首先我承认这是一个来自 gitlab 论坛的转帖:https://forum.gitlab.com/t/push-to-docker-registry-is-denied/35018。我在那里没有收到任何回复,所以我希望我在这里能幸运一点。
当我尝试登录我的 gitlab 的 docker 注册表时,它失败了。推送也是一样。我在 docker 容器中运行 gitlab。注册表绑定到端口 5005。
尝试通过 gitlab.myHostname.com:5005 登录失败。:443 和 :80 也一样。尝试通过 gitlab.myHostname.com 登录成功。但推送总是失败。
当我没有推送到端口 5005 时,每个连接都会经过一个单独的 nginx,这与在 gitlab docker 容器中运行的 nginx 不同。
这是我的 gitlab.rb:
gitlab_rails['gitlab_shell_ssh_port'] = 31422
registry_external_url 'https://gitlab.myDomain.com'
gitlab_rails['registry_enabled'] = true
gitlab_rails['registry_host'] = "https://gitlab.myDomain.com:5005"
gitlab_rails['registry_port'] = "5005"
nginx['client_max_body_size'] = '4G'
nginx['redirect_http_to_https'] = false
nginx['listen_port'] = 443
nginx['listen_https'] = true
registry_nginx['ssl_certificate'] = "/etc/gitlab/ssl/letsencrypt.pem"
registry_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/letsencrypt.key"
下面是我为 gitlab 编写的 docker-compose:
version: '3.7'
services:
gitlab:
networks:
default:
aliases:
- gitlab.docker
image: 'gitlab/gitlab-ce:12.8.0-ce.0'
restart: always
hostname: 'gitlab.myDomain.com'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://gitlab.myDomain.com'
ports:
- '31422:22'
- '5005:5005'
volumes:
- '/etc/gitlab:/etc/gitlab'
- '/var/log/gitlab:/var/log/gitlab'
- '/srv/gitlab/data:/var/opt/gitlab'
- '/etc/letsencrypt/live/gitlab.myDomain.com/fullchain.pem:/etc/gitlab/ssl/letsencrypt.pem'
- '/etc/letsencrypt/live/gitlab.myDomain.com/privkey.pem:/etc/gitlab/ssl/letsencrypt.key'
labels:
- 'com.dnsdock.alias=gitlab.docker'
networks:
default:
external:
name: myDomain0
最后,这是我在推送时收到的错误消息:
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get https://gitlab.myDomain.com:5005/v2/: dial tcp 0.0.0.0:5005: (EDIT: ip changed for privacy) connect: connection refused
The push refers to repository [gitlab.myDomain.com:5005/docker/sbt]
Get https://gitlab.myDomain.com:5005/v2/: dial tcp 0.0.0.0:5005: (EDIT: ip changed for privacy) connect: connection refused
有人知道如何处理吗?
编辑:我特意更改了主机名以保护隐私。当您看到时gitlab.myDomain.com
,这实际上是一个真实的域名。如果您找到 IP 0.0.0.0
,那么这就是我的公共 IP。