------------------------------------------- * **gitlab-ce** * **Jonathan Haack** * **Haack's Networking** * **webmaster@haacksnetworking.org** ------------------------------------------- //Installing gitlab-ce on a Debian system.// ------------------------------------------- The pre-requisites: * Using Debian or similar * Self Hosted Web Server using Apache 2.4 * Available Domain with DNS set up * Self-Signed Certificate is established as backup * Letsencrypt, using certbot, is established and working If you are missing some of these pre-requisites, please visit the [[computing:apachesurvival]] tutorial I created which covers these topics. The first thing you need to do is download and run the script that gitlab provides. This script will allow you to access the repositories and download gitlab-ce. cd /tmp curl -LO https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh sudo bash /tmp/script.deb.sh Now that that is done, let's begin by installing Gitlab Community Edition and editing the Ruby configuration file to work with the LAMP stack: sudo apt install gitlab-ce sudo nano /etc/gitlab/gitlab.rb In this file, you need to edit 6 lines. The [[http://doc.gitlab.com/omnibus/settings/nginx.html#using-a-non-bundled-web-server|Gitlab Tutorial]] requests an additional line - which I included but commented out - be adjusted and also forgets to specify that gitlab_workhorse should be enabled. These are the options I used with my LAMP stack to get it up and running: external_url 'https://example.com gitlab_workhorse['enable'] = true gitlab_workhorse['listen_network'] = "tcp" gitlab_workhorse['listen_addr'] = "127.0.0.1:8181" web_server['external_users'] = ['www-data'] nginx['enable'] = false #gitlab_rails['trusted_proxies'] = [ '192.168.1.0/24', '192.168.2.1', '2001:0db8::/32' ] Optionally, if you want your ssh on an alternate port, then configure one more option in the gitlab.rb file. Of course, you will also need to adjust your sshd_config and you firewall (if applicable) to permit traffic on this port. gitlab_rails['gitlab_shell_ssh_port'] = 222 Ok, now that the configuration file is set up, let's make sure that your Apache Web Server has appropriate configuration files. There is a [[https://gitlab.com/gitlab-org/gitlab-recipes|Gitlab Recipes]] repository dedicated to getting Gitlab-CE up on non-nginx web servers. Always check the git repo above for the latest recipes, the ones I am using are currently here (2020): [[https://repo.haacksnetworking.org/haacknet/haackingclub/-/tree/main/configs/webservers/apache|Reverse Proxy Virtual Host Configs for Apache2]] These both work in production, so feel free to use and share. Make sure you have appropriate apache mods enabled: sudo a2enmod proxy_http sudo a2enmod proxy sudo a2enmod rewrite You should now be able to cofnigure gitlab-ce with its built in configuration tool:: sudo gitlab-ctl reconfigure After you complete these steps, restart both the Apache Web Server and the Gitlab services as follows: sudo systemctl restart apache2.service sudo systemctl restart gitlab-runsvdir.service I do not use the default Let's Encrypt tool in ''gitlab.rb'' because it fails. I work around this issue by building a basic ''.html'' website first, encrypting that, and then changing the configs to reverse proxies specified above. ------------------------------------------- Need to migrate your gitlab-ce instance to a new host? First, prepare the backups and configs on the old host and copy those the new host. sudo gitlab-ctl stop unicorn sudo gitlab-ctl stop sidekiq sudo gitlab-rake gitlab:backup:create mkdir gitlab-old-host sudo cp /etc/gitlab/gitlab.rb /root/gitlab-old-host/ sudo cp /etc/gitlab/gitlab-secrets.json /root/gitlab-old-host/ sudo cp -R /etc/gitlab/trusted-certs/ /root/gitlab-old-host/ sudo cp /var/opt/gitlab/backups/XXXXXXXXXX_gitlab_backup.tar /root/gitlab-old-host/ scp -r ~/gitlab-old-host user@10.xx.xx.x: Now that you have copied those configs and files over the new host, it is time to restore the new host with those backups. Warning: I am assuming you already followed the above initial setup steps on the new host that are detailed above, and have left that instance vanilla. Once that new install is running and accessible and vanilla (no changes), do the following. sudo cp gitlab-old-host/gitlab-old.rb /etc/gitlab/gitlab.rb sudo cp -r gitlab-old-host/trusted-certs /etc/gitlab/trusted-certs sudo gitlab-ctl reconfigure sudo gitlab-ctl stop unicorn sudo gitlab-ctl stop sidekiq sudo cp gitlab-old/XXXXXXXXXX_gitlab_backup.tar /var/opt/gitlab/backups/ sudo chown git:git /var/opt/gitlab/backups/XXXXXXXXXX_gitlab_backup.tar sudo gitlab-rake gitlab:backup:restore BACKUP=XXXXXXXXX sudo gitlab-ctl start sudo gitlab-rake gitlab:check SANITIZE=true Navigate to your web browser, and all should be restored. ;) --- //[[webmaster@haacksnetworking.org|oemb1905]] 2024/02/17 19:48//