I have a Docker build for Gitlab, I created some ssl certificates and other files I need to pull in. However when I exec into the container bash the files are not visible.
gitlab: image: 'gitlab/gitlab-ce:9.1.0-ce.0' restart: always hostname: 'gitlab.example.com' links: - postgresql:postgresql - redis:redis environment: GITLAB_OMNIBUS_CONFIG: | postgresql['enable'] = false gitlab_rails['db_username'] = "gitlab" gitlab_rails['db_password'] = "gitlab" gitlab_rails['db_host'] = "postgresql" gitlab_rails['db_port'] = "5432" gitlab_rails['db_database'] = "gitlabhq_production" gitlab_rails['db_adapter'] = 'postgresql' gitlab_rails['db_encoding'] = 'utf8' redis['enable'] = false gitlab_rails['redis_host'] = 'redis' gitlab_rails['redis_port'] = '6379' external_url 'https://gitlab.example.com:30080' nginx['ssl_certificate'] = '/etc/gitlab/trusted-certs/gitlab.example.com.crt' nginx['ssl_certificate_key'] = '/etc/gitlab/trusted-certs/gitlab.example.com.key' ports: - "30080:30080" - "30022:22" postgresql: restart: always image: postgres:9.6.2-alpine environment: - POSTGRES_USER=gitlab - POSTGRES_PASSWORD=gitlab - POSTGRES_DB=gitlabhq_production redis: restart: always image: redis:3.0.7-alpine
On creation of the self signed certificates, I need to exec into my docker container and create them using the docker bash
The certificates (self signed) are on my machine at the path referenced "/etc/gitlab/trusted-certs/gitlab.example.com.crt"
Your docker-compose.yml did not map any folders from your host into your container. Containers are nothing more than a namespaced process, and one of those namespaces is the filesystem. To map a directory from the host into the container, you can use a simple bind mount syntax:
gitlab: image: 'gitlab/gitlab-ce:9.1.0-ce.0' restart: always hostname: 'gitlab.example.com' volumes: - ./path/to/gitlab.example.com.crt:/etc/gitlab/trusted-certs/gitlab.example.com.crt:ro ...
Note that this mounts from the host into the container, and the file will be configured as read-only with the
:ro syntax to prevent processes inside the container from modifying your certificates. If your docker host is inside of a VM (including docker for windows/mac) or on a remote server, you'll need to make sure the files are accessible there (e.g. docker for win/mac has settings to share PC folders into the embedded VM).