Difference between revisions of "GitLab Server"

From Worcester State University Computer Science Department Wiki
Jump to: navigation, search
m (Kwurst@worcester.edu moved page GitLab to GitLab Server without leaving a redirect: This page is about how to set up and maintain the GitLab server. We should have a separate page about how to use GitLab from the user's point of view.)
 
(One intermediate revision by one other user not shown)
Line 1: Line 1:
 
Here's how we set up our GitLab server
 
Here's how we set up our GitLab server
 +
== Installation ==
 
* The first step is installing CentOS
 
* The first step is installing CentOS
 
** GitLab recommends Ubuntu, so there's a few workarounds that need to be done for this.
 
** GitLab recommends Ubuntu, so there's a few workarounds that need to be done for this.
Line 7: Line 8:
 
*** modify /home/git/gitlab-shell/config.yml for https and enable self-signed cert and also edit /home/git/gitlab/config/gitlab.yml for https and port 443.
 
*** modify /home/git/gitlab-shell/config.yml for https and enable self-signed cert and also edit /home/git/gitlab/config/gitlab.yml for https and port 443.
 
** Fix SSH:
 
** Fix SSH:
*** sudo usermod -U git
+
*** <code>$ sudo usermod -U git</code>
 
**** CentOS by default locks accounts without passwords, this unlocks it.
 
**** CentOS by default locks accounts without passwords, this unlocks it.
*** after logging in and adding an SSH key and run restorecon -R -v /home/git/.ssh
+
*** after logging in and adding an SSH key and run
**** This fixes SELinux permissions so it'll use SSH keys.
+
**** <code>$ restorecon -R -v /home/git/.ssh</code>
 +
***** This fixes SELinux permissions so it'll use SSH keys.
  
* known issues: https clone/push doesn't seem to work with a self-signed certificate
+
* known issues: https clone/push doesn't seem to work with a self-signed certificate unless you disable ssl verification on git with this command:
 +
** <code>$ git config --global http.sslVerify false</code>
 +
*** It's recommended you renable ssl verification after cloning something with this command:
 +
** <code>$ git config --global http.sslVerify true</code>
 +
*** You can always disable ssl verification in an already-exiting repo with the same command minus the --global flag in that repo.
 +
 
 +
== Upgrade ==
 +
You should be able to follow [https://github.com/gitlabhq/gitlabhq/tree/master/doc/update the official upgrade guides] with no issue. Check the current version of gitlab on the help page after logging in and follow each upgrade to the latest- don't skip versions as you may miss some important updates.
 +
* I had two issues getting things working,
 +
** sudo: bundle: command not found
 +
*** You can fix this by commenting out secure_path in the sudo config, edit with the command <code>visudo</code> and comment out the following line:
 +
**** <code>Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin</code>
 +
*** and add (or uncomment) this line:
 +
**** <code>Defaults      !secure_path</code>
 +
*** Save the file and re-login as the user you had issues with before. If all went well, you should get the next error:
 +
** env: ruby: command not found
 +
*** Not sure what the best way to fix this is, I did the following commands:
 +
**** <code># cd /bin</code>
 +
**** <code># link -s /usr/local/bin/ruby</code>
 +
*** This fixed all errors.
 +
** Because I am not sure of the security with those two solutions, I undid them after completing the upgrades. Uncomment the original lines in visudo and comment out your new line. To get rid of the ruby symlink, execute the following commands:
 +
*** <code># cd /bin</code>
 +
*** <code># unlink ruby</code>

Latest revision as of 09:42, 18 April 2014

Here's how we set up our GitLab server

Installation

  • The first step is installing CentOS
    • GitLab recommends Ubuntu, so there's a few workarounds that need to be done for this.
  • We followed this guide: https://github.com/gitlabhq/gitlab-recipes/tree/7a1f1fc5ca089cdfb704008d4e1510280fe52af3/install/centos
    • Use nginx for the webserver
      • For nginx, edit the /etc/nginx/sites-enabled/gitlab you create and change all instances of git.example.com to git.cs.worcester.edu
      • modify /home/git/gitlab-shell/config.yml for https and enable self-signed cert and also edit /home/git/gitlab/config/gitlab.yml for https and port 443.
    • Fix SSH:
      • $ sudo usermod -U git
        • CentOS by default locks accounts without passwords, this unlocks it.
      • after logging in and adding an SSH key and run
        • $ restorecon -R -v /home/git/.ssh
          • This fixes SELinux permissions so it'll use SSH keys.
  • known issues: https clone/push doesn't seem to work with a self-signed certificate unless you disable ssl verification on git with this command:
    • $ git config --global http.sslVerify false
      • It's recommended you renable ssl verification after cloning something with this command:
    • $ git config --global http.sslVerify true
      • You can always disable ssl verification in an already-exiting repo with the same command minus the --global flag in that repo.

Upgrade

You should be able to follow the official upgrade guides with no issue. Check the current version of gitlab on the help page after logging in and follow each upgrade to the latest- don't skip versions as you may miss some important updates.

  • I had two issues getting things working,
    • sudo: bundle: command not found
      • You can fix this by commenting out secure_path in the sudo config, edit with the command visudo and comment out the following line:
        • Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
      • and add (or uncomment) this line:
        • Defaults  !secure_path
      • Save the file and re-login as the user you had issues with before. If all went well, you should get the next error:
    • env: ruby: command not found
      • Not sure what the best way to fix this is, I did the following commands:
        • # cd /bin
        • # link -s /usr/local/bin/ruby
      • This fixed all errors.
    • Because I am not sure of the security with those two solutions, I undid them after completing the upgrades. Uncomment the original lines in visudo and comment out your new line. To get rid of the ruby symlink, execute the following commands:
      • # cd /bin
      • # unlink ruby