GitLab: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
 
(113 intermediate revisions by the same user not shown)
Line 1: Line 1:
{|
| valign="top" |
  '''Linux:'''
  '''Linux:'''
  export GITLAB_HOME=/srv/gitlab
  export GITLAB_HOME=/srv/gitlab


| valign="top" |
  '''MacOS:'''
  '''MacOS:'''
  export GITLAB_HOME=$HOME/gitlab
  export GITLAB_HOME=$HOME/gitlab
|}
{| class="wikitable sortable"
|-
! Local location !! Container location  !! Usage
|-
| <code>$GITLAB_HOME/gitlab13/data</code> || <code>/var/opt/gitlab</code> || Application data
|-
| <code>$GITLAB_HOME/gitlab13/logs</code> || <code>/var/log/gitlab</code> || Application Logs
|-
| <code>$GITLAB_HOME/gitlab13/config</code> || <code>/etc/gitlab</code> || GitLab configuration
|}
<syntaxhighlight lang="bash">
docker run -it --rm \
--publish 9050:80 \
--publish 4321:22 \
--publish 4430:443 \
gitlab/gitlab-ce:13.2.3-ce.0 \
bin/bash
id; exit
</syntaxhighlight>


<source lang="bash">
<syntaxhighlight lang="bash">
mkdir -p $GITLAB_HOME/gitlab13/{config,data,logs}
#chown -R 0:0 $GITLAB_HOME/gitlab13/
</syntaxhighlight>
 
==PostgreSQL==
<syntaxhighlight lang="sql">
cat << DDL | psql -U ${USER}
CREATE DATABASE gitlab;
-- DROP DATABASE IF EXISTS gitlab;
CREATE USER gitlab WITH ENCRYPTED PASSWORD 'sadaqah!';
GRANT ALL PRIVILEGES ON DATABASE    gitlab TO gitlab;
DDL
</syntaxhighlight>
 
==Docker==
===Debian===
<syntaxhighlight lang="bash" highlight="3,8-12" line>
sudo docker run --detach \
--hostname cdn.chorke.org \
--env GITLAB_OMNIBUS_CONFIG="external_url 'https://cdn.chorke.org/gitlab'; gitlab_rails['lfs_enabled'] = true;" \
--publish 4430:443 \
--publish 9050:80 \
--publish 4321:22 \
--name gitlab \
--shm-size 256m \
--restart always \
--volume $GITLAB_HOME/gitlab13/config:/etc/gitlab \
--volume $GITLAB_HOME/gitlab13/logs:/var/log/gitlab \
--volume $GITLAB_HOME/gitlab13/data:/var/opt/gitlab \
gitlab/gitlab-ce:13.2.3-ce.0
</syntaxhighlight>
 
===Fedora===
<syntaxhighlight lang="bash" highlight="3,8-12" line>
sudo docker run --detach \
sudo docker run --detach \
--hostname cdn.chorke.org \
--hostname cdn.chorke.org \
--publish 4430:443 --publish 9050:80 --publish 4321:22 \
--env GITLAB_OMNIBUS_CONFIG="external_url 'https://cdn.chorke.org/gitlab'; gitlab_rails['lfs_enabled'] = true;" \
--publish 4430:443 \
--publish 9050:80 \
--publish 4321:22 \
--name gitlab \
--name gitlab \
--shm-size 256m \
--restart always \
--restart always \
--volume $GITLAB_HOME/config:/etc/gitlab \
--volume $GITLAB_HOME/gitlab13/config:/etc/gitlab:Z \
--volume $GITLAB_HOME/logs:/var/log/gitlab \
--volume $GITLAB_HOME/gitlab13/logs:/var/log/gitlab:Z \
--volume $GITLAB_HOME/data:/var/opt/gitlab \
--volume $GITLAB_HOME/gitlab13/data:/var/opt/gitlab:Z \
gitlab/gitlab-ce:latest
gitlab/gitlab-ce:13.2.3-ce.0
</source>
</syntaxhighlight>
 
==Mailer==
<code>docker exec -it gitlab vim /etc/gitlab/gitlab.rb</code>
<syntaxhighlight lang="ruby" highlight="2,4-6" start="80" line>
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "mail.chorke.org"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "[email protected]"
gitlab_rails['smtp_password'] = "p@$$w0rd"
gitlab_rails['smtp_domain'] = "mail.chorke.org"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = false
</syntaxhighlight>
 
