GitLab Docker

The GitLab Docker images are monolithic images of GitLab running all the necessary services in a single container.
GitLab Docker GitLab

Find the GitLab official Docker image at:
GitLab Docker

• GitLab Docker image in Docker Hub
  Docker Hub GitLab Docker

The Docker images dont include a mail transport agent (MTA). The recommended solution is to add an MTA (such as Postfix or Sendmail) running in a separate container. As another option, you can install an MTA directly in the GitLab container, but this adds maintenance overhead as youll likely need to reinstall the MTA after every upgrade or restart.
Docker MTA MTA Postfix Sendmail GitLab MTA MTA

In the following examples, if you want to use the latest RC image, use gitlab/gitlab-ee:rc instead.
RC gitlab/gitlab-ee:rc

You should not deploy the GitLab Docker image in Kubernetes as it creates a single point of failure. If you want to deploy GitLab in Kubernetes, the GitLab Helm Chart or GitLab Operator should be used instead.
Kubernetes GitLab Docker Kubernetes GitLab GitLab Helm Chart GitLab Operator

caution

Docker for Windows is not officially supported. There are known issues with volume permissions, and potentially other unknown issues. If you are trying to run on Docker for Windows, see the getting help page for links to community resources (such as IRC or forums) to seek help from other users.
Docker for Windows Docker for Windows IRC

Prerequisites 

To use the GitLab Docker images:
GitLab Docker

• You must install Docker.  Docker
• You must use a valid externally-accessible hostname. Do not use localhost.
  localhost .

Set up the volumes location

Before setting everything else, configure a new environment variable $GITLAB_HOME pointing to the directory where the configuration, logs, and data files will reside. Ensure that the directory exists and appropriate permission have been granted.
$GITLAB_HOME

For Linux users, set the path to /srv/gitlab:
Linux /srv/gitlab

export GITLAB_HOME=/srv/gitlab

For macOS users, use the users $HOME/gitlab directory:
macOS $HOME/gitlab

export GITLAB_HOME=$HOME/gitlab

The GITLAB_HOME environment variable should be appended to your shells profile so it is applied on all future terminal sessions:
GITLAB_HOME shell

• Bash: ~/.bash_profile  ~/.bash_profile
• ZSH: ~/.zshrc ZSH ~/.zshrc

The GitLab container uses host mounted volumes to store persistent data:
GitLab

Local location	Container location	Usage
$GITLAB_HOME/data	/var/opt/gitlab	For storing application data.

|
| $GITLAB_HOME/logs | /var/log/gitlab | For storing logs.  |
| $GITLAB_HOME/config | /etc/gitlab | For storing the GitLab configuration files.
GitLab |

Installation 

The GitLab Docker images can be run in multiple ways:
GitLab Docker

• Using Docker Engine  Docker
• Using Docker Compose  Docker Compose
• Using Docker swarm mode
  Docker swarm

Install GitLab using Docker Engine

Docker Engine GitLab

You can fine tune these directories to meet your requirements. Once youve set up the GITLAB_HOME variable, you can run the image:
GITLAB_HOME

sudo docker run --detach \
  --hostname gitlab.example.com \
  --publish 443:443 --publish 80:80 --publish 22:22 \
  --name gitlab \
  --restart always \
  --volume $GITLAB_HOME/config:/etc/gitlab \
  --volume $GITLAB_HOME/logs:/var/log/gitlab \
  --volume $GITLAB_HOME/data:/var/opt/gitlab \
  --shm-size 256m \
  gitlab/gitlab-ee:latest

This will download and start a GitLab container and publish ports needed to access SSH, HTTP and HTTPS. All GitLab data will be stored as subdirectories of $GITLAB_HOME. The container will automatically restart after a system reboot.
SSHHTTP HTTPS GitLab GitLab $GITLAB_HOME restart

If you are on SELinux, then run this instead:
SELinux

sudo docker run --detach \
  --hostname gitlab.example.com \
  --publish 443:443 --publish 80:80 --publish 22:22 \
  --name gitlab \
  --restart always \
  --volume $GITLAB_HOME/config:/etc/gitlab:Z \
  --volume $GITLAB_HOME/logs:/var/log/gitlab:Z \
  --volume $GITLAB_HOME/data:/var/opt/gitlab:Z \
  --shm-size 256m \
  gitlab/gitlab-ee:latest

This will ensure that the Docker process has enough permissions to create the configuration files in the mounted volumes.
Docker

If youre using the Kerberos integration (PREMIUM ONLY), you must also publish your Kerberos port (for example, --publish 8443:8443). Failing to do so prevents Git operations with Kerberos.
Kerberos PREMIUM Kerberos --publish 8443:8443 Kerberos Git

