CheatSheet - GitLab

CheatSheet - GitLab

Add SSH Key

Generate key:

ssh-keygen -t rsa -b 2048 -C ""

Choose file location. Default one is /home/user/.ssh/id_rsa.

Set passphrase:

Enter passphrase (empty for no passphrase): 
Enter same passphrase again:

Print and copy pub key:

cat ~/.ssh/

Add public key to GitLab account under Profile Avatar -> Settings -> SSH Keys. Choose Title for your device and paste content from the previous command.

Run SSH Agent and add your private key. It will ask you for a password you set previously.

eval $(ssh-agent -s)
ssh-add ~/.ssh/id_rsa

Test if everything is okay:

ssh -T

If everything was done correctly you must see: Welcome to GitLab, @USERNAME!

Docker Build

The following script can be used to build docker images with caching during GitLab pipelines. An image will be pushed to GitLab's docker registry.

image: docker:19.03.11

- docker:19.03.11-dind

DOCKER_HOST: tcp://docker:2376


stage: build
- docker pull $CI_REGISTRY_IMAGE:latest || true
- docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA --tag $CI_REGISTRY_IMAGE:latest .
- docker push $CI_REGISTRY_IMAGE:latest

Install GitLab Omnibus

To install GitLab on Ubuntu 18.04 server run:

sudo apt-get update
sudo apt-get install -y curl openssh-server ca-certificates

sudo apt-get install -y postfix

Choose Internet Site and server's external DNS name for 'mail name'.

Then add a repository and install GitLab CE:

curl | sudo bash

sudo EXTERNAL_URL="" apt-get install gitlab-ee

On your first visit, you'll be redirected to a password reset screen. Provide the password for the initial administrator account and you will be redirected back to the login screen. Use the default account's username root to login.

Setup GitLab Runner

First, install Docker on your server. For setup instructions, you can refer to my CheatSheet Docker.

Steps required to set up GitLab Runner from Ubuntu repositories:

curl -L | sudo bash
sudo apt-get install gitlab-runner

After installation is done, register runner:

gitlab-runner register
  • Enter your GitLab instance URL
  • Enter the token you obtained to register the Runner
  • Enter a description for the Runner, you can change this later in GitLab's UI
  • Enter the tags associated with the Runner, you can change this later in GitLab’s UI
  • Enter the Runner executor - docker
  • If you chose Docker as your executor, you’ll be asked for the default image to be used for projects that do not define one in .gitlab-ci.yml - alpine:latest

If you get the following error during docker operations in your stage:

error during connect: Post http://docker:2376/v1.40/auth: dial tcp: lookup docker on no such host
ERROR: Job failed: exit code 1

You need to modify GitLab Runner config. Open /etc/gitlab-runner/config.toml and set:

privileged = true

You may also get an error for certificates stating:

Error response from daemon: Client sent an HTTP request to an HTTPS server.
ERROR: Job failed: exit code 1

To solve edit config.toml again and add "/certs/client":

volumes = ["/cache", "/certs/client"]

Disable Sign Up

If you host a self-managed GitLab server then you use it for a company or personal needs. It's a good idea to disable sign up function in this case. Otherwise, you may found one day that some random people found your URL and registered an account. I had such a case and to be honest for the first several hours I thought my Omnibus deployment was hacked. I searched in logs for user creation information without any success. GitLab doesn't log registered user's creation. When I was already out of ideas on how to search in the terminal, I realized it may be just simple registration. So now I always uncheck sign up an option through Admin Area -> General -> Sign-up restrictions on my deployments. Please save your time and do it after the initial setup is done. Otherwise, you may be shocked by 'curious' users amount one day.