gitlab部署文档 应用版本
gitlab:sameersbn/gitlab:13.9.3
postgresql:sameersbn/postgresql:12-20200524
redis:redis:5.0.9
使用docker-compose部署 提前在机器上安装好docker和docker-compose
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 version: '2.3' services: redis: restart: always image: redis:5.0.9 command: - --loglevel warning volumes: - /home/docker-compose/gitlab/redis:/var/lib/redis:Z postgresql: restart: always image: sameersbn/postgresql:12-20200524 volumes: - /home/docker-compose/gitlab/gitlab-postgresql:/var/lib/postgresql:Z environment: - DB_USER=gitlab - DB_PASS=password - DB_NAME=gitlabhq_production - DB_EXTENSION=pg_trgm,btree_gist gitlab: restart: always image: sameersbn/gitlab:13.9.3 depends_on: - redis - postgresql ports: - "10080:80" - "10022:22" volumes: - /home/docker-compose/gitlab/gitlab:/home/git/data:Z healthcheck: test: ["CMD" , "/usr/local/sbin/healthcheck" ] interval: 5m timeout: 10s retries: 3 start_period: 5m environment: - DEBUG=false - DB_ADAPTER=postgresql - DB_HOST=postgresql - DB_PORT=5432 - DB_USER=gitlab - DB_PASS=password - DB_NAME=gitlabhq_production - REDIS_HOST=redis - REDIS_PORT=6379 - TZ=Asia/Shanghai - GITLAB_TIMEZONE=Beijing - GITLAB_HTTPS=false - SSL_SELF_SIGNED=false - GITLAB_HOST=localhost - GITLAB_PORT=10080 - GITLAB_SSH_PORT=10022 - GITLAB_RELATIVE_URL_ROOT= - GITLAB_SECRETS_DB_KEY_BASE=long-and-random-alphanumeric-string - GITLAB_SECRETS_SECRET_KEY_BASE=long-and-random-alphanumeric-string - GITLAB_SECRETS_OTP_KEY_BASE=long-and-random-alphanumeric-string - GITLAB_ROOT_PASSWORD=adminpassword - GITLAB_ROOT_EMAIL=mutou@admin.com - GITLAB_NOTIFY_ON_BROKEN_BUILDS=true - GITLAB_NOTIFY_PUSHER=false - GITLAB_EMAIL=notifications@example.com - GITLAB_EMAIL_REPLY_TO=noreply@example.com - GITLAB_INCOMING_EMAIL_ADDRESS=reply@example.com - GITLAB_BACKUP_SCHEDULE=daily - GITLAB_BACKUP_TIME=01:00 - SMTP_ENABLED=false - SMTP_DOMAIN=www.example.com - SMTP_HOST=smtp.gmail.com - SMTP_PORT=587 - SMTP_USER=mailer@example.com - SMTP_PASS=password - SMTP_STARTTLS=true - SMTP_AUTHENTICATION=login - IMAP_ENABLED=false - IMAP_HOST=imap.gmail.com - IMAP_PORT=993 - IMAP_USER=mailer@example.com - IMAP_PASS=password - IMAP_SSL=true - IMAP_STARTTLS=false - OAUTH_ENABLED=false - OAUTH_AUTO_SIGN_IN_WITH_PROVIDER= - OAUTH_ALLOW_SSO= - OAUTH_BLOCK_AUTO_CREATED_USERS=true - OAUTH_AUTO_LINK_LDAP_USER=false - OAUTH_AUTO_LINK_SAML_USER=false - OAUTH_EXTERNAL_PROVIDERS= - OAUTH_CAS3_LABEL=cas3 - OAUTH_CAS3_SERVER= - OAUTH_CAS3_DISABLE_SSL_VERIFICATION=false - OAUTH_CAS3_LOGIN_URL=/cas/login - OAUTH_CAS3_VALIDATE_URL=/cas/p3/serviceValidate - OAUTH_CAS3_LOGOUT_URL=/cas/logout - OAUTH_GOOGLE_API_KEY= - OAUTH_GOOGLE_APP_SECRET= - OAUTH_GOOGLE_RESTRICT_DOMAIN= - OAUTH_FACEBOOK_API_KEY= - OAUTH_FACEBOOK_APP_SECRET= - OAUTH_TWITTER_API_KEY= - OAUTH_TWITTER_APP_SECRET= - OAUTH_GITHUB_API_KEY= - OAUTH_GITHUB_APP_SECRET= - OAUTH_GITHUB_URL= - OAUTH_GITHUB_VERIFY_SSL= - OAUTH_GITLAB_API_KEY= - OAUTH_GITLAB_APP_SECRET= - OAUTH_BITBUCKET_API_KEY= - OAUTH_BITBUCKET_APP_SECRET= - OAUTH_BITBUCKET_URL= - OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL= - OAUTH_SAML_IDP_CERT_FINGERPRINT= - OAUTH_SAML_IDP_SSO_TARGET_URL= - OAUTH_SAML_ISSUER= - OAUTH_SAML_LABEL="Our SAML Provider" - OAUTH_SAML_NAME_IDENTIFIER_FORMAT=urn:oasis:names:tc:SAML:2.0:nameid-format:transient - OAUTH_SAML_GROUPS_ATTRIBUTE= - OAUTH_SAML_EXTERNAL_GROUPS= - OAUTH_SAML_ATTRIBUTE_STATEMENTS_EMAIL= - OAUTH_SAML_ATTRIBUTE_STATEMENTS_NAME= - OAUTH_SAML_ATTRIBUTE_STATEMENTS_USERNAME= - OAUTH_SAML_ATTRIBUTE_STATEMENTS_FIRST_NAME= - OAUTH_SAML_ATTRIBUTE_STATEMENTS_LAST_NAME= - OAUTH_CROWD_SERVER_URL= - OAUTH_CROWD_APP_NAME= - OAUTH_CROWD_APP_PASSWORD= - OAUTH_AUTH0_CLIENT_ID= - OAUTH_AUTH0_CLIENT_SECRET= - OAUTH_AUTH0_DOMAIN= - OAUTH_AUTH0_SCOPE= - OAUTH_AZURE_API_KEY= - OAUTH_AZURE_API_SECRET= - OAUTH_AZURE_TENANT_ID=
运行docker-compose up启动gitlab服务mutou@admin.com 和 adminpassword进行登录
注意: 期间postgresql会有错误抛出,怀疑是sql重复初始化导致的。对gitlab的运行没有影响
使用kubernetes部署 部署redis 在集群内安装gitlab使用的redis
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 kind: Deployment apiVersion: apps/v1 metadata: name: gitlab-redis-v1 namespace: tool labels: app: gitlab-redis app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 version: v1 spec: replicas: 1 selector: matchLabels: app: gitlab-redis app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 version: v1 template: metadata: labels: app: gitlab-redis app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 version: v1 spec: containers: - name: container-redis image: '10.221.1.41/library/redis:5' ports: - name: tcp-6379 containerPort: 6379 protocol: TCP env: - name: TZ value: Asia/Shanghai resources: limits: cpu: 990m memory: 1000Mi requests: cpu: 10m memory: 10Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: File imagePullPolicy: IfNotPresent restartPolicy: Always terminationGracePeriodSeconds: 30 dnsPolicy: ClusterFirst serviceAccountName: default serviceAccount: default securityContext: {} imagePullSecrets: - name: local-harbor schedulerName: default-scheduler strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 25 % maxSurge: 25 % revisionHistoryLimit: 10 progressDeadlineSeconds: 600 kind: Service apiVersion: v1 metadata: name: gitlab-redis namespace: tool labels: app: gitlab-redis app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 spec: ports: - name: tcp-6379 protocol: TCP port: 6379 targetPort: 6379 selector: app: gitlab-redis app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 type: ClusterIP sessionAffinity: None
postgresql 在集群内安装gitlab使用的postgresql
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 kind: Deployment apiVersion: apps/v1 metadata: name: gitlab-postgresql-v1 namespace: tool labels: app: gitlab-postgresql app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 version: v1 spec: replicas: 1 selector: matchLabels: app: gitlab-postgresql app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 version: v1 template: metadata: labels: app: gitlab-postgresql app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 version: v1 spec: volumes: - name: volume-3ktoku persistentVolumeClaim: claimName: gitlab-postgresql-storage containers: - name: container-postgresql image: '10.221.1.41/library/postgresql:12-20200524' ports: - name: tcp-5432 containerPort: 5432 protocol: TCP env: - name: DB_USER value: gitlab - name: DB_PASS value: password - name: DB_NAME value: gitlabhq_production - name: DB_EXTENSION value: 'pg_trgm,btree_gist' - name: TZ value: Asia/Shanghai resources: limits: cpu: '2' memory: 