If you are working in an organization that is promoting the DevOps cycle of development than you have most likely heard of GitLab. I have used Github for a few years now for personal projects and recently have been tasked with setting up a CI/CD pipeline for deploying applications. Professionally I have been using GitLab for source control, but did you know that it is much more powerful than that? It enables runner tasks for building, testing, and shipping your applications. I am not going to cover that in this post but think of GitLab as an all in one shop for full application cycle development. What’s even cooler is that it is open source and allows for your own setup and installation if you so wish. You can signup for an account if you want to check it out, or if you follow this demonstration, you can even set up your own running instance of GitLab. For more information about why you may want to use GitLab, you can check it out here.
We are going to use DigitalOcean. DigitalOcean allows you as a developer to provision your own virtual machines, set up installations, and has some additional managed services. I love DigitalOcean and have been using their services for hosting this blog for some time now. So, for this tutorial, you’ll need to have a DigitalOcean account.
Login to your digital ocean account. Or if need set one up however, the scope of that is not covered here. Upper Right, click create, then Look for
One Click Apps, Look for
GitLab 11.3.1-ce.0 on 18.04, at least as of this writing.
Choose your droplet size but for this, I am going to go with the default.
- Note I had an issue with the initial setup, nginx was throwing a 502 bad gateway. I was using a smaller droplet size with only 1Gb of RAM. I destroyed that droplet and used a larger instance which resolved that issue. This appears to be an issue with nginx and memory leading to the 502 Gateway server-side error.
There are numerous setting you can apply to your initial setup
You can enable Backups, or add additional block storage if you have some volumes already provisioned, but for this demonstration disregard.
Choose your location, for this, I am going to use New York, Region 1, but choose something reasonable and proximate to you.
If you want to enable additional options such as monitoring, or user data, do so. For this demonstration, I am foregoing all of this. Add an SSH key that you control. This should be in your local machine user’s root directory. If you need help, leave a comment. But you will want this and need this for the setup.
Click create, this will take a few moments but should be relatively quick. I think for me it took about a minute, to provision the actual instance.
Initial Configuration and Setup of GitLab
You’ll be directed to the page where you can view your newly provisioned Gitlab instance on the DigitalOcean panel. Copy the IP, and then in a terminal (on Windows, I use Git Bash or WSL and terminal). To initiate the Gitlab install you will need to SSH into your machine. In this example, I have the below IP. Don’t worry, I’ve already pulled down this droplet.
$ ssh email@example.com
You will then see the following:
The authenticity of host '188.8.131.52 (184.108.40.206)' can't be established. ECDSA key fingerprint is SHA256:hdgWIL8DTozH7L4OLUtwfA5gT5gcGqLtRCNPC7r3bi4. Are you sure you want to continue connecting (yes/no)?
Warning: Permanently added '220.127.116.11' (ECDSA) to the list of known hosts. Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-36-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage System information as of Tue Feb 19 20:12:11 UTC 2019 System load: 0.43 Processes: 110 Usage of /: 4.9% of 57.98GB Users logged in: 0 Memory usage: 14% IP address for eth0: 18.104.22.168 Swap usage: 0% Get cloud support with Ubuntu Advantage Cloud Guest: http://www.ubuntu.com/business/services/cloud 0 packages can be updated. 0 updates are security updates. ******************************************************************************** Welcome to DigitalOcean's One-Click GitLab Droplet. To keep this Droplet secure, the UFW firewall is enabled. All ports are BLOCKED except 22 (SSH), 80 (HTTP), and 443 (HTTPS). In a web browser, you can view: * The GitLab One-Click Quickstart guide: http://do.co/gitlab1804#start * The new GitLab site: http://22.214.171.124 On the server: * The GitLab configuration files are located in /etc/gitlab * GitLab is installed in /opt/gitlab For help and more information, visit http://do.co/gitlab1804 ******************************************************************************** To delete this message of the day: rm -rf /etc/update-motd.d/99-one-click The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. ----------------------------------------------------------------------------- GitLab is not configured. If you would like customize it yourself, press 'n' now. Okay to Configure GitLab (Y|n):
Type yes! If you have set up a domain name and have it set up with DigitalOceans DNS servers, you can configure here, or do this later on. For now, I am going to use the standard IP, as this is a tutorial. If you are planning on enabling LetsEncrypt and generating SSL certs and setting up the chron job to renew those, I am covering that below.
Another nice thing about using this setup is the UFW firewall is automatically enabled, awesome advantage about the one-click apps that DigitalOcean provides us. All ports are blocked except 22 (SSH), 80 (HTTP), and 443 (HTTPS). I’d leave this as is, unless you have another reason.
From the documentation on DigitalOcean you’ll be asked to set the root user’s password and then the configuration script will run. Note that the password must be at least 8 characters and requires a special character and number. So back in your terminal:
Okay to Configure GitLab (Y|n): yes External URL (defaults to http://126.96.36.199): Enter the GitLab 'root' user password: 1Password1! 1Password1!: OK Removing the landing page... Running 'gitlab-ctl reconfigure', this will take a minute...
Grab some Coffee
The setup of GitLab will take a few minutes, so grab some coffee, tea or whatever your poison is When you get back to your desk you should see
You can access GitLab via: Web URL: http://188.8.131.52 User: root Password: 1Password1! For more information about this 1-Click, see: http://do.co/gitlabapp To enable LetsEncrypt TLS certificates, see: http://do.co/le-gitlab Happy Coding! -----------------------------------------------------------------------------
Now in your browser, you should be able to go to the IP address of your instance. If all went well you should end up at the login page for your Gitlab.
Enter in your root password and username (Note that the root username is
root and the password is the one you setup earlier).
Tada! You have a fully working instance of Gitlab operating! If you run into any issues at this point, leave a comment. I’ll help where I can.
For setup of SSL and LetsEncrypt auto renew of certs let’s take a look at https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-gitlab-on-ubuntu-18-04. This page goes over the installation of Gitlab from a barebones server, but we’re interested in the
Step 4 — Editing the GitLab Configuration File of the above-referenced page.
Hopefully you are still connected to your droplet. In your terminal:
$ sudo nano /etc/gitlab/gitlab.rb`
gitlab.rb is the configuration file for our Gitlab instance and we want to update this file. You will need to replace the below example.com with your domain.
external_url 'https://example.com' needs to be HTTPS and the domain that is applied to our droplet. DigitalOcean has a great interface for adding a DNS Entry to your machine. If you need help, you can follow this resource. You will need to have your public Common Domain Registrar pointed to DigitalOcean’s DNS Servers, find out more here.
Next add the following to our gitlab.rb file
letsencrypt['contact_emails'] = ['firstname.lastname@example.org']
Then in the terminal run
$ sudo gitlab-ctl reconfigure.
When that command is complete you should be able to hit your Gitlab instance via https through your web browser. If you have trouble at this point, please refer to the above-referenced documentation, it’s slightly different than the one-click install, but should get you most of the way there, also feel free to comment and I will help where I can.
Adjusting your Profile Settings and Account Names
Make sure you go in and change your default account settings, especially to change the Administrator account from the
root username, as well as adding and email to the account. You can do this fairly easily, by clicking in the upper right on your avatar and going under
Restriction On Accounts
Click on the Wrench on the top of the dashboard, and go to
settings, you are going to most likely want to remove the ability for people to signup, unless this is going to be a public Gitlab instance. As an admin, you will have the ability to add and remove users to projects. If you have questions about further configuration of GitLab use this link.
That’s it. Please leave a comment, and let me know if you have found this to be helpful.