I have installed a GitLab in a docker container, that works very well.
Now, I would like to use the integrated docker-registry of GitLab.
Now, I tried, adding in gitlab.rb:
registry_external_url 'https://gitlab.team-f.de'
registry_nginx['enable'] = true
registry_nginx['redirect_http_to_https'] = false
registry_nginx['listen_https'] = false
registry_nginx['listen_port'] = 5005
Going into the container I can connect to port 5000 and 5005, but those ports do not get exposed!
How can I do this? TIA!
Using a reverse-proxy, I need an extra subdomain for my gitlab-docker-registry.
gitlab.mydomain.com
registry.gitlab.mydomain.com
Then I configured in docker-compose.yml:
registry_external_url 'https://registry.gitlab.mydomain.com'
registry_nginx['enable'] = true
registry_nginx['listen_https'] = false
registry_nginx['listen_port'] = 5005
registry_nginx['redirect_http_to_https'] = false
Now, it works fine. :)
Related
I want to use the Gitlab Docker registry. I am using GitLab CE 15.7
I created my own CA and signed a certificate. GitLab UI and GitLab runners are working fine!
When it comes to the Docker Registry I have some issues. I configured the gitlab.rb like this:
registry_external_url 'https://198.18.133.100:5000'
registry['enable'] = true
registry['username'] = "registry"
registry['group'] = "registry"
registry['registry_http_addr'] = "127.0.0.1:5000"
registry['debug_addr'] = "localhost:5001"
registry['env'] = {
'SSL_CERT_DIR' => "/etc/gitlab/ssl/"
}
registry['rootcertbundle'] = "/etc/gitlab/ssl/198.18.133.100.crt"
Which also confuses me are the options for registry and registry_nginx.
I am not sure if I configured it correctly and the documentation doesn't help me a lot. I didn't spin up any docker container for the registry or anything. I believe that this comes in the binary of the GitLab (if I am not mistaken). I port 5000 is available and I can telnet.
However, while pushing the image to the registry I get the following error:
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get "https://198.18.133.100:5000/v2/": x509: certificate signed by unknown authority
Cleaning up project directory and file based variables
00:00
ERROR: Job failed: exit status 1
Any ideas? Thanks a lot!
I tried already quite a lot of different configs and reconfigured the gitlab server.
It has been fixed with copying the ca at the following path:
mkdir -p /etc/docker/certs.d/<your_registry_host_name>:<your_registry_host_port>
As well as the right config in the gitlab.rb
registry_nginx['enable'] = true
registry_nginx['listen_https'] = true
registry_nginx['redirect_http_to_https'] = true
registry_external_url 'https://registry.YOUR_DOMAIN.gtld'
Thanks all for your help!
I am wanted to try out caching on my Gitlab project following documentation here - https://docs.gitlab.com/ee/ci/caching/#how-archiving-and-extracting-works. I have a project specific runner and am using docker executor, but I get error
cat: vendor/hello.txt: No such file or directory
How would I go about troubleshooting this problem? I set disable_cache = false in my runner config, but that did not help.
EDIT: using private gitlab instance 12.3.
I acheived this using distributed caching which I found easy. First of all you need a S3 bucket or s3 compatible storage like minio. You can set MinIo locally where gitlab runner exsists with following commands.
docker run -it --restart always -p 9005:9000 \
-v /.minio:/root/.minio -v /export:/export \
--name minio \
minio/minio:latest server /export
Check the IP address of the server:
hostname --ip-address
Your cache server will be available at MY_CACHE_IP:9005
Create a bucket that will be used by the Runner:
sudo mkdir /export/runner
runner is the name of the bucket in that case. If you choose a different bucket, then it will be different. All caches will be stored in the /export directory.
