Unable to connect to Gitlab Docker container via SSH

I recently installed Gitlab via the docker image on one of my servers. I set it up such that the host server has SSH running on port 8022 so that traffic meant for gitlab is forwarded to the gitlab container without having to remap ports in gitlab. But, I cannot push/pull/fetch from the hosted repositoryand I cannot SSH into the container. I am always seeing ‘Connection refused’.
Given that I can see SSHD running in the container (docker exec into the container and run lsod | grep sshd), I would expect that I should be able to access it via ssh.
Here’s a screenshot of attempting to manually SSH in to the container with debug. It doesn’t say much to me, but perhaps it does to someone else:

Gitlab version:
image

I’ve attempted a number of things. I’ve attempted different ports, I’ve changed the ‘gitlab_shell_ssh_port’ in the gitlab.rb, I’ve added various different ssh keys to my account… all result in ‘connection refued’.

Am I missing a setting?

Hi @TheKaese
please post the command you use to start the Gitlab container.

Hi @balonik. I’m using docker compose to run the containers right now. Here’;s what it currently looks like:

version: “3”

services:
nginx-proxy:
restart: always
image: jwilder/nginx-proxy
ports:
- “80:80”
- “443:443”
- “5000:5005”
- “8022:22”
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- /srv/nginx/certs:/etc/nginx/certs
web:
restart: always
image: ‘gitlab/gitlab-ee:latest’
hostname: ‘gitlab.lan’
environment:
VIRTUAL_HOST: gitlab.lan,gitlab
#ports:
#- 22:22
expose:
- 22
volumes:
- ‘/srv/gitlab/config:/etc/gitlab’
- ‘/srv/gitlab/logs:/var/log/gitlab’
- ‘/srv/gitlab/data:/var/opt/gitlab’

You are trying to SSH to port 22, but you have ports specified as

ports:
- "80:80"
- "443:443"
- "5000:5005"
- "8022:22"

since ports syntax is HOST_PORT:CONTAINER_PORT you are mapping port 8082 on host to port 22 in container. If you want to forward port 22 on host to nginx container you need to specify it as - "22:22" or simply - "22". Otherwise you should specify -p 8082 when trying to SSH to GitLab.

I don’t know why you are opening port 8082 on Nginx container. Do you need to pass SSH traffic through Nginx?

That port was me attempting to try other ports to see if I could get anything working. What I’d like my compose to look like is simply this:

version: "3"

    services:
      nginx-proxy:
        restart: always
        image: jwilder/nginx-proxy
        ports:
          - "80:80"
          - "443:443"
          - "5000:5005"
        volumes:
          - /var/run/docker.sock:/tmp/docker.sock:ro
          - /srv/nginx/certs:/etc/nginx/certs
      web:
        restart: always
        image: 'gitlab/gitlab-ee:latest'
        hostname: 'gitlab.lan'
        environment:
          VIRTUAL_HOST: gitlab.lan,gitlab
        ports:
          - 22:22
        volumes:
          - '/srv/gitlab/config:/etc/gitlab'
          - '/srv/gitlab/logs:/var/log/gitlab'
          - '/srv/gitlab/data:/var/opt/gitlab'

Put the 22:22 into quotes "22:22" and it should work.

Well I’ll be… It worked. Well kinda, I still can’t ssh…but my repository is working now, locally. I think something is blocking port 22 further down the line as I still can’t access it from my main domain (something like gitlab.example.io vs my local domain of gitlab.lan). But I can investigate that further elsewhere. I suspect it’s just a security configuration in the AWS box I’m using to re-route traffic around port 80/443 since those are blocked as well.

edit: Spoke to soon. Can only access it from one computer. Added another user for another machine. generated an SSH key and still failed:

$ git clone git@gitlab.lan:home/home-security.git
Cloning into ‘home-security’…
ssh: connect to host gitlab.lan port 22: Connection refused
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Gonna mark this as the solution as the issue I’m currently facing is unrelated to this.