - wud.watch.digest=true + - wud.watch=true web: + container_name: gitlab environment: GITLAB_OMNIBUS_CONFIG: "external_url 'https://gitlab.sectorq.eu'\nnginx['listen_port']\ @@ -47,8 +58,13 @@ services: restart: unless-stopped shm_size: 4gb volumes: - - /share/docker_data/gitlab/config:/etc/gitlab - - /share/docker_data/gitlab/logs:/var/log/gitlab - - /share/docker_data/gitlab/data:/var/opt/gitlab + - config:/etc/gitlab + - logs:/var/log/gitlab + - data:/var/opt/gitlab - /etc/localtime:/etc/localtime:ro version: '3.6' +volumes: + runner: + config: + logs: + data: \ No newline at end of file diff --git a/__swarm/gitlab/gitlab-swarm.yml b/__swarm/gitlab/gitlab-swarm.yml index ba7a799..d48710c 100644 --- a/__swarm/gitlab/gitlab-swarm.yml +++ b/__swarm/gitlab/gitlab-swarm.yml @@ -1,88 +1,98 @@ -services: - app: - environment: - GITLAB_OMNIBUS_CONFIG: | - external_url 'https://gitlab.sectorq.eu' - nginx['listen_port'] = 80 - nginx['listen_https'] = false - web_server['username'] = 'git' - gitlab_rails['time_zone'] = 'Europe/Bratislava' - gitlab_rails['omniauth_enabled'] = true - gitlab_rails['omniauth_allow_single_sign_on'] = ['saml'] - gitlab_rails['omniauth_sync_email_from_provider'] = 'saml' - gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml'] - gitlab_rails['omniauth_sync_profile_attributes'] = ['email'] - gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml' - gitlab_rails['omniauth_block_auto_created_users'] = false - gitlab_rails['omniauth_auto_link_saml_user'] = true - gitlab_rails['omniauth_providers'] = [ - { - name: 'saml', - args: { - assertion_consumer_service_url: 'https://gitlab.sectorq.eu/users/auth/saml/callback', - # Shown when navigating to certificates in authentik1 - idp_cert_fingerprint: 'f7:fd:49:03:b3:38:52:b3:23:f5:43:c4:8d:08:65:32:e0:5a:7b:0e', - idp_sso_target_url: 'https://auth.sectorq.eu/application/saml/gitlab/sso/binding/redirect/', - issuer: 'https://gitlab.sectorq.eu', - name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent', - attribute_statements: { - email: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'], - first_name: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'], - nickname: ['http://schemas.goauthentik.io/2021/02/saml/username'] - } - }, - label: 'authentik' - } - ] - TZ: Europe/Bratislava - hostname: gitlab.sectorq.eu - image: ${DOCKER_REGISTRY:-}gitlab/gitlab-ce:latest - network_mode: bridge - ports: - - target: 80 - published: 8785 - protocol: tcp - mode: ingress - - target: 443 - published: 8743 - protocol: tcp - mode: ingress - - target: 22 - published: 8722 - protocol: tcp - mode: ingress - shm_size: 4gb - volumes: - - config:/etc/gitlab - - logs:/var/log/gitlab - - data:/var/opt/gitlab - - /etc/localtime:/etc/localtime:ro - deploy: + services: + runner: + container_name: gitlab-runner + restart: always + volumes: + - runner:/etc/gitlab-runner + - /var/run/docker.sock:/var/run/docker.sock + image: ${DOCKER_REGISTRY:-}gitlab/gitlab-runner:latest labels: - com.centurylinklabs.watchtower.enable: 'true' - homepage.container: gitlab - homepage.description: Version control - homepage.group: Infrastructure - homepage.href: https://gitlab.sectorq.eu - homepage.icon: gitlab.png - homepage.name: Gitlab - homepage.server: my-docker-swarm - homepage.weight: '1' - homepage.widget.key: glpat-BuMKcaDqeD-Wx3dW4TM9 - homepage.widget.type: gitlab - homepage.widget.url: https://gitlab.sectorq.eu - homepage.widget.user_id: '2' - wud.watch: 'true' - wud.watch.digest: 'true' - replicas: 1 - placement: - constraints: - - node.role == manager + - wud.watch.digest=true + - wud.watch=true + app: + environment: + GITLAB_OMNIBUS_CONFIG: | + external_url 'https://gitlab.sectorq.eu' + nginx['listen_port'] = 80 + nginx['listen_https'] = false + web_server['username'] = 'git' + gitlab_rails['time_zone'] = 'Europe/Bratislava' + gitlab_rails['omniauth_enabled'] = true + gitlab_rails['omniauth_allow_single_sign_on'] = ['saml'] + gitlab_rails['omniauth_sync_email_from_provider'] = 'saml' + gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml'] + gitlab_rails['omniauth_sync_profile_attributes'] = ['email'] + gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml' + gitlab_rails['omniauth_block_auto_created_users'] = false + gitlab_rails['omniauth_auto_link_saml_user'] = true + gitlab_rails['omniauth_providers'] = [ + { + name: 'saml', + args: { + assertion_consumer_service_url: 'https://gitlab.sectorq.eu/users/auth/saml/callback', + # Shown when navigating to certificates in authentik1 + idp_cert_fingerprint: 'f7:fd:49:03:b3:38:52:b3:23:f5:43:c4:8d:08:65:32:e0:5a:7b:0e', + idp_sso_target_url: 'https://auth.sectorq.eu/application/saml/gitlab/sso/binding/redirect/', + issuer: 'https://gitlab.sectorq.eu', + name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent', + attribute_statements: { + email: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'], + first_name: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'], + nickname: ['http://schemas.goauthentik.io/2021/02/saml/username'] + } + }, + label: 'authentik' + } + ] + TZ: Europe/Bratislava + hostname: gitlab.sectorq.eu + image: ${DOCKER_REGISTRY:-}gitlab/gitlab-ce:latest + network_mode: bridge + ports: + - target: 80 + published: 8785 + protocol: tcp + mode: ingress + - target: 443 + published: 8743 + protocol: tcp + mode: ingress + - target: 22 + published: 8722 + protocol: tcp + mode: ingress + shm_size: 4gb + volumes: + - config:/etc/gitlab + - logs:/var/log/gitlab + - data:/var/opt/gitlab + - /etc/localtime:/etc/localtime:ro + deploy: + labels: + com.centurylinklabs.watchtower.enable: 'true' + homepage.container: gitlab + homepage.description: Version control + homepage.group: Infrastructure + homepage.href: https://gitlab.sectorq.eu + homepage.icon: gitlab.png + homepage.name: Gitlab + homepage.server: my-docker-swarm + homepage.weight: '1' + homepage.widget.key: glpat-BuMKcaDqeD-Wx3dW4TM9 + homepage.widget.type: gitlab + homepage.widget.url: https://gitlab.sectorq.eu + homepage.widget.user_id: '2' + wud.watch: 'true' + wud.watch.digest: 'true' + replicas: 1 + placement: + constraints: + - node.role == manager -volumes: - config: - driver: local - logs: - driver: local - data: - driver: local \ No newline at end of file + volumes: + config: + driver: local + logs: + driver: local + data: + driver: local