The initialization process may take a long time. You can track this process with:

sudo docker logs -f gitlab

After starting a container you can visit gitlab.example.com (or http://192.168.59.103 if you used boot2docker on macOS). It might take a while before the Docker container starts to respond to queries.
gitlab.example.com http://192.168.59.103 macOS boot2dockerDocker

Visit the GitLab URL, and sign in with the username root and the password from the following command:
GitLab URL root

sudo docker exec -it gitlab grep 'Password:' /etc/gitlab/initial_root_password

note

The password file will be automatically deleted in the first reconfigure run after 24 hours.
24

Install GitLab using Docker Compose

Docker Compose GitLab

With Docker Compose you can easily configure, install, and upgrade your Docker-based GitLab installation:
Docker Compose Docker GitLab

1. Install Docker Compose.  Docker Compose

2. Create a docker-compose.yml file:  docker-compose.yml

   version: '3.6'
   services:
     web:
       image: 'gitlab/gitlab-ee:latest'
       restart: always
       hostname: 'gitlab.example.com'
       environment:
         GITLAB_OMNIBUS_CONFIG: |
           external_url 'https://gitlab.example.com'
           # Add any other gitlab.rb configuration here, each on its own line
       ports:
         - '80:80'
         - '443:443'
         - '22:22'
       volumes:
         - '$GITLAB_HOME/config:/etc/gitlab'
         - '$GITLAB_HOME/logs:/var/log/gitlab'
         - '$GITLAB_HOME/data:/var/opt/gitlab'
       shm_size: '256m'
   

3. Make sure you are in the same directory as docker-compose.yml and start GitLab:
   docker-compose.yml GitLab

   docker compose up -d
   

note

Read the Pre-configure Docker container section to see how the GITLAB_OMNIBUS_CONFIG variable works.
Docker GITLAB_OMNIBUS_CONFIG

Below is another docker-compose.yml example with GitLab running on a custom HTTP and SSH port. Notice how the GITLAB_OMNIBUS_CONFIG variables match the ports section:
GitLab docker-compose.yml HTTP SSH GITLAB_OMNIBUS_CONFIG ports

version: '3.6'
services:
  web:
    image: 'gitlab/gitlab-ee:latest'
    restart: always
    hostname: 'gitlab.example.com'
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://gitlab.example.com:8929'
        gitlab_rails['gitlab_shell_ssh_port'] = 2224
    ports:
      - '8929:8929'
      - '2224:22'
    volumes:
      - '$GITLAB_HOME/config:/etc/gitlab'
      - '$GITLAB_HOME/logs:/var/log/gitlab'
      - '$GITLAB_HOME/data:/var/opt/gitlab'
    shm_size: '256m'

This is the same as using --publish 8929:8929 --publish 2224:22.
--publish 8929:8929 --publish 2224:22 .

Install GitLab using Docker swarm mode

Docker swarm GitLab

With Docker swarm mode, you can easily configure and deploy your Docker-based GitLab installation in a swarm cluster.
Docker swarm swarm Docker GitLab

In swarm mode you can leverage Docker secrets and Docker configurations to efficiently and securely deploy your GitLab instance. Secrets can be used to securely pass your initial root password without exposing it as an environment variable. Configurations can help you to keep your GitLab image as generic as possible.
swarm Docker Docker GitLab root GitLab

Heres an example that deploys GitLab with four runners as a stack, using secrets and configurations:
GitLab

1. Set up a Docker swarm.
   Docker swarm

2. Create a docker-compose.yml file:  docker-compose.yml

   version: "3.6"
   services:
     gitlab:
       image: gitlab/gitlab-ee:latest
       ports:
         - "22:22"
         - "80:80"
         - "443:443"
       volumes:
         - $GITLAB_HOME/data:/var/opt/gitlab
         - $GITLAB_HOME/logs:/var/log/gitlab
         - $GITLAB_HOME/config:/etc/gitlab
       shm_size: '256m'
       environment:
         GITLAB_OMNIBUS_CONFIG: "from_file('/omnibus_config.rb')"
       configs:
         - source: gitlab
           target: /omnibus_config.rb
       secrets:
         - gitlab_root_password
     gitlab-runner:
       image: gitlab/gitlab-runner:alpine
       deploy:
         mode: replicated
         replicas: 4
   configs:
     gitlab:
       file: ./gitlab.rb
   secrets:
     gitlab_root_password:
       file: ./root_password.txt
   

   For simplicity reasons, the network configuration was omitted. More information can be found in the official Compose file reference.
   network Compose

3. Create a gitlab.rb file:  gitlab.rb

   external_url 'https://my.domain.com/'
   gitlab_rails['initial_root_password'] = File.read('/run/secrets/gitlab_root_password').gsub("\n", "")
   

4. Create a root_password.txt file:  root_password.txt

   MySuperSecretAndSecurePassw0rd!
   

