Hi! I have ISPConfig 3.1 git stable and works just fine. My setup includes apache and ubuntu server 16.04. I wonder if there's a way to map a running docker image to a server subdomain or subfolder using some apache config. I'm using gitlab through docker and works just fine, but I want to grant internet access to the container. I was thinking to access my docker container through git.domain.com or www.domain.com/git Tanks in advise!
Hi! I'm answering to myself. After a lot of investigation, here are the steps that I followed to get my gitlab docker container accessed from the internet using ISP Config and hosted in the same server that ISP Config Considerations: First of all, you need to access the ISP Config host as root Then you need to install docker.io After that, install Docker Compose and assign the right permissions Then create the directories needed for the gitlab app Restart the host (I struggled a lot with networking not being reachable because of not rebooting the host) Inside ISP Config, you must create a new domain ie: git.domain.com and make shure it's accessible from the internet, otherways Let's Encrypt will fail granting new domain certificates Inside ISP Config, enable SSL security and enable Let's Encrypt Warning!, If no Let's Encrypt get's created, then docker container will fail with the following config Copy certs from /etc/letsencrypt/archive/git.domain.com/, Waning!! when LE renews the certificate, a number is added to the cert files, I don't know how to automatize this, because you can't use symlinks because docker gets confused and can't find the right files pointed out by the link Warning! this names may change, you must review them previously. If thoose files has a number defore .pem, you must copy the ones that have the greatest number Forget previous warnings, take a look at this shell script that will copy the most recent certs to gitlab ssl folder https://www.howtoforge.com/communit...ts-to-running-docker-image.73845/#post-363638 Create the docker-compose.yml file in the right folder Paste this content to the file. You may modify hostname and external_url replacing them with your actual domain, the line real_ip_trusted_addresses replacing it for the host IP and if necessary,the left part of the ports lines (required to avoid port conflicts with other services or docker containers) Code: version: '2' services: web: image: 'gitlab/gitlab-ce:latest' restart: always hostname: 'git.domain.com' container_name: gitlab environment: GITLAB_OMNIBUS_CONFIG: | external_url 'https://git.domain.com' nginx['redirect_http_to_https'] = true nginx['proxy_set_headers'] = { "Host" => "$$http_host", "X-Real-IP" => "$$remote_addr", "X-Forwarded-For" => "$$proxy_add_x_forwarded_for", "X-Forwarded-Proto" => "https", "X-Forwarded-Ssl" => "on" } nginx['real_ip_trusted_addresses'] = ['DOCKER.HOST.IP'] nginx['real_ip_header'] = 'X-Real-IP' nginx['real_ip_recursive'] = 'on' ports: - '180:80' - '1443:443' - '122:22' volumes: - '/opt/gitlab/config:/etc/gitlab' - '/opt/gitlab/logs:/var/log/gitlab' - '/opt/gitlab/data:/var/opt/gitlab' - '/opt/gitlab/ssl:/etc/gitlab/ssl' Start the docker container Wait 1 or 2 minutes, if everything went fine, this command may work from another LAN PC The desired response may be If it fails, we can access docker container shell to get some diagnostics Inside the container shell we can check which gitlab services are running in order to diagnose possible issues In case of problems, we can check out all gitlab services generated logs in this host folder (not inside the container) Finally, we must tell apache that git.domain.com is a proxy to another host. Edit the domain inside ISP Config and add this directives in the Options.->Apache Directives text area Code: <Proxy *> Allow from localhost </Proxy> SSLProxyEngine On RequestHeader set Front-End-Https "On" ProxyPreserveHost On ProxyPass / https://DOCKER.HOST.NAME.OR.IP:1443/ ProxyPassReverse / https://DOCKER.HOST.NAME.OR.IP:1443/ Thats all, if everything is working right, you may access your gitlab container through https://git.domain.com
Hi! I just wanted to share this shell script that copies most recent LetsEncrypt cert files to gitlab folder. Put this into a cron to run once a day and you are done! Remember to edit the paths to fit your needs Code: #!/bin/bash FILE1=$(find /etc/letsencrypt/archive/git.domain.com/ -name cert\*.pem | sort -n | tail -1) FILE2=$(find /etc/letsencrypt/archive/git.domain.com/ -name privkey\*.pem | sort -n | tail -1) cp $FILE1 /opt/gitlab/ssl/git.domain.com.crt; cp $FILE2 /opt/gitlab/ssl/git.domain.com.key;