Read the Access and Secret Key of MinIO and use it to configure the Runner:
sudo cat /export/.minio.sys/config/config.json | grep Key
Next step is to configure your runner to use the cache. For that following is the sample config.toml
[[runners]]
limit = 10
executor = "docker+machine"
[runners.cache]
Type = "s3"
Path = "path/to/prefix"
Shared = false
[runners.cache.s3]
ServerAddress = "s3.example.com"
AccessKey = "access-key"
SecretKey = "secret-key"
BucketName = "runner"
Insecure = false
I hope this answer will help you
Reference:
https://docs.gitlab.com/runner/install/registry_and_cache_servers.html
https://docs.gitlab.com/runner/configuration/autoscale.html#distributed-runners-caching
I managed to solve the issue thanks to this post https://gitlab.com/gitlab-org/gitlab-runner/-/issues/336#note_263931046.
Basically added
variables:
GIT_CLEAN_FLAGS: none
and it worked.
#Bilal's answer is definitely correct, but I was looking for slightly different solution.
I have created an Azure cache for Redis and I am trying to use it as external redis for Gitlab.
My gitlab.rb is this:
#external_url "https://ci.example.com"
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/ci.example.com.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/ci.example.com.key"
### The duration in seconds to keep backups before they are allowed to be deleted
gitlab_rails['backup_keep_time'] = 604800
### External postgres settings
postgresql['enable'] = false
gitlab_rails['db_adapter'] = "postgresql"
gitlab_rails['db_encoding'] = "unicode"
gitlab_rails['db_database'] = "cisomething"
# username string for AWS
# gitlab_rails['db_username'] = "gitlab"
# username string for Azure
gitlab_rails['db_username'] = "gitlab#ci-something.postgres.database.azure.com"
gitlab_rails['db_password'] = "really long password"
gitlab_rails['db_host'] = "ci-something.postgres.database.azure.com"
gitlab_rails['db_port'] = 5432
gitlab_rails['auto_migrate'] = false
### External redis settings
redis['enable'] = false
gitlab_rails['redis_host'] = "ci.redis.cache.windows.net"
gitlab_rails['redis_port'] = 6379
gitlab_rails['redis_password'] = "azure-redis-primary-access-key"
### Whitelist VPC cidr for access to health checks
gitlab_rails['monitoring_whitelist'] = ['XX.XXX.X.X/24']
### Default Theme
gitlab_rails['gitlab_default_theme'] = 2
### Enable or disable automatic database migrations
gitlab_rails['auto_migrate'] = false
### GitLab email server settings
... other settings here
I can connect to Redis with redis-cli
redis-cli -h ci.redis.cache.windows.net -p 6379 -a azure-redis-primary-access-key
and execute commands.
When I execute gitlab-ctl tail I see this error:
==> /var/log/gitlab/gitlab-workhorse/current <==
{"error":"keywatcher: pubsub receive: NOAUTH Authentication required.","level":"error","msg":"unknown error","time":"2020-02-21T10:26:08Z"}
{"address":"ci.redis.cache.windows.net","level":"info","msg":"redis: dialing","scheme":"redis","time":"2020-02-21T10:26:08Z"}
{"error":"keywatcher: pubsub receive: NOAUTH Authentication required.","level":"error","msg":"unknown error","time":"2020-02-21T10:26:08Z"}
{"address":"ci.redis.cache.windows.net","level":"info","msg":"redis: dialing","scheme":"redis","time":"2020-02-21T10:26:08Z"}
{"error":"keywatcher: pubsub receive: NOAUTH Authentication required.","level":"error","msg":"unknown error","time":"2020-02-21T10:26:08Z"}
{"address":"ci.redis.cache.windows.net","level":"info","msg":"redis: dialing","scheme":"redis","time":"2020-02-21T10:26:08Z"}
{"error":"keywatcher: pubsub receive: NOAUTH Authentication required.","level":"error","msg":"unknown error","time":"2020-02-21T10:26:08Z"}
{"address":"ci.redis.cache.windows.net","level":"info","msg":"redis: dialing","scheme":"redis","time":"2020-02-21T10:26:08Z"}
I searched the internet but I cannot find something to resolve this.
System information
System: Ubuntu 16.04
Current User: git
Using RVM: no
Ruby Version: 2.6.5p114
Gem Version: 2.7.10
Bundler Version:1.17.3
Rake Version: 12.3.3
Redis Version: 5.0.7
Git Version: 2.24.1
Sidekiq Version:5.2.7
GitLab information
Version: 12.7.6
Revision: 61654d25b20
Directory: /opt/gitlab/embedded/service/gitlab-rails
DB Adapter: PostgreSQL
DB Version: 9.5.20,
So, I figured it out.
