This guide will show you how to install and configure GitLab Community Edition on Ubuntu 18.04. GitLab is an open-source application primarily used for hosting Git repositories, with additional development-related features such as issue tracking.
Requirements To complete this tutorial you will need:
An Ubuntu 18.04 server with a non-root sudo user and a basic firewall.
4 cores for your CPU
4 GB of RAM for your memory
Step 1 – Install dependencies
sudo apt update
sudo apt upgrade -y
sudo apt install ca-certificates curl openssh-server postfix tzdata perl
Step 2 – Install Gitlab
First, move into the /tmp
directory:
cd /tmp
Download installation Script
curl -LO https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh
Run Installer
sudo bash /tmp/script.deb.sh
sudo apt install gitlab-ce
Step 3 – Check for Firewall Rules
sudo ufw status
The protocol to port mapping for HTTP and HTTPS are available in the /etc/services
file, so you can allow that traffic in by name. If you didn’t already have OpenSSH traffic enabled, you should allow that traffic:
sudo ufw allow http
sudo ufw allow https
sudo ufw allow OpenSSH
Step 4 – Edit Gitlab Configuration on UBUNTU
Before you can use the application, update the configuration file and run a reconfiguration command
sudo nano /etc/gitlab/gitlab.rb
Search for the external_url
and change http
to https
...
## GitLab URL
##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
##!
##! Note: During installation/upgrades, the value of the environment variable
##! EXTERNAL_URL will be used to populate/replace this value.
##! On AWS EC2 instances, we also attempt to fetch the public hostname/IP
##! address from AWS. For more details, see:
##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
external_url 'https://your_domain'
...
Next, find the letsencrypt['contact_emails']
setting
letsencrypt['contact_emails'] = ['sammy@example.com']
pressing CTRL+S and CTRL+X
then Y
, then ENTER
.
sudo gitlab-ctl reconfigure
Step 5 – Edit Gitlab Configuration File on WEB
Login to your domain
https://your_domain
GitLab generates an initial secure password for you. It is stored in a folder that you can access as an administrative sudo
use
sudo nano /etc/gitlab/initial_root_password
# WARNING: This value is valid only in the following conditions
# 1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the firs$
# 2. Password hasn't been changed manually, either via UI or via command line.
#
# If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.
Password: YOUR_PASSWORD
# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.
Back on the login page, enter the following:
- Username: root
- Password: [the password listed on
/etc/gitlab/initial_root_password
Enter these values into the fields and click the Sign in button.
Update your password
After logging in, is change your password. Go to Edit Profile
select Password to change your GitLab generated password, to a secure password, then click on the Save password. GitLab generates a secure initial password for you. It will be stored in a folder where you have sudo admin access:
Return to the login page and enter:
Adding an SSH Key to your Account
Enable SSH keys with Git to interact with your GitLab projects. To do this, you need to add your SSH public key to your GitLab account.
If you already have SSH key pair created on your local computer then you can use the same public key.
cat ~/.ssh/id_rsa.pub
Copy this text and enter it into the Key text box inside your GitLab instance.
If you do not have SSH key pair created on your local computer then you can generate it.
ssh-keygen
Once you have this, you can display your public key .
cat ~/.ssh/id_rsa.pub
Insert this block of text in the output and enter it into the Key text box inside your GitLab instance. Give it a descriptive title, and click the Add key button.
Renewing Let’s Encrypt Certificates
By default, GitLab has a scheduled task set up to renew Let’s Encrypt certificates after midnight every fourth day. For example, if you wanted to renew every 10th day at 11:30, you can configure it to do so. First, navigate to the configuration file:
sudo nano /etc/gitlab/gitlab.rb
Then, find the following lines in the file and remove the #
and update it with following:
...
################################################################################
# Let's Encrypt integration
################################################################################
# letsencrypt['enable'] = nil
letsencrypt['contact_emails'] = ['sammy@digitalocean'] # This should be an array of email addresses to add as contacts
# letsencrypt['group'] = 'root'
# letsencrypt['key_size'] = 2048
# letsencrypt['owner'] = 'root'
# letsencrypt['wwwroot'] = '/var/opt/gitlab/nginx/www'
# See http://docs.gitlab.com/omnibus/settings/ssl.html#automatic-renewal for more on these settings
letsencrypt['auto_renew'] = true
letsencrypt['auto_renew_hour'] = "11"
letsencrypt['auto_renew_minute'] = "30"
letsencrypt['auto_renew_day_of_month'] = "*/10"
...
You can also disable auto-renewal by :
...
letsencrypt['auto_renew'] = false
...
FINALE
You now have a working GitLab hosted on your server. You can start importing or creating new projects and set up access level.