Post

Gitlab for a homelab repository

What is Gitlab?

Gitlab is a source control management application very similar to Github. The advantage of Gitlab is it can be self-hosted so you can maintain your code locally.

Requirements:

  • RHEL / Rocky linux
  • SSH connection to your server

Linux package Installation

Install prerequisite packages.

1
dnf install policycoreutils-python-utils openssh-server perl

A restart of sshd is necessary after the install of openssh-server. Also make sure you have it enabled.

1
2
systemctl restart sshd
systemctl enable sshd

Gitlab has a curl script which adds their repository to your server. It’s one command which makes it simple.

1
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | bash

Install the gitlab community edition

1
dnf install -y gitlab-ce
  1. Edit the configuration file for Gitlab. There are many possible lines to add. Here are some examples.
1
2
3
4
5
6
7
8
external_url = 'http://gitlab.example.com'

# paste in this pair if you are using a reverse proxy
#nginx['listen_port'] = 80
#nginx['listen_https'] = false

# you can redirect http if you need
#ngnix['redirect_http_to_https'] = true
  • external_url is the main URL of your website. It’s important that this match the url you intend to be hitting your website on. The copy paste of your Git repositories from Gitlab will be based off this address. If left as default it will assume http and serve out on port 80. When this is set to an https addres Gitlab automatically serves out content over port 443 instead.

Reference: Gitlab documentation on external_url

#nginx['listen_port'] = 80 #nginx['listen_https'] = false

  • If you require your external_url to be served out over http but want the URL to be https (such as a reverse proxy) you can control the built-in ngnix server that Gitlab uses to serve out content with ngnix one liners like these.

Reference: Gitlab documentation on built-in ngnix

  1. Tell Gitlab to start with your current configuration (This is also how you reconfigure Gitlab from here on if you make any changes to the config file)

    1
    
     gitlab-ctl reconfigure
    
  2. Gitlab is now up and running. Retrieve the root password.

    1
    
     cat /etc/gitlab/initial_root_password
    
  3. Login by going to your external_url address or by the default address of http://hostname.com and using the username root with the password copied from intial_root_password file.

Configuring Gitlab for HTTPS

Gitlab can be configured for https either manually using your own certificates or automatically using Let’s Encrypt.

Reference: Gitlab documentation on SSL

Before you setup HTTPS

Important note before you setup https you should make sure your server time is in sync. Gitlab uses cookies that are highly dependent upon time. If you have nothing setup here is a basic NTP configuration which is common.

1
2
3
dnf install chrony -y
systemctl enable chrony
chronyc tracking

Config files for chrony are found in /etc/chrony.config

Manual configuration

  1. Make an SSL directory for Gitlab.

    1
    2
    3
    4
    
     mkdir -p /etc/gitlab/ssl
     chmod 755 /etc/gitlab/ssl
     cp gitlab.example.com.key gitlab.example.com.crt /etc/gitlab/ssl/
     chmod 644 /etc/gitlab/ssl/gitlab.example.com.key gitlab.example.com.crt
    
  2. Set external_url inside the gitlab configuration file.

    1
    2
    
     exernal_url = 'https://gitlab.example.com'
     letsencrypt['enable'] = false
    
  3. Gracefully restart ngnix to load the certificates

    1
    2
    
     sudo gitlab-ctl hup nginx
     sudo gitlab-ctl hup registry
    
  4. Optional: If your external_url wasn’t previously https you should run a reconfigure as well.

    1
    
     gitlab-ctl reconfigure
    

Automatic configuration with Let’s Encrypt

  1. Configure external_url to be https.

    1
    2
    
     exernal_url = 'https://gitlab.example.com'
     letsencrypt['contact_emails'] = ['[email protected]'] # Optional
    
  2. Reconfigure Gitlab.

    1
    
     gitlab-ctl reconfigure
    

Backup

As long as you don’t have heavy traffic to your Gitlab server backing it up is simple. Here is a one liner.

1
gitlab-backup create BACKUP=$(date +%F_%R)

This will create a backup of your gitlab at /var/opt/gitlab/backups/ with the date and time. It’s important to note you also need to backup your /etc/gitlab directory to save secrets and TLS certs if using HTTPS.

This post is licensed under CC BY 4.0 by the author.