Sysadm:GitLab
Following the October 2014 meeting at UCSB, Eros personnel requested that CHG set up a GitLab server to allow free collaboration between us and EROS (who cannot host shared files on their government servers due to security reasons).
Details of the installation are below.
Contents
- 1 Versions
- 2 GitLab Install Prep
- 3 Installing GitLab Itself
- 3.1 Make sure GitLab can write to the log/ and tmp/ directories
- 3.2 Create directory for satellites
- 3.3 Copy the example Unicorn config
- 3.4 Copy the example Rack attack config
- 3.5 Git global settings
- 3.6 Configure Redis connection settings
- 3.7 Configure GitLab DB Settings
- 3.8 Install Gems
- 3.9 Install GitLab Shell
- 3.10 Initialize Database and Activate Advanced Features
- 3.11 Start GitLab Instance
- 4 Starting and Stopping Services
- 5 Install nginx
- 6 Web Interface
- 7 Notes
- 8 Useful Links
Versions
chg-git, an Ubuntu VM, was created to host the GitLab server.
- Ubuntu 12.04.5 LTS
- git version 2.1.2
- ruby 2.1.2p95 (2014-05-08 revision 45877) [x86_64-linux]
- psql (PostgreSQL) 9.1.14
- nginx version: nginx/1.1.19
GitLab Install Prep
Had to install manually, as the Omnibus package did not work.
Selected package 7.4-stable Sudo already installed. All commands successful unless otherwise stated.
Install vim and set as default editor
ewxadmin@chg-git:~$ sudo apt-get install -y vim ewxadmin@chg-git:~$ sudo update-alternatives --set editor /usr/bin/vim.basic
Required Packages
ewxadmin@chg-git:~$ sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev curl openssh-server redis-server checkinstall libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev logrotate python-docutils pkg-config cmake
Verify git version
ewxadmin@chg-git:~$ sudo apt-get install -y git-core ewxadmin@chg-git:~$ git --version
Install dependencies
ewxadmin@chg-git:~$ sudo apt-get install -y libcurl4-openssl-dev libexpat1-dev gettext libz-dev libssl-dev build-essential
Download and compile GitLab from source
ewxadmin@chg-git:~$ cd /tmp ewxadmin@chg-git:/tmp$ curl -L --progress https://www.kernel.org/pub/software/scm/git/git-2.1.2.tar.gz | tar xz ewxadmin@chg-git:/tmp$ cd git-2.1.2/ ewxadmin@chg-git:/tmp/git-2.1.2$ make prefix=/usr/local all
ewxadmin@chg-git:/tmp/git-2.1.2$ sudo make prefix=/usr/local install
When editing config/gitlab.yml, change the git -> bin_path to /usr/local/bin/git
ewxadmin@chg-git:/tmp/git-2.1.2$ sudo apt-get install -y postfix
Select 'Internet Site' and press enter to confirm the hostname
Download and compile Ruby on Rails
ewxadmin@chg-git:/tmp/git-2.1.2$ mkdir /tmp/ruby && cd /tmp/ruby ewxadmin@chg-git:/tmp/ruby$ curl -L --progress ftp://ftp.ruby-lang.org/pub/ruby/2.1/ruby-2.1.2.tar.gz | tar xz ewxadmin@chg-git:/tmp/ruby/$ cd ruby-2.1.2 ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ ./configure --disable-install-rdoc ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ make ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ sudo make install
Install the Bundler Gem:
ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ sudo gem install bundler --no-ri --no-rdoc
Create a git user for GitLab:
ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ sudo adduser --disabled-login --gecos 'GitLab' git
Install PostgreSQL
ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ sudo apt-get install -y postgresql postgresql-client libpq-dev ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ sudo -u postgres psql -d template1
In PostgreSQL
template1=# CREATE USER git CREATEDB; template1=# CREATE DATABASE gitlabhq_production OWNER git; template1=# \q
Try connecting to the new database with the new user
sudo -u git -H psql -d gitlabhq_production
Redis
ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ sudo apt-get install redis-server ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ sudo cp /etc/redis/redis.conf /etc/redis/redis.conf.orig ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ sed 's/^port .*/port 0/' /etc/redis/redis.conf.orig | sudo tee /etc/redis/redis.conf ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ echo 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis/redis.conf ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ sudo service redis-server restart ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ sudo usermod -aG redis git
Installing GitLab Itself
ewxadmin@chg-git:/tmp/ruby/ruby-2.1.2$ cd /home/git ewxadmin@chg-git:/home/git$ sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-4-stable gitlab ewxadmin@chg-git:/home/git$ cd /home/git/gitlab ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H editor config/gitlab.yml
Make sure GitLab can write to the log/ and tmp/ directories
ewxadmin@chg-git:/home/git/gitlab$ sudo chown -R git log/ ewxadmin@chg-git:/home/git/gitlab$ sudo chown -R git tmp/ ewxadmin@chg-git:/home/git/gitlab$ sudo chmod -R u+rwX log/ ewxadmin@chg-git:/home/git/gitlab$ sudo chmod -R u+rwX tmp/
Create directory for satellites
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H mkdir /home/git/gitlab-satellites ewxadmin@chg-git:/home/git/gitlab$ sudo chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites
ewxadmin@chg-git:/home/git/gitlab$ sudo chmod -R u+rwX tmp/pids/ ewxadmin@chg-git:/home/git/gitlab$ sudo chmod -R u+rwX tmp/sockets/ ewxadmin@chg-git:/home/git/gitlab$ sudo chmod -R u+rwX public/uploads
Copy the example Unicorn config
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb
Find number of cores
ewxadmin@chg-git:/home/git/gitlab$ nproc
Copy the example Rack attack config
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H cp ewxadmin@chg-git:/home/git/gitlab$ config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb
Git global settings
Configure Git global settings for git user, useful when editing via web Edit user.email according to what is set in gitlab.yml (admin@chg-git.geog.ucsb.edu)
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H git config --global user.name "GitLab" ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H git config --global user.email "example@example.com" ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H git config --global core.autocrlf input
Configure Redis connection settings
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H cp config/resque.yml.example config/resque.yml
Configure GitLab DB Settings
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git cp config/database.yml.postgresql config/database.yml
Update username/password in config/database.yml.
