banner
橙汁

橙汁

HomeArchives

Set up a functional GitLab

206
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
This text provides instructions for installing GitLab and configuring it with a domain name and SSL certificate. It advises against using container installation methods and suggests using system package managers instead. The text also mentions the complexities involved in managing Docker, Docker Compose configuration, disk mounting, port mapping, and domain configuration. It provides specific changes to be made in the gitlab.rb file for domain and SSL configuration. It suggests different methods for obtaining an SSL certificate, such as using a cloud provider or free SSL services like Let's Encrypt. The text also mentions the use of acme.sh for automated certificate issuance. After completing the configuration, the text advises manually executing the commands "gitlab-ctl reconfigure" and "gitlab-ctl start" to apply the changes and start GitLab. It also suggests creating a separate user with administrator privileges instead of using the root user.

Installation#

Official Documentation

Recommendation: Install directly using the system's built-in package management tools, such as yum, dnf, apt, etc., instead of using containers or other methods.
Reason: Using containers will make GitLab management more complex. Deploying directly on the machine allows for disk expansion if space is insufficient and instance type changes if resources are insufficient.

Complex factors:

  1. Docker management
  2. Docker-compose configuration
  3. Disk mounting
  4. Port mapping (conflict between port 22 on the host machine and port 22 in the GitLab container)
  5. Domain configuration

Configuration#

Domain and SSL Configuration#

Official Documentation

Make changes to gitlab.rb according to the documentation.

external_url 'https://example.com'
// The # at the beginning of the following lines has been manually removed
letsencrypt['enable'] = false 
nginx['enable'] = true
nginx['redirect_http_to_https'] = true

nginx['ssl_certificate']
nginx['ssl_certificate_key']
These two items do not need to be modified. Just rename the SSL files to example.com.crt and example.com.key and place them in /etc/gitlab/ssl. They will be automatically recognized.

Applying for SSL#

Several methods:

  1. If the domain is hosted by a cloud provider, you can apply directly.
  2. Use free SSL certificate services, such as letsencrypt freessl.cn

My approach:

  1. Register and verify with freessl.cn
  2. Add the domain
  3. Perform DNS verification
  4. Apply for the certificate using acme.sh

Acme Certificate Automation

Startup#

After completing the configuration, manually execute the following:

gitlab-ctl reconfigure // Reconfigure
gitlab-ctl start       // Start

Password:

cat /etc/gitlab/initial_root_password

User recommendation: After logging in as an administrator, configure a user with administrator privileges. Avoid using the root user.

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.