5. Make sure you are in the same directory as docker-compose.yml and run:
   docker-compose.yml

   docker stack deploy --compose-file docker-compose.yml mystack
   

Configuration 

This container uses the official Linux package, so all configuration is done in the unique configuration file /etc/gitlab/gitlab.rb.
Linux /etc/gitlab/gitlab.rb

To access the GitLab configuration file, you can start a shell session in the context of a running container. This will allow you to browse all directories and use your favorite text editor:
GitLab shell

sudo docker exec -it gitlab /bin/bash

You can also just edit /etc/gitlab/gitlab.rb:
/etc/gitlab/gitlab.rb

sudo docker exec -it gitlab editor /etc/gitlab/gitlab.rb

Once you open /etc/gitlab/gitlab.rb make sure to set the external_url to point to a valid URL.
/etc/gitlab/gitlab.rb external_url URL

To receive emails from GitLab you have to configure the SMTP settings because the GitLab Docker image doesnt have an SMTP server installed. You may also be interested in enabling HTTPS.
GitLab SMTP GitLab Docker SMTP HTTPS

After you make all the changes you want, you will need to restart the container to reconfigure GitLab:
GitLab

sudo docker restart gitlab

GitLab will reconfigure itself whenever the container starts. For more options about configuring GitLab, check the configuration documentation.
GitLab GitLab

Pre-configure Docker container

Docker

You can pre-configure the GitLab Docker image by adding the environment variable GITLAB_OMNIBUS_CONFIG to Docker run command. This variable can contain any gitlab.rb setting and is evaluated before the loading of the containers gitlab.rb file. This behavior allows you to configure the external GitLab URL, and make database configuration or any other option from the Linux package template. The settings contained in GITLAB_OMNIBUS_CONFIG arent written to the gitlab.rb configuration file, and are evaluated on load.
Docker run GITLAB_OMNIBUS_CONFIG GitLab Docker gitlab.rb gitlab.rb GitLab URL Linux GITLAB_OMNIBUS_CONFIG gitlab.rb

Heres an example that sets the external URL and enables LFS while starting the container:
URL LFS

sudo docker run --detach \
  --hostname gitlab.example.com \
  --env GITLAB_OMNIBUS_CONFIG="external_url 'http://my.domain.com/'; gitlab_rails['lfs_enabled'] = true;" \
  --publish 443:443 --publish 80:80 --publish 22:22 \
  --name gitlab \
  --restart always \
  --volume $GITLAB_HOME/config:/etc/gitlab \
  --volume $GITLAB_HOME/logs:/var/log/gitlab \
  --volume $GITLAB_HOME/data:/var/opt/gitlab \
  --shm-size 256m \
  gitlab/gitlab-ee:latest

Every time you execute a docker run command, you need to provide the GITLAB_OMNIBUS_CONFIG option. The content of GITLAB_OMNIBUS_CONFIG is not preserved between subsequent runs.
docker run GITLAB_OMNIBUS_CONFIG GITLAB_OMNIBUS_CONFIG

Use tagged versions of GitLab

GitLab

Tagged versions of the GitLab Docker images are also provided. To see all available tags see:
GitLab Docker

• GitLab CE tags GitLab CE
• GitLab EE tags GitLab EE

To use a specific tagged version, replace gitlab/gitlab-ee:latest with the GitLab version you want to run, for example gitlab/gitlab-ee:12.1.3-ce.0.
gitlab/gitlab-ee:latest GitLab gitlab/gitlab-ee:12.1.3-ce.0

Run GitLab on a public IP address

IP GitLab

You can make Docker to use your IP address and forward all traffic to the GitLab container by modifying the --publish flag.
--publish Docker IP GitLab

To expose GitLab on IP 198.51.100.1:
IP 198.51.100.1 GitLab

sudo docker run --detach \
  --hostname gitlab.example.com \
  --publish 198.51.100.1:443:443 \
  --publish 198.51.100.1:80:80 \
  --publish 198.51.100.1:22:22 \
  --name gitlab \
  --restart always \
  --volume $GITLAB_HOME/config:/etc/gitlab \
  --volume $GITLAB_HOME/logs:/var/log/gitlab \
  --volume $GITLAB_HOME/data:/var/opt/gitlab \
  --shm-size 256m \
  gitlab/gitlab-ee:latest

You can then access your GitLab instance at http://198.51.100.1/ and https://198.51.100.1/.
https://198.51.100.1/ http://198.51.100.1/ GitLab

