Add SSH Key
Generate key:
ssh-keygen -t rsa -b 2048 -C "email@example.com"
Choose file location. Default one is /home/user/.ssh/id_rsa.
Set passphrase:
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Print and copy public key:
cat ~/.ssh/id_rsa.pub
Add public key to GitLab account under Profile Avatar -> Settings -> SSH Keys. Choose Title for your device and paste content from the previous command.
Run SSH Agent and add your private key. It will ask you for a password you set previously.
eval $(ssh-agent -s)
ssh-add ~/.ssh/id_rsa
Test if everything is okay:
ssh -T git@gitlab.com
If everything was done correctly you must see: Welcome to GitLab, @USERNAME!
Docker Build
The following script can be used to build docker images with caching during GitLab pipelines. An image will be pushed to GitLab's docker registry.
image: docker:19.03.11
services:
- docker:19.03.11-dind
variables:
DOCKER_HOST: tcp://docker:2376
DOCKER_TLS_CERTDIR: "/certs"
before_script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
build:
stage: build
script:
- docker pull $CI_REGISTRY_IMAGE:latest || true
- docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA --tag $CI_REGISTRY_IMAGE:latest .
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
- docker push $CI_REGISTRY_IMAGE:latest
Install GitLab Omnibus
To install GitLab on Ubuntu 18.04 server run:
sudo apt-get update
sudo apt-get install -y curl openssh-server ca-certificates
sudo apt-get install -y postfix
Choose Internet Site and server's external DNS name for 'mail name'.
Then add a repository and install GitLab CE:
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh | sudo bash
sudo EXTERNAL_URL="https://gitlab.example.com" apt-get install gitlab-ee
On your first visit, you'll be redirected to a password reset screen. Provide the password for the initial administrator account and you will be redirected back to the login screen. Use the default account's username root to login.
Setup GitLab Runner
First, install Docker on your server. For setup instructions, you can refer to my Cheat Sheet - Docker.
Steps required to set up GitLab Runner from Ubuntu repositories:
curl -L https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh | sudo bash
sudo apt-get install gitlab-runner
After installation is done, register runner:
gitlab-runner register
- Enter your GitLab instance URL
- Enter the token you obtained to register the Runner
- Enter a description for the Runner, you can change this later in GitLab's UI
- Enter the tags associated with the Runner, you can change this later in GitLab’s UI
- Enter the Runner executor - docker
- If you chose Docker as your executor, you’ll be asked for the default image to be used for projects that do not define one in .gitlab-ci.yml - alpine:latest
If you get the following error during docker operations in your stage:
error during connect: Post http://docker:2376/v1.40/auth: dial tcp: lookup docker on 67.207.67.2:53: no such host
ERROR: Job failed: exit code 1
You need to modify GitLab Runner config. Open /etc/gitlab-runner/config.toml and set:
privileged = true
You may also get an error for certificates stating:
Error response from daemon: Client sent an HTTP request to an HTTPS server.
ERROR: Job failed: exit code 1
To solve edit config.toml again and add "/certs/client":
volumes = ["/cache", "/certs/client"]
Disable Sign Up
If you host a self-managed GitLab server then you use it for a company or personal needs. It's a good idea to disable sign up function in this case. Otherwise, you may found one day that some random people found your URL and registered an account. I had such a case and to be honest for the first several hours I thought my Omnibus deployment was hacked. I searched in logs for user creation information without any success. GitLab doesn't log registered user's creation. When I was already out of ideas on how to search in the terminal, I realized it may be just simple registration. So now I always uncheck sign up an option through Admin Area -> General -> Sign-up restrictions on my deployments. Please save your time and do it after the initial setup is done. Otherwise, you may be shocked by 'curious' users amount one day.
413 Entity too large
Edit NGiNX or other reverse proxy setting to remove upload size limit.
For NGiNX add:
client_max_body_size 0;