LBP
/
ChristianLempa_Boilerplates
зеркало из https://github.com/ChristianLempa/boilerplates.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224
							services:
  {{ service_name }}:
    image: docker.io/gitlab/gitlab-ce:18.5.1-ce.0
    {% if not swarm_enabled %}
    restart: {{ restart_policy }}
    container_name: {{ container_name }}
    {% endif %}
    hostname: {{ container_hostname }}
    shm_size: '256m'
    {% if network_mode == 'host' %}
    network_mode: host
    {% else %}
    networks:
      {% if traefik_enabled %}
      {{ traefik_network }}:
      {% endif %}
      {% if network_mode == 'macvlan' %}
      {{ network_name }}:
        ipv4_address: {{ network_macvlan_ipv4_address }}
      {% elif network_mode == 'bridge' %}
      {{ network_name }}:
      {% endif %}
    {% endif %}
    env_file:
      - ./.env
    {% if swarm_enabled %}
    configs:
      - source: gitlab_config
        target: /etc/gitlab/gitlab.rb
    {% endif %}
    {% if network_mode == 'bridge' %}
    ports:
      {% if not traefik_enabled %}
      {% if swarm_enabled %}
      - target: 80
        published: {{ ports_http }}
        protocol: tcp
        mode: host
      {% else %}
      - "{{ ports_http }}:80"
      {% endif %}
      {% endif %}
      - "{{ ports_ssh }}:22"
      {% if registry_enabled %}
      - "{{ ports_registry }}:5000"
      {% endif %}
    {% endif %}
    volumes:
      {% if not swarm_enabled %}
      - ./config/gitlab.rb:/etc/gitlab/gitlab.rb:ro
      {% endif %}
      {% if volume_mode == 'mount' %}
      - {{ volume_mount_path }}/config:/etc/gitlab
      - {{ volume_mount_path }}/logs:/var/log/gitlab
      - {{ volume_mount_path }}/data:/var/opt/gitlab
      {% else %}
      - gitlab-config:/etc/gitlab
      - gitlab-logs:/var/log/gitlab
      - gitlab-data:/var/opt/gitlab
      {% endif %}
    {% if traefik_enabled and not swarm_enabled %}
    labels:
      - traefik.enable=true
      - traefik.docker.network={{ traefik_network }}
      - traefik.http.services.{{ service_name }}-web.loadBalancer.server.port=80
      - traefik.http.routers.{{ service_name }}-http.service={{ service_name }}-web
      - traefik.http.routers.{{ service_name }}-http.rule=Host(`{{ traefik_host }}.{{ traefik_domain }}`)
      - traefik.http.routers.{{ service_name }}-http.entrypoints={{ traefik_entrypoint }}
      {% if traefik_tls_enabled %}
      - traefik.http.routers.{{ service_name }}-https.service={{ service_name }}-web
      - traefik.http.routers.{{ service_name }}-https.rule=Host(`{{ traefik_host }}.{{ traefik_domain }}`)
      - traefik.http.routers.{{ service_name }}-https.entrypoints={{ traefik_tls_entrypoint }}
      - traefik.http.routers.{{ service_name }}-https.tls=true
      - traefik.http.routers.{{ service_name }}-https.tls.certresolver={{ traefik_tls_certresolver }}
      {% endif %}
      {% if registry_enabled %}
      - traefik.http.services.{{ service_name }}-registry.loadBalancer.server.port=5000
      - traefik.http.routers.{{ service_name }}-registry-http.service={{ service_name }}-registry
      - traefik.http.routers.{{ service_name }}-registry-http.rule=Host(`{{ traefik_registry_host }}`)
      - traefik.http.routers.{{ service_name }}-registry-http.entrypoints={{ traefik_entrypoint }}
      {% if traefik_tls_enabled %}
      - traefik.http.routers.{{ service_name }}-registry-https.service={{ service_name }}-registry
      - traefik.http.routers.{{ service_name }}-registry-https.rule=Host(`{{ traefik_registry_host }}`)
      - traefik.http.routers.{{ service_name }}-registry-https.entrypoints={{ traefik_tls_entrypoint }}
      - traefik.http.routers.{{ service_name }}-registry-https.tls=true
      - traefik.http.routers.{{ service_name }}-registry-https.tls.certresolver={{ traefik_tls_certresolver }}
      {% endif %}
      {% endif %}
    {% endif %}
    {% if swarm_enabled %}
    secrets:
      - source: {{ gitlab_root_password_secret_name }}
        target: /run/secrets/gitlab_root_password
        mode: 0400
      {% if registry_enabled %}
      - source: {{ gitlab_registry_secret_name }}
        target: /run/secrets/gitlab_registry_secret
        mode: 0400
      {% endif %}
    deploy:
      mode: {{ swarm_placement_mode }}
      {% if swarm_placement_mode == 'replicated' %}
      replicas: {{ swarm_replicas }}
      {% endif %}
      {% if swarm_placement_host %}
      placement:
        constraints:
          - node.hostname == {{ swarm_placement_host }}
      {% endif %}
      restart_policy:
        condition: on-failure
      {% if resources_enabled %}
      resources:
        limits:
          cpus: '{{ resources_cpu_limit }}'
          memory: {{ resources_memory_limit }}
        {% if swarm_enabled %}
        reservations:
          cpus: '{{ resources_cpu_reservation }}'
          memory: {{ resources_memory_reservation }}
        {% endif %}
      {% endif %}
      {% if swarm_enabled and traefik_enabled %}
      labels:
        - traefik.enable=true
        - traefik.docker.network={{ traefik_network }}
        - traefik.http.services.{{ service_name }}-web.loadBalancer.server.port=80
        - traefik.http.routers.{{ service_name }}-http.service={{ service_name }}-web
        - traefik.http.routers.{{ service_name }}-http.rule=Host(`{{ traefik_host }}.{{ traefik_domain }}`)
        - traefik.http.routers.{{ service_name }}-http.entrypoints={{ traefik_entrypoint }}
        {% if traefik_tls_enabled %}
        - traefik.http.routers.{{ service_name }}-https.service={{ service_name }}-web
        - traefik.http.routers.{{ service_name }}-https.rule=Host(`{{ traefik_host }}.{{ traefik_domain }}`)
        - traefik.http.routers.{{ service_name }}-https.entrypoints={{ traefik_tls_entrypoint }}
        - traefik.http.routers.{{ service_name }}-https.tls=true
        - traefik.http.routers.{{ service_name }}-https.tls.certresolver={{ traefik_tls_certresolver }}
        {% endif %}
        {% if registry_enabled %}
        - traefik.http.services.{{ service_name }}-registry.loadBalancer.server.port=5000
        - traefik.http.routers.{{ service_name }}-registry-http.service={{ service_name }}-registry
        - traefik.http.routers.{{ service_name }}-registry-http.rule=Host(`{{ traefik_registry_host }}`)
        - traefik.http.routers.{{ service_name }}-registry-http.entrypoints={{ traefik_entrypoint }}
        {% if traefik_tls_enabled %}
        - traefik.http.routers.{{ service_name }}-registry-https.service={{ service_name }}-registry
        - traefik.http.routers.{{ service_name }}-registry-https.rule=Host(`{{ traefik_registry_host }}`)
        - traefik.http.routers.{{ service_name }}-registry-https.entrypoints={{ traefik_tls_entrypoint }}
        - traefik.http.routers.{{ service_name }}-registry-https.tls=true
        - traefik.http.routers.{{ service_name }}-registry-https.tls.certresolver={{ traefik_tls_certresolver }}
        {% endif %}
        {% endif %}
      {% endif %}
    {% endif %}

