GitLab Runner

Pre-requirement I installed Docker because I wanted to use Docker executor for better isolation of environments. Install GitLab Runner on the server Follow the official manual. On Ubuntu From repo (recommended) curl -L | sudo bash export GITLAB_RUNNER_DISABLE_SKEL=true; sudo -E apt install gitlab-runner Check. $ sudo gitlab-runner status Runtime platform arch=amd64 os=linux pid=3163 revision=2ebc4dc4 version=13.9.0 gitlab-runner: Service is running! $ sudo gitlab-runner list Runtime platform arch=amd64 os=linux pid=3172 revision=2ebc4dc4 version=13.

Mirroring repository (GitLab)

Motivation I want to mirror GitLab repository to a bare Git repository which was hosted by Gitosis. As of Dec. 2020, GitLab Community Edition support “Push” only. “Push” means “mirror a GitLab (CE) repository to other Git repositories.” How to set up - GitLab Allow GitLab to access outbound Otherwise, you got an error Remote mirrors url is blocked: Requests to the local network are not allowed. “Admin” -> “Settings” -> “Network” -> “Outbound Requests” -> “Allow requests to the local network from hooks and services”

Bare Git repository with Gitosis

Install gitosis On Ubuntu20 Python 2!! apt install -y python-setuptools git clone cd gitosis sudo python2 install sudo adduser \ --system \ --shell /bin/sh \ --gecos 'git version control' \ --group \ --disabled-password \ --home /srv/ \ git ssh-keygen -b 4096 sudo -H -u git gitosis-init < .ssh/ sudo chmod 755 /srv/ client side git clone git@serverdomain:gitosis-admin.git Create user Put pubkey to gitosis-admin/keydir vim keydir/ edit gitosis.

Create self-sign CA certificate

Why I do this? I use GitLab for internal purpose (don’t face to the Internet.) In order to using CI/CD integration with Docker, I should use “valid” TLS certificate, so I created an self-sign certificate. Instructions Create a private key. openssl ecparam -out -name prime256v1 -genkey Create a config file mygitlab.cnf for crate self-sign certificate. [ req ] default_keyfile = /path/to/the/key/file/ default_md = sha256 prompt = no distinguished_name = gitlab_dn x509_extensions = gitlab_ext [ gitlab_dn ] commonName = mygitlab.

CI/CD and GitLab implementations

Definitions of CI/CD (rough) CI (Continuous Integration): Building and testing codes are automated. CD Continuous Delivery: One-click deploy enabled. Continuous Deployment: Auto deploy enabled. Facts about GitLab implementation GitLab Runner is an environment in which the CI/CD scripts run. We write the procedures in the file .gitlab-ci.yml normally. You need a GitLab Runner first. Install and configure a Runner Please refer my GitLab Runner install post :) How to write .

GitLab on Docker

Install GitLab running on Docker Here is the official document. I followed it. Caution: I’m using my GitLab on VM, not Docker image. Because the official image doesn’t contain e-mail client, and it is a little bit hard to understand. For me, deploying it on premise or VM is easy. Install docker apt install -y Set path export GITLAB_HOME=/srv/gitlab Configurations and repositories would be stored in this path. Run a container sudo docker run --detach \ --hostname {{ your_hostname }} \ --publish 443:443 --publish 80:80 --publish 2222:22 \ --name gitlab \ --restart always \ --volume $GITLAB_HOME/config:/etc/gitlab \ --volume $GITLAB_HOME/logs:/var/log/gitlab \ --volume $GITLAB_HOME/data:/var/opt/gitlab \ gitlab/gitlab-ce:latest I changed git port to 2222 because the server should be access by ssh.

Gitlab community edition - Install and update (on-premise)

Install GitLab with apt (official way as of 2020/08/11) sudo apt update sudo apt upgrade -y sudo apt-get install -y curl openssh-server ca-certificates tzdata sudo apt install -y postfix curl | sudo bash sudo EXTERNAL_URL="https://{{ your_GitLab_server_domain }}" apt install gitlab-ce ## If you are using internal purpose and use your own domain, auto SSL configuration (ACME) would fail. ## Then, try http (not https) like below. ## sudo EXTERNAL_URL="http://{{ your_GitLab_server_domain }}" apt install gitlab-ce Configure TLS Create TLS self-sign CA certificate.