gitlab | runner | ci/cd laravel | ci/cd react | sast
WARNING THIS GUIDE IS CURRENTLY DEPRECATED AS WE PREFER TO USE A DEDICATED SYSTEM FOR IT
there’s a possible URL scheme issues, the ruby app needs to know its real address that is used in front of the world. So you will have to setup your reverse-proxy alright.
you should free port 22 on the server for the default ssh://git@ service to be available
create the docker volumes
sudo mkdir -p /data/gitlab/{config,data,logs}/
make sure 2222 or preferably 22, 80XX & 84XX ports are available
netstat -lntup
fetch/update the community image and launch the container
docker pull gitlab/gitlab-ce
app=gitlabprod
docker ps -a | grep $app
docker run -d --name $app --hostname $app --restart always \
-p 22XX:22 -p 80XX:80 -p 84XX:443 \
-v /data/gitlab/config:/etc/gitlab \
-v /data/gitlab/logs:/var/log/gitlab \
-v /data/gitlab/data:/var/opt/gitlab \
gitlab/gitlab-ce:latest
#gitlabprod.<datetag>.ready
docker ps -a | grep $app
docker logs $app
docker exec -ti $app bash
change 22XX, 80XX, 84XX accordingly.
if you wann force the resolution (it’s ok if DNS are right and resolve to the Docker host so I don’t use that)
--add-host="gitlab.example.com:127.0.0.1" --add-host="gitlab:127.0.0.1" \
--add-host="git.example.com:127.0.0.1" --add-host="git:127.0.0.1" \
The gitlab.example.com and gitlab names should point to the docker host (assuming the DNS work) but just in case, you can also force the resolution inside the container. also, in case you did not enable that and need to fix it afterwards into the container (may not be permanent and it may even be removed while the container is up and running, this is just a quick workaround)
vi /etc/hosts 127.0.0.1 gitlab.example.com gitlab 127.0.0.1 git.example.com git
this part is also discussed in the custom/ubuntu image guide
make the unix env nicer
cat >> /etc/bash.bashrc <<-EOF export DEBIAN_FRONTEND=noninteractive export TERM=xterm alias cp='cp -i' alias mv='mv -i' alias rm='rm -i' alias ll='ls -alhF' alias runq='postfix flush' alias netstata='netstat -antpe --inet --inet6' EOF tail -20 /etc/bash.bashrc source /etc/bash.bashrc
install missing packages for easy admin
apt -y update
apt -y full-upgrade
apt -y install \
lsb-release \
nmap \
unzip \
curl \
iputils-ping \
net-tools \
netcat \
sudo \
telnet \
vim \
wget \
software-properties-common \
apt-transport-https \
less \
mlocate \
pwgen
OPTIONAL (sshd refuses password auth anyway) — change the root password into the container, just in case
pwgen passwd
MANDATORY — setup a password for the git user
pwgen passwd git
proceed with a standard outbound email email setup for your container. you don’t even have to tell GitLab to use an SMTP, it’s using the system MTA by default! see additional notes below if you really want to do it the hard way.
specific mail aliases for Gitlab
cd /etc/ cp -pi aliases aliases.dist vi aliases root: REAL-EMAIL gitlab-www: root gitlab-redis: root gitlab-psql: root gitlab: root git: root
not needed for DMA
#newaliases
then also make sure the URL is right when providing links in the messages
#don't change as it gets overridden by gitlab.rb cd /var/opt/gitlab/gitlab-rails/etc/ cp -pi gitlab.yml gitlab.yml.dist #don't change as it gets overridden by gitlab.rb cd /var/opt/gitlab/gitlab-shell/ cp -pi config.yml config.yml.dist cd /etc/gitlab/ cp -pi gitlab.rb gitlab.rb.dist vi gitlab.rb external_url 'https://gitlab.example.com/' #gitlab_rails['time_zone'] = 'Europe/Paris' gitlab_rails['gitlab_email_from'] = 'support@example.com' gitlab_rails['gitlab_email_display_name'] = 'Example Support' gitlab-ctl reconfigure netstat -lntup cd /var/opt/gitlab/gitlab-rails/etc/ diff -bu gitlab.yml.dist gitlab.yml cd /var/opt/gitlab/gitlab-shell/ diff -bu config.yml.dist config.yml
tune external_url accordingly, this is critical and may bring some URL scheme issues.
the application needs to know the REAL url that is shown to the world.
that value is not only for the links, it also define if you are using tls and on what port you are running gitlab.
see nginx
point your browser to that URL
https://gitlab.example.com/
if the thing resolves it may be time to re-commit your container to an image
docker commit -p gitlabprod gitlabprod.`date +%s`.ready
define the password for the gitlab root user. you can now login with
root / <the password you just defined on the interface>
further configure the app
Admin area > Users > Edit Administrator account
name
email
deploy your SSH keys
(logo on the top right) > Profile Settings > (appears on the top menu) SSH Keys
try to connect to the git unix user tru SSH, you should get a PTY error
ssh git@gitlab.example.com ssh -p 2222 git@gitlab.example.com
watch the logs
gitlab-ctl tail
alternate outgoing-email method
#cd /etc/gitlab/ #cp -pi gitlab.rb gitlab.rb.dist # #vi gitlab.rb #gitlab_rails['smtp_enable'] = true #gitlab_rails['smtp_address'] = "SMTP_SMARTHOST" #gitlab_rails['smtp_port'] = 25 #gitlab_rails['smtp_domain'] = "dockerhost.example.com or example.com, I don't know, maybe simply keep that one commented out" #gitlab_rails['smtp_authentication'] = plain #gitlab_rails['smtp_enable_starttls_auto'] = false # #gitlab-ctl reconfigure
Installer Gitlab en 5 minutes avec Docker https://www.sheevaboite.fr/articles/installer-gitlab-5-minutes-docker
Configuration options https://docs.gitlab.com/omnibus/settings/configuration.html