Answer the question
In order to leave comments, you need to log in
D
D
Dmitry Lebedev2020-02-27 18:15:44
Dmitry Lebedev, 2020-02-27 18:15:44
Gitlab docker-compose Certificate issue (I think so)?
On my machine (macOS Mojave) (for learning purposes) I locally raise gitlab via docker-compose. Below is the docker-compose.yml config:
version: "3.7"
services:
nginx:
image: nginx
environment:
TZ: Europe/Moscow
volumes:
- './docker/nginx/:/etc/nginx/conf.d/'
- './docker/nginx/logs:/var/log/nginx/'
networks:
- front
- backend
ports:
- '80:80'
apache:
build: ./docker/apache
environment:
TZ: Europe/Moscow
volumes:
- './:/var/www/'
- './docker/apache/php.ini:/usr/local/etc/php/php.ini'
networks:
- backend
db:
image: mysql:5.7
volumes:
- './docker/db:/var/lib/mysql'
- './docker/db/logs:/var/log/mysql'
restart: unless-stopped
environment:
TZ: Europe/Moscow
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: local
MYSQL_USER: local
MYSQL_PASSWORD: local
networks:
backend:
ipv4_address: 172.20.0.4
phpmyadmin:
image: phpmyadmin/phpmyadmin:latest
environment:
- PMA_HOST=db
- PMA_USER=root
- PMA_PASSWORD=root
volumes:
- /sessions
networks:
- backend
gitlab:
image: gitlab/gitlab-ee:latest
restart: unless-stopped
hostname: 'gitlab.example.com'
environment:
TZ: Europe/Moscow
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://gitlab.example.com'
registry_nginx['enable'] = false
gitlab_rails['gitlab_shell_ssh_port'] = 2022
volumes:
- './docker/gitlab/config:/etc/gitlab'
- './docker/gitlab/logs:/var/log/gitlab'
- './docker/gitlab/data:/var/opt/gitlab'
networks:
backend:
ipv4_address: 172.20.0.5
ports:
- '8080:80'
- '443:443'
- '2022:22'
- '4567:4567'
gitlab-runner:
image: gitlab/gitlab-runner:latest
restart: unless-stopped
hostname: gitlab-runner
depends_on:
- gitlab
volumes:
- './docker/gitlab-runner/config:/etc/gitlab-runner'
- '/var/run/docker.sock:/var/run/docker.sock'
networks:
backend:
ipv4_address: 172.20.0.7
ports:
- '4430:443'
networks:
front:
external:
name: front
backend:
ipam:
driver: default
config:
- subnet: 172.20.0.0/16Gitlab itself is up and running, gitlab-runner is the same, /etc/hosts has been fixed on both containers, they ping each other both by domain name and by ip, respectively.
The problem starts at the stage of registration of the Runner (gitlab-runner register) after entering all the data taken from gitlab (Admin Area -> runners -> Set up a shared Runner manually -> points 2 and 3) I get an error:
509: certificate signed by unknown authorityBelow is the entire output terminal
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
https://gitlab.example.com/
Please enter the gitlab-ci token for this runner:
GdbKgRQx_vQQDgfVRYgR
Please enter the gitlab-ci description for this runner:
[gitlab-runner]: test
Please enter the gitlab-ci tags for this runner (comma separated):
test
ERROR: Registering runner... failed runner=GdbKgRQx status=couldn't execute POST against https://gitlab.example.com/api/v4/runners: Post https://gitlab.example.com/api/v4/runners: x509: certificate signed by unknown authority
PANIC: Failed to register this runner. Perhaps you are having network problemsPlease help the community to resolve this issue.
2 answer(s)
@be_a_dancer
@Zarom
S
Sergey Popov, 2020-02-27 @be_a_dancer
The problem is explicitly described - the self-signed certificate is used.
There are detailed instructions on this on the official website .
D
Dmitry Shitskov, 2020-02-27 @Zarom
It looks like you have a self-signed certificate. When registering the runner, specify the certificate ca file.
Example https://stackoverflow.com/a/48347895
Similar questions
G
M
I
A
M
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question