For future reference here it goes.
gitlab.rb
### External redis settings
redis['enable'] = false
gitlab_rails['redis_host'] = "ci.redis.cache.windows.net"
gitlab_rails['redis_port'] = 6380
gitlab_rails['redis_password'] = "azure-primary-access-key"
gitlab_rails['redis_ssl'] = true
Azure Cache for Redis configuration [Azure portal]
Final note:
When deploying the Gitlab VM, check the logs with gitlab-ctl tail. If you see the redis default port to be 6379 means that Sidekiq has old configuration, which as I observed is not updated with gitlab-ctl reconfigure. Delete the VM and redeploy it.
I have installed stack on WSL Ubuntu using WSL2 on Windows 10. The installation completed successfully, but when I test stack with
stack path --local-bin
I get the following error message:
Writing implicit global project config file to:
/home/jdgallag/.stack /global-project/stack.yaml
Note: You can change snapshot via the resolver field there.
HttpExceptionRequest Request {
host = "s3.amazonaws.com"
port = 443
secure = True
requestHeaders = [("Accept","application/json"),("User-Agent","The Haskell Stack")]
path = "/haddock.stackage.org/snapshots.json"
queryString = ""
method = "GET"
proxy = Nothing
rawBody = False
redirectCount = 10
responseTimeout = ResponseTimeoutDefault
requestVersion = HTTP/1.1
}
ConnectionTimeout
I have seen some other posts about issues like this one, but none that are resolved, and they are older. Also, I am not on a proxy, this is my personal computer, and I turned the firewall completely off. That said, when I attempt this over a vpn connection I get a different error. Could it be an ssl/https issue since WSL2 is technically a different IP address from Windows, and so the connection is being blocked on the amazon side?
For the record when attempting the command on a VPN, the error I get is
Writing implicit global project config file to:
/home/jdgallag/.stack/global-project/stack.yaml
Note: You can change the snapshot via the resolver field there.
HttpExceptionRequest Request {
host = "s3.amazonaws.com"
port = 443
secure = True
requestHeaders = [("Accept","application/json"),("User-Agent","The Haskell Stack")]
path = "/haddock.stackage.org/snapshots.json"
queryString = ""
method = "GET"
proxy = Nothing
rawBody = False
redirectCount = 10
responseTimeout = ResponseTimeoutDefault
requestVersion = HTTP/1.1
}
(InternalException (HandshakeFailed Error_EOF))
Update
Reverting to WSL-1 "solves" the problem, so the issue is something specific to WSL-2. I replicated the problem with a fresh install of Windows on a separate machine, but haven't found a way around the issue yet.
I have wls2 ubuntu 20.02 installed on my pc
fixed this problem with changing the contents of /etc/resolv.conf
cd /etc
sudo *your favorite editor* resolv.conf
added Google DNS servers as
nameserver 8.8.8.8
nameserver 8.8.4.4
this fixed stack not working for me.
I am unable to send emails in GitLab, I am using the service Mailgun, below my settings:
sudo vim /etc/gitlab/gitlab.rb
Settings:
gitlab_rails['gitlab_email_from'] = "username#domain.com"
gitlab_rails['gitlab_email_reply_to'] = "username#domain.com"
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.mailgun.org"
gitlab_rails['smtp_port'] = 587
gitlab_rails['smtp_authentication'] = "plain"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_user_name'] = "username#domain.com"
gitlab_rails['smtp_password'] = "secret"
gitlab_rails['smtp_domain'] = "domain.com"
Reconfigure and restart:
sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart
Does anyone have any idea how to solve this? Thanks.
All new accounts of DigitalOcean has a lock for sending emails. To remove the blockade is necessary open a ticket and request the unlock.
To curb a recent increase in abuse and SPAM, we have an initial SMTP block on new accounts created in certain contexts.
By DigitalOcean.