-
Notifications
You must be signed in to change notification settings - Fork 0
Home
- There's going to be a few individual
docker-compose-__.ymlfile examples. So you can either continuously merge them into one finaldocker-compose.ymlfile or keep them separated. Which ever suits you. - used constants:
-
/opt/gitlab/- I'll assume that all the configuration files and/or installed stuff will be at the "root" folder/opt/gitlab/, because it seems like the right place to put all the configuration at. So you can either choose your own "root" folder or just accept this one. -
mydomain.com- this domain name will be used as an example. You need to replace it everywhere with your own, already existing, domain name. The steps that includemydomain.comwill be marked with "(👷 containsmydomain.com)".
-
- Lines with the ➡️ emoji are the actual steps to take, everything else are just useful notes.
➡️ https://docs.docker.com/engine/install/
➡️ https://docs.docker.com/compose/install/
➡️ $ docker network create -d bridge gitlab
This will allow you to easily expose the container services under different (sub)domain names on the same server (all under SSL thanks to Let's encrypt).
Take note of the vhost volume at the bottom of the compose file. This syncs the local folder /opt/gitlab/nginx/vhost.d/ with the nginx containers. This allows for easy use of custom per-VIRTUAL_HOST nginx configuration if needed.
➡️ docker-compose-nginx-proxy.yml
➡️ $ docker compose up -d
Sources:
- https://github.com/nginx-proxy/nginx-proxy
- https://github.com/nginx-proxy/acme-companion/blob/main/docs/Docker-Compose.md
Well, here we go...
This step needs to happen before running the GitLab server, so there are no issues with Let's encrypt.
➡️ Create an A record for the domain gitlab.mydomain.com
➡️ Create an A record for the domain registry-gitlab.mydomain.com
Basically just create the appropriate folders for the GitLab server in your FS, that's the /data, /logs and /config folders in the $GITLAB_HOME.
➡️ https://docs.gitlab.com/ee/install/docker.html#set-up-the-volumes-location
This docker-compose file also includes the configuration for Container registry.
Note: the used $GITLAB_HOME value is the same as in the previous step, so if you've used something other than /srv/gitlab/, then edit the compose file accordingly.
➡️ docker-compose-gitlab.yml
➡️ $ docker compose up -d
➡️ Just, you know... try to access it in your browser.
➡️ In the file initial_root_password (accessible via sudo cat /srv/gitlab/config/initial_root_password) should be the root password that you can use for logging in to the "root" account.
➡️ At /admin/application_settings/general#js-signup-settings you should disable new, unapproved sign-ups for your GitLab server.
➡️ At /-/profile/keys add an SSH key that will allow you to actually push code to your GitLab server. See https://docs.gitlab.com/16.4/ee/user/ssh.html.
➡️ Add SSH config:
Host gitlab.mydomain.com
HostName <your_server_IP>
PreferredAuthentications publickey
IdentityFile ~/.ssh/gitlab_iusethisfortesting_sentisso
HostName can be left out if your DNS servers support the SSH protocol (for example Proxied Cloudflare does not).
➡️ At /admin/application_settings/ci_cd#js-ci-cd-settings uncheck the "Default to Auto DevOps pipeline for all projects" option to disable Auto DevOps at the instance level.
➡️ Create the file /opt/gitlab/nginx/vhost.d/gitlab.mydomain.com with the following contents:
client_max_body_size 64m;
This is especially useful when you want to import projects from other sources or for large git pushes.
➡️ Create the file /opt/gitlab/nginx/vhost.d/registry-gitlab.mydomain.com with the following contents:
client_max_body_size 0;
This is needed when you want to take an advantage of the Container registry.
Sources:
GitLab runners can be installed and ran on any server! Not just the root one, that hosts the GitLab server.
➡️ docker-compose-gitlab-runner.yml
➡️ $ docker compose up -d
➡️ In the admin settings at /admin/runners/new "create" a new GitLab runner.
➡️ After submitting the form, remember/copy the runner token glrt-****, which is shown on the confirmation page.
➡️ On the server where you created the Docker GitLab runner, run docker compose exec gitlab-runner gitlab-runner register (where the first gitlab-runner is the container name of the runner). It will ask you for:
-
the public URL of your GitLab server:
https://gitlab.mydomain.com/, -
runner authentication token: that's the
glrt-****token from earlier, -
runner executor: use
docker -
default image: use
docker:latest
➡️ In the runner's configuration /srv/gitlab-runner/config/config.toml, edit the section [runners.docker]:
- Add
"/var/run/docker.sock:/var/run/docker.sock:ro"to thevolumesarray, - Add
pull_policy = ["if_not_present"] - Add
network_mode = "host" - Add
priviliged = true - Add a new service (as a subsection of
[runners.docker]):
[[runners.docker.services]]
name = "docker:dind"
alias = "docker"➡️ Restart the GitLab runner by $ docker compose exec gitlab-runner gitlab-runner restart
➡️ At /admin/runners it should have a status of "Online", including some information about the server where you deployed the runner at.
Sources:
- https://docs.gitlab.com/runner/install/docker.html
- https://docs.gitlab.com/runner/register/index.html#docker
- https://docs.gitlab.com/runner/executors/docker.html#configure-how-runners-pull-images
If you've completed the previous steps, you can start developing and deploying new applications on your self-hosted GitLab server. The following sections are therefore optional, but are recommended and could be pretty useful.
Sources:
Configure SMTP for proper email notifications support.
The gitlab.rb file, that you should edit, is located at /srv/gitlab/config/gitlab.rb.
➡️ Follow the instructions for your email solution at https://docs.gitlab.com/omnibus/settings/smtp.html
➡️ Reconfigure the server by running docker compose exec gitlab gitlab-ctl reconfigure
In the examples/ folder, you will find a set (or just one lol) of CI/CD examples showcasing different scenarios and deployment methodologies that can be utilized on the GitLab server you've just set up.