How to install and configure GitLab CE on CentOS 8
GitLab is an open source repository manager based on Rails developed by GitLab Inc. It is a web-based git repository manager, which enables your team to collaborate on coding, testing, and deploying applications. GitLab provides multiple functions, including Wiki, issue tracking, code review and event feed.
GitLab Inc offers 4 products:
- Gitlab CE (Community Edition)-self-hosted and free; supported by community forums.
- Gitlab EE (Enterprise Edition)-self-hosted and paid; with additional features.
- GitLab.com-SaaS and free.
- GitLab.io-Private GitLab instance managed by GitLab Inc.
In this tutorial, we will show you how to install GitLab CE on a CentOS 8 server. We will use the “omnibus” software package provided by GitLab to install GitLab CE, perform some basic configuration on GitLab, and test to create a new GitLab project.
For this guide, we will install GitLab CE on the latest version of CentOS 8 server with 4GB RAM, 30GB free disk space and 2 CPUs.
What are we going to do?
- Install package dependencies
- Add repository and install GitLab CE (Community Edition)
- Generate SSL Letsencrypt and DHPARAM certificates
- Enable Nginx HTTPS for GitLab
- Configure firewall
- After GitLab is installed
Step 1-Install package dependencies
First, we will install some of the package dependencies required by GitLab, including the OpenSSH package and Postfix.
Use the following dnf command to install GitLab CE’s package dependencies.
sudo dnf -y install curl policycoreutils openssh-server openssh-clients postfix
After completing all installations, start the SSH and Postfix services.
systemctl start sshdsystemctl start postfix
Next, add both services to the system boot.
systemctl enable sshdsystemctl enable postfix
As a result, the installation of package dependencies is completed.
Step 2-add the repository and install GitLab
In this step, we add the official GitLab repository to our CentOS 8 system and install the GitLab CE software package.
Use the following installer script to add the GitLab repository.
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
After completing all the steps, you will get the following results.
Generating yum cache for gitlab_gitlab-ce...Importing GPG key 0x51312F3F: Userid : "GitLab B.V. (package repository signing key) <[email protected]>" Fingerprint: F640 3F65 44A3 8863 DAA0 B6E0 3F01 618A 5131 2F3F From : https://packages.gitlab.com/gitlab/gitlab-ce/gpgkeyImporting GPG key 0xF27EAB47: Userid : "GitLab, Inc. <[email protected]>" Fingerprint: DBEF 8977 4DDB 9EB3 7D9F C3A0 3CFC F9BA F27E AB47 From : https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey/gitlab-gitlab-ce-3D645A26AB9FBD22.pub.gpgGenerating yum cache for gitlab_gitlab-ce-source...
The repository is setup! You can now install packages.
To verify the GitLab repository, run the following dnf command.
sudo dnf repolist
You will find the GitLab repository in the list.
Next, install the GitLab CE software package using the following command
sudo dnf install gitlab-ce -y
After completing all installations, you will get the following results.
As a result, GitLab CE Community Edition is now installed on the CentOS 8 system.
Step 3-Generate SSL Letsencrypt and DHPARAM
In this tutorial, we will run GitLab on a secure HTTPS connection and will use Letsencrypt’s SSL Letsencrypt and DHAPRAM (which can be generated using the openssl command).
In this step, we will use the certbot command-line tool to generate SSL Letsencrypt, which can be installed from the EPEL repository, and then use openssl to generate a DHPARAM certificate.
Use the following command to add the EPEL repository to the CentOS 8 system.
sudo dnf install epel-release
Next, use the following dnf command to install the certbot package.
sudo dnf install certbot
After completing all installations, use the following certbot command to generate SSL Letsencryp for GitLab.
certbot certonly --rsa-key-size 2048 --standalone --agree-tos --no-eff-email --email [email protected] -d gitlab.hakase-labs.io
Now, your SSL certificate will be available in the’/etc/letsencrypt/live/gitlab.hakase-labs.io’ directory, please check with the following command.
ls -lah /etc/letsencrypt/live/gitlab.hakase-labs.io/
You will get “fullchain.pem” and “privkey.pem” certificates.
Next, use the following openssl command to generate the DHPARAM certificate to the’/etc/gitlab’ directory.
sudo openssl dhparam -out /etc/gitlab/dhparams.pem 2048
After completing all operations, change the permission of the “dhparam.pem” certificate to “0600”.
sudo chmod 600 /etc/gitlab/dhparams.pem
As a result, SSL Letsencrypt and DHPARAM certificates for GitLab were generated.
Step 4-Set the domain name for GitLab and enable Nginx HTTPS
In this step, we will set up the domain name and enable Nginx HTTPS secure connection for GitLab.
Go to the “/etc/gitlab” directory and edit the configuration “gitlab.rb”.
cd /etc/gitlab/vim gitlab.rb
On the “external_url” line, change the default domain name with your own name and change http to https protocol as shown below.
Next, add the following configuration after the “external_url” line and make sure to use your own SSL and DHPARAM certificates to make changes.
nginx['redirect_http_to_https'] = truenginx['ssl_certificate'] = "/etc/letsencrypt/live/gitlab.hakase-labs.io/fullchain.pem"nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/gitlab.hakase-labs.io/privkey.pem"nginx['ssl_dhparam'] = "/etc/gitlab/dhparams.pem"
Save and close.
Next, run the following command to reconfigure GitLab and apply the new configuration.
sudo gitlab-ctl reconfigure
This command will call the Chef script that powers Omnibus GitLab to reconfigure the GitLab installation.
After completing all the steps, go to the next step.
Step 5-Configure the firewall
After enabling HTTPS on GitLab, we added HTTP and HTTPS services to Firewalld.
Run the firewall-cmd command below.
firewall-cmd --add-service=ssh --permanentfirewall-cmd --add-service=http --permanentfirewall-cmd --add-service=https --permanent
After that, reload the firewalld service to apply the new configuration.
Now, use the following command to check all services on firewalld.
Now you will get SSH, HTTP and HTTPS services in the list.
As a result, you have added HTTP and HTTPS services to firewalld, and GitLab is now ready to use.
Step 6-After GitLab is installed
Open a web browser and type your GitLab domain name in the address bar to install. Mine is: https://gitlab.hakase-labs.io/, please use your address.
You will then be redirected to the password reset page.
-GitLab resets the default password
Enter the new password for the default GitLab user “root”.
Now, click the “Change Password” button and you will be redirected to the GitLab login page.
Enter the default user “root” and password, and then click the “Login” button, you will get the following GitLab dashboard.
Change profile and username
After logging in to the GitLab dashboard, please use your own default “root” user to make changes.
To change your profile settings, click the icon in the upper right corner of your profile, and then click the “Settings” icon to set up your profile.
Now enter your new username and email address, then scroll to the bottom page and click the “Update Profile Settings” button.
Next, click the “Account” tab, use your own default user name to change to “root”, and then click the “Update User Name” button.
As a result, the default user name and email address of the root user have been changed.
Add SSH key
Now, we add the SSH key to GitLab. Make sure you have SSH keys, if not, you can use the following command to generate SSH keys.
You will now generate SSH keys in the “~/.ssh” directory within the user’s home directory.
Next, return to the GitLab dashboard and click the “SSH Key” tab menu.
Copy the content of the SSH public key “~/.ssh/id_rsa.pub” and paste it into the GitLab page, then click the “Add Key” button.
As a result, SSH keys have been added to GitLab.
Set project limits for each account
On the top middle menu, click the “Settings” button.
Now click “Settings”> “General” and in the “Accounts and Restrictions” section, click “Extended”.
Change the “Default Project Limit” as needed, and then click the “Save” button.
As a result, the default project limit for each account has been changed.
Step 7-Create a new project and submit
In this step, we will test our GitLab installation by creating a new GitLab project.
Create a new GitLab project
To create a new project on GitLab, click the “+” insert button on the menu in the upper right corner.
Now, enter the details of your project name, project tag and description, and then click the “Create Project” button.
And created a new GitLab project.
Setting up GitLab on a laptop
After creating a new project on GitLab, we will set up a GitLab account on the local computer.
Open your terminal and run the following git command to set git’s default user and email address.
git config --global user.name "hakase"git config --global user.email "[email protected]"
Next, clone your GitLab project to the local computer directory and enter.
git clone https://gitlab.hakase-labs.io/hakase/test-project.gitcd test-project/
As a result, Git’s default user and email have been configured, and the GitLab project has been cloned to the local computer.
Make changes and submit
Now that we have the GitLab project on our local computer, we will test to change the “README.md” file and submit it to our GitLab project for the first time.
Use the editor to edit the “README.md” file.
Now make changes to the file, then save and close.
After that, use the following command to add a new version of “README.md” file and submit it.
git add .git commit -m "Change README.md"
Now, use the git push command below to push the new changes to the GitLab repository.
git push origin master
New changes to the “README.md” file have been pushed to the GitLab repository.
Next, return to the GitLab repository on your web browser, and you will get the new version of the’README.md’ file with the commit comment at the top.
As a result, we successfully created a new GitLab project and changed it.
Finally, the installation and configuration of GitLab on the CentOS 8 server has been successfully completed.