User Tools

Site Tools


computing:gitlab-ce

This is an old revision of the document!



  • gitlab-ce
  • Jonathan Haack
  • Haack's Networking
  • netcmnd@jonathanhaack.com

Installing gitlab-ce on a Debian system.


The pre-requisites:

  • Using Debian or similar
  • Self Hosted Web Server using Apache 2.4
  • Available Domain with DNS set up
  • Self-Signed Certificate is established as backup
  • Letsencrypt, using certbot, is established and working

If you are missing some of these pre-requisites, please visit the Apache Survival Tutorial I created which covers these topics.

sudo apt install gitlab-ce
sudo nano /etc/gitlab/gitlab.rb

In this file, you need to edit 6 lines. The Gitlab Tutorial requests an additional line - which I included but commented out - be adjusted and also forgets to specify that gitlab_workhorse should be enabled.

external_url 'http://gitlab.example.fr'
gitlab_workhorse['enable'] = true
gitlab_workhorse['listen_network'] = "tcp"
gitlab_workhorse['listen_addr'] = "127.0.0.1:8181"
web_server['external_users'] = ['www-data']
nginx['enable'] = false
#gitlab_rails['trusted_proxies'] = [ '192.168.1.0/24', '192.168.2.1', '2001:0db8::/32' ]

Ok, now that the configuration file is set up, let's make sure that your Apache Web Server has appropriate configuration files. There is a Gitlab Recipes repository dedicated to getting Gitlab-CE up on non-default web servers. These are REHL templates so I adjusted the logs, commented out the CA line in the SSL config, and ran Certbot on top of the SSL config, yielding the following final configurations which worked:

These both work in production, so feel free to use and share. I will post these to the recipes page if they begin to differ enough that I need to do so. For now, I will keep them here only. Make sure that you enabled the appropriate mods that allow a proxy webserver, gitlab-ce, to run on the localhost on port 8181, but to be accessible externally using the domain above. That is done in apache as follows:

sudo a2enmod http_proxy
sudo a2enmod proxy
sudo a2enmod rewrite

You should now be able to cofnigure gitlab-ce with its built in configuration tool::

sudo gitlab-ctl reconfigure  

After you complete these steps, restart both the Apache Web Server and the Gitlab services as follows:

sudo systemctl restart apache2.service
sudo systemctl restart gitlab-runsvdir.service

Personally, I do not like to use the default Let's Encrypt tool in the gitlab-ce configuration file and prefer instead to set up https prior to installing or configuring gitlab-ce. This is especially convenient and helpful if you have more than one virtual host you are running. Do not forget to adjust your firewall to allow for connections on 8181.

oemb1905 2018/08/04 16:36

computing/gitlab-ce.1533422670.txt.gz · Last modified: 2018/11/25 01:33 (external edit)