GitLab | Docs

Self-hosted GitLab EE|CE

Install & Configure : /etc/gitlab/gitlab.rb

# Install the package (RPM)
sudo dnf install -y gitlab-ee
# Else also inject configuration parameter(s) here (imperatively)
host=gitlab.local # Example; add/edit DNS record(s) of (sub)domain as apropos
sudo EXTERNAL_URL="https://$host" dnf install -y gitlab-ee
# Configure (further) declaratively (optional actually, but advised)
sudo vi /etc/gitlab/gitlab.rb
# Apply (re)configuration (REQUIRED; runs many Chef recipes)
gitlab-ctl reconfigure
# Verify the service is active (optional)
systemctl status gitlab-runsvdir.service # "status" else "is-active"
# Restart (optional)
gitlab-ctl restart [nginx] # All else one component by subcommand

Upon any (re)configuration

Running "gitlab-ctl reconfigure" is the advised and standard method to apply changes made to /etc/gitlab/gitlab.rb. This command ensures that all configuration changes are correctly applied across all GitLab components and services.

# Apply the reconfiguration
gitlab-ctl reconfigure

# Verify service is active
systemctl is-active gitlab-runsvdir.service
# Or, for more info
systemctl status gitlab-runsvdir.service

Install GitLab on K8s

Install GitLab : operator and app

Install GitLab Operator

Helm method

v=8.4.2 # Chart
# Download for offline install
helm pull gitlab/gitlab-operator --version $v
# Install the Operator
helm repo add gitlab https://charts.gitlab.io
helm repo update
helm update gitlab-operator gitlab/gitlab-operator \
    --install  \
    --version $v \
    --create-namespace \
    --namespace gitlab-system

Manifest method

v=1.4.2 # Operator
url=https://gitlab.com/api/v4/projects/18899486/packages/generic/gitlab-operator/$v/gitlab-operator-kubernetes-$v.yaml
curl -sSLO $url
kubectl apply -f gitlab-operator-kubernetes-$v.yaml

Install GitLab (app)

Manifest method (only).

# Install the app : GitLab (CRD)
crd=gitlab 
vi $crd.yaml # Configure for version and domain at least
kubectl -n gitlab-system apply -f $crd.yaml

# Monitor install process
kubectl -n gitlab-system get gitlab
kubectl -n gitlab-system logs deployment/gitlab-controller-manager -c manager -f

# Teardown
kubectl -n gitlab-system delete -f $crd.yaml

@ gitlab.yaml

apiVersion: apps.gitlab.com/v1beta1
kind: GitLab
metadata:
  name: gitlab
spec:
  chart:
    ## https://gitlab.com/gitlab-org/cloud-native/gitlab-operator/-/raw/1.4.2/CHART_VERSIONS 
    version: "8.4.2" # Chart
    values:
      global:
        hosts:
          domain: gitlab.k8s.local # use a real domain here
        ingress:
          configureCertmanager: true
      certmanager-issuer:
        email: admin@gitlab.k8s.local # use your real email address here

Steps after installing GitLab

GitLab Agent for Kubernetes

CI/CD Pipelines

Reference: "GitLab CICD Intermediate" [2023]

GitLab git workflow

Initialize a Project

# (Re)Set global/local(default) config param(s)
git config --global user.name "YOUR NAME"
git config --global user.email "YOUR_EMAIL"
git config --global user.account $_GIT_HOST_ACCOUNT_USERNAME
git config --list

# Create the local project from origin (Git repo)
prj=prj
## Set network params for SSH mode
proto='git@'
host='gitlab.com' # Domain name of the Git-server host
path="$(git config user.account)/$prj"
keypath=~/.ssh/${host%.*}_$(git config user.account)
## SSH login sans creds prompts
ssh -T -i $keypath git@${host}
## Initialize : git init
git clone git@${host}:${path}.git && pushd $prj
## Create/commit  main bran
git switch --create main || git checkout main || git checkout -b main 
touch README.md
git add README.md
git commit -m "Project init @ $(date -u '+%Y-%m-%dT%H:%M:%SZ')"
## Push to origin
git push --set-upstream origin main
# Else add origin in SSH mode and then push
# git remote add origin ${proto}${server}:${path}.git
# Push (securely)
# git push -u origin main # initial
# git push                # subsequent

Swap Modes (Protocols)

Git-server protocol/syntax allows for HTTPS using 'https://', and for SSH using either 'git@' or 'ssh://'.

proto='https://'
git remote set-url origin ${proto}${host}:${path}.git
git remote set-url origin git@gitlab.com:/acct-y/prj-y.git # Example
# Verify 
git remote show origin

SSH : Key-pair Setup

Setup secure comms enabling login sans password.

# Generate key pair
ssh-keygen [-t ed25519|ecdsa|rsa] -C "$email_addr" -f $keypath # ~/.ssh/gitlab

# Fingerprint (fpr)
# Show fpr of any key (public/private have common fpr)
## -v show visual in addition to the hash.
ssh-keygen [-E md5|sha1(default)] -l[v] -f $keypath
# Show fpr of (remote) host(s) : VALIDATE host ON FIRST CONNECT
ssh-keygen [-E md5|sha1(default)] -l[v] -f $keypath

# Copy/Paste user's PUBLIC key (*.pub) to remote:
# Web GUI @ https://gitlab.com/-/profile/keys

# LOGIN to create SSH tunnel (sans shell) 
ssh -T[v[v[v[v]]]] -i $keypath git@github.com # -v; verbosity [levels]

# Optionally : Requires Git 2.10+
git config core.sshCommand "ssh -o IdentitiesOnly=yes -i $keypath -F /dev/null"

Configure @ ~/.ssh/config

Host gitlab gitlab.com
  HostName gitlab.com
  User git
  RequestTTY no
  IdentityFile ~/.ssh/gitlab_sempernow

Thereafter:

# Login : creates SSH tunnel (sans shell) 
ssh gitlab