GitLab注册表与现有的Nginx反向代理(https)

时间:2018-03-09 18:59:01

标签: docker nginx gitlab

我在启用gitlab docker注册表时出现问题。我尝试像gitlab文档中的示例那样做,但实际上我坚持启用docker注册表。

Nginx的:

upstream registry {
  server gitlab_gitlab:5000;
}

## Redirects all HTTP traffic to the HTTPS host
server {
  listen 80;
  server_name  registry.project-oc.de;
  return 301 https://$http_host:$request_uri;
  access_log  /var/log/nginx/gitlab_registry_access.log;
  error_log   /var/log/nginx/gitlab_registry_error.log;
}

server {
  # If a different port is specified in https://gitlab.com/gitlab-org/gitlab-ce/blob/8-8-stable/config/gitlab.yml.example#L182,
  # it should be declared here as well
  listen 443 ssl http2;
  server_name  registry.project-oc.de;

  client_max_body_size 0;
  chunked_transfer_encoding on;

  ssl on;
  # ssl_certificate /path/to/cert;
  # ssl_certificate_key /path/to/certkey;

  ssl_session_cache  builtin:1000  shared:SSL:10m;
  ssl_session_timeout  5m;

  access_log  /var/log/nginx/gitlab_registry_access.log;
  error_log   /var/log/nginx/gitlab_registry_error.log;

  location / {
    proxy_set_header  Host              $http_host;   # required for docker client's sake
    proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
    proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header  X-Forwarded-Proto $scheme;
    proxy_read_timeout                  900;

    proxy_pass          http://registry;
  }

    ssl_certificate /etc/letsencrypt/live/registry.project-oc.de/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/registry.project-oc.de/privkey.pem; # managed by Certbot
}

gitlab.rb:

registry_external_url 'https://registry.project-oc.de'
gitlab_rails['registry_enabled'] = true
gitlab_rails['registry_port'] = "5005"
registry['enable'] = true

我实际用

测试了它
docker login docker login registry.project-oc.de:5005

我得到一个"连接被拒绝"。我已经检查了我的防火墙。

0 个答案:

没有答案