Revisa config de deploy de gitlab, añade secretos

services:

  gitlab-ce:

    environment:

      GITLAB_OMNIBUS_CONFIG: |

        external_url '${GITLAB_PROTOCOL}://${GITLAB_SUBDOMAIN}.${GITLAB_DOMAIN}'

        registry_external_url 'https://${GITLAB_REGISTRY_SUBDOMAIN}.${GITLAB_DOMAIN}'

        gitlab_rails['registry_enabled'] = true

        web_server['external_users'] = ['www-data']

        gitlab_rails['backup_keep_time'] = 604800

        gitlab_rails['backup_upload_connection'] = {

           'provider' => 'AWS',

           'region' => "${AWS_REGION}",

           'aws_access_key_id' => "${AWS_ACCESS_KEY_ID}",

           'aws_secret_access_key' => "${AWS_SECRET_ACCESS_KEY}"

        }

        gitlab_rails['backup_upload_remote_directory'] = 'gitlab.bkp'

        gitlab_rails['db_port'] = 5432

        gitlab_rails['smtp_enable'] = true

        gitlab_rails['smtp_address'] = "${SMTP_ADDR}"

        gitlab_rails['smtp_port'] = 25

        gitlab_rails['smtp_user_name'] = "${SMTP_USER}"

        gitlab_rails['smtp_password'] = "${SMTP_PASS}"

        gitlab_rails['smtp_domain'] = "${SMTP_DOMAIN}"

        gitlab_rails['smtp_authentication'] = "plain"

        gitlab_rails['smtp_enable_starttls_auto'] = true

        unicorn['port'] = 8090

    ports:

      - target: 22

        published: ${GITLAB_SSH_PORT}

      - target: 443

        published: ${GITLAB_HTTPS_PORT}

        mode: host

    volumes:

      - /home/git/.ssh/authorized_keys_proxy:/gitlab-data/ssh/authorized_keys

    deploy:

      mode: replicated

      replicas: 1

      labels:

        traefik.port: "443"

        traefik.port: "80"

        traefik.docker.network: traefik-net

        traefik.frontend.rule: Host:git.${PUBLIC_HOSTNAME}

        traefik.frontend.rule: Host:${GITLAB_REGISTRY_SUBDOMAIN}.${PUBLIC_HOSTNAME}

        traefik.backend: gitlab

      restart_policy:

        delay: 2m

volumes:

  gitlab-ce-config-vol:

    name: gitlab-ce-config-vol

  gitlab-ce-log-vol:

    name: gitlab-ce-log-vol

  gitlab-ce-data-vol:

    name: gitlab-ce-data-vol

secrets:

  ssh-public-keys:

    file: /home/git/.ssh/authorized_keys_proxy

  gitlab-ce:

    image: gitlab/gitlab-ce:${IMAGE_TAG:-latest}

    hostname: ${GITLAB_SUBDOMAIN}.${GITLAB_DOMAIN}

    environment:

      GITLAB_OMNIBUS_CONFIG: |

        external_url '${GITLAB_PROTOCOL}://${GITLAB_SUBDOMAIN}.${GITLAB_DOMAIN}'

        registry_external_url 'https://${GITLAB_REGISTRY_SUBDOMAIN}.${GITLAB_DOMAIN}'

        gitlab_rails['registry_enabled'] = true

        web_server['external_users'] = ['www-data']

        gitlab_rails['backup_keep_time'] = 604800

        gitlab_rails['backup_upload_connection'] = {

           'provider' => 'AWS',

           'region' => "${AWS_REGION}",

           'aws_access_key_id' => "${AWS_ACCESS_KEY_ID}",

           'aws_secret_access_key' => "${AWS_SECRET_ACCESS_KEY}"

        }

        gitlab_rails['backup_upload_remote_directory'] = 'gitlab.bkp'

        gitlab_rails['db_port'] = 5432

        gitlab_rails['smtp_enable'] = true

        gitlab_rails['smtp_address'] = "${SMTP_ADDR}"

        gitlab_rails['smtp_port'] = 25

        gitlab_rails['smtp_user_name'] = "${SMTP_USER}"

        gitlab_rails['smtp_password'] = "${SMTP_PASS}"

        gitlab_rails['smtp_domain'] = "${SMTP_DOMAIN}"

        gitlab_rails['smtp_authentication'] = "plain"

        gitlab_rails['smtp_enable_starttls_auto'] = true

        unicorn['port'] = 8090

    networks:

      - gitlab-net

      - traefik-net

      - gitlab-ce-config-vol:/etc/gitlab

      - gitlab-ce-log-vol:/var/log/gitlab

      - gitlab-ce-data-vol:/var/opt/gitlab

    secrets:

      - source: ssh-public-keys

        target: /gitlab-data/ssh/authorized_keys

networks:

  gitlab-net:

    external: true

  traefik-net:

    external: true