Get the Image

I won’t elaborate on how to install Docker and its common commands here.

docker pull gitlab/gitlab-ce:latest

Run the Container

Before starting, you need to check if ports 80, 443, and 22 are occupied. If the first two are occupied, you can consider setting up a reverse proxy on the existing server. If port 22 is occupied, it’s recommended to modify the system’s SSHD service listening port. This makes it more convenient when you manage Git repositories via SSH, as the probability of SSH-ing into the server is lower than committing code.

docker run --detach \
  --hostname gitlab.example.com \
  --env GITLAB_OMNIBUS_CONFIG="external_url 'https://gitlab.example.com/'; gitlab_rails['lfs_enabled'] = true;" \
  --publish 443:443 --publish 80:80 --publish 22:22 \
  --name gitlab \
  --restart always \
  --volume /srv/gitlab/config:/etc/gitlab \
  --volume /srv/gitlab/logs:/var/log/gitlab \
  --volume /srv/gitlab/data:/var/opt/gitlab \
  gitlab/gitlab-ce:latest

Replace gitlab.example.com above with your own domain name. If you need HTTPS, write the URL in the external_url option as https://gitlab.example.com/, otherwise use http://gitlab.example.com/.

After running the command above, if your domain resolution is working properly, you can open your browser and access it normally.

Using HTTPS

Built-in Let’s Encrypt

Gitlab version 10.7 has built-in Let's Encrypt. You only need to configure the following parameters in /etc/gitlab/config/gitlab.rb to automatically enable HTTPS.

letsencrypt['enable'] = true
external_url "https://gitlab.example.com" #If you've already specified this when running the container, no need to configure it again
letsencrypt['contact_emails'] = ['[email protected]']  # Fill in your email, this is optional
# Auto-renewal configuration
letsencrypt['auto_renew'] = true
letsencrypt['auto_renew_hour'] = "12"
letsencrypt['auto_renew_minute'] = "30"
letsencrypt['auto_renew_day_of_month'] = "*/7"

Apply the Configuration

docker exec -it gitlab /bin/bash # replace gitlab with the --name you configured when running the container

gitlab-ctl renew-le-certs # generate the certificate first

gitlab-ctl reconfigure # apply the configuration

If you execute the gitlab-ctl reconfigure command first, you might get the following error:

There was an error running gitlab-ctl reconfigure:
letsencrypt_certificate[gitlab.betterde.com] (letsencrypt::http_authorization line 3) had an error: RuntimeError: acme_certificate[staging] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/letsencrypt/resources/certificate.rb line 20) had an error: RuntimeError: [gitlab.betterde.com] Validation failed for domain gitlab.betterde.com

If everything goes well, you should now be able to access the Gitlab homepage by visiting https://gitlab.example.com.

I hope this is helpful, Happy hacking…