2000Mi requests: cpu: '1' memory: 1000Mi volumeMounts: - name: volume-3ktoku mountPath: /var/lib/postgresql subPath: postgresql terminationMessagePath: /dev/termination-log terminationMessagePolicy: File imagePullPolicy: IfNotPresent restartPolicy: Always terminationGracePeriodSeconds: 30 dnsPolicy: ClusterFirst serviceAccountName: default serviceAccount: default securityContext: {} imagePullSecrets: - name: local-harbor schedulerName: default-scheduler strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 25 % maxSurge: 25 % revisionHistoryLimit: 10 progressDeadlineSeconds: 600 kind: Service apiVersion: v1 metadata: name: gitlab-postgresql namespace: tool labels: app: gitlab-postgresql app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 annotations: kubesphere.io/workloadType: Deployment servicemesh.kubesphere.io/enabled: 'false' spec: ports: - name: tcp-5432 protocol: TCP port: 5432 targetPort: 5432 selector: app: gitlab-postgresql app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 clusterIP: 10.233 .22 .167 type: ClusterIP sessionAffinity: None kind: PersistentVolumeClaim apiVersion: v1 metadata: name: gitlab-postgresql-storage namespace: tool labels: app: gitlab-postgresql-storage annotations: pv.kubernetes.io/bind-completed: 'yes' pv.kubernetes.io/bound-by-controller: 'yes' volume.beta.kubernetes.io/storage-provisioner: driver.longhorn.io finalizers: - kubernetes.io/pvc-protection spec: accessModes: - ReadWriteOnce resources: requests: storage: 20Gi storageClassName: longhorn volumeMode: Filesystem
gitlab 部署gitlab服务
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 kind: Deployment apiVersion: apps/v1 metadata: name: gitlab-v1 namespace: tool labels: app: gitlab app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 version: v1 spec: replicas: 1 selector: matchLabels: app: gitlab app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 version: v1 template: metadata: labels: app: gitlab app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 version: v1 spec: volumes: - name: volume-mbg82w persistentVolumeClaim: claimName: gitlab-storage containers: - name: container-5prj70 image: '10.221.1.41/library/gitlab:13.9.3' ports: - name: tcp-22 containerPort: 22 protocol: TCP - name: tcp-443 containerPort: 443 protocol: TCP - name: tcp-80 containerPort: 80 protocol: TCP env: - name: TZ value: Asia/Shanghai - name: GITLAB_TIMEZONE value: Beijing - name: GITLAB_SECRETS_DB_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_SECRETS_SECRET_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_SECRETS_OTP_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_ROOT_PASSWORD value: adminpassword - name: GITLAB_ROOT_EMAIL value: admin@admin.com - name: GITLAB_HOST value: 10.221 .2 .188 - name: GITLAB_SSH_PORT value: '30531' - name: DB_ADAPTER value: postgresql - name: DB_HOST value: 10.233 .22 .167 - name: DB_USER value: gitlab - name: DB_PASS value: password - name: DB_NAME value: gitlabhq_production - name: REDIS_HOST value: 10.233 .20 .28 - name: DEBUG value: 'false' - name: GITLAB_HTTPS value: 'false' - name: SSL_SELF_SIGNED value: 'false' - name: GITLAB_PORT value: '31653' resources: limits: cpu: '3' memory: 6000Mi requests: cpu: '1' memory: 2000Mi volumeMounts: - name: volume-mbg82w mountPath: /home/git/data subPath: data livenessProbe: exec: command: - /usr/local/sbin/healthcheck initialDelaySeconds: 180 timeoutSeconds: 10 periodSeconds: 30 successThreshold: 1 failureThreshold: 3 readinessProbe: exec: command: - /usr/local/sbin/healthcheck initialDelaySeconds: 180 timeoutSeconds: 10 periodSeconds: 30 successThreshold: 1 failureThreshold: 3 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File imagePullPolicy: IfNotPresent restartPolicy: Always terminationGracePeriodSeconds: 30 dnsPolicy: ClusterFirst nodeSelector: kubernetes.io/hostname: node4 serviceAccountName: default serviceAccount: default securityContext: {} imagePullSecrets: - name: local-harbor schedulerName: default-scheduler strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 25 % maxSurge: 25 % revisionHistoryLimit: 10 progressDeadlineSeconds: 600 kind: Service apiVersion: v1 metadata: name: gitlab namespace: tool labels: app: gitlab app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 spec: ports: - name: tcp-22 protocol: TCP port: 22 targetPort: 22 nodePort: 30531 - name: tcp-443 protocol: TCP port: 443 targetPort: 443 nodePort: 30632 - name: tcp-80 protocol: TCP port: 80 targetPort: 80 nodePort: 31653 selector: app: gitlab app.kubernetes.io/name: gitlab app.kubernetes.io/version: v1 type: NodePort sessionAffinity: None externalTrafficPolicy: Cluster kind: PersistentVolumeClaim apiVersion: v1 metadata: name: gitlab-storage namespace: tool labels: app: gitlab-storage annotations: pv.kubernetes.io/bind-completed: 'yes' pv.kubernetes.io/bound-by-controller: 'yes' volume.beta.kubernetes.io/storage-provisioner: openebs.io/local volume.kubernetes.io/selected-node: node4 finalizers: - kubernetes.io/pvc-protection spec: accessModes: - ReadWriteOnce resources: requests: storage: 100Gi storageClassName: local volumeMode: Filesystem
gitlab容器相关详细配置单
CI/CD 安装gitlab-runner
1 docker run -d --name gitlab-runner --restart always -v /home/docker/gitlab-runner/config:/etc/gitlab-runner -v /var/run/docker.sock:/var/run/docker.sock gitlab/gitlab-runner:v13.9.0
docker exec -it gitlab-runner bash
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 gitlab-runner register > Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com ) http://xxx > Please enter the gitlab-ci token for this runner xxx > Please enter the gitlab-ci description for this runner [hostname] my-runner > Please enter the gitlab-ci tags for this runner (comma separated): test > Please enter the executor: ssh, docker+machine, docker-ssh+machine, kubernetes, docker, parallels, virtualbox, docker-ssh, shell: docker > Please enter the Docker image (eg. ruby:2.1): alpine:latest
完成注册后 exit退出
vi config/config.toml
1 2 volumes = ["/cache" ,"/var/run/docker.sock:/var/run/docker.sock" ]pull_policy = "if-not-present"
修改好后重启Runner
gitlab CI示例 node.js 在shell模式的runner上运行