sudo -u git -H editor config/database.yml
Make config/database.yml readable to git only
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H chmod o-rwx config/database.yml
Install Gems
Parallel gems installation, nproc for the number of cores
ewxadmin@chg-git:/home/git/gitlab$ bundle install -j2
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H bundle install --deployment --without development test mysql aws
Install GitLab Shell
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H bundle exec rake gitlab:shell:install[v2.0.1] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production
You can review (and modify) the gitlab-shell config as follows:
sudo -u git -H editor /home/git/gitlab-shell/config.yml
Initialize Database and Activate Advanced Features
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production
Type 'yes' to create the database tables. When done you see 'Administrator account created:'
Administrator account created: login.........root password......5iveL!fe
You can set the Administrator password by supplying it in environmental variable GITLAB_ROOT_PASSWORD, eg.:
sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=newpassword
Install Init Script
ewxadmin@chg-git:/home/git/gitlab$ sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
Make GitLab start on boot
ewxadmin@chg-git:/home/git/gitlab$ sudo update-rc.d gitlab defaults 21
Setup Logrotate
ewxadmin@chg-git:/home/git/gitlab$ sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab
Check if GitLab and its environment are configured correctly:
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
Compile Assets
ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production
Start GitLab Instance
ewxadmin@chg-git:/home/git/gitlab$ sudo service gitlab start
Starting and Stopping Services
GitLab can be controlled with:
sudo service gitlab stop sudo service gitlab start sudo service gitlab restart
nginx must be controlled separately with:
sudo service nginx stop sudo service nginx start sudo service nginx restart
Install nginx
ewxadmin@chg-git:/home/git/gitlab$ sudo apt-get install -y nginx
ewxadmin@chg-git:/home/git/gitlab$ sudo cp lib/support/nginx/gitlab /etc/nginx/sites-available/gitlab ewxadmin@chg-git:/home/git/gitlab$ sudo ln -s /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/gitlab
Make sure to edit the config file to match your setup: Change YOUR_SERVER_FQDN to the fully-qualified domain name of your git host
ewxadmin@chg-git:/home/git/gitlab$ sudo editor /etc/nginx/sites-available/gitlab
Validate your gitlab or gitlab-ssl Nginx config file
ewxadmin@chg-git:/home/git/gitlab$ sudo nginx -t ewxadmin@chg-git:/home/git/gitlab$ sudo service nginx restart
Got errors regarding Port 80 already being in use. The following command resolved the issue.
ewxadmin@chg-git:/home/git/gitlab$ sudo fuser -k 80/tcp
So, trying again, successfully this time...
ewxadmin@chg-git:/home/git/gitlab$ sudo service nginx restart ewxadmin@chg-git:/home/git/gitlab$ sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
The first time I tried that last command, I got an error about not being able to find Gems. Turns out I had changed directories while troubleshooting the previous problem (needed to be specifically in the gitlab directory).
nginx configuration
nginx has a primary configuration file at:
/etc/nginx/nginx.conf
This file imports additional configuration files found in:
/etc/nginx/sites-enabled/
In order to increase the maximum upload size of files pushed to the server, the following line was added to the http directive of the primary configuration file:
client_max_body_size 1024M;
Web Interface
After that, all I need to do is log in at chg-git.geog.ucsb.edu in a web browser and enter the default username and password, then change the password. Passwords for chg-git (server and web browser) shared with Pete.
Notes
- Greg Ederer increased Unicorn timeout to resolve a common issue. (11/19/2014)