无法使用gitlab omnibus映像和单独的nginx配置可访问的Docker注册表

Question

我正在尝试使用omnibus docker image设置Docker注册表。我正在所有容器（包括omnibus）的前面运行一个单独的nginx代理，因此我按文档（https://docs.gitlab.com/omnibus/settings/nginx.html#supporting-proxied-ssl）中所述调整了配置。 这些是我对容器的配置：

docker run --detach --hostname gitlab.domain.com --name gitlab -p 30022:22 -p 30080:80 --volume /srv/gitlab/config:/etc/gitlab --volume /srv/gitlab/logs:/var/log/gitlab --volume /srv/gitlab/data:/var/opt/gitlab --env GITLAB_OMNIBUS_CONFIG="external_url 'https://gitlab.domain.com';nginx['listen_port']=80;nginx['listen_https']=false;registry_external_url 'https://gitlab-registry.domain.com';registry_nginx['listen_port']=80;registry_nginx['listen_https']=false" gitlab/gitlab-ce:latest

由于单独的nginx是由plesk自动配置的，并且是docker扩展，所以这是nginx配置中有趣的部分：

#extension docker begin
location ~ ^/.* {
  proxy_pass http://0.0.0.0:30080;
  proxy_set_header Host              $host;
  proxy_set_header X-Real-IP         $remote_addr;
  proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto $scheme;
}
#extension docker end

Gitlab本身（UI，SSH，克隆，推送等）运行良好，我什至可以进入注册表。但是，我无法成功完成docker login。这就是我得到的：

Login did not succeed, error: Error response from daemon: Get https://gitlab-registry.domain.com/v2/: unauthorized: HTTP Basic: Access denied

这是注册表域上curl的输出：

*   Trying XX.XXX.XX.XX...
* TCP_NODELAY set
* Connected to gitlab-registry.domain.com (XX.XXX.XX.XX) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=domain.com
*  start date: Jun 27 01:10:09 2019 GMT
*  expire date: Sep 25 01:10:09 2019 GMT
*  subjectAltName: host "gitlab-registry.domain.com" matched cert's "*.domain.com"
*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
*  SSL certificate verify ok.
> GET /v2 HTTP/1.1
> Host: gitlab-registry.domain.com
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Server: nginx
< Date: Thu, 11 Jul 2019 14:01:37 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 39
< Connection: keep-alive
< Docker-Distribution-Api-Version: registry/2.0
< Location: /v2/
< X-Powered-By: PleskLin
<
<a href="/v2/">Moved Permanently</a>.

* Connection #0 to host gitlab-registry.domain.com left intact

我现在已经花了几天时间来更改端口，标头设置，综合配置等。我真的没有主意了。也尝试过this。有谁知道如何解决这一问题？谢谢！