adding all my compose files

2026-03-29 02:37:51 +00:00
parent 76852b403b
commit 07b2f20ca9
30 changed files with 1012 additions and 0 deletions
--- a/docker_compose/gitlab/docker-compose.yaml
+++ b/docker_compose/gitlab/docker-compose.yaml
@@ -0,0 +1,64 @@
+# gitlab/gitlab-ce:18.1.2-ce.0 - https://hub.docker.com/r/gitlab/gitlab-ce/tags
+
+services:
+  gitlab:
+    image: gitlab/gitlab-ce:latest
+    container_name: gitlab
+    hostname: "git.wompmacho.com" # This hostname is mostly for internal consistency
+    environment:
+      GITLAB_OMNIBUS_CONFIG: |
+        external_url 'https://git.wompmacho.com'
+        gitlab_rails['gitlab_shell_ssh_port'] = 4446
+        letsencrypt['enable'] = false # Assuming your external Nginx handles Let's Encrypt
+
+        puma['worker_processes'] = 2 # Reduce Puma worker processes
+        prometheus_monitoring['enable'] = false # Disable Prometheus monitoring
+        sidekiq['max_concurrency'] = 10 # Reduce Sidekiq concurrency
+
+        # --- Settings for Nginx Reverse Proxy with SSL termination ---
+        nginx['listen_port'] = 80 # GitLab's internal Nginx listens on HTTP port 80 (inside the container)
+        nginx['listen_https'] = false # GitLab's internal Nginx should NOT listen for HTTPS
+
+        # Tell GitLab that it's behind an HTTPS proxy
+        nginx['proxy_set_headers'] = {
+          "X-Forwarded-Proto" => "https",
+          "X-Forwarded-Ssl" => "on"
+        }
+        # Add your Nginx proxy's internal IP address to trusted proxies
+        # Replace 172.x.x.x/xx with the actual network range of your Docker bridge or external Nginx IP
+        gitlab_rails['trusted_proxies'] = ['172.17.0.0/16'] # Example: Docker default bridge network range
+    ports:
+      # Map container port 80 (HTTP) to your desired host port, e.g., 4444.
+      # Your external Nginx will then proxy to this host port (or directly to the container's IP:80 if on the same Docker network).
+      - "4444:80"
+      - "4446:22" # SSH port (usually handled directly, not proxied by Nginx for Git over SSH)
+      # Port 443 mapping is usually removed from GitLab's side if Nginx handles it,
+      # or used for internal communication if your Nginx connects to GitLab over HTTPS internally.
+      # For simplicity, if Nginx terminates SSL, GitLab listens HTTP.
+      # So, no need for 4445:443 mapping here.
+    volumes:
+      - "${GITLAB_HOME}/config:/etc/gitlab"
+      - "${GITLAB_HOME}/logs:/var/log/gitlab"
+      - "${GITLAB_HOME}/data:/var/opt/gitlab"
+    deploy:
+      resources:
+        limits:
+          memory: 8g
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "512m"
+        max-file: "3"
+    shm_size: "4g"
+    env_file:
+      - path: ./.env
+        required: true
+    restart: unless-stopped
+
+  gitlab-runner:
+    image: gitlab/gitlab-runner:latest
+    container_name: gitlab-runner
+    restart: unless-stopped
+    volumes:
+      - "${GITLAB_HOME}/gitlab-runner/config:/etc/gitlab-runner"
+      - /var/run/docker.sock:/var/run/docker.sock