Expose GitLab on different ports

GitLab

GitLab will occupy some ports inside the container.
GitLab

If you want to use a different host port than 80 (HTTP) or 443 (HTTPS), you need to add a separate --publish directive to the docker run command.
80 HTTP 443 HTTPS docker run --publish

For example, to expose the web interface on the hosts port 8929, and the SSH service on port 2289:
8929 Web 2289 SSH

1. Use the following docker run command:
   docker run

   sudo docker run --detach \
     --hostname gitlab.example.com \
     --publish 8929:8929 --publish 2289:22 \
     --name gitlab \
     --restart always \
     --volume $GITLAB_HOME/config:/etc/gitlab \
     --volume $GITLAB_HOME/logs:/var/log/gitlab \
     --volume $GITLAB_HOME/data:/var/opt/gitlab \
     --shm-size 256m \
     gitlab/gitlab-ee:latest
   

   note

   The format for publishing ports is hostPort:containerPort. Read more in the Docker documentation about exposing incoming ports.
   hostPort:containerPort Docker

2. Enter the running container:

   sudo docker exec -it gitlab /bin/bash
   

3. Open /etc/gitlab/gitlab.rb with your editor and set external_url:
   /etc/gitlab/gitlab.rb external_url

   # For HTTP
   external_url "http://gitlab.example.com:8929"
   
   or
   
   # For HTTPS (notice the https)
   external_url "https://gitlab.example.com:8929"
   

   The port specified in this URL must match the port published to the host by Docker. Additionally, if the NGINX listen port is not explicitly set in nginx['listen_port'], it will be pulled from the external_url. For more information see the NGINX documentation.
   URL Docker NGINX nginx['listen_port'] external_url NGINX

4. Set gitlab_shell_ssh_port:  gitlab_shell_ssh_port

   gitlab_rails['gitlab_shell_ssh_port'] = 2289
   

5. Finally, reconfigure GitLab:
   GitLab

   gitlab-ctl reconfigure
   

Following the above example, you will be able to reach GitLab from your web browser under <hostIP>:8929 and push using SSH under the port 2289.
<hostIP>:8929 GitLab 2289 SSH

A docker-compose.yml example that uses different ports can be found in the Docker compose section.
Docker compose docker-compose.yml

Configure multiple database connections

In GitLab 16.0, GitLab defaults to using two database connections that point to the same PostgreSQL database.
GitLab 16.0 GitLab PostgreSQL

If, for any reason, you wish to switch back to single database connection:

1. Edit /etc/gitlab/gitlab.rb inside the container:
   /etc/gitlab/gitlab.rb

   sudo docker exec -it gitlab editor /etc/gitlab/gitlab.rb
   

2. Add the following line:

   gitlab_rails['databases']['ci']['enable'] = false
   

3. Restart the container: 

sudo docker restart gitlab

Recommended next steps 

After completing your installation, consider taking the recommended next steps, including authentication options and sign-up restrictions.

Upgrade 

In most cases, upgrading GitLab is as easy as downloading the newest Docker image tag.
GitLab Docker

Upgrade GitLab using Docker Engine

Docker Engine GitLab

To upgrade GitLab that was installed using Docker Engine:
Docker Engine GitLab

1. Take a backup. As a minimum, back up the database and the GitLab secrets file.
   GitLab

2. Stop the running container:

   sudo docker stop gitlab
   

3. Remove the existing container:

   sudo docker rm gitlab
   

4. Pull the new image. For example, the latest GitLab image:
   GitLab

   sudo docker pull gitlab/gitlab-ee:latest
   

5. Ensure that the GITLAB_HOME environment variable is defined:
   GITLAB_HOME

   echo $GITLAB_HOME
   

6. Create the container once again with the previously specified options:

   sudo docker run --detach \
   --hostname gitlab.example.com \
   --publish 443:443 --publish 80:80 --publish 22:22 \
   --name gitlab \
   --restart always \
   --volume $GITLAB_HOME/config:/etc/gitlab \
   --volume $GITLAB_HOME/logs:/var/log/gitlab \
   --volume $GITLAB_HOME/data:/var/opt/gitlab \
   --shm-size 256m \
   gitlab/gitlab-ee:latest
   

On the first run, GitLab will reconfigure and upgrade itself.
GitLab

Refer to the GitLab Upgrade recommendations when upgrading between versions.
GitLab

Upgrade GitLab using Docker compose

Docker compose GitLab

To upgrade GitLab that was installed using Docker Compose:
Docker Compose GitLab

1. Take a backup. As a minimum, back up the database and the GitLab secrets file.
   GitLab

2. Download the newest release and upgrade your GitLab instance:
   GitLab

   docker compose pull
   docker compose up -d
   

   If you have used tags instead, youll need to first edit docker-compose.yml.
   docker-compose.yml