Gitlab Docker with Apache reverse proxy and SSL

apache
ssl
docker

#1

Im am trying to get the Gitlab Docker image to run behind an Apache reverse proxy. Everything is fine without SSL. But as soon as I want to enable SSL within Gitlab, I cannot reach Gitlab anymore. My Apache reverse proxy conf redirects successfully to https, but then I am stuck. I tried a lot of things already, but either there is an error message in the browser complaining that the certificate is not for gitlab.mydomain.com but for someothersslvhost.mydomain.com, or it complains because it is kind of a self signed certificate and not a Letsencrypt certificate.

This is my docker-compose file:

version: '3'

services:
    gitlab:
        image: 'gitlab/gitlab-ce:latest'
        restart: always
        hostname: 'gitlab.mydomain.com'
        environment:
            GITLAB_OMNIBUS_CONFIG: |
                external_url 'https://gitlab.mydomain.com'
                gitlab_rails['time_zone'] = "UTC"
                gitlab_rails['gitlab_shell_ssh_port']=10022
                letsencrypt['contact_emails'] = ["my_email@mydomain.com"]
                nginx['redirect_http_to_https'] = true
                nginx['proxy_set_headers'] = {
                    "X-Forwarded-Proto" => "http",
                    "X-Forwarded-Ssl" => "on",
                    "X-Url-Scheme" => "https"
                }
        ports:
            - '10080:80'
            - '10443:443'
            - '10022:22'
        volumes:
            - '/srv/gitlab/config:/etc/gitlab'
            - '/srv/gitlab/logs:/var/log/gitlab'
            - '/srv/gitlab/data:/var/opt/gitlab'

This is my Apache vhost conf file for the non-SSL-vhost:

<VirtualHost *:80>
   ServerAdmin webmaster@mydomain.com
   ServerName gitlab.mydomain.com
   ErrorLog /var/log/apache2/gitlab-error.log
   CustomLog /var/log/apache2/gitlab-access.log combined
   RewriteEngine On

   <Location />
      Options -Indexes -ExecCGI +FollowSymLinks
      AllowOverride None
      Order allow,deny
      Allow from all
   </Location>

   ProxyPreserveHost On
   ProxyRequests off
   ProxyPass / http://localhost:10080/
   ProxyPassReverse / http://localhost:10080/

</VirtualHost>

Question is: Do I need a special Apache vhost also for SSL, or is this handled by nginx inside the Docker container? If I need this file, what would it look like? If not, what am I missing in the docler compose file?

Thanks so much for helping!