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 stages: - install_dependencies - lint_code - build - build_image - deploy_staging - deploy_production cache: paths: - node_modules/ variables: REGISTRY_URL: "10.221.1.41" REGISTRY_PROJECT: "release" PROJECT_NAME: "projectname" REGISTRY_USERNAME: "admin" REGISTRY_PASSWORD: "password" install_dependencies_job: stage: install_dependencies tags: - shell script: - yarn config set registry 'https://registry.npm.taobao.org' - yarn config set sass_binary_site "https://npm.taobao.org/mirrors/node-sass/" - yarn config set phantomjs_cdnurl "http://cnpmjs.org/downloads" - yarn config set electron_mirror "https://npm.taobao.org/mirrors/electron/" - yarn config set sqlite3_binary_host_mirror "https://foxgis.oss-cn-shanghai.aliyuncs.com/" - yarn config set profiler_binary_host_mirror "https://npm.taobao.org/mirrors/node-inspector/" - yarn config set chromedriver_cdnurl "https://cdn.npm.taobao.org/dist/chromedriver" - yarn install - echo "依赖已安装完毕" lint_code_job: stage: lint_code tags: - shell script: - npm run lint - echo "代码 lint 已完成" build_job: stage: build tags: - shell script: - npm run build:stage - echo "代码 打包 已完成" artifacts: paths: - dist expire_in: 1 day docker-push: stage: build_image tags: - shell before_script: - docker login -u "$REGISTRY_USERNAME" -p "$REGISTRY_PASSWORD" $REGISTRY_URL script: - docker build -t $REGISTRY_URL/$REGISTRY_PROJECT/$PROJECT_NAME:release.$CI_BUILD_ID . - docker push $REGISTRY_URL/$REGISTRY_PROJECT/$PROJECT_NAME:release.$CI_BUILD_ID deploy_stage_job: stage: deploy_staging only: - /^release/.*$/ tags: - shell script: - echo "测试环境、预发布环境已部署完成" deploy_production_job: stage: deploy_production only: - master tags: - shell script: - echo "生产环境已部署完成"
DinD 在Docker模式的runner上运行
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 image: 10.221 .1 .41 /library/centos:7 stages: - test - build_image - deploy variables: REGISTRY_URL: "10.221.1.41" REGISTRY_PROJECT: "release" PROJECT_NAME: "projectname" REGISTRY_USERNAME: "admin" REGISTRY_PASSWORD: "password" unit-test: stage: test tags: - docker script: - pwd - echo unit-test docker-push: image: 10.221 .1 .41 /library/docker:20.10.5-dind stage: build_image services: - 10.221 .1 .41 /library/docker:20.10.5-dind tags: - docker before_script: - docker login -u "$REGISTRY_USERNAME" -p "$REGISTRY_PASSWORD" $REGISTRY_URL script: - docker build -t $REGISTRY_URL/$REGISTRY_PROJECT/$PROJECT_NAME:release.$CI_BUILD_ID . - docker push $REGISTRY_URL/$REGISTRY_PROJECT/$PROJECT_NAME:release.$CI_BUILD_ID deploy-app: stage: deploy tags: - docker script: - echo deploy
配置openLDAP登录 OpenLDAP是一个开源的LDAP实现,一般用作多个开源软件中的统一登录支持
项目
内容
备注
LDAP 服务IP端口
10.233.11.157:389
LDAP 管理员DN
cn=admin,dc=kwl,dc=com
LDAP 管理员密码
password
LDAP 账户搜索域
ou=user,dc=kwl,dc=com
LDAP 在域配置下的账户 uid
zsan
LDAP 在域配置下的账户 email
zhansan@test.com email是额外字段,如果想要使用邮箱作为账户登录则必填
LDAP 在域配置下的账户 password
password
我们使用的是k8s部署的gitlab,所以修改应用环境变量示例如下:
环境变量key
环境变量value
备注
LDAP_ENABLED
true
开启LDAP认证登录
LDAP_HOST
10.233.11.157
LDAP服务的IP地址
LDAP_LABEL
LDAP
LDAP登录页的名称
LDAP_METHOD
plain
加密方式
LDAP_UID
mail
如果想直接使用账户名登录则填uid
LDAP_VERIFY_SSL
false
启用SSL认证
LDAP_BIND_DN
cn=admin,dc=kwl,dc=com
LDAP admin DN
LDAP_PASS
password
LDAP admin 密码
LDAP_TIMEOUT
10
登录超时时间秒
LDAP_ACTIVE_DIRECTORY
false
是否是 Active Directory LDAP 服务
LDAP_BASE
ou=user,dc=kwl,dc=com
登录用户的扫描域
LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN
false
是否开启邮箱或用户名登录
gitlab-docker 详细配置列表
在修改好环境变量后,等待gitlab Pod自动重启就绪zhansan@test.com /password)进行登录
当出现无法登录或者提示没有权限时善用gitlab应用和ldap服务的日志,特别是ldap会输出UNBIND相关日志,这个对于排查登录问题十分有用!
参考 https://github.com/sameersbn/docker-gitlab#available-configuration-parameters
