Add Docker Swarm config file, and Swar&compose config file support

Signed-off-by: Sven Dowideit <[email protected]>
sameersbn · Apr 18, 2018 · d244882 · d244882
1 parent 7e35505
commit d244882
Show file tree

Hide file tree

Showing 3 changed files with 60 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -803,7 +803,8 @@ These options should contain something like:
 
 ### Available Configuration Parameters
 
-*Please refer the docker run command options for the `--env-file` flag where you can specify all required environment variables in a single file. This will save you from writing a potentially long docker run command. Alternatively you can use docker-compose.*
+*Please refer the docker run command options for the `--env-file` flag where you can specify all required environment variables in a single file. This will save you from writing a potentially long docker run command. Alternatively you can use docker-compose. docker-compose users and Docker Swarm mode users can also use the [secrets and config file options](#docker-secrets-and-configs)*
+
 
 Below is the complete list of available options that can be used to customize your gitlab installation.
 
@@ -1044,6 +1045,43 @@ Below is the complete list of available options that can be used to customize yo
 | `RACK_ATTACK_BANTIME` | Number of seconds an IP should be banned after too many auth attempts. Defaults to `3600`. |
 | `GITLAB_WORKHORSE_TIMEOUT` | Timeout for gitlab workhorse http proxy. Defaults to `5m0s`. |
 
+### Docker secrets and configs
+
+All the above environment variables can be put into a [secrets](https://docs.docker.com/compose/compose-file/#secrets) or [config](https://docs.docker.com/compose/compose-file/#configs) file
+and then both docker-compose and Docker Swarm can import them into your gitlab container.
+
+On startup, the gitlab container will source env vars from a config file named `gitlab-config`, and then a secrets file named `gitlab-secrets` (both mounted in the default locations).
+
+To modify your existing `docker-compose.yml` file, add the following to your gitlab service:
+
+> Note: you also need to change the docker-compose file version `version: "3.4"`.
+
+```
+services:
+  gitlab:
+
+...
+
+    configs:
+      - gitlab-configs
+    secrets:
+      - gitlab-secrets
+```
+
+And then define those secrets and configs:
+
+```
+configs:
+  gitlab-configs:
+    file: ./gitlab.configs
+
+secrets:
+  gitlab-secrets:
+    file: ./gitlab.secrets
+```
+
+If you're not using one of these files, then don't include its entry in the docker-compose file.
+
 # Maintenance
 
 ## Creating backups

diff --git a/assets/runtime/functions b/assets/runtime/functions
@@ -1,5 +1,13 @@
 #!/bin/bash
 set -e
+
+for file in /gitlab-configs /run/secrets/gitlab-secrets; do
+	if [[ -e "$file" ]]; then
+		echo "Loading $file"
+		source "$file"
+	fi
+done
+echo "Loading ${GITLAB_RUNTIME_DIR}/env-defaults"
 source ${GITLAB_RUNTIME_DIR}/env-defaults
 
 SYSCONF_TEMPLATES_DIR="${GITLAB_RUNTIME_DIR}/config"

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,4 +1,4 @@
-version: '2'
+version: '3.4'
 
 services:
   redis:
@@ -31,6 +31,10 @@ services:
     - "10022:22"
     volumes:
     - /srv/docker/gitlab/gitlab:/home/git/data:Z
+    #configs:
+    #  - gitlab-configs
+    #secrets:
+    #  - gitlab-secrets
     environment:
     - DEBUG=false
 
@@ -148,3 +152,11 @@ services:
     - OAUTH_AZURE_API_KEY=
     - OAUTH_AZURE_API_SECRET=
     - OAUTH_AZURE_TENANT_ID=
+
+#configs:
+#  gitlab-configs:
+#    file: ./gitlab.configs
+#
+#secrets:
+#  gitlab-secrets:
+#    file: ./gitlab.secrets