Proper Setup with Docker and Apache Reverse Proxy?

Does anyone know what the actual proper setup is to run GitLab with Docker behind an Apache reverse proxy? I can get GitLab to run, but there are always quirks and compromises.

To get GitLab running via Docker, I run this:

sudo docker run --detach --name gitlab \
	--hostname \
	--publish 30080:30080 \
         --publish 2022:22 \
	--env GITLAB_OMNIBUS_CONFIG="external_url ''; gitlab_rails['gitlab_shell_ssh_port']=22;" \
	--restart always \
	--volume /mnt/drive/ \
	--volume /mnt/drive/ \
	--volume /mnt/drive/ \

Then I setup the Apache reverse proxy like this:

<VirtualHost *:443>

    LogLevel info
    SSLEngine On
    SSLCertificateFile	/etc/letsencrypt/live/
    SSLCertificateKeyFile /etc/letsencrypt/live/
    SSLCertificateChainFile /etc/letsencrypt/live/
    RewriteEngine On
    RewriteCond %{HTTP:Upgrade} =websocket [NC]
    RewriteRule /(.*)           ws://localhost:30080/$1 [P,QSA,NE]
    RewriteCond %{HTTP:Upgrade} !=websocket [NC]
    RewriteRule /(.*)           http://localhost:30080/$1 [P,QSA,NE]
    AllowEncodedSlashes NoDecode
    ProxyRequests Off
    ProxyPass / http://localhost:30080/ nocanon
    ProxyPassReverse / http://localhost:30080/
    <Location />
        Order allow,deny
        Allow from all


<virtualhost *:80>
    RewriteEngine on
    ReWriteCond %{SERVER_PORT} !^443$
    RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [P,QSA,NE]

Then, I go into GitLab’s config:

docker exec -it gitlab bash

And edit /etc/gitlab/gitlab.rb, where I update the SMTP settings, set the external URL to “http://localhost:30080

Then run:

gitlab-ctl reconfigure

And voila, GitLab is running. When I go to However, all of my instructions and clone URLs in projects show up like this:

Also, the WebIDE fails to load project files when I try opening it in a project.

So, I then edit: /var/opt/gitlab/gitlab-rails/etc/gitlab.yml, changing these lines:

## Web server settings (note: host is the FQDN, do not include http://) 
port: 30080
https: false 

To this:

## Web server settings (note: host is the FQDN, do not include http://) 
port: 443
https: true

And run:

gitlab-ctl restart

Fine and dandy, the clone URLs are updated and the WebIDE works. Everything seems great… until I log out. Because if I try logging back in, I receive a 422 error.

Am I missing something here? Is it possible to have the correct URLs show up within the app and avoid this login error, and have the WebIDE work? I’m starting to think that GitLab can’t run correctly with an Apache/Docker setup. Please prove me wrong! Thanks!