{% if volume_mode == 'local' %}
volumes:
  gitlab-config:
    driver: local
  gitlab-logs:
    driver: local
  gitlab-data:
    driver: local
{% elif volume_mode == 'nfs' %}
volumes:
  gitlab-config:
    driver: local
    driver_opts:
      type: nfs
      o: addr={{ volume_nfs_server }},{{ volume_nfs_options }}
      device: ":{{ volume_nfs_path }}/config"
  gitlab-logs:
    driver: local
    driver_opts:
      type: nfs
      o: addr={{ volume_nfs_server }},{{ volume_nfs_options }}
      device: ":{{ volume_nfs_path }}/logs"
  gitlab-data:
    driver: local
    driver_opts:
      type: nfs
      o: addr={{ volume_nfs_server }},{{ volume_nfs_options }}
      device: ":{{ volume_nfs_path }}/data"
{% endif %}

{% if swarm_enabled %}
configs:
  gitlab_config:
    file: ./config/gitlab.rb

secrets:
  {{ gitlab_root_password_secret_name }}:
    file: ./.env.secret
  {% if registry_enabled %}
  {{ gitlab_registry_secret_name }}:
    file: ./.env.registry.secret
  {% endif %}
{% endif %}

{% if network_mode != 'host' %}
networks:
  {{ network_name }}:
    {% if network_external %}
    external: true
    {% else %}
    {% if network_mode == 'macvlan' %}
    driver: macvlan
    driver_opts:
      parent: {{ network_macvlan_parent_interface }}
    ipam:
      config:
        - subnet: {{ network_macvlan_subnet }}
          gateway: {{ network_macvlan_gateway }}
    name: {{ network_name }}
    {% elif swarm_enabled %}
    driver: overlay
    attachable: true
    {% else %}
    driver: bridge
    {% endif %}
    {% endif %}
  {% if traefik_enabled %}
  {{ traefik_network }}:
    external: true
  {% endif %}
{% endif %}