sudo apt update sudo apt install ca-certificates curl openssh-server tzdata perl cd /tmp curl -LO https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh sudo bash /tmp/script.deb.sh
Устанавливаем GitLab
sudo apt install gitlab-ce
Настраиваем файрвол (по требованию)
sudo ufw allow http sudo ufw allow https sudo ufw allow OpenSSH
Редактируем настройки
sudo nano /etc/gitlab/gitlab.rb
... ## GitLab URL ##! URL on which GitLab will be reachable. ##! For more details on configuring external_url see: ##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab ##! ##! Note: During installation/upgrades, the value of the environment variable ##! EXTERNAL_URL will be used to populate/replace this value. ##! On AWS EC2 instances, we also attempt to fetch the public hostname/IP ##! address from AWS. For more details, see: ##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html external_url 'http://your_domain' ...
Примечание: обязательно указываем http
sudo gitlab-ctl reconfigure
Настраиваем прокси и SSL
В файле /etc/gitlab/gitlab.rb устанавливаем
nginx['enable'] = false web_server['external_users'] = ['www-data']
В Nginx создаём сайт:
## GitLab 8.3+
##
## Lines starting with two hashes (##) are comments with information.
## Lines starting with one hash (#) are configuration parameters that can be uncommented.
##
##################################
## CONTRIBUTING ##
##################################
##
## If you change this file in a Merge Request, please also create
## a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
##
###################################
## configuration ##
###################################
##
## See installation.md#using-https for additional HTTPS configuration details.
upstream gitlab-workhorse {
# On GitLab versions before 13.5, the location is
# `/var/opt/gitlab/gitlab-workhorse/socket`. Change the following line
# accordingly.
server unix:/var/opt/gitlab/gitlab-workhorse/sockets/socket;
}
## Normal HTTP host
server {
## Either remove "default_server" from the listen line below,
## or delete the /etc/nginx/sites-enabled/default file. This will cause gitlab
## to be served if you visit any address that your server responds to, eg.
## the ip address of the server (http://x.x.x.x/)n 0.0.0.0:80 default_server;
listen 0.0.0.0:7001;
listen [::]:7001;
server_name YOUR_SERVER_FQDN; ## Replace this with something like gitlab.example.com
server_tokens off; ## Don't show the nginx version number, a security best practice
root /opt/gitlab/embedded/service/gitlab-rails/public;
## See app/controllers/application_controller.rb for headers set
## Individual nginx logs for this GitLab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
client_max_body_size 0;
gzip off;
## https://github.com/gitlabhq/gitlabhq/issues/694
## Some requests take more than 30 seconds.
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitlab-workhorse;
}
}
В файле nano /etc/nginx/nginx.conf добавляем:
http {
...
server {
listen 80;
server_name gitlab.yourdomain.com;
location / {
proxy_pass http://127.0.0.1:7001;
}
}
}
sudo gitlab-ctl reconfigure sudo systemctl reload nginx sudo apt install certbot python3-certbot-nginx certbot --nginx
Примечание: если выполнил gitlab-ctl reconfigure, то обязательно перезапускаем nginx
Настраиваем SMTP:
gitlab_rails['smtp_enable'] = true gitlab_rails['smtp_address'] = "smtp.server" gitlab_rails['smtp_port'] = 465 gitlab_rails['smtp_user_name'] = "smtp user" gitlab_rails['smtp_password'] = "smtp password" gitlab_rails['smtp_domain'] = "example.com" gitlab_rails['smtp_authentication'] = "login" gitlab_rails['smtp_enable_starttls_auto'] = true gitlab_rails['smtp_openssl_verify_mode'] = 'peer' # If your SMTP server does not like the default 'From: gitlab@localhost' you # can change the 'From' with this setting. gitlab_rails['gitlab_email_from'] = 'gitlab@example.com' gitlab_rails['gitlab_email_reply_to'] = 'noreply@example.com' gitlab_rails['smtp_pool'] = true
Статьи:
Running GitLab in a memory-constrained environment
How To Install and Configure GitLab on Ubuntu 20.04
Forwarding to GitLab Subdomain with Existing Nginx Installation
How To Secure Nginx with Let’s Encrypt on Ubuntu 20.04