<code>docker exec -it gitlab vim /etc/gitlab/gitlab.rb</code>
<syntaxhighlight lang="ruby" highlight="1" start="92" line>
gitlab_rails['smtp_openssl_verify_mode'] = 'none'
</syntaxhighlight>
 
<code>docker exec -it gitlab vim /etc/gitlab/gitlab.rb</code>
<syntaxhighlight lang="ruby" highlight="5-8" start="99" line>
gitlab_rails['gitlab_email_enabled'] = true
 
##! If your SMTP server does not like the default 'From: [email protected]'
##! can change the 'From' with this setting.
gitlab_rails['gitlab_email_from'] = '[email protected]'
gitlab_rails['gitlab_email_display_name'] = 'GitLab'
gitlab_rails['gitlab_email_reply_to'] = '[email protected]'
gitlab_rails['gitlab_email_subject_suffix'] = 'GitLab'
</syntaxhighlight>
 
==Apache==
===CentOS 7===
<code>vim /etc/httpd/conf.sites.d/00-cdn.chorke.org-le-ssl.conf</code>
<syntaxhighlight lang="apache" highlight="5,8-10">
<IfModule mod_ssl.c>
<VirtualHost *:443>
    SSLProxyEngine On
    ProxyRequests Off
    SSLProxyVerify None
    ProxyPreserveHost On
    AllowEncodedSlashes On
    SSLProxyCheckPeerCN Off
    SSLProxyCheckPeerName Off
    SSLProxyCheckPeerExpire Off
    #....misc apache cfg....
 
    <Location /gitlab>
        Order Allow,Deny
        Allow from all
        ProxyPass https://localhost:4430/gitlab nocanon
        ProxyPassReverse https://localhost:4430/gitlab
    </Location>
 
    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/cdn.chorke.org/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/cdn.chorke.org/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/cdn.chorke.org/chain.pem
</VirtualHost>
</IfModule>
</syntaxhighlight>
 
==Runner==
docker pull gitlab/gitlab-runner:latest
docker pull gitlab/gitlab-runner:alpine
 
===Debian===
docker run --detach \
--name gitlab-runner \
--restart always \
--volume /var/run/docker.sock:/var/run/docker.sock \
--volume /srv/gitlab-runner/config:/etc/gitlab-runner \
gitlab/gitlab-runner:latest
 
===CentOS===
docker run --detach \
--name gitlab-runner \
--restart always \
--volume /var/run/docker.sock:/var/run/docker.sock \
--volume /srv/gitlab-runner/config:/etc/gitlab-runner:Z \
gitlab/gitlab-runner:v13.2.2
 
===MacOS===
brew install gitlab-runner
brew services start gitlab-runner
brew services stop gitlab-runner
 
==Raspbian==
<syntaxhighlight lang="bash">
cat <<EOF >> /etc/apt/sources.list.d/gitlab_raspberry-pi2.list
deb https://packages.gitlab.com/gitlab/raspberry-pi2/raspbian/ buster main
deb-src https://packages.gitlab.com/gitlab/raspberry-pi2/raspbian/ buster main
EOF
 
wget -qO - https://packages.gitlab.com/gitlab/raspberry-pi2/gpgkey|apt-key add -
apt update;apt list --upgradable;apt search gitlab-ce
</syntaxhighlight>
 
<syntaxhighlight lang="bash">
# pios swap memory
printf '\nbefore:\n';free -th;\
sed -i "s|CONF_SWAPSIZE=100|CONF_SWAPSIZE=2048|" /etc/dphys-swapfile;\
service dphys-swapfile restart;\
printf '\nupdate:\n';free -th
</syntaxhighlight>
----
<syntaxhighlight lang="bash">
GIT_FILE_CFG='/etc/gitlab/gitlab.rb';\
GIT_XTRN_URL_FIND="external_url 'http://gitlab.example.com'";\
GIT_XTRN_URL_FILL="external_url 'https://cdn.chorke.org/gitlab'";\
sed -i "s|$GIT_XTRN_URL_FIND|$GIT_XTRN_URL_FILL|" "$GIT_FILE_CFG"
</syntaxhighlight>
 
{|
| valign="top" |
<syntaxhighlight lang="ruby">
  32 external_url 'http://gitlab.example.com'
────────────────────────────────────────────────────────────────
113 # gitlab_rails['gitlab_default_can_create_group'] = true
114 # gitlab_rails['gitlab_username_changing_enabled'] = true
────────────────────────────────────────────────────────────────
128 # gitlab_rails['gitlab_default_theme'] = 2
────────────────────────────────────────────────────────────────
344 # gitlab_rails['lfs_enabled'] = true
────────────────────────────────────────────────────────────────
548 # gitlab_rails['gitlab_shell_ssh_port'] = 22
────────────────────────────────────────────────────────────────
583 # git_data_dirs({
584 #  "default" => {
585 #    "path" => "/mnt/nfs-01/git-data"
586 #    }
587 # })
────────────────────────────────────────────────────────────────
920 # puma['worker_processes'] = 2
────────────────────────────────────────────────────────────────
959 # sidekiq['max_concurrency'] = 50
────────────────────────────────────────────────────────────────
1894 # prometheus_monitoring['enable'] = true
</syntaxhighlight>
 
| valign="top" |
<syntaxhighlight lang="ruby">
external_url 'https://cdn.chorke.org/gitlab'
────────────────────────────────────────────────────────────────
gitlab_rails['gitlab_default_can_create_group'] = false
gitlab_rails['gitlab_username_changing_enabled'] = false
────────────────────────────────────────────────────────────────
gitlab_rails['gitlab_default_theme'] = 5
────────────────────────────────────────────────────────────────
gitlab_rails['lfs_enabled'] = true
────────────────────────────────────────────────────────────────
gitlab_rails['gitlab_shell_ssh_port'] = 4321
────────────────────────────────────────────────────────────────
git_data_dirs({
  "default" => {
    "path" => "/chorke/academia/nfs/gitlab/git-data"
  }
})
────────────────────────────────────────────────────────────────
puma['worker_processes'] = 2
────────────────────────────────────────────────────────────────
sidekiq['max_concurrency'] = 9
────────────────────────────────────────────────────────────────
prometheus_monitoring['enable'] = false
</syntaxhighlight>
|}
{|
| valign="top" |
<syntaxhighlight lang="bash">
nano /etc/gitlab/gitlab.rb
────────────────────────────────────────────────────────────────
gitlab-ctl reconfigure
gitlab-ctl status
gitlab-ctl stop
</syntaxhighlight>
 
| valign="top" |
<syntaxhighlight lang="bash">
nano /etc/gitlab/gitlab.rb
────────────────────────────────────────────────────────────────
gitlab-ctl reconfigure
service gitlab restart
service gitlab status
</syntaxhighlight>
|}
----
<code>nano /etc/ssh/sshd_config</code>
{|
| valign="top" |
<syntaxhighlight lang="ini">
  13 #Port 22
────────────────────────────────────────────────────────────────
</syntaxhighlight>
 
telnet localhost 4321
systemctl restart sshd
ssh -P4321 [email protected]
 
| valign="top" |
<syntaxhighlight lang="ini">
Port 4321
────────────────────────────────────────────────────────────────
</syntaxhighlight>


systemctl status sshd
telnet git0.dev.shahed.biz 4321
ssh -P4321 [email protected]
|}
==Upgrade==
'''from 13.6.3-ce.0:'''
sudo apt install gitlab-ce=13.8.8-ce.0
sudo apt install gitlab-ce=13.12.15-ce.0
sudo apt install gitlab-ce=14.0.11-ce.0
sudo apt install gitlab-ce=14.1.8-ce.0
sudo apt install gitlab-ce=14.2.6-ce.0
'''from 14.7.1-ce.0:'''
sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart
==Knowledge ==
'''SSH Local Forwarding:'''
  ssh -L 9050:localhost:9050 [email protected]
  ssh -L 9050:localhost:9050 [email protected]
  http://localhost:9050/
  http://localhost:9050/
'''user:''' root
'''pass:''' 5iveL!fe
'''Sign-up Restrictions:'''
https://cdn.chorke.org/gitlab/admin/application_settings/general
Sign-up enabled (Unchecked)
docker logs gitlab
docker restart gitlab
docker exec -it gitlab /bin/bash
docker exec gitlab update-permissions
docker exec -it gitlab vim /etc/gitlab/gitlab.rb
docker logs gitlab-runner
docker restart gitlab-runner
docker exec -it gitlab-runner gitlab-runner --help
docker exec -it gitlab-runner gitlab-runner register
docker exec -it gitlab-runner gitlab-runner list
docker exec -it gitlab-runner gitlab-runner verify
docker exec -it gitlab-runner gitlab-runner verify --delete
docker-machine create --driver virtualbox default
docker-machine start default
docker-machine stop default
docker-machine ip default
docker-machine ls
----
docker exec -it gitlab gitlab-rails console -e production
user = User.where(id: 1).first
user.password = 'academia'
user.password_confirmation = 'academia'
user.save
----
lsblk
fdisk -l
smartctl -a /dev/sda
e2label /dev/sda1 CK10010100
mkfs.ext4 /dev/sda1 -L CK10010100
mkdir /chorke/academia/nfs/gitlab
chown pi /chorke/academia/nfs/gitlab
mount /dev/sda1 /chorke/academia/nfs/gitlab
----
'''SELinux:'''
https://docs.gitlab.com/runner/install/docker.html#selinux
https://github.com/dpw/selinux-dockersock
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
curl -s https://packages.gitlab.com/install/repositories/gitlab/raspberry-pi2/script.deb.sh | sudo bash


==References==
==References==
{|
| valign="top" |
* [https://websiteforstudents.com/setup-apache2-reverse-proxy-nginx-ubuntu-17-04-17-10/ Setup Apache2 as Reverse Proxy for Nginx]
* [https://docs.gitlab.com/ee/raketasks/backup_restore.html Backing up and restoring GitLab]
* [https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/master/docker/Dockerfile Omnibus GitLab Docker Source]
* [https://docs.gitlab.com/ee/install/relative_url.html Enable relative URL in GitLab]
* [https://hub.docker.com/r/gitlab/gitlab-ce GitLab CE Docker Image]
* [https://hub.docker.com/r/gitlab/gitlab-ce GitLab CE Docker Image]
* [https://docs.gitlab.com/omnibus/docker/ GitLab Docker Image]
* [https://docs.gitlab.com/omnibus/docker/ GitLab Docker Image]
* [https://docs.gitlab.com/omnibus/package-information/defaults.html Package information]
* [https://docs.gitlab.com/omnibus/package-information/defaults.html Package information]
* [https://docs.gitlab.com/omnibus/package-information/licensing.html Package Licensing]
* [https://docs.gitlab.com/omnibus/settings/nginx.html#enable-https Enable HTTPS]
* [https://docs.gitlab.com/omnibus/settings/nginx.html#enable-https Enable HTTPS]
* [https://docs.gitlab.com/omnibus/settings/smtp.html SMTP settings]
* [https://docs.gitlab.com/omnibus/settings/smtp.html SMTP settings]
| valign="top" |
* [https://docs.gitlab.com/runner/install/docker.html#docker-images Run  GitLab Runner in a container]
* [https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/master/doc/settings/configuration.md GitLab Configuration Settings]
* [https://docs.gitlab.com/runner/commands/ GitLab Runner commands]
* [https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/master/doc/settings/database.md GitLab Database Settings]
* [https://docs.gitlab.com/runner/install/osx.html GitLab Runner on macOS]
* [https://docs.gitlab.com/ee/user/packages/maven_repository/ GitLab Maven Repository]
* [https://docs.gitlab.com/runner/executors/README.html GitLab Runner Executors]
* [https://packages.gitlab.com/gitlab/gitlab-ce/install Installation instructions]
* [https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/master/doc/settings/smtp.md GitLab SMTP Settings]
* [https://docs.gitlab.com/runner/register/ Registering Runners]
| valign="top" |
* [https://stackoverflow.com/questions/18872482 SSL Handshake error with remote server]
* [https://www.edureka.co/community/51049/how-is-docker-machine-different-from-docker-engine Docker Machine vs. Docker Engine]
* [https://docs.docker.com/machine/get-started/ Getting Start Docker Machine]
* [https://docs.docker.com/machine/overview/ Docker Machine Overview]
* [https://docs.gitlab.com/runner/executors/docker_machine.html Docker Machine Executor]
* [https://docs.docker.com/machine/install-machine/ Install Docker Machine]
* [https://docs.gitlab.com/runner/executors/kubernetes.html Kubernetes Executor]
* [https://docs.gitlab.com/runner/executors/docker.html Docker Executor]
* [https://docs.gitlab.com/runner/executors/shell.html Shell Executor]
* [https://docs.gitlab.com/runner/executors/ssh.html SSH Executor]
|-
| valign="top" colspan="3" |
----
|-
| valign="top" |
* [https://docs.gitlab.com/ee/administration/operations/puma.html GitLab 13.0 runs on Puma instead of Unicorn]
* [https://unix.stackexchange.com/questions/3158 HDD partition naming convention in Linux]
* [https://unix.stackexchange.com/questions/252822 Difference between <code>/mnt</code> vs <code>/media</code>]
* [https://cdn.chorke.org/goto/watch?v=VVp0buV-wVM Setup XCode Configuration] <code>YouTube</code>
* [https://packages.gitlab.com/gitlab/raspberry-pi2 GitLab Repository for Raspberry Pi OS]
* [https://docs.gitlab.com/omnibus/settings/rpi.html GitLab Install on a Raspberry Pi OS]
* [https://docs.gitlab.com/ee/administration/monitoring/prometheus/ Monitoring GitLab with Prometheus]
* [https://gitlab.com/groups/gitlab-org/-/epics/2370 Support running GitLab on ARM64]
* [https://superuser.com/questions/228657 Best Linux Files System for SSD]
* [[Convention for HDD Label]]
| valign="top" |
* [https://stackoverflow.com/questions/52255035/ GitLab upgrade to latest minor version]
* [https://docs.gitlab.com/omnibus/settings/nginx.html#using-a-non-bundled-web-server Using a non-bundled web-server]
* [https://stackoverflow.com/questions/28243357 Configure GitLab with Apache2]
* [https://gitlab.com/users/sign_in GitLab Community Sign In]
* [https://docs.gitlab.com/ee/update/index.html Upgrading GitLab]
* [[Drone Pipeline]]
* [[Raspberry Pi]]
* [[HAProxy]]
* [[Nginx]]
* [[Drone]]
| valign="top" |
* [[Docker/Compose/GitLab|GitLab » Docker » Compose]]
* [https://docs.gitlab.com/ee/user/project/integrations/telegram.html GitLab » Telegram]
* [https://docs.gitlab.com/ee/update/ GitLab » Upgrade]
|}

Latest revision as of 02:24, 11 September 2024

Linux:
export GITLAB_HOME=/srv/gitlab
MacOS:
export GITLAB_HOME=$HOME/gitlab
Local location Container location Usage
$GITLAB_HOME/gitlab13/data /var/opt/gitlab Application data
$GITLAB_HOME/gitlab13/logs /var/log/gitlab Application Logs
$GITLAB_HOME/gitlab13/config /etc/gitlab GitLab configuration
docker run -it --rm \
--publish 9050:80 \
--publish 4321:22 \
--publish 4430:443 \
gitlab/gitlab-ce:13.2.3-ce.0 \
bin/bash
id; exit
mkdir -p $GITLAB_HOME/gitlab13/{config,data,logs}
#chown -R 0:0 $GITLAB_HOME/gitlab13/

PostgreSQL

cat << DDL | psql -U ${USER}
CREATE DATABASE gitlab;
-- DROP DATABASE IF EXISTS gitlab;
CREATE USER gitlab WITH ENCRYPTED PASSWORD 'sadaqah!';
GRANT ALL PRIVILEGES ON DATABASE     gitlab TO gitlab;
DDL

Docker

Debian

sudo docker run --detach \
--hostname cdn.chorke.org \
--env GITLAB_OMNIBUS_CONFIG="external_url 'https://cdn.chorke.org/gitlab'; gitlab_rails['lfs_enabled'] = true;" \
--publish 4430:443 \
--publish 9050:80 \
--publish 4321:22 \
--name gitlab \
--shm-size 256m \
--restart always \
--volume $GITLAB_HOME/gitlab13/config:/etc/gitlab \
--volume $GITLAB_HOME/gitlab13/logs:/var/log/gitlab \
--volume $GITLAB_HOME/gitlab13/data:/var/opt/gitlab \
gitlab/gitlab-ce:13.2.3-ce.0

Fedora

sudo docker run --detach \
--hostname cdn.chorke.org \
--env GITLAB_OMNIBUS_CONFIG="external_url 'https://cdn.chorke.org/gitlab'; gitlab_rails['lfs_enabled'] = true;" \
--publish 4430:443 \
--publish 9050:80 \
--publish 4321:22 \
--name gitlab \
--shm-size 256m \
--restart always \
--volume $GITLAB_HOME/gitlab13/config:/etc/gitlab:Z \
--volume $GITLAB_HOME/gitlab13/logs:/var/log/gitlab:Z \
--volume $GITLAB_HOME/gitlab13/data:/var/opt/gitlab:Z \
gitlab/gitlab-ce:13.2.3-ce.0

Mailer

docker exec -it gitlab vim /etc/gitlab/gitlab.rb

gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "mail.chorke.org"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "[email protected]"
gitlab_rails['smtp_password'] = "p@$$w0rd"
gitlab_rails['smtp_domain'] = "mail.chorke.org"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = false

docker exec -it gitlab vim /etc/gitlab/gitlab.rb

gitlab_rails['smtp_openssl_verify_mode'] = 'none'

docker exec -it gitlab vim /etc/gitlab/gitlab.rb

gitlab_rails['gitlab_email_enabled'] = true

##! If your SMTP server does not like the default 'From: [email protected]'
##! can change the 'From' with this setting.
gitlab_rails['gitlab_email_from'] = '[email protected]'
gitlab_rails['gitlab_email_display_name'] = 'GitLab'
gitlab_rails['gitlab_email_reply_to'] = '[email protected]'
gitlab_rails['gitlab_email_subject_suffix'] = 'GitLab'

Apache

CentOS 7

vim /etc/httpd/conf.sites.d/00-cdn.chorke.org-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
    SSLProxyEngine On
    ProxyRequests Off
    SSLProxyVerify None
    ProxyPreserveHost On
    AllowEncodedSlashes On
    SSLProxyCheckPeerCN Off
    SSLProxyCheckPeerName Off
    SSLProxyCheckPeerExpire Off
    #....misc apache cfg....

    <Location /gitlab>
        Order Allow,Deny
        Allow from all
        ProxyPass https://localhost:4430/gitlab nocanon
        ProxyPassReverse https://localhost:4430/gitlab
    </Location>

    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/cdn.chorke.org/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/cdn.chorke.org/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/cdn.chorke.org/chain.pem
</VirtualHost>
</IfModule>

Runner

docker pull gitlab/gitlab-runner:latest
docker pull gitlab/gitlab-runner:alpine

Debian

docker run --detach \
--name gitlab-runner \
--restart always \
--volume /var/run/docker.sock:/var/run/docker.sock \
--volume /srv/gitlab-runner/config:/etc/gitlab-runner \
gitlab/gitlab-runner:latest

CentOS

docker run --detach \
--name gitlab-runner \
--restart always \
--volume /var/run/docker.sock:/var/run/docker.sock \
--volume /srv/gitlab-runner/config:/etc/gitlab-runner:Z \
gitlab/gitlab-runner:v13.2.2

MacOS

brew install gitlab-runner
brew services start gitlab-runner
brew services stop gitlab-runner

Raspbian

cat <<EOF >> /etc/apt/sources.list.d/gitlab_raspberry-pi2.list
deb https://packages.gitlab.com/gitlab/raspberry-pi2/raspbian/ buster main
deb-src https://packages.gitlab.com/gitlab/raspberry-pi2/raspbian/ buster main
EOF

wget -qO - https://packages.gitlab.com/gitlab/raspberry-pi2/gpgkey|apt-key add -
apt update;apt list --upgradable;apt search gitlab-ce
# pios swap memory
printf '\nbefore:\n';free -th;\
sed -i "s|CONF_SWAPSIZE=100|CONF_SWAPSIZE=2048|" /etc/dphys-swapfile;\
service dphys-swapfile restart;\
printf '\nupdate:\n';free -th

GIT_FILE_CFG='/etc/gitlab/gitlab.rb';\
GIT_XTRN_URL_FIND="external_url 'http://gitlab.example.com'";\
GIT_XTRN_URL_FILL="external_url 'https://cdn.chorke.org/gitlab'";\
sed -i "s|$GIT_XTRN_URL_FIND|$GIT_XTRN_URL_FILL|" "$GIT_FILE_CFG"
  32 external_url 'http://gitlab.example.com'
────────────────────────────────────────────────────────────────
 113 # gitlab_rails['gitlab_default_can_create_group'] = true
 114 # gitlab_rails['gitlab_username_changing_enabled'] = true
────────────────────────────────────────────────────────────────
 128 # gitlab_rails['gitlab_default_theme'] = 2
────────────────────────────────────────────────────────────────
 344 # gitlab_rails['lfs_enabled'] = true
────────────────────────────────────────────────────────────────
 548 # gitlab_rails['gitlab_shell_ssh_port'] = 22
────────────────────────────────────────────────────────────────
 583 # git_data_dirs({
 584 #   "default" => {
 585 #     "path" => "/mnt/nfs-01/git-data"
 586 #    }
 587 # })
────────────────────────────────────────────────────────────────
 920 # puma['worker_processes'] = 2
────────────────────────────────────────────────────────────────
 959 # sidekiq['max_concurrency'] = 50
────────────────────────────────────────────────────────────────
1894 # prometheus_monitoring['enable'] = true
external_url 'https://cdn.chorke.org/gitlab'
────────────────────────────────────────────────────────────────
gitlab_rails['gitlab_default_can_create_group'] = false
gitlab_rails['gitlab_username_changing_enabled'] = false
────────────────────────────────────────────────────────────────
gitlab_rails['gitlab_default_theme'] = 5
────────────────────────────────────────────────────────────────
gitlab_rails['lfs_enabled'] = true
────────────────────────────────────────────────────────────────
gitlab_rails['gitlab_shell_ssh_port'] = 4321
────────────────────────────────────────────────────────────────
git_data_dirs({
  "default" => {
    "path" => "/chorke/academia/nfs/gitlab/git-data"
   }
})
────────────────────────────────────────────────────────────────
puma['worker_processes'] = 2
────────────────────────────────────────────────────────────────
sidekiq['max_concurrency'] = 9
────────────────────────────────────────────────────────────────
prometheus_monitoring['enable'] = false
nano /etc/gitlab/gitlab.rb
────────────────────────────────────────────────────────────────
gitlab-ctl reconfigure
gitlab-ctl status
gitlab-ctl stop
nano /etc/gitlab/gitlab.rb
────────────────────────────────────────────────────────────────
gitlab-ctl reconfigure
service gitlab restart
service gitlab status

nano /etc/ssh/sshd_config

  13 #Port 22
────────────────────────────────────────────────────────────────
telnet localhost 4321
systemctl restart sshd
ssh -P4321 [email protected] 
Port 4321
────────────────────────────────────────────────────────────────
systemctl status sshd
telnet git0.dev.shahed.biz 4321
ssh -P4321 [email protected] 

Upgrade

from 13.6.3-ce.0:
sudo apt install gitlab-ce=13.8.8-ce.0
sudo apt install gitlab-ce=13.12.15-ce.0
sudo apt install gitlab-ce=14.0.11-ce.0
sudo apt install gitlab-ce=14.1.8-ce.0
sudo apt install gitlab-ce=14.2.6-ce.0
from 14.7.1-ce.0:
sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart

Knowledge

SSH Local Forwarding:
ssh -L 9050:localhost:9050 [email protected]
http://localhost:9050/
user: root
pass: 5iveL!fe
Sign-up Restrictions:
https://cdn.chorke.org/gitlab/admin/application_settings/general
Sign-up enabled (Unchecked)
docker logs gitlab
docker restart gitlab
docker exec -it gitlab /bin/bash
docker exec gitlab update-permissions
docker exec -it gitlab vim /etc/gitlab/gitlab.rb
docker logs gitlab-runner
docker restart gitlab-runner
docker exec -it gitlab-runner gitlab-runner --help
docker exec -it gitlab-runner gitlab-runner register
docker exec -it gitlab-runner gitlab-runner list
docker exec -it gitlab-runner gitlab-runner verify
docker exec -it gitlab-runner gitlab-runner verify --delete
docker-machine create --driver virtualbox default
docker-machine start default
docker-machine stop default
docker-machine ip default
docker-machine ls

docker exec -it gitlab gitlab-rails console -e production
user = User.where(id: 1).first
user.password = 'academia'
user.password_confirmation = 'academia'
user.save

lsblk
fdisk -l
smartctl -a /dev/sda
e2label /dev/sda1 CK10010100
mkfs.ext4 /dev/sda1 -L CK10010100
mkdir /chorke/academia/nfs/gitlab
chown pi /chorke/academia/nfs/gitlab
mount /dev/sda1 /chorke/academia/nfs/gitlab

SELinux:
https://docs.gitlab.com/runner/install/docker.html#selinux
https://github.com/dpw/selinux-dockersock
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
curl -s https://packages.gitlab.com/install/repositories/gitlab/raspberry-pi2/script.deb.sh | sudo bash

References