Docs suggestion - docker image (self-signed certificate + mattermost)
@ayufan cc'ing as agreed ;)
Gitlab and self-signed SSL certificates
-
Generate your self-signed certificate. You can find the detailed info here: http://www.selfsignedcertificate.com/
-
Copy the files into config/ssl directory of your host system (from within you are starting the container)
-
Restart your gitlab container, so that it is able to pick up the new certificate files.
If you want to use gitlab with self-signed SSL certificate, you will run into issues while integrating with mattermost. The reason is, mattermost wants to validate the request to gitlab host (which will be served under https) and fails if the certificate is self-signed. You can verify whether you are experiencing this problem by issuing the following command on your host system:
docker logs gitlab
and if you can see 'x509 certificate signed by unknown authority' on your mattermost logs, this means you have to update the ca-certificates on your docker image.
You can fix it by issuing the following commands:
-
Enter interactive session on your container:
docker exec -it gitlab /bin/bash
-
Now, being inside of your container, do the following:
cp /etc/gitlab/ssl/example.com.crt /usr/share/ca-certificates
(assuming that your self-signed certificate is in example.com.crt)
dpkg-reconfigure ca-certificates
pick "ask" (3) as the option and check your file on the list.
-
restart the services to be safe:
gitlab-ctl restart
Your integration with Mattermost should now work as expected.
Mattermost maintenance
If you want to access postgresql database of the default omnibus package of mattermost, please do the following:
-
Enter interactive session of the container:
docker exec -it gitlab /bin/bash
-
Switch to gitlab-psql user:
su gitlab-psql
-
Issue the following command:
/opt/gitlab/embedded/bin/psql -h /var/opt/gitlab/postgresql/ -U gitlab_mattermost mattermost_production
you can now access mattermost tables.