Skip to content

Deployment Overview of GitLab on Server

Prerequisites and Basic Requirements

The server must be running a supported Linux distribution, specifically Ubuntu, Debian, or RHEL-based systems (CentOS, Rocky Linux, AlmaLinux). The installation process requires root privileges or sudo access to modify system packages and configuration files.

The following system packages are required as prerequisites: - curl - gnupg - ca-certificates - apt-transport-https (for Debian/Ubuntu) - dnsutils or bind-utils (for DNS resolution)

The application is configured to operate over HTTPS. The external URL is set to a specific domain format: https://{{ prefix }}{{ server_id }}.{{ zone }}.

File and Directory Structure

The primary configuration file for the application is located at /etc/gitlab/gitlab.rb. This file controls the external URL, initial root password, and Let's Encrypt settings.

Key directories and files include: - /etc/apt/keyrings/gitlab-ce.gpg: The GPG key used to verify the GitLab repository on Debian-based systems. - /etc/apt/sources.list.d/gitlab_gitlab-ce.list: The repository source list for Debian-based systems. - /etc/gitlab/: The main directory containing application configuration and logs.

Application Installation Process

The application is installed as the gitlab-ce package. The installation method varies slightly depending on the operating system family.

For Debian and Ubuntu systems: 1. The GitLab repository key is added to /etc/apt/keyrings/gitlab-ce.gpg. 2. The repository source is added to /etc/apt/sources.list.d/gitlab_gitlab-ce.list. 3. The gitlab-ce package is installed via the apt package manager.

For RHEL-based systems: 1. The installation script is executed via curl from https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh. 2. The gitlab-ce package is installed via the yum package manager.

After the package installation, the configuration file /etc/gitlab/gitlab.rb is modified to set the following parameters: - external_url: Set to https://{{ prefix }}{{ server_id }}.{{ zone }}. - gitlab_rails['initial_root_password']: Set to the SSH password provided during deployment. - letsencrypt['auto_renew']: Set to true to enable automatic SSL certificate renewal.

Finally, the application is reconfigured by running the gitlab-ctl reconfigure command.

Access Rights and Security

On RHEL-based systems, the firewalld service is stopped and disabled to allow the application to bind to necessary ports without firewall interference.

The application utilizes Let's Encrypt for SSL/TLS certificates. The configuration enables automatic renewal of these certificates to ensure continuous secure access.

Starting, Stopping, and Updating

The application is managed using the gitlab-ctl command-line utility.

To apply configuration changes or restart services, use the following command: 

gitlab-ctl reconfigure

This command reloads the configuration and restarts the necessary components to apply the new settings defined in /etc/gitlab/gitlab.rb.

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×