gitlab | runner | ci/cd ansible | ci/cd www | ci/cd laravel | ci/cd react | sast
tested on debian/buster
quite some power (at least 4 cores) and RAM are required (say 4 to 8 G)
make sure you’ve got outbound email alright and also static name resolution so gitlab@ points to itself and triggers the alias
vi /etc/aliases gitlab: SOME-REAL-ADDRESS newaliases grep FQDN /etc/hosts
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh | bash apt install gitlab-ee ls -lF /opt/gitlab/ #gitlab-ctl reconfigure
gitlab-rails console -e production user = User.find_by_username 'root' user.password = 'SOME-PASSWORD' user.password_confirmation = 'SOME-PASSWORD' user.send_only_admin_changed_your_password_notification! user.save! ^D rm /etc/gitlab/initial_root_password ls -lF /opt/gitlab/etc/gitlab-rails-rc
make some certificates available e.g. into
/etc/gitlab/certs/
and proceed
mv -i /etc/gitlab/gitlab.rb /etc/gitlab/gitlab.rb.dist vi /etc/gitlab/gitlab.rb external_url 'https://gitlab.domain.tld' nginx['enable'] = true nginx['redirect_http_to_https'] = true nginx['ssl_certificate'] = "/etc/gitlab/certs/ECC/_domain.tld/fullchain.pem" nginx['ssl_certificate_key'] = "/etc/gitlab/certs/ECC/_domain.tld/privkey.pem"
moar options
# allow_username_or_email_login: false # block_auto_created_users: false # lowercase_usernames: false # smartcard_auth: false
gitlab-ctl reconfigure gitlab-rake gitlab:env:info netstat -lntup | grep -v 127.0.0.1: | grep -v ::1:
eventually setup pass-through haproxy
https://gitlab.domain.tld/admin
admin area / settings / general
sign-up restrictions
X sign-up enabled
email confirmation: soft
user cap: 100
(save changes)
gitlab-ctl tail
https://about.gitlab.com/install/
https://about.gitlab.com/install/#debian
https://docs.gitlab.com/omnibus/installation/
https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
https://docs.gitlab.com/ee/administration/troubleshooting/gitlab_rails_cheat_sheet.html
https://docs.gitlab.com/ee/security/reset_user_password.html
change the data directory gitlab to store repos elsewhere https://stackoverflow.com/questions/19902417/change-the-data-directory-gitlab-to-store-repos-elsewhere
Repository storage https://docs.gitlab.com/ee/administration/repository_storage_paths.html
Configuration options for the GitLab Linux package https://github.com/gitlabhq/omnibus-gitlab/blob/master/doc/settings/configuration.md
https://docs.gitlab.com/ee/user/clusters/environments.html
https://docs.gitlab.com/ee/administration/operations/rails_console.html
How to restart GitLab https://docs.gitlab.com/ee/administration/restart_gitlab.html
SSL Configuration https://docs.gitlab.com/omnibus/settings/ssl.html
Old SSL certificate still being served after renewing it https://forum.gitlab.com/t/old-ssl-certificate-still-being-served-after-renewing-it/5219/5
https://docs.gitlab.com/ee/user/admin_area/license.html
https://docs.gitlab.com/ee/install/requirements.html
https://about.gitlab.com/install/ce-or-ee/
https://docs.gitlab.com/ee/administration/auth/ldap/