{"id":15673199,"url":"https://github.com/revolunet/gitlab-docker-rancher-letsencrypt-setup","last_synced_at":"2025-09-25T09:31:21.117Z","repository":{"id":136228850,"uuid":"112475929","full_name":"revolunet/gitlab-docker-rancher-letsencrypt-setup","owner":"revolunet","description":"Automated private dev environment with docker, gitlab CI/CD...","archived":false,"fork":false,"pushed_at":"2017-11-29T13:04:38.000Z","size":93,"stargazers_count":16,"open_issues_count":0,"forks_count":6,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-05-06T19:06:38.423Z","etag":null,"topics":["docker","gitlab","letsencrypt","nginx","rancher"],"latest_commit_sha":null,"homepage":"https://github.com/revolunet/gitlab-docker-rancher-letsencrypt-setup","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/revolunet.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-11-29T13:01:02.000Z","updated_at":"2024-03-24T21:44:31.000Z","dependencies_parsed_at":null,"dependency_job_id":"5fc74e8d-c370-4d2f-93c1-b6512edf3690","html_url":"https://github.com/revolunet/gitlab-docker-rancher-letsencrypt-setup","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/revolunet%2Fgitlab-docker-rancher-letsencrypt-setup","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/revolunet%2Fgitlab-docker-rancher-letsencrypt-setup/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/revolunet%2Fgitlab-docker-rancher-letsencrypt-setup/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/revolunet%2Fgitlab-docker-rancher-letsencrypt-setup/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/revolunet","download_url":"https://codeload.github.com/revolunet/gitlab-docker-rancher-letsencrypt-setup/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252777971,"owners_count":21802682,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","gitlab","letsencrypt","nginx","rancher"],"created_at":"2024-10-03T15:38:24.380Z","updated_at":"2025-09-25T09:31:16.066Z","avatar_url":"https://github.com/revolunet.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GitLab + docker + LetsEncrypt CI/CD\n\nThis guide will help you setup a full **automated private dev environment with continuous integration and deployment** infrastructure, using open-source tools.\n\nThe host machine just needs docker, in which all containers will be instantiated.\n\nYou'll need a wildcard domain alias pointing to your host machine, so your apps can be deployed on `*.your.domain.com`.\n\n:warning: if you want to deploy your apps with https, the main host must be accessible from the internet via `http` to allow the initial LetsEncrypt ACME challenge verification.\n\n:warning: we assume this is a private infra so the setup security is not addressed. Please do submit issues if you have suggestions.\n\n## Features\n\n - GitLab : store your code, run pipelines\n - Docker : runs all containers\n - Rancher : docker infrastructure supervision\n - LetsEncrypt : automagically get SSL certs for your deployments when needed\n - nginx : ReverseProxy for your published containers\n\n## Sample project\n\nWe'll use the sample NodeJS application in the [app](./app) folder.\n\nThe app has a [.gitlab-ci.yml](./app/.gitlab-ci.yml) that use GitLab CI :\n\n - run JEST tests on the code\n - run prettier-check\n - run code coverage\n - build a docker image\n - publish docker image to registry\n - deploy the docker image in our infra for review\n - optionnaly generate LetsEncrypt SSL certs\n\n![./pipeline.png](./pipeline.png)\n\n## Initial Setup\n\nI broke the infra in several containers groups\n\n### nginx RP\n\nUse [docker-compose-nginx.yml](./docker-compose-nginx.yml) to create containers for the nginx proxy. We use [letsencrypt-nginx-proxy-companion](https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion) that automate the nginx vhosts configuration and create SSL certs as needed.\n\nOnce the containers are ready, you can add containers to your infra just like this :\n\n```sh\ndocker run -d \\\n  --name example-app \\\n  -e \"VIRTUAL_HOST=whoami.test.revolunet.com\" \\\n  -e \"VIRTUAL_PORT=8000\" \\\n  -e \"LETSENCRYPT_HOST=whoami.test.revolunet.com\" \\\n  -e \"LETSENCRYPT_EMAIL=contact@revolunet.com\" \\\n  --network=\"nginx-proxy\" \\\n  jwilder/whoami\n```\n\nThis will make `https://whoami.test.revolunet.com` available, with SSL certs from LetsEncrypt. Just remove the `LETSENCRYPT_*` variables if you dont need SSL.\n\nYou need to have [nginx.tmpl](https://github.com/jwilder/nginx-proxy/blob/master/nginx.tmpl) file in the host `/root/docker/nginx.tmpl`.\n\n### gitlab\n\nUse [docker-compose-gitlab.yml](./docker-compose-gitlab.yml) to create containers for GitLab, gitlab-runner and a docker registry.\n\nYou then need to register the gitlab runner :\n - open GitLab admin page to get the runner endpoint and token\n - [register](https://docs.gitlab.com/runner/register/) the runner to GitLab from the host : `docker exec -it gitlab-runner gitlab-runner register`\n\n:warning: as our main host may have port 22 used for its own SSH, we need to use another port for the GitLab ssh, where devs will push their code. Here we use port 24, so devs needs to add this to their `~/ssh/config` :\n\n```sh\nhost gitlab.your.domain.nom\n  hostname gitlab.your.domain.nom\n  user git\n  port 24\n```\n\nnow, a single `git push` will hit GitLab and trigger CI/CD when `.gitlab-ci.yml` is present.\n\n### rancher\n\nUse [docker-compose-rancher.yml](./docker-compose-rancher.yml) to create the rancher container.\n\nYou can then use the Rancher UI to monitor your infrastructure, deploy new containers...\n\n### Todo :\n\n - add prometheus performance regression monitoring","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frevolunet%2Fgitlab-docker-rancher-letsencrypt-setup","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frevolunet%2Fgitlab-docker-rancher-letsencrypt-setup","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frevolunet%2Fgitlab-docker-rancher-letsencrypt-setup/lists"}