Docker execution environment

For details on the Docker execution environment, please refer to my previous blog post here.

Gitlab

Now comes the main event: deploying GitLab on a Linux physical server.

For more details, please follow the guidance in the official website.

Here, I will do the demonstration on Ubuntu22.04 operating system.

Firewall

The first thing is to check out the status of ssh and firewall, 80/22/443 ports should be allowed.

1
2
3
4
5
sudo systemctl enable --now ssh
sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw enable

While, here for the demo, I will make the ufw firewall inactive.

1
2
admin01@chrgtlb1:~$ sudo ufw status
Status: inactive

Add the GitLab package repository in local apt

At first, please make sure that curl command is available in you operating system.

1
sudo apt install -y curl

Then, we use the script provided from the official website to add the GitLab repository.(Community Edition)

1
curl "https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh" | sudo bash
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
admin01@chrgtlb1:~$ curl "https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh" | sudo bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  6865  100  6865    0     0  10884      0 --:--:-- --:--:-- --:--:-- 10879
Detected operating system as Ubuntu/jammy.
Checking for curl...
Detected curl...
Checking for gpg...
Detected gpg...
Running apt-get update... done.
Installing apt-transport-https... done.
Installing /etc/apt/sources.list.d/gitlab_gitlab-ce.list...done.
Importing packagecloud gpg key... done.
Running apt-get update... done.

The repository is setup! You can now install packages.

Install the GitLab package

For example, Basic installation:

1
sudo EXTERNAL_URL="http://172.22.31.61" apt install gitlab-ce

You could also customize with the environment variables, such as: GITLAB_ROOT_EMAIL, GITLAB_ROOT_PASSWORD, EXTERNAL_URL.

Then, please wait for a moment.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Notes:
Default admin account has been configured with following details:
Username: root
Password: You didn't opt-in to print initial root password to STDOUT.
Password stored to /etc/gitlab/initial_root_password. This file will be cleaned up in first reconfigure run after 24 hours.

NOTE: Because these credentials might be present in your log files in plain text, it is highly recommended to reset the password following https://docs.gitlab.com/ee/security/reset_user_pass
word.html#reset-your-root-password.

gitlab Reconfigured!
         .                        ..
        :c:                      ,cc'
       :ccc:                    'cccc.
      :ccccc,                   cccccc
     .ccccccc                  :cccccc:
     cccccccc:                .cccccccc'
    :ccccccccc;..............'cccccccccc'
   cccccccccccccccccccccccccccccccccccccc'
  :ooolccccccccccccccccccccccccccccccllooo
  ooooooollccccccccccccccccccccccclooooooo
  ;ooooooooollcccccccccccccccccloooooooool
   oooooooooooolccccccccccccloooooooooooo.
    .ooooooooooooolcccccclloooooooooooo;
       cooooooooooooolllooooooooooooo.
          loooooooodxkkxddoooooooo.
            .ooodxkkkkkkkkxdooo;
               .kkkkkkkkkkkk:
                  ;kkkkkkx
                     :d

Thank you for installing GitLab!
GitLab should be available at http://172.22.31.61

For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md

Help us improve the installation experience, let us know how we did with a 1 minute survey:
https://gitlab.fra1.qualtrics.com/jfe/form/SV_6kVqZANThUQ1bZb?installation=omnibus&release=18-3

Scanning processes...
Scanning candidates...
Scanning linux images...

Restarting services...
 systemctl restart containerd.service cron.service irqbalance.service multipathd.service packagekit.service polkit.service rsyslog.service ssh.service systemd-journald.service systemd-networkd.service systemd-resolved.service systemd-timesyncd.service systemd-udevd.service upower.service
Service restarts being deferred:
 systemctl restart ModemManager.service
 /etc/needrestart/restart.d/dbus.service
 systemctl restart docker.service
 systemctl restart getty@tty1.service
 systemctl restart networkd-dispatcher.service
 systemctl restart systemd-logind.service
 systemctl restart unattended-upgrades.service
 systemctl restart user@1000.service

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.

The successful log is shown as above, Congratulations!

Finally, let’s visit the website and have a view of login page.

GitLab Login Page

Because we don’t customize the root credentials during installation:

  • GitLab generates a random password and email address for the root administrator account.

  • The password is stored in /etc/gitlab/initial_root_password for 24 hours.

  • After 24 hours, this file is automatically removed for security reasons.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
admin01@chrgtlb1:~$ cd /etc/gitlab/
admin01@chrgtlb1:/etc/gitlab$ ls
gitlab.rb  gitlab-secrets.json  initial_root_password  trusted-certs
admin01@chrgtlb1:/etc/gitlab$ sudo cat initial_root_password
# WARNING: This value is valid only in the following conditions
#          1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run).
#          2. Password hasn't been changed manually, either via UI or via command line.
#
#          If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

Password: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.

Then, we can use this command to check the status of gitlab.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
admin01@chrgtlb1:/etc/gitlab$ sudo gitlab-ctl status
run: alertmanager: (pid 147983) 2324s; run: log: (pid 147811) 2359s
run: gitaly: (pid 147935) 2327s; run: log: (pid 147070) 2491s
run: gitlab-exporter: (pid 147953) 2326s; run: log: (pid 147572) 2377s
run: gitlab-kas: (pid 147306) 2481s; run: log: (pid 147330) 2479s
run: gitlab-workhorse: (pid 147903) 2328s; run: log: (pid 147467) 2396s
run: logrotate: (pid 146979) 2505s; run: log: (pid 146987) 2504s
run: nginx: (pid 147924) 2328s; run: log: (pid 147527) 2389s
run: node-exporter: (pid 147945) 2327s; run: log: (pid 147556) 2383s
run: postgres-exporter: (pid 147997) 2324s; run: log: (pid 147854) 2352s
run: postgresql: (pid 147114) 2487s; run: log: (pid 147156) 2484s
run: prometheus: (pid 147964) 2326s; run: log: (pid 147779) 2365s
run: puma: (pid 147372) 2410s; run: log: (pid 147379) 2409s
run: redis: (pid 147014) 2499s; run: log: (pid 147023) 2498s
run: redis-exporter: (pid 147955) 2326s; run: log: (pid 147717) 2370s
run: sidekiq: (pid 147390) 2404s; run: log: (pid 147417) 2401s

Finally, we can try to use the default account root and the default password stored in the initial_root_password to login.

Login successfully

Gitlab-runner

Same as before, for more details, please walk through the official website.

Add the official GitLab-runner repository

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
admin01@chrgtlb1:/etc/gitlab$ curl -L "https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh" | sudo bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  6885  100  6885    0     0  11080      0 --:--:-- --:--:-- --:--:-- 11069
Detected operating system as Ubuntu/jammy.
Checking for curl...
Detected curl...
Checking for gpg...
Detected gpg...
Running apt-get update... done.
Installing apt-transport-https... done.
Installing /etc/apt/sources.list.d/runner_gitlab-runner.list...done.
Importing packagecloud gpg key... done.
Running apt-get update... done.

The repository is setup! You can now install packages.

Install the Gitlab-runner

1
2
sudo apt update
sudo apt install gitlab-runner
1
2
3
admin01@chrgtlb1:/etc/gitlab$ sudo gitlab-runner status
Runtime platform                                    arch=amd64 os=linux pid=152698 revision=5a021a1c version=18.3.1
gitlab-runner: Service is running

Up to now, all required components are installed successfully, please